Jordan’s PDPL and how to protect personal data

As the Jordanian Parliament prepares for an extraordinary session on July 16, an important legislation on the agenda is the Jordanian Personal Data Protection Legislation (PDPL). To better understand the PDPL, let us explore the experiences of other nations in this field, particularly the European Union's General Data Protection Regulation (GDPR), which has global implications for social media apps.اضافة اعلان

What is the GDPR? The GDPR is a regulation that affects people worldwide and applies to all companies processing personal data of EU citizens, regardless of their location. This means that even companies outside the EU must comply with the GDPR if they handle personal data of EU citizens. In contrast, Jordan's PDPL only applies to companies processing personal data within the country.

While both laws share similar principles in protecting personal data, such as transparency, purpose limitation, data minimization, accuracy, storage limitation, and confidentiality, the GDPR delves deeper by defining these principles and providing specific compliance requirements.

Consent: A crucial role under the GDPR
Consent plays a crucial role under the GDPR, requiring companies to obtain explicit consent from individuals before collecting or processing their personal data. Individuals also have the right to withdraw their consent at any time. The PDPL also mandates obtaining consent from individuals, but it does not specify whether it needs to be explicit or implicit.

While the GDPR has strict enforcement mechanisms in place, with fines of up to 4 percent of global annual revenue or 20 million euros (whichever is greater) for non-compliance, the PDPL does not specify fines for non-compliance. Instead, it provides imprisonment of up to one year or a fine not exceeding JD10,000.

Furthermore, both laws grant individuals certain rights regarding their personal data. These rights include accessing their personal data, rectifying inaccuracies, erasing personal data ("right to be forgotten"), restricting processing, objecting to processing, and receiving a copy of their personal data in a structured format.

While the GDPR has strict enforcement mechanisms in place, with fines of up to 4 percent of global annual revenue or 20 million euros (whichever is greater) for non-compliance, the PDPL does not specify fines for non-compliance. Instead, it provides imprisonment of up to one year or a fine not exceeding JD10,000.

PDPL
Although the PDPL aims to protect Jordanian citizens, individuals should also take certain measures to safeguard their personal data. Managing privacy settings on social media platforms is a common practice that Jordanians should adopt. By ensuring that only trusted individuals can access their posts and personal information like name, email address, and phone number, they can prevent strangers from accessing their data.

Refrain from sharing sensitive information
Another measure is to refrain from sharing sensitive information on social media platforms to maintain safety and security. Additionally, using strong passwords is crucial. It is also essential for Jordanians to exercise caution when clicking on links or downloading attachments from unknown sources on social media platforms. Some individuals may choose to utilize virtual private networks (VPNs) to access social media, as VPNs encrypt internet traffic and hide IP addresses, making it more difficult for hackers to track online activities.

Although the PDPL aims to protect Jordanian citizens, individuals should also take certain measures to safeguard their personal data. Managing privacy settings on social media platforms is a common practice that Jordanians should adopt.

Considering the experiences of other nations in this field, it is worth examining the EU's regulatory code, which governs this important aspect of people's lives. While both the GDPR and PDPL aim to protect personal data, there are notable differences between them. The GDPR is more comprehensive in terms of scope, applicability, and specific compliance requirements compared to Jordan's PDPL. Furthermore, the GDPR has stricter enforcement mechanisms, making it more effective in ensuring compliance with its provisions.


Read more Opinion and Analysis
Jordan News