Data Protection Laws in the Middle East and GDPR

Most of the constitutions stipulate the need to protect private life, and that the protection of privacy must be stipulated by the laws of the state, and it is not permissible to impose any censorship on the means of communication, telephone conversations, or messages without reasoned judicial permission.

The laws generally provided for the protection of personal data, in penal laws, civil laws, child laws, and central bank laws, but recently, specifically in 2016, the general data protection regulation was born, which entered into force in 2018, and the GDPR is the regulation for the protection of personal data The most strict in the world for its critical details and heavy fines, tech giants have recently been among their biggest victims of heavy fines for the breaches of their provisions.
Since then, data protection laws have become the talk of the hour and the most important file on the table of governments, parliaments, and even companies.
Governments began enacting laws to protect personal data, and companies began to pay close attention to governance and compliance with data protection laws.
The paper will focus on personal data protection laws in two ways:
1- The first aspect is the governance and compliance procedures that are required of companies, especially the Startups that seek to expand in many countries.
2- The necessary procedures for countries to ensure the proper application of personal data protection laws and the amendments to be added in addition to cooperation protocols between countries, some of which are within the scope of cross-border data.
The importance of the paper for Startups is that they are interested in the rapid expansion of the same business model without looking at data protection laws in other countries. For example, financial technology companies under the supervision of the Central Bank come out of the scope of application of the Egyptian Personal Data Protection Law, but when they expand to another country, they find that they may enter the same model under the data protection laws in that country, in addition to the judicial scope of the application of the European Regulation for Companies that Expand in European countries or dealing with data of EU citizens.
The paper will come up with recommendations within the scope of the startups' vision on their ability to comply with the data protection law in Egypt or their departure from the scope of its application in other countries, and the extent to which companies can reconcile internal data protection laws and in other countries while building their own business model.
Finally, the proposed amendments to data protection laws are in accordance with the state's vision to support the digital economy.