Skip to content
Gadgets Lead: Exploring the Latest Tech Trends

Worldwide Regulation Monitor for Artificial Intelligence

AI Regulation in the United Arab Emirates: Understanding the Complex Jurisdictional Landscape

 and  Administrator
4 min read
Worldwide Regulatory Observation: A Comprehensive Monitoring System for Artificial Intelligence
Worldwide Regulatory Observation: A Comprehensive Monitoring System for Artificial Intelligence

Worldwide Regulation Monitor for Artificial Intelligence

The United Arab Emirates (UAE) has been actively developing its artificial intelligence (AI) landscape, with various government bodies and emirates taking steps to integrate AI into their respective sectors.

In the Financial Free Zones, such as the Dubai International Financial Centre (DIFC) and Abu Dhabi Global Market (ADGM), there are dedicated government bodies responsible for developing AI use. Notably, the DIFC has made amendments to its data protection legislation to capture AI-related developments, including a recent amendment to Article 10 of the DIFC Data Protection Regulations.

The UAE, however, does not yet provide a single definition of AI. The AI Office, established in the UAE, defines AI as "systems or machines that mimic human intelligence to perform tasks and can iteratively improve themselves based on the data they collect."

The mainland UAE does not have a single law or regulation directly regulating AI. Instead, it has issued a patchwork of decrees and guidelines since 2023, focusing on risk-based compliance obligations and transparency for AI systems. These regulations classify AI systems by risk and impose obligations accordingly, including documentation, transparency, risk assessment, incident reporting, and cybersecurity protections.

In the Financial Free Zones, no laws or regulations explicitly regulate AI. However, the DIFC has made amendments to its data protection legislation to include developments with respect to AI. The DIFC has introduced more stringent requirements for "deployers and operators" of "autonomous and semi-autonomous systems" (including AI), including an obligation for "deployers and operators" to provide clear notice of the use of AI and a description of the AI system's purposes and principles to users.

Key AI-related developments in the UAE include the appointment of a Minister of AI in 2017, the unveiling of the UAE National Strategy for Artificial Intelligence 2031 in 2018, and the establishment of the AIATC in 2024 for the emirate of Abu Dhabi. Many UAE government entities have begun implementing industry/sector-specific regulations, such as the Abu Dhabi Department of Health's Policy on the Use of Artificial Intelligence in the Healthcare Sector.

The UAE launched a new AI charter in 2024, aimed at supporting its AI strategy for 2031, focusing on human wellbeing, safety, privacy, and transparency in AI development and use. The UAE's legal framework may potentially safeguard AI-related trade secrets through a combination of provisions in various legislation.

The absence of any laws, rules, or regulations relating to AI specifically in the Financial Free Zones means that no AI-specific enforcement powers exist. Existing DIFC and ADGM enforcement powers and penalties continue to apply.

While Mainland UAE's AI regulations have legal mandates, free zones like ADGM and DIFC rely on their own regulatory authorities to enforce tailored AI and cyber risk frameworks. The ADGM free zone introduced a Cyber Risk Management Framework in 2025 applying to financial sector firms, integrating AI risk within broader cyber regulation.

In summary, since 2023, Mainland UAE has developed a comprehensive, risk-tiered AI regulatory regime emphasizing transparency, safety, and compliance, supplemented by specialized frameworks in financial free zones. These reflect UAE's commitment to safe and ethical AI innovation within its jurisdiction.

It is important to note that while the regulatory framework and best practices are still under development, there is yet to be any enforcement action taken against operators in the UAE AI space. The use of AI in data processing could constitute "High Risk Processing Activities" in the DIFC if it "creates a materially increased risk to the security or rights of a Data Subject or renders it more difficult for a Data Subject to exercise his rights."

The UAE comprises multiple jurisdictions, including the Financial Free Zones (DIFC and ADGM), Mainland UAE, and seven emirates, each with its unique regulatory landscape for AI. Various government bodies and regulators in the UAE have issued guidelines to support the development of best practices in the AI space.

[1] Regulatory Framework for AI in Mainland UAE [2] AI Regulations in DIFC and ADGM [3] AIATC in Abu Dhabi [4] UAE National Strategy for Artificial Intelligence 2031

  1. The United Arab Emirates (UAE) has established an AI Office that defines AI as systems or machines that mimic human intelligence.
  2. The mainland UAE does not have a single law or regulation directly regulating AI, instead focusing on risk-based compliance obligations and transparency for AI systems.
  3. These regulations classify AI systems by risk and impose obligations accordingly, including documentation, transparency, risk assessment, incident reporting, and cybersecurity protections.
  4. In the Financial Free Zones, such as the Dubai International Financial Centre (DIFC) and Abu Dhabi Global Market (ADGM), no laws or regulations explicitly regulate AI, but the DIFC has made amendments to its data protection legislation to include developments with respect to AI.
  5. The DIFC has introduced more stringent requirements for "deployers and operators" of "autonomous and semi-autonomous systems" (including AI), including an obligation for "deployers and operators" to provide clear notice of the use of AI and a description of the AI system's purposes and principles to users.
  6. Key AI-related developments in the UAE include the appointment of a Minister of AI in 2017, the unveiling of the UAE National Strategy for Artificial Intelligence 2031 in 2018, and the establishment of the AIATC in 2024 for the emirate of Abu Dhabi.
  7. In the UAE, the use of AI in data processing could constitute "High Risk Processing Activities" in the DIFC if it "creates a materially increased risk to the security or rights of a Data Subject or renders it more difficult for a Data Subject to exercise his rights."
  8. The UAE launched a new AI charter in 2024, aimed at supporting its AI strategy for 2031, focusing on human wellbeing, safety, privacy, and transparency in AI development and use.
  9. While Mainland UAE's AI regulations have legal mandates, free zones like ADGM and DIFC rely on their own regulatory authorities to enforce tailored AI and cyber risk frameworks.
  10. The ADGM free zone introduced a Cyber Risk Management Framework in 2025 applying to financial sector firms, integrating AI risk within broader cyber regulation.
  11. Various government bodies and regulators in the UAE have issued guidelines to support the development of best practices in the AI space.
  12. The UAE comprises multiple jurisdictions, including the Financial Free Zones (DIFC and ADGM), Mainland UAE, and seven emirates, each with its unique regulatory landscape for AI.

Read also:

    Related

    Latest