Category: Digital Security

  • Digital Security and Privacy for Women in the UAE: Leaks of Trade License and Rental Contract Data

    Digital Security and Privacy for Women in the UAE: Leaks of Trade License and Rental Contract Data

    In this week’s column, I am pleased to share two incidents that were brought to my attention from the community: one involving a resident woman, and the other recounted by my dear friend about her son.

    The first incident concerns the woman’s journey to find a rental apartment. She began contacting brokers through online platforms, and as soon as she inquired about an apartment, she was bombarded with messages from multiple numbers—indicating that brokers do not adhere to digital privacy ethics, as they share phone numbers among themselves.

    The problem did not end there. After selecting the apartment and securing basic services like water and electricity, and immediately after having the rental contract certified at a service center, she started receiving calls from internet marketers. How did they get her number? And why did they contact her without prior consent, despite her registration in the Do Not Call Registry (DNCR)?

    The second incident involves my friend’s son, who obtained an electronic license but had to visit a service center to complete the registration. Once he received the license, he was flooded with offers from telecom and internet companies. Not only that, but other companies also contacted him before the license expired, trying to renew it.

    A phone number is the primary identifier used by all entities, and the digital identity is linked to it. Therefore, when requests are submitted using this identity, the number is at risk of being leaked—this applies to rental contracts and other transactions that display phone numbers.


    Proposed Solutions:

    First solution:
    I suggest creating a unique digital identity number that links all transactions and systems, so that no one can view or access the phone number when it is used. Instead, the service identifier number would be used without exposing the individual’s actual phone number unnecessarily.

    Second solution:
    Remove phone numbers from documents and replace them with identification numbers, restricting access to phone numbers to authorized entities only, rather than including them in every transaction.

  • Digital Security and Privacy for Women in the UAE: A Study of Issues and Solutions (Part 2)

    Digital Security and Privacy for Women in the UAE: A Study of Issues and Solutions (Part 2)

    Women’s Digital Privacy in Healthcare: A Critical Concern

    Women have unique privacy considerations when it comes to healthcare, particularly in non-governmental private clinics. Many of these clinics still rely on traditional paper-based systems. In such settings, a female patient is typically required to register using her national ID card, a copy of which is often kept on file. She is also asked to provide personal and medical information during every visit—placing her data at risk of unauthorized use, whether for marketing purposes or even future fraudulent activities.

    With the increasing prevalence of cyberattacks, concerns are growing regarding the misuse of ID cards and the rise of identity theft. It is likely that we will see a surge in such violations as digital systems continue to evolve.

    What’s the solution?

    A proposed solution is to develop a unified national digital health system for all clinics, under direct government oversight. This system would maintain a centralized electronic health record (EHR) for every individual. Clinics could access this record without requiring patients to re-register or repeatedly provide personal data. More importantly, women would have the authority to control who accesses their information and would have the option to delete their health record instantly through the designated authority—without human intervention from clinic staff, and without lengthy procedures or correspondence that often fail to protect privacy.

    Such a system would provide a higher level of professionalism and precision in safeguarding women’s privacy, and in fact, the privacy of all individuals within the healthcare sector.

  • Digital Security for Women: A Study of Issues and Solutions

    Digital Security for Women: A Study of Issues and Solutions

    There is no doubt that many people today suffer from unsolicited marketing calls, often received at inconvenient times, typically from banks or their representatives. These calls promote various offers such as loans, credit cards, and different types of insurance. Despite intensive awareness campaigns by relevant authorities, this phenomenon remains widespread. A single banking inquiry can lead to dozens of calls from various banks and companies—indicating that phone numbers are being shared among individuals in the sector, with no effective mechanism to stop these calls.

    What’s the solution?

    Several strict regulations and measures have already been implemented, yet they have not yielded the desired effectiveness—as evidenced by the ongoing calls to this day. After reviewing global best practices, I believe the solution lies in one or both of the following approaches:


    1. Mandating In-House Marketing Teams Only

    Banks should be required to conduct all marketing through internal teams. External marketing agencies are not subject to the same level of oversight and accountability as in-house teams, and they often work with multiple banks simultaneously. This increases the risk of data breaches and lowers the overall security of customer information.


    2. Hiding Customer Numbers from Marketers

    Marketers should be able to contact customers only through the bank’s internal system, without ever seeing their actual phone numbers. This would eliminate the risk of number leakage entirely. Additionally, the system could include settings to control contact preferences—such as specifying permitted call times or even opting out of calls completely. This solution could be further reinforced through the creation of a unified national marketing platform, connected with telecom providers, giving users greater control over their privacy and enhancing the effectiveness of the Do Not Call Registry (DNCR).

  • Digital Security and Privacy for Women

    Digital Security and Privacy for Women

    As part of the intensive efforts undertaken in the digital transformation we are witnessing in the country—aimed at empowering the economy and advancing sustainable development—our digital lives have become an indispensable reality. Our daily lives now rely heavily on digital systems, whether in professional tasks, operational procedures, or even in the details of our personal routines such as shopping, transportation, and everyday transactions.

    Coinciding with humanity’s arrival at the peak of technological advancement, digital transformation, and scientific progress—at unprecedented, historic levels—there has also emerged a set of challenges, risks, and harms related to digital security. These risks affect the family in particular and society at large.

    In this series, I will shed light on the impact of these challenges on women in general, as their privacy is a fundamental pillar of the family’s digital security structure. This is especially significant in the context of Emirati women, due to our cultural norms, traditions, societal values, and unique national identity. Unlike fathers—who are often more vigilant, cautious, and less engaged with modern technologies on a daily basis—mothers tend to handle the majority of digital transactions and bear most of the responsibilities, both personal and familial. As a result, the flow of their personal data and information is higher, which increases the risk of privacy breaches.

    This series will mark the beginning of my contributions to this column. In each edition, I will address a specific category of topics and phenomena, drawing insights from both global and local best practices, as well as from messages I receive from brothers and sisters through various communication platforms.
    Stay tuned for next week’s article, in which I will discuss bank data breaches.