As a firm we have a strong commitment to our corporate sustainability principles, and this year we joined the United Nations Global Compact, an initiative dedicated to promoting responsible business practices and advancing the United Nations Sustainable Development Goals (SDGs). Our goals include Education, gender equality, climate action, justice for all, and sustainable partnerships. You can learn about our actions plans and targets, here.
In this edition, we feature an entire section dedicated to COP28 where we share insights and intelligence through conversations we have had with leading experts from across the region. This includes articles and podcasts that delve into the most pertinent topics, such as COP28’s call to action for corporates, ESG reporting, and the UAE’s Net Zero vision.
Beyond the focus on Energy and Climate we feature articles covering important updates that look into a variety of areas, such as UAE consumer protection law, an overview of the Federal Civil Family Law for Non-Muslim Foreigners in the UAE, and from Kuwait we discuss the management of companies. As always, in our final section we continue to share with you real life judgements that provide context to the legal landscape in the region.Read the full edition
As the incidence of COVID-19, the disease caused by the coronavirus, becomes more widespread employers need to assess remote working options.
Having a business–grade virtual private network (or “VPN”) may be essential for any company with remote working employees. A VPN is a secure way of transporting private data across unknown networks through the use of encryption protocols.
A remote access VPN connection allows individual users to connect to a private network from a remote location using a laptop or desktop computer connected to the internet. Once connected the users can access the secure resource on the private network as if they were directly plugged into the network’s servers.
The UAE’s Telecommunications Regulatory Authority has previously issued a public statement in respect of the use of VPNs confirming that there are no regulations which prevent the use of VPN technology by companies, institutions and banks to access their internal networks through the internet. However, business users can be held accountable, like the users of any other technology, if it has been misused.
The TRA’s statement was issued to address some confusing media reports that the use of VPN is illegal per se in the UAE. That confusion stems from a provision in Federal Law No. 5 of 2012 on combating information technology crimes (“UAE’s Cyber Crimes Law”) which states:
“Whoever uses a fraudulent computer network protocol address (“IP address”) by using a false address or a third-party address by any other means for the purpose of committing a crime or preventing its discovery, shall be punished by temporary imprisonment and a fine of no less than AED 500,000 and not exceeding AED 2,000,000, or either of these two penalties” (Article 9).
VPNs can also be used by an individual to disguise his or her true IP address – the identifier that allows information to be sent between devices on a network – concealing the person’s location information and their online activity. While reasons for using a VPN to hide an IP address may well be legitimate, such as for privacy and identity protection, disguising an IP address is also the feature of VPN technology with the most potential for abuse – and using it to perform illegal activities is what Article 9 is directed at preventing and punishing.
Accordingly, the legal position in the UAE is that if the VPN is being used for legitimate purposes (such, as remote working to avoid a pandemic), the use of the VPN itself will not constitute a crime.
However, if you are an employer making remote access VPNs available for your employees in an effort to avoid or minimise business disruption during a potential health crisis, it would still be prudent to make it clear that the VPN is to be used for your company’s legitimate business purposes only.