Financial Crime World

Here is the rewritten article in markdown format:

Oman Takes Steps to Combat Financial Crime with Enhanced Cybersecurity Measures

Oman is developing a robust cybersecurity framework to safeguard its financial systems and institutions, taking significant steps to strengthen its defenses against financial crime.

Progress on Data Protection Law

In 2017, the Oman Information Technology Authority (ITA) announced a draft Data Protection Law. Although it remains a draft, this law is expected to grant powerful rights to individuals in Oman, enabling them to exercise control over their personal data similar to the General Data Protection Regulation (GDPR). The law will also empower individuals to object to the processing of their personal data, demand access to their data held by any organization, and request corrections or erasure of errors.

Public Consultation and Limited Progress

The ITA has already held public consultation sessions to discuss the draft law and gather feedback from the public. However, there has been limited progress since then. The State Council recently discussed the Personal Data Protection Draft Law during its eighth ordinary session, highlighting its importance in light of technological advancements and digital challenges.

Despite this progress, Oman’s legal framework is still fragmented when it comes to data protection and cybersecurity. The country has several sectoral laws that address specific industries such as telecommunications, finance, and healthcare, but these laws are not equivalent to a comprehensive data protection law like the GDPR.

Sectoral Laws

  • Cyber Crime Law (Royal Decree No 12 of 2011): addresses various illegal activities involving computer devices, systems, or networks, but its provisions related to personal data protection are limited.
  • Electronic Transactions Law (Royal Decree No. 69 of 2008): contains some requirements for the processing of personal data, but its scope is restricted to electronic transactions between parties who have agreed to perform their transactions electronically.
  • Sectoral laws in Oman’s telecommunications, financial, and healthcare industries: contain limited provisions related to data protection and cybersecurity.

Examples

  • Resolution No. 113 of 2009 permits telecom service providers to share customer personal data with subsidiaries or other companies, but it is unclear whether this includes sharing data with third parties outside of Oman.
  • Banking Law (Royal Decree No. 114 of 2000): prohibits licensed banks from disclosing customer information without consent.
  • Healthcare Law (Royal Decree No. 75 of 2019): requires patient consent before sharing their information.

Recent Developments

Despite these limitations, Oman’s recent developments suggest a renewed focus on data protection and cybersecurity. The establishment of the Cyber Defense Centre through Royal Decree No. 64 of 2020 is a significant step towards enhancing the country’s cyber security capabilities. Additionally, ongoing discussions surrounding the Personal Data Protection Draft Law indicate that further development in this area is likely in the coming months.

I hope this helps! Let me know if you need any further assistance.