In a potentially pivotal move for transnational data privacy and protection standards, the Dubai International Financial Centre (DIFC), considered the foremost international financial hub in the region, has offered a green light on cross-border transfers of personal information to California.
This decision, as noted in this article, was issued on August 9th by the Commissioner of Data Protection of the DIFC, and it constitutes an “Assessment of California’s Data Protection Regime as Substantially Equivalent and Low Risk”. This decision congregates the alignment of California Consumer Privacy Act (CCPA) with the DIFC Data Protection Law.
It is necessary to underline that the decision goes beyond providing a mere consent for the data transfer. Additionally, it attests that the present regulatory infrastructure regarding data protection in California mirrors the stringent measures of the DIFC. In essence, it designates the CCPA as a cognate, and correspondingly efficient legislation when compared to the DIFC’s own data protection law.
The said approval will not only streamline and enhance the process of data transfer between the entities operating in DIFC and California but will also foster trust in counterparts in each jurisdiction, regarding the mutual adherence to global data protection norms.
Lastly, this measure is expected to invigorate and reinforce the already existing commitment towards ensuring privacy and data protection, concurrent with the rapid digitalization of services in a global landscape.