Types of cybercrimes and penalties in UAE

Owner's Profile

Staff Writer, TLR

Published on July 14, 2023, 17:41:00


cyber crime law, cybersecurity in the UAE,  Cyber fraud, Hacking a computer system, Cyber fraud, Failure to protect personal data, Cyber crime in UAE

The UAE is one of the fastest-growing economies in the world, and as the country's economy grows, so does its exposure to cyber threats. Recently the country has witnessed cyber crimes like phishing, banking fraud, and other cyber threats.

To combat these threats, the UAE government has implemented various laws and regulations to protect critical infrastructure and personal information. These laws and regulations come with stiff penalties and fines for those who violate them.

The primary law governing cybersecurity in the UAE is the UAE Cybercrime Law (Federal Law No. 5 of 2012). This law criminalizes a wide range of cyber offenses, including unauthorized access, hacking, phishing, cyber fraud, and dissemination of malicious software. The law also covers the protection of critical infrastructure such as power plants, water treatment facilities, and transportation systems.

Here are the offenses and penalties related to cybersecurity in the UAE:


  • Unauthorized access to an information system
  • Hacking a computer system
  • Phishing
  • Cyber fraud
  • Dissemination of malicious software
  • Failure to protect personal data


  • Unauthorized access: AED 3 million fine and up to 3 years imprisonment+
  • Hacking: AED 2 million fine and up to two years imprisonment
  • Cyber fraud: AED 4 million fine and up to three years imprisonment
  • Confiscation of equipment used in the commission of the offense
  • Suspension or revocation of business licenses
  • Failure to protect personal data: AED 500,000 fine
  • Failure to obtain consent for processing personal data: AED 5 million fine

In addition to fines and imprisonment, individuals or organizations found guilty of violating the UAE Cybercrime Law may also face other penalties. These penalties can include the confiscation of equipment used in the commission of the offense and the suspension or revocation of business licenses.

The UAE also has a specific law aimed at protecting personal information: the UAE Data Protection Law (DPL) (Federal Law No. 1 of 2017). The DPL governs the processing of personal data by companies and individuals in the UAE and requires them to take measures to protect personal data from unauthorized access, use, and disclosure.

The penalties for violating the DPL can be severe. For example, failure to obtain consent from individuals before processing their personal data can result in a fine of up to AED 5 million. Failure to implement appropriate security measures to protect personal data can result in penalties of up to AED 500,000.

UAE takes cybersecurity very seriously, and individuals and organizations that violate the country's cybersecurity laws and regulations face significant fines and penalties. Companies and individuals must ensure that they are compliant with these laws and regulations to avoid these penalties and to help protect the UAE's critical infrastructure and personal data.

If you have faced any such threats, immediately inform the authorities and seek legal help from an experienced lawyer.

For any legal queries or information, contact ask@tlr.ae or call us on +971526443004