LIVE FROM GSMA MOBILE 360 MENA, DUBAI: Experts questioned the rationale behind GCC countries pursuing a cross-border data privacy framework similar to Europe, as they discussed specific challenges around protecting users across the Middle East.

In a panel session, Robert Middlehurst, Etisalat International’s VP of regulatory affairs (pictured, third from left), said many regions are trying to “mirror” Europe’s General Data Protection Regulation (GDPR), but suggested this may not be the best approach for the Middle East.

“Europe has its data protection laws and that’s fine, but there is a massive question of competency that comes with it. Just having a piece of paper that says here is a data protection authority and we report to that is one thing. Until that data authority is fully populated, it is a huge risk. How will these rules be applied? How will it be managed?”

Middlehurst noted it took “many years” for Europe to get to where it is today, including consultations and working groups to understand what the guidelines are, adding “they are still working on it”.

“We are trying to compress, in this part of the world, processes that took many, many years. We are trying to apply European principles into a world that is not quite the same.”

Firas Oggar, general counsel at Zain Group (pictured, third from right), agreed enforcing such a framework will be a major challenge, but believes through coordination with national bodies “cross border regulation can be in force”.