Support Centre

Qatar

Summary

Law: See Qatar State and Qatar Financial Centre

Regulator: See Qatar State and Qatar Financial Centre

Summary: Qatar presents a comprehensive federal level data protection legal framework, represented by Law No. 13 of 2016 Concerning Privacy and Protection of Personal Data, but also provides a separate regime that applies to entities licensed within Qatar Financial Centre ('QFC'), a global business and financial centre. The relationship between the Qatar State and QFC jurisdictions is not always clear. Please see the jurisdiction links to Qatar State and Qatar Financial Centre below for further information.

Browse more jurisdictions:

Insights

The Qatar Financial Centre (QFC) as an independent regulatory jurisdiction has undergone a transformative journey to safeguard personal data in the developing landscape of finance and technology sectors over the years. In the initial regulations that were enacted in 2005, the scope was relatively broad, but this has since been refined in the 2021 amendments that came into force on June 19, 2022 (New DPR).

The amendments in the New DPR aim to bring the existing Data Protection Regulations (the 2021 Regulations) to the standards of the General Data Protection Regulations (GDPR), which ultimately obliges businesses operating from the QFC to be more diligent in their data compliance practices. The New DPR also ensures proper monitoring and regulation of QFC firms in the context of data protection. Dorina Drowniak, from Dentons, reviews the most recent amendments to the 2021 Regulations and how firms can ensure they stay compliant.  

The Qatar Financial Centre ('QFC'), a financial services free zone in Doha in Qatar, issued its updated Data Protection Regulations and Rules in December 2021, which align the QFC with international data protection laws, such as the European General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). Dino Wilkinson and Masha Ooijevaar, Partner and Associate respectively at Clyde & Co, discuss the updated data protection law in this article.

The Qatar Financial Centre ('QFC') is a global business and financial centre with an independent legal and regulatory infrastructure. It was established by the Qatar Financial Centre Law (Law No. (7) of 2005) ('the QFC Law'), which also provided the QFC Authority ('QFCA') with the power to produce the Data Protection Regulations and the Rules that govern data protection law in the QFC today.

Marking 16 years since the introduction of the QFC's 2005 Data Protection Regulations ('the Regulations') and 2005 Data Protection Rules ('the Rules') (collectively 'the 2005 Legislation'), the QFCA has reviewed each of the Regulations and Rules in light of global developments in data protection law and proposed various changes to the same. Following said review, the QFCA launched a public consultation on the proposed changes for a period, ending on 16 September 2021. On 21 December 2021, the 2021 Data Protection Regulations ('the 2021 Regulations') and the 2021 Data Protection Rules ('the 2021 Rules') were issued by the QFC, adding to, and introducing new data protection provisions in the QFC.

With regards to implementation, the commencement date of the 2021 Regulations and the 2021 Rules is 180 days from the date of their issuance (i.e. 21 May 2022) as per Article 3 of the 2021 Regulations. Notably, the 2021 Regulations and the 2021 Rules will come into force on the same date, 21 May 2022, at which point the 2005 Legislation will be repealed (Article 3 of the 2021 Regulations).

This Insight article highlights the main changes which the 2021 Regulations bring to the QFC's data protection regime.

The Qatar Financial Centre ('QFC') is a global business and financial centre with an independent legal and regulatory infrastructure. It was established by the Qatar Financial Centre Law (Law No. (7) of 2005) ('the QFC Law'), which also provided the QFC Authority ('QFCA') with the power to produce the Data Protection Regulations and the Rules that govern data protection law in the QFC today. About 16 years since the introduction of the QFC's 2005 Regulations ('the Regulations') and 2005 Data Protection Rules ('the Rules'), the QFCA has reviewed each of the regulations and rules in light of global developments in data protection law, and has proposed various changes to each of the same. Moreover, the QFCA announced, on 18 August 2021, its launch of a public consultation on the proposed changes, which ended on 16 September 2021. In this regard, the QFCA noted that it may adopt, in whole or in part, the changes outlined in the consultation paper or may amend the changes in light of the comments received. Notably, the results of the consultation and final draft of the changes have not yet been released. This Insight summarises the proposed changes introduced by the QFCA review and outlines the new provisions that organisations may have to consider in the event that the proposed changes are adopted.

Feedback