Dubai, UAE — December 2025 — The Dubai International Financial Centre has become a member of the Global Cross-Border Privacy Rules Forum, marking a significant milestone as the first jurisdiction outside the Asia-Pacific Economic Cooperation bloc to do so.
According to the Emirates News Agency, the announcement was made during a recent forum workshop in the Philippines. As part of the membership criteria, DIFC has also joined the complementary Global Cooperation Arrangement for Privacy Enforcement.
This strategic move underscores DIFC’s commitment to advancing interoperable, inclusive, and trusted international privacy frameworks, aligning with the evolving needs of global businesses and individuals.
It further solidifies the Centre’s role in bolstering the digital economy, both internationally and within Dubai and the UAE, in direct support of the UAE Digital Economy Strategy. The membership is designed to facilitate smoother global trade by fostering secure, transparent, and trustworthy cross-border data flows.
Arif Amiri, Chief Executive Officer of DIFC Authority, stated: “Becoming the first jurisdiction in the region to receive Global Cross-Border Privacy Rules membership recognises DIFC’s initiatives to advance data and privacy protection.”
He added: “The digital age, fuelled by global connectivity and technology, means information is ubiquitous and instantly shareable. This results in businesses, particularly in finance, handling unprecedented volumes of individual data electronically and internationally every day.”
Amiri went on saying that DIFC has established effective laws, regulation and compliance for more than 8,000 registered companies within the Centre, reflecting Dubai’s ongoing commitment to world class standards and its vision to be at the forefront of the digital economy.
The Global CBPR Forum, established in 2022, expands the reach of the original APEC-based CBPR system, which certifies organizations for secure cross-border data transfers. The new global framework is open to jurisdictions worldwide, aiming to promote regulatory interoperability over a wider area.
DIFC’s membership builds upon its pioneering regulatory landscape, notably the introduction of Regulation 10 in 2023, a first in the MEASA region governing personal data processing via autonomous systems like AI.
This regulation created a collaborative platform for integrating diverse international guidelines, establishing a ‘plug and play’ environment for applying responsible and ethical principles to AI technology development.
The latest step into the Global CBPR Forum continues this trajectory, positioning DIFC at the forefront of shaping the future of data privacy and digital trust.
