In brief
On 4 February 2022, the Dubai International Financial Centre (DIFC) Office of the Commissioner of Data Protection announced that the commissioner issued an adequacy decision recognising, among others, Singapore’s Personal Data Protection Act for safe data transfers from the DIFC.
This is a welcome development as it facilitates cross-border personal data transfers from the DIFC to Singapore, which can in turn strengthen business ties between the two territories.
Key takeaways
- Transfer of personal data to a recipient located in a jurisdiction outside the DIFC may take place only if that jurisdiction is deemed to have an adequate level of protection for that personal data.
- The DIFC Office of the Commissioner of Data Protection applies stringent assessment criteria for determining adequacy recognition of a third country, which are largely based on prevailing international best practices.
- The recognition of Singapore’s data protection laws as being adequate for safe data transfers outside of the DIFC lends confidence to the comprehensiveness of Singapore’s data protection laws.
- This is a welcome development especially for entities in the DIFC that currently transfer personal data to Singapore.
© 2022 Baker & McKenzie.Wong & Leow. All rights reserved. Baker & McKenzie.Wong & Leow is incorporated with limited liability and is a member firm of Baker & McKenzie International, a global law firm with member law firms around the world. In accordance with the common terminology used in professional service organizations, reference to a “principal” means a person who is a partner, or equivalent, in such a law firm. Similarly, reference to an “office” means an office of any such law firm. This may qualify as “Attorney Advertising” requiring notice in some jurisdictions. Prior results do not guarantee a similar outcome.