Dubai cyber crime prosecutor calls for stronger data protection laws

Dr Khaled Al Jneibi said businesses must step up security measures and ensure sensitive information from customers is protected

Dubai's leading cyber crime prosecutor has called for tough new laws to be introduced to prevent people's personal data from falling into the wrong hands.

Dr Khaled Al Jneibi, chief prosecutor for electronic crimes, said greater restrictions must be placed on the sharing of sensitive information by companies in the digital age.

A rise in online offences in recent years has prompted concern both in the Emirates and across the globe.

“The law would ideally ban sharing personal data of all sort like official documents, phone numbers, residence addresses, email addresses, among others,” said Dr Al Jneibi.

“For example, a shop salesperson asks for your email address and phone number, why? To send offers? But how do we guarantee this information we share with the salesperson won’t be passed on? That is why such a law is significant.”

Dr Al Jneibi cited the prevalence of identify thefts, such as Sim card swaps, as proof of the need to tighten regulations.

Sim card swaps involve criminals conning mobile phone operators into issuing them with replacement Sim cards by claiming to be the victim, often pretending their phone has been lost or stolen in order to secure a new Sim.

They use the victim's personal details - obtained through criminal methods - to convince such companies of their identity.

In December, A UAE-based bank was ordered to pay millions of dirhams to a customer swindled out of his life savings in a Sim card swap scam.

In a landmark ruling at Dubai Commercial Court, the bank was found to be responsible for the victim's Dh4.5 million losses after he fell foul of financial fraudsters.

The court concluded that the victim's personal details had been leaked by an employee at the bank, the name of which was not disclosed to The National.

Using the client’s phone number, the tricksters were able to obtain a replacement Sim card, and change the Pin code connected to his bank services before logging him out and stealing the funds in his account.

Dr Al Jneibi said banks and telecommunication providers needed to bolster their security measures to contribute in fighting e-fraud.

“Criminals have now mastered security measures in banks and know how to manipulate them, so banks need to modernise and boost their measures,” he said.

Dr Al Jneibi said cyber crime laws must be updated regularly to keep pace with rapidly-developing technologies and more sophisticated criminal threats.

A workshop - attended by a number of legal professionals and business owners - was organised by Dubai Chamber of Commerce and Industry earlier this year to address the issue.

Jehad Kazim, director of Dubai Chamber’s legal services department, stressed the importance of strengthening data protection legislation as companies continue to migrate services to digital platforms.

It has been estimated that organised cyber crimes accounted for more than $1 trillion (Dh3.67tn) in stolen assets in 2018, almost 20 per cent of which was taken in the Middle East. Other research suggests the region is particularly vulnerable to data breaches. Another estimate predicts that $5 trillion is at risk over the next five years globally.

Careem, the ride-hailing app, fell victim to a huge leak in 2018 when data of up to 14 million customers were stolen, while Sony and Marriott Hotels are among numerous other companies that have been victims of high-profile attacks.

In an interview with The National last year, Suvo Sarkar, head of retail banking at Emirates NBD, said the bank was investing significant sums in keeping people safe, including through public awareness campaigns and improved infrastructure.

But he said that human error was a major cause of successful attacks.

“Cyber security is of growing importance worldwide to organisations across a wide variety of sectors, as fraudsters mount increasingly sophisticated attacks against unsuspecting users,” he said.