Business
DIFC joins global privacy forum to strengthen cross-border data governance
Dubai International Financial Centre has announced its membership of the Global Cross-Border Privacy Rules Forum, marking a significant step in strengthening privacy governance and supporting inclusive cross-border trade.
The announcement was made during a recent Global Cross-Border Privacy Rules Forum workshop held in the Philippines.
DIFC becomes the first jurisdiction in the region to join the forum, which brings together economies committed to high standards of data protection and trusted cross-border data transfers.
As part of the membership process, DIFC has also joined the Global Cooperation Arrangement for Privacy Enforcement.
DIFC joins Global Cross-Border Privacy Rules Forum
The move aligns with DIFC’s selection to host the Global Privacy Assembly in 2026 and reinforces its role in advancing interoperable, responsive and trusted privacy frameworks in line with global business and regulatory needs.
DIFC said the membership supports the UAE Digital Economy Strategy by enabling secure and transparent cross-border data flows that facilitate international trade.
His Excellency Arif Amiri, Chief Executive Officer of DIFC Authority, said: “Becoming the first jurisdiction in the region to receive Global Cross-Border Privacy Rules membership recognises DIFC’s initiatives to advance data and privacy protection.
“The digital age, fuelled by global connectivity and technology, means information is ubiquitous and instantly shareable. This results in businesses, particularly in finance, handling unprecedented volumes of individual data electronically and internationally every day.
“DIFC has established effective laws, regulation and compliance for more than 8,000 registered companies within the Centre, reflecting Dubai’s ongoing commitment to world class standards and its vision to be at the forefront of the digital economy.”
The Cross-Border Privacy Rules system certifies organisations’ compliance with recognised requirements for transferring personal data across borders. Originally established under the Asia-Pacific Economic Cooperation framework, the system was expanded in 2022 with the creation of the Global Cross-Border Privacy Rules Forum, opening participation to jurisdictions worldwide and promoting regulatory interoperability beyond the Asia-Pacific region.
Data protection regulation
DIFC has positioned itself as a regional leader in data protection regulation. In 2023, it enacted Regulation 10, addressing the processing of personal data through autonomous and semi-autonomous systems such as artificial intelligence and machine learning technologies.
DIFC said the regulation provides a foundation for responsible and ethical data processing while supporting innovation and regulatory cooperation.
The new membership follows DIFC’s participation in the Global Privacy Assembly in September in Seoul, South Korea. During the event, the DIFC Commissioner’s Office signed cooperation agreements with data protection authorities in Brazil, the Isle of Man, Uganda and Kenya.
DIFC said these developments support preparations for hosting the Global Privacy Assembly in Dubai in 2026. The assembly brings together more than 130 privacy and data protection authorities worldwide and serves as a key platform for global regulatory cooperation and standard-setting in data protection and privacy.
