New legislation came into force in the United Arab Emirates (“UAE”) on 27 August 2012, codifying the full range of cyber crimes that can be committed and the resulting penalties.
The UAE is the first country in the Middle East to implement such a wide-ranging cyber crime law. The new law has been introduced in response to increasing levels of cyber crime in the UAE, brought about by rapidly evolving technology and the growth of transactions conducted via the internet. The new law, which builds on the previous 2006 law, is far more comprehensive in its nature and scope.
It criminalises the use of the internet or any information technology tool to commit a wide range of offences, punishable by a fine and/or imprisonment. The key offences include:
- breach of privacy;
- disclosure of confidential information;
- intentionally capturing, or intercepting, communications through a communication network without permission;
- publishing "illegal content";
- hacking and phishing;
- money laundering, credit card fraud, identity theft;
- inciting criminal and terrorist acts; and
- threatening state security.
Some of these powers may have extra-territorial application and it remains to be seen how the authorities will enforce the law and how effective it will be in reducing cyber crime.