HomeCyber Crime Lawyers in Dubai
In the era of rapid development of the digital industry, understanding the intricacies of cybercrime legislation in the UAE is of paramount importance. The UAE’s national cybercrime legislation was replaced as part of the country’s legal reform programme by Federal Decree-Law No. 34 of 2021 on Combatting Rumours and Cybercrime.
The legislation of the United Arab Emirates in the field of cybercrime provides for strict fines and criminal liability for hacking, data breaches, and online fraud. Our team of lawyers will help you analyse risks and align business processes accordingly, eliminate gaps in cybersecurity, avoid reputational losses, and protect your rights in court when facing accusations.
What is Cyber Crime Law In UAE?
Modern technologies and the widespread adoption of digital technologies contribute to business development such as economic establishment, social peace, and simplify everyday life. However, the number of serious cyber security threats is growing: hacking, phishing, fraud, gambling, data leaks, publication of terrorist groups, pornographic materials, and illegal access to prohibited content or any other content that could harm public morals via electronic sites and communication services.
To counter new challenges and emerging technologies in 2021, the UAE adopted Federal Decree-Law No. 34 of 2021, which significantly updated and expanded the previous regulations in the field of cybersecurity.
The main goal of the Federal Decree-Law is to establish a comprehensive legal framework for preventing, detecting, and prosecuting cybercrimes that may threaten the security, economy, and reputation of the UAE, as well as the rights of individuals and organizations.
The new cybercrime law also regulates liability for actions on the internet and when using information technologies. It defines crimes related to new cybercrime law as to: unauthorized access and illegal access, to computers, data theft, other than new cybercrime law, fraud, defamation, and other offenses in the online environment.
Moreover, the legislation concerns not only traditional cybercrimes but also extends to drug and human trafficking, and other non-traditional offenses. The new law is characterized by a proactive approach, tightening penalties for crimes committed by foreigners and expanding global jurisdiction.
Main Features of the Cyber Crime Laws in the UAE
The unlawful collection, storage, processing, and publication of personal information is prohibited. Fines and criminal liability are introduced for disseminating personal data without the owner’s consent or bypassing established rules for such data.
The law regulates responsibility for fraudulent actions on the Internet. Severe punishments are provided, up to permanent or temporary imprisonment, for causing significant damage or large-scale deception.
Any actions related to hacking, deletion, blocking, modification, or copying of data without permission are considered a serious cybercrime. The punishment is increased if the hacking results in the compromise of state or commercial secrets.
The law strictly regulates the publishing news distribution of content on electronic sites that may harm public morality, contradict national security, or mislead users (fake news). Fines and criminal liability are imposed for the publication, promotion, or storage of materials of an extremist, discriminatory, pornographic nature, or those promoting violence.
The federal law specifies provisions concerning illegal operations with cryptocurrencies, financial pyramids, money laundering schemes, and other actions related to digital assets. Federal law liability arises for direct fraud and aiding or advertising such schemes.
Legislation classifies sensitive information such as medical records, and financial data, and establishes penalties for theft or attempts at disclosure of confidential codes. The laws also emphasize the protection of financial data, and prohibit unauthorized access to credit cards and banking information, providing increasingly severe penalties.
Types of Cyber Crime In UAE?
Let us consider the main types of the most common cybercrimes in the UAE, which fall under the Federal Decree-Law:
Phishing: A fraudster attempts to obtain a user’s confidential data (logins, passwords, bank accounts, card details, etc.) through deception. In the Middle East, phishing can take various forms: sending fake emails or SMS messages on behalf of government services, banks, the telecommunication sector, or popular online services; creating fake websites and login forms that visually resemble the original; fraudulent messages in messengers audio and video channels; visual material promising discounts or prizes.
Theft of intellectual property. This category includes any unlawful actions related to copyright, patents, trademarks, and other objects of intellectual activity. In cyberspace, this may manifest as such crimes as illegal copying and distribution of software, films, music, audio and visual material, or books, as well as unauthorized use of brands or designs registered in the UAE.
Harassment. In the virtual space, harassment can manifest in various forms: cyberbullying, threats, blackmail, defamation, and insults through various social media platforms, video broadcasting channels, networks, messengers, or email. Federal Decree-Law No. 34 of 2021 establishes that defamation and insults committed via any other electronic means disclosing communications, electronic payment methods, means of using other electronic payment methods only, electronic communications only, or the Internet can be punished with large fines and imprisonment, as well as mandatory deportation for foreigners.
Stalking and blackmail through the distribution of personal photographs or videos without consent are penalized even more severely. Liability arises even when using anonymous accounts or VPN services: UAE law enforcement agencies and the Dubai police work closely with providers and services to identify the offender.
Drug trafficking. In the UAE, there is a particularly strict approach to the illegal circulation of organs or human trafficking of narcotic substances, and this is also the new cybercrime law that applies to cyberspace and electronic sites. The use of the internet or electronic site for the sale or exchange of prohibited substances, advertising, and promotion of drugs, and organizing closed groups for the distribution and delivery of narcotic substances entails serious criminal penalties.
If you are facing accusations of cybercrime or want to protect your company from such risks, we recommend consulting professional lawyers. Our cybercrime law firm in Dubai will help you understand the intricacies of legislation, conduct a cybersecurity audit, and establish a reliable line of communication services for your defense.
How to File a Cyber Crime Complaint Under UAE Law
The first stage is gathering evidence. Record all evidence of the crime. Take screenshots of correspondence, letters, transactions, or offensive messages. Save links if they concern websites or social networks. Note the date, time, and context in which the offense occurred.
Do not respond to unsolicited messages, do not click on suspicious links, and do not install unknown applications. Notify banking organizations if it concerns financial fraud. In case of a threat of hacking your social media pages, bank accounts, or other electronic sites such as electronic information systems, payment methods, other electronic sites, email, communication services, or messages, change your passwords and enable two-factor authentication.
Before officially filing a complaint, consulting with a solicitor or legal advisor is important. A specialist will analyze your situation and suggest which actions will be effective. The lawyer will help you understand whether the incident falls under specific articles of the cybercrime law for proper classification and preparation for filing the complaint.
In the UAE, there are dedicated websites for reporting cybercrimes and filing complaints online. Specifically, the Dubai Police and Abu Dhabi Police have e-crime portals where you can submit reports and access information systems for online applications. To file a report, you will need to provide personal details such as your full name and contact information, a description of the incident (including dates, times, and circumstances), as well as any supporting evidence such as screenshots, documents, or videos.”
If it is not possible to file a complaint online or the case requires personal presence, you can visit the nearest police station. Do not forget to bring identification (Emirates ID or passport), evidence documents (printed screenshots, copies of correspondence), as well as a written description of the incident in English or Arabic. After accepting your statement, the police will provide you with a case number. Keep it for tracking the progress of the investigation and future inquiries.
If the case is brought to court, the lawyer will help to form an evidence base, represent the interests of the victim, and achieve a fair verdict. For companies, it is often important not only to ensure the punishment of the guilty but also to protect their business reputation by minimizing the damage from public proceedings.
Penalties for Cybercrimes in the UAE
The law of cyber crime uae provides for a wide range of fines, depending on the severity of the offence and the extent of the damage caused. Minimum fines can start from several tens of thousands of dirhams in cases of less serious crimes where no significant material or reputational harm was inflicted.
Large fines can reach hundreds of thousands or even a million dirhams if the offence has caused significant losses, disrupted state security, the national unity, or violated the rights of a large number of citizens. In some cases, the amount of the fine may increase proportionally to the extent of the damage or the income obtained by the offender from illegal actions. The size of the fine may also rise in cases of repeated cybercrime or the presence of aggravating circumstances.
Sanctions in the form of fines ranging from temporary imprisonment are provided for the most serious types of cybercrimes: large-scale cyber fraud affecting a significant number of victims, hacking of government or strategically important IT systems (banks, infrastructure facilities, communication services, government portals), dissemination of extremist, terrorist, or prohibited content to destabilize the situation in the country, blackmail, harassment, and extortion accompanied by threats of physical violence or disclosure of confidential information. The term of imprisonment can range from a fine ranging several months to several years, depending on specific articles and the severity of the consequences caused by the cybercrime.
For foreign nationals who have violated UAE legislation, deportation is often applied as an additional measure of punishment. In particularly severe cases, deportation may be mandatory, without the right to re-enter the UAE. Such a decision is made by the court, taking into account the nature of the offence and possible risks to public safety.
Federal Decree-Law No. 34 grants federal law- enforcement agencies and courts the right to seize and confiscate computer equipment, servers, mobile devices, and other technical and other such electronic information and electronic communications means used in the commission of a crime. Social accounts and applications that served as a platform for illegal activities or contained unlawful content may be blocked.
In addition to criminal legal measures used, victims (citizens, companies, government bodies organs or human trafficking) may file civil claims for compensation for damages caused, lost profits, or harm to the business’s reputation.
New Cyber Crime Law UAE
One of the main topics actively discussed in the context of the updated cybercrime law is cryptocurrency and the risks associated with it. Prison sentences and large fines will threaten those who organize financial pyramids or other fraudulent schemes using cryptocurrency. Special attention to new cybercrime law is planned to be given to cases where criminals hide illegal funds behind offshore companies and use anonymous wallets.
Moreover, the definition of “cybercrime” has been expanded. It now also includes manipulations with digital data (deepfake) for discreditation or blackmail, as well as the use of artificial intelligence for illegal purposes.
One of the key innovations of new cybercrime law is the increase in responsibility for repeated cybercrimes. In cases of repeated malicious actions in the digital space, the UAE plans its new cybercrime law to require judges to apply for deportation after serving the sentence.
Compliance and Risk Prevention Measures
To avoid serious sanctions and protect their business reputation, it is important for companies to establish a comprehensive compliance system in the field of cybersecurity.
Every company must:
- Identify the main vulnerabilities in your IT systems and infrastructure;
- Determine possible cyberattack scenarios (hacking, data leakage, blackmail, phishing, etc.);
- Develop a strategy for risk minimization, including data backup and regular software updates.
Such an analysis helps to understand where resources need to be focused and where the most dangerous gaps in protection may occur.
Compliance with Law No. 34 largely depends on the presence of clear corporate policies. The information technology security policy outlines the rules for handling confidential data, access control, and incident response procedures. The device and software usage policy regulates the use of personal gadgets in the workplace, application installation, and working with corporate resources. Clear internal procedures simplify compliance with legal requirements and help identify violations in a timely manner.
The human factor remains one of the weakest points in cyber defense. Therefore, it is critically important to conduct regular training sessions and seminars for employees on the topic of information security, to orient staff towards recognizing phishing attacks, using complex passwords, and two-factor authentication.
Moreover, every company with an electronic site and information technology system must ensure secure data transmission channels such information: encryption, VPN connections for remote employees. It is also worth taking care of an intrusion detection and prevention system (IDS/IPS), antivirus software, and firewalls. Monitoring and logging of electronic site medical data, and information technology and network activities allow for promptly recording suspicious events.
Legal consultation is important when creating or updating internal policies. Experienced specialists will help to take into account all the requirements of Law No. 34 and reduce the risk of fines. Proper documentation of facts and interaction with the competent authority and UAE police is a guarantee of successfully defending interests in court. If accusations of data leakage or compliance violations arise, a lawyer will defend your position in judicial and pre-trial proceedings.
Contact our Lawyers in the UAE
Our legal company in the UAE brings together experts specializing in cyber crime law, protecting clients from cybercrimes and assisting those who have faced unfounded accusations of digital threats in this field. We care about the security of each client, offering comprehensive legal solutions:
- Analysis and prevention of risks: identifying vulnerabilities and helping to build a compliance system in accordance with the Cybercrime Act;
- Support for investigations: in cases of hacking, fraud, and data leaks, we take on the interaction with law enforcement agencies to minimize reputational and financial losses;
- Defence in courts: if the case has reached the judicial stage, our lawyers with many years of experience will represent your interests and defend your rights in the face of accusations;
- Consulting and legal support: we offer step-by-step instructions and consultations on UAE legislation, develop internal regulations for companies, and provide recommendations for safe work in the digital space.
We have been helping corporate clients, startups, foreign investors, and individuals effectively protect themselves from various cyber crime threats for many years. We work transparently, in close cooperation with technical specialists, and take into account all changes in UAE legislation’s new cyber crime law.
Contact our lawyers right now to receive an initial consultation and professional legal assistance. We will help find the optimal solution, develop a comprehensive defense strategy, and take care of the legal formalities so that you can focus on the development and security of your business.
Additional Legal Services from Our Dubai Lawyers
