Photo: / EJ Casanova

Data Protection And Privacy Laws In MENA: A Case Study Of Covid-19 Contact Tracing Apps

– Cyrilla

A report on data protection and privacy laws in Qatar, Bahrain, the United Arab Emirates, and Kuwait, and how they impact the deployment of COVID-19 contact tracing applications

These findings, produced by SMEX and based on Cyrilla's database of digital rights law, examine the data protection and legal frameworks in Qatar, Bahrain, the United Arab Emirates, and Kuwait, and compares them with other countries and international standards set for privacy laws.

"Qatar, Bahrain, and the UAE have at least some form of data protection and privacy legislation, while Kuwait is the only jurisdiction surveyed without any data protection law at this time. The laws in the three jurisdictions with data protection legal frameworks broadly resemble international data protection standards, such as the GDPR, with some notable exceptions."

It also assesses whether the various COVID-19 contact tracing applications in these countries have adequate privacy-preserving mechanisms, and investigates their privacy-by-design features.

COVID-19 contact tracing apps surveyed within these jurisdictions lack a limited purpose and clear timelines on their deployment and use. There is also a notable lack of transparency in both their technical design and regulatory mechanisms. Finally, the report finds that the more robust a state’s privacy legal framework is, the more privacy preserving their app has proven to be

View Article