Hacked firms to be fined in Qatar

Qatar companies could be fined up to QR5 million (USD1.37 million) if they fail to prevent data leaks, under a new law being considered by officials.

Authorities are reportedly examining a proposed data privacy law that has been in the pipeline since at least 2011, but which has become particularly timely this year in the aftermath of the huge data breach at Qatar National Bank (QNB) last April.

A total of 1.4GB of files from QNB, containing thousands of customers’ records, including passwords, account numbers, and credit card information, uploaded to a file-sharing website, before being later removed, it emerged.

The incident prompted an investigation by QNB. Last month, Doha News said that Qatar’s Shura Council had unanimously approved the legislation with some amendments yesterday, after the cabinet signed off a draft in January.

The legislation obliges organisations to take all necessary steps to protect personal information from being hacked. The law would also make it illegal for companies to use an individual’s data without their consent, the newspaper reported.