As we witness the evolution of the regulatory landscape across the MENA region, it was timely for us to investigate and lift the lid, on what is keeping the region’s legal decision-makers awake at night.
Our first-of-its-kind report titled Legal Leaders in MENA is out now! It captures the views of 700 legal decision-makers across nine countries and 13 industry sectors in MENA, as well as in-depth interviews with experts from key sectors such as financial services and education to name a few, which revealed the emerging risks and priorities challenging the legal sector across the region.
Read the full report and share your feedback with us at firstname.lastname@example.org.Read the full report
The UAE’s has issued a new electronic transactions law, Federal Decree by Law No. 46 of 2021 on Electronic Transactions and Trust Services (“Law”). It introduces legal concepts into UAE law that are similar to the European eIDAS Regulation to promote legal certainty in electronic interactions.
The Law repeals the existing Federal Law No. 1 of 2006 concerning e-transactions and e-commerce (“Old Law”) as of 2 January 2022. However, there is a 12-month grace period which allows those subject to the Law to ensure that they are compliant.
The Telecommunications and Digital Government Regulatory Authority (“TDRA”) is the competent authority who will be the regulator for the Law – but the Federal Authority for Identity and Citizenship will issue controls in relation to trust services that are provided to the government sector and any trust services that depend on the information or services of the Federal Authority for Identity and Citizenship (e.g. Emirates ID).
The Law provides a new means for regulating Electronic Identification Systems and Trust Services.
Electronic Identification or eID? Electronic identification allows businesses and consumers to identify and authenticate who they are.
Under the Law, the TDRA is to issue the rules, procedures and standards related to the electronic identification systems, verification procedures and digital ID, after coordination with concerned bodies.
What are Trust Services? These are electronic services which aim to improve the confidence of citizens and businesses in the security and certainty of electronic transactions.
The Law sets out a regulatory framework for the following four main types of trust services.
No exemptions The Old Law expressly excluded certain kinds of transactions (e.g. property transactions, or negotiable instruments). The Law has no exclusions. The Law expressly provides that a person may use any form of electronic signature or electronic stamp unless the legislation provides otherwise.
Who needs a license under the law? The Law requires all providers of “trust services” to obtain a license from the TDRA. It is not yet clear exactly what the breadth of this licensing requirement is, as it could capture the offering of any electronic signature mechanism.
Certified Trust Services have stronger legal effects and a stricter assessment under the Law. No person may provide the certified trust services unless it has obtained a licence from TDRA according to the provisions of the Law and its Executive Regulations.
Types of e-signatures The Law appears to provide for the three following types of e-signatures, with increasing levels of security:
The Executive Regulations are to designate further requirements for the creation of AES and CES.
UAE Trust List The TDRA will create and publish a UAE Trust List which will list the licensees under the Law and their trust services. The Executive Regulations shall designate the regulations and conditions for inclusion in the UAE Trust List.
Trust mark. The TDRA is to provide for a trust mark that can be used by certified trust service providers to indicate that they provide certified trust services that meet the requirements of the Law.
General provisions relating to electronic transactions
The law regulates the validity of electronic documents consistent with the Old Law.
Applying Trust Services in your business
Even though there is a 12-month grace period and implementing executive regulations need to be issued, businesses need to consider how to adopt appropriate trust services to make their electronic transactions more secure and reliable under the Law.