Cullen International has published new research covering the status of personal data protection legislation in 13 Middle Eastern and North African countries (MENA).
The new benchmark shows the status of personal data protection laws in MENA, including whether an independent data protection authority has been established to enforce the law.
Our research shows that eight of the studied MENA countries have national legislation to protect personal data. Four countries (Tunisia, Morocco, Qatar and Turkey) enacted laws before the general data protection regulation (GDPR) of Europe came into force in May 2018. Bahrain, Algeria, and Lebanon enacted their national data protection laws in 2018 and Egypt in 2020.
The research also reviews how personal data has to be managed, including:
- whether prior approval or declaration is required from the governing authority for data collection or processing?
- If prior authorisation is required to transfer personal data outside the country, and if there are other restrictions on transferring data to other countries?
In addition, the benchmark shows whether there is an obligation to designate a data protection officer and what are the data breach notification requirements.
Cullen International’s research also covers the rights of data subjects, in particular whether they have the right to:
- object to the processing of their personal data or withdraw earlier given consent;
- receive a copy of the personal data held, and whether there is a fee to access this data;
- be compensated for any unlawful processing of personal data; and
- port their personal data from one controller to another.
For more information and to access the full benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our MENA Telecoms Service.
more news
27 June 25
Can European end users choose their own router or modem?
Our new benchmark research shows that national regulators clearly defined the network termination point in five of the 14 European countries studied.
26 June 25
Data Protection in the Americas
Recent research highlights contrasts in the enforcement of data protection laws across the Americas. While most countries have legal frameworks in place to penalise violations, the scale of fines—both in terms of maximum fine limits and actual enforcement—varies widely. The findings also reveal that fines imposed in Europe are often significantly higher than those recorded in the Americas.
25 June 25
Most MENA telecoms regulators set fixed and mobile quality targets
Our latest benchmark on quality of service (QoS) provides detailed data on the QoS targets set in 12 studied Middle East and North African countries.