In UAE even if you know a person's phone password, never check their phone without their permission. Though this may seem like common etiquette, it is also required by law in the UAE. If you get a password without permission, you could be fined up to an AED 100,000
A reminder was delivered on June 14 by the UAE Public Prosecution regarding Article 9 of the Federal Decree-Law No. 34 of 2021 for Combating Electronic Crimes and Rumours, also known as the Cybercrimes Law. Obtaining a password or passcode without authorization carries severe penalties according to the Article. A person who accesses any information system with a password acquired without permission is subject to a monetary fine between Dh50,000 and Dh100,000. Obtaining the password with the intent to commit a crime will be considered an aggravated offence.
Article 9 of Federal Decree-Law No. 32 of 2021
A person who obtains without the permission or consent of the other party a secret number, a passcode, a password or alike in relation to a website, an electronic information system, a data network, or a means of information technology shall be sentenced to imprisonment and/or a monetary penalty, between AED 50,000 to AED 100,000.
In case of obtaining a secret number, passcode, password, or similar item without authorization or consent, someone may be imprisoned for no less than six months and/or fined no less than Dh300,000 and no more than Dh500,000 to enable their misuse of the website, electronic information system, data network, or means of information technology for the purpose of committing a crime."
An offence that falls under this category would include hacking a website, destroying electronic or personal data, or accessing hidden information without the consent of the site owner.
How does the law affect a person's daily life?
Suneer Kumar, the senior lawyer at Al Suwaidi and Company, explained the various components of the Article, to understand where it may be applied.
Kumar Explained that 'information technology' includes any type of technology that creates, processes, stores, exchanges, and uses electronic systems such as websites, information networks, personal profiles, and blogs. Similarly, 'websites' include online social media sites, online networks, and platforms, as well as personal accounts, blogs, and electronic services.
The provisions of this article shall apply to anyone who obtains information, codes or passwords without the consent of the victim. This offence shall include hacking websites, destroying electronic information, or accessing hidden information without the consent of the person, Kumar said.
This prevents a couple from using each other's passwords without permission. It also protects a person's privacy, prevents computer fraud, and stops unauthorised access to electronic networks.
If you know the password, you must obtain consent first:
Imran Khan, advocate and legal consultant at Bin Eid Advocates, explains that the Article specifies the need for explicit permission to be obtained from the owner of the digital account or gadget. Failing to provide such permission can be problematic on a personal level, too.
According to Khan, if a person violates another's password without their permission, the violator can be prosecuted under cybersecurity law and other criminal law enforcement laws. If the violator uses someone's password without authorization, then they can be prosecuted under cybersecurity law and other criminal laws, depending on their actions.
In addition, he explained that the article would cover accessing any electronic account, whether email, social media or a bank account or any technological device or network.
Using a password without permission is a crime even for spouses. The aim of this article is to protect the privacy of a person, prevent computer fraud, and prevent access to electronic networks by unauthorised parties, he explained.