UAE’s Data Law will strengthen customer data protection
- 23 Sep 2021
Sajjad Ahmed, Deputy Business Editor
According to a recently-released survey, 99% of businesses in the United Arab Emirates use third-party trackers and ad-platforms. However, only 68% of respondents have well-defined and documented policies for customer data privacy and a mere 8% strictly apply them, revealed a recent survey.
The UAE is expecting to have an overarching federal law in place for regulating data privacy and protection very soon. However, free zones like the DIFC and AGDM have their own data protection regulations while the Federal Decree-Law No.(5) of 2012 includes strict mandates to combat cybercrime.
The UAE’s Data Law will play a big role in the protection of customer data used by private companies, said a top official of Zoho Corp.
The survey was conducted by Centurion Consulting on behalf of Zoho Corp, a global technology company.
“This rampant use of third-party trackers in the business space has severe ethical and privacy implications because of the enormous amounts of customer data being gathered through them,” said Hyther Nizam, President-MEA, Zoho Corp.
“Most businesses use the same set of third-party trackers, which means the large corporates behind these trackers can combine data collected across different websites and build comprehensive individual profiles for hyper-targeted advertising. We call this practice adjunct surveillance. When the businesses that employ third-party trackers do not adhere to a strict privacy policy for customer data protection, they put their customers’ data at risk. Most internet users are not aware of how much data these trackers are gathering, and what is happening with their data.”
As per the survey, conducted with 255 companies spread across the UAE, while 38% of the respondents are not completely comfortable with the way their customer data is being used by third-party vendors, most businesses say they cannot stop using them because the ad campaigns are too important for lead and revenue generation (52%), the insights are critical to their ability to understand customers (28%), and using these platforms is the most cost-effective way to do business (16%).
“There were 9.84 million internet users in the UAE as of January 2021. With 99% Internet penetration, it’s clear that digital is the way forward here. The survey shows that most companies targeting the region’s massive online consumer base are not prioritising user privacy because the use of third-party trackers and ad platforms helps their sales,” said Hyther Nizam. “However, consumers are growing more privacy conscious by the day, and more countries are implementing stringent laws to protect consumer’s data and privacy. In the long-run, these businesses will need to rethink their reliance on third-party platforms in order to stay relevant, and gain the trust of their users.”
As per the survey, the main reasons given by businesses for the use of third-party trackers are: tracking the effectiveness of an ad-campaign (79%), sharing content on social media (70%) and gathering analytics on website visitors (65%). The businesses utilise the metrics to determine Customer Life Time Value. In fact, 73% of businesses say that third-party trackers and ad platforms are helpful in meeting their sales objectives, while a further 22% say it is the primary factor in achieving their sales goals.
Another key finding from the survey is that companies assume data collection tools—most respondents use multiple vendors—would inherently abide by strict legal laws and standards and therefore customer data is safe. The survey showed that the bigger the name of the tracking company, the higher the respondents’ confidence that the information would not be misused. This is despite several large vendors being recently fined for violating privacy laws in other nations.
Zoho had removed third-party trackers from its website in 2020, and has never sold customer data to anyone or shown ads, even in their free products. Zoho also owns its data centres and the entire technology stack of its solutions. It can, therefore, assure its users of the highest standards of privacy and security.
The survey revealed that just 24% of the respondents are fully acquainted with regional data protection laws. Interestingly, these are companies with over 100 employees. Respondents who typically had their business online or were engaged in e-commerce activities that involved payment gateway integration, are well aware of the data privacy policies because integration approval could not be gained without a well-documented privacy policy in line with these local regulations.
The study surveyed 1000 respondents across the United Arab Emirates, Kingdom of Saudi Arabia, Bahrain and Egypt to gather insight into businesses’ consumer data protection practices, awareness and adherence to local laws, and the degree of awareness on data collection and usage practices by third-party vendors.
As many as 96% of respondents say they are not clearly disclosing their use of third-party trackers on their websites to collect visitors’ data. Furthermore, 98% of the respondents, mostly MSMEs outsourced their website and management and marketing functions, and were confident that the regulatory compliances would be followed by the service providers.
