On the 15th July Law No. 151 for 2020 on the protection of personal data was endorsed by President Abdel-Fattah El Sisi to be implemented within 3 months from the aforementioned date, with the aim of implementing a regulatory system for data transmission locally and with other countries. The introduction of the law is the most recent effort by the Egyptian government to modernize and safeguard the way digital interactions occur on a day to day basis.

The law applies to any data belonging to Egyptians or foreigners residing in Egypt, and creates obligations primarily on data controllers and data processors who collect, transfer, exchange, store, analyze or process data in any way.

Some of the key take-aways of the law are as follows:

The new law protects the privacy of personal data and penalizes sharing data without the prior consent of the data owner. Additionally, it regulates overseas data transfers according to international GDPR regulations that ensure personal data protection in Egypt and abroad, and to protect foreign investors, especially those from EU countries.

According to the new law, a data protection center has been established and the Prime Minister has approved the hiring of a chief executive officer who is responsible for setting data protection strategic policies and procedures.

Compliance criteria:

  • Hiring a data protection officer
  • The new officer must be approved and licensed from the new data protection center
  • The new officer must report regularly to the data protection center, in addition to reporting any breaches.
  • The new officer must maintain his independence within the company's internal structure.

These obligations must be implemented within 3 months from the law's date of publication, or companies risk a fine no less than 100 000 EGP and/or imprisonment for a minimum of 6 months.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.