As the world battles attacks, what are the UAE's cyber-crime laws

The latest malware used a technique purportedly stolen from the US National Security Agency
(Getty Images)
By Staff writer
Mon 15 May 2017 08:32 AM

An unrivaled global cyber-attack is poised to continue claiming victims as people return to work and turn on their desktop computers, even as hospitals and other facilities gained the upper hand against the first wave.

More than 200,000 computers in at least 150 countries have so far been infected, according to Europol, the European Union’s law enforcement agency. The UK’s National Cyber Security Centre said new cases of so-called ransomware are possible “at a significant scale.”

The malware used a technique purportedly stolen from the US National Security Agency. It affected the UK’s National Health Service, Russia’s Ministry of Interior, Germany’s Deutsche Bahn rail system, automakers Nissan Motor Co. and Renault SA, PetroChina, logistics giant FedEx Corp., and other company and hospital computer systems in countries from Eastern Europe to the US and Asia.

To date, the UAE has remain unscathed. BUt what is the law in the Emirates for anyone convicted of being party to a crime. It is of utmost importance to know more about UAE laws on cyber crimes and what one might be up against if such a crime is committed.

If one intentionally attacks an information system network in the UAE by hacking or gaining illegal access and that causes any form of damage, he or she will be up against strict penalties, including prison and hefty fines.

Legal Consultant Hassan Elhais of Al Rowad Advocates and Legal Consultants pointed out that those who commit a deliberate act that result in halting or disrupting information systems will face up to five years in prison and a fine ranging between Dh500,000 and Dh3M.

He said that according to article 10 from law No 5 of 2013 on Combating Information Technology Crimes, a penalty of not less than five years imprisonment and, or a fine of not less than AED500,000 and not to exceed AED3m. The law covers anyone who installs, without permission, a programme to a computer network, an electronic information system or to an information technology means and this results in suspending, disabling or destroying a network, causing partial or complete loss of data. The law also covers erasing, damaging, altering and modifying data.

Individuals charged with and convicted with obstructing access to computer networks, websites, information systems or government online portals will be punished according to article 8 from the same law, by temporary imprisonment and a fine of not less than Dh100,000 and not more than Dh200,000.

Elhais confirmed that the UAE law on Combating Information Technology Crimes strengthened the penalty on illegal access to government sites as per article 4 of the same law, which states that a person who accesses without permission, a government website or information system with the purpose of obtaining government data, or confidential information of a financial, commercial or economic nature, will be punished with temporary imprisonment and a fine from Dh250,000 up to Dh1,5M.

If the illegal access results in exposure to any of the obtained date or caused its cancellation, destruction, alteration, reproduction, publication or re-publication, the defendant will face a jail  term with a minimum of five years and a fine equal to or greater than Dh500,000 and not more than Dh2m.

If the defendant is an expat, he or she will be deported after serving
his or her jail term.

* with additional reporting from Bloomberg

Hassan Elhais of Al Rowad Advocates and Legal Consultants.

Subscribe to our Newsletter

Subscribe to Arabian Business' newsletter to receive the latest breaking news and business stories in Dubai,the UAE and the GCC straight to your inbox.