Law No. (11) of 2014
Establishing the
Dubai Centre for Electronic Security[1]
ــــــــــــــــــــــــــــــــــــــــــــــ
We, Mohammed bin Rashid Al Maktoum, Ruler of Dubai,
After perusal of:
Federal Law No. (3) of 1987 Issuing the Penal Code and its amendments;
Federal Law No. (7) of 2002 Concerning Copyright and Related Rights and its amendments;
Federal Law No. (1) of 2006 Concerning Electronic Transactions and e-Commerce;
Federal Law by Decree No. (5) of 2012 Concerning Combating Information Technology Crime;
Law No. (2) of 2002 Concerning Electronic Transactions and e-Commerce;
Law No. (27) of 2006 Concerning Management of the Government of Dubai Human Resources and its amendments;
Law No. (7) of 2009 Establishing the Dubai Smart Government and its amendments;
Law No. (8) of 2010 Concerning the Financial Audit Department and its amendments; and
Executive Council Resolution No. (13) of 2012 Concerning Information Security at the Government of Dubai,
Do hereby issue this Law.
© 2014 The Supreme Legislation Committee in the Emirate of Dubai
[1]Every effort has been made to produce an accurate and complete English version of this legislation. However, for the purpose of its interpretation and application, reference must be made to the original Arabic text. In case of conflict the Arabic text will prevail.
The following words and expressions, wherever mentioned in this Law, will have the meaning indicated opposite each of them unless the context implies otherwise:
Emirate: | The Emirate of Dubai. |
Government: | The Government of Dubai. |
Government Entities: | Government departments, agencies, public corporations, councils, and authorities, including free zone authorities, and any other entity affiliated to the Government. |
DCES: | The Dubai Centre for Electronic Security established pursuant to this Law. |
Board of Directors: | The board of directors of the DCES. |
Executive Director: | The executive director of the DCES. |
Government Information: | The Government Information, data, documents, and Information resources whether printed, written on paper, Electronically saved, processed, sent by post or Electronic media, appearing in video or audio recordings, or disclosed during face to face conversations or through any other means of communication. |
Information System: | A physical or virtual implement or set of interrelated or independent implements that are used to store, sort, organise, retrieve, process, develop, and exchange Information in accordance with saved commands and instructions. This includes all inputs, outputs, and infrastructure related to the Information System. Information Systems are used by Government Entities to manage and process Information. |
Pursuant to this Law, a public corporation named the “Dubai Centre for Electronic Security” is established and will have legal personality, financial and administrative autonomy, and the legal capacity required to undertake all acts and dispositions that ensure the achievement of its objectives.
The head office of the DCES will be located in the Emirate.
The DCES aims to:
The DCES is the Government Entity responsible for maintaining Government Information Security in the Emirate. For this purpose, the DCES may:
The Executive Director will supervise the daily work, and manage and regulate the business, of the DCES, and represent it in its relations with third parties and before judicial authorities. In particular, the Executive Director will have the duties and powers to:
Government Entities and persons must abide by the regulations, standards, and rules issued by the DCES in relation to the field of Electronic Information, and must provide all data and Information required by the DCES to perform its duties. These entities must also meet Electronic security requirements in accordance with the provisions of this Law and the resolutions issued in implementation hereof.
Government Entities may issue and implement bylaws, regulations, and plans to achieve Information Security in accordance with the nature of their work, provided that these bylaws, regulations, and plans do not contradict the provisions of this Law and the resolutions issued in implementation hereof.
The DCES may take any action required to monitor telecommunication networks and Information Systems in the Emirate to protect them from unauthorised access. The DCES may identify the flaws in telecommunication network and Information Systems to avoid any breach of the provisions of this Law.
The financial resources of the DCES will consist of:
The employees of the DCES nominated by the Board of Directors will have the capacity of law enforcement officers to record the acts committed in breach of the provisions of this Law and the instructions issued in pursuance hereof, and to issue the necessary violation reports.
The chairman of the Board of Directors will issue the resolutions and bylaws required for the implementation of this Law.
All powers, duties, and obligations of the Dubai Smart Government Department pursuant to Executive Council Resolution No. (13) of 2012 Concerning Information Security at the Government of Dubai will be transferred to the DCES.
The Information Security Committee formed pursuant to Executive Council Resolution No. (13) of 2012 Concerning Information Security at the Government of Dubai will be dissolved, and the Board of Directors will perform all functions assigned to it.
Any provision in any other legislation will be repealed to the extent that it contradicts the provisions of this Law.
This Law comes into force on the day on which it is issued, and will be published in the Official Gazette.
Mohammed bin Rashid Al Maktoum
Ruler of Dubai
Issued in Dubai on 4 June 2014
Corresponding to 6 Shaban 1435 A.H.