As a general principle under Article 57 of the Egyptian Constitution “Private life is inviolable, safeguarded and may not be infringed upon. Postal, telegraph, e-correspondence, telephone calls and any other means of communications are inviolable and the confidential thereof is guaranteed, which communications may only be confiscated, examined or monitored by virtue of a judicial order for a limited period of time in the circumstances stipulated by Law. The State shall protect the rights of citizens to use all means of public communications, which communications may not be arbitrarily disrupted, ceased or withheld from citizen, and shall be governed by law”.

Egypt is also committed to the provisions of the Universal Declaration of Human Rights and the International Convention on Civil and Political Rights, which provisions have the full force of law by virtue of Article 93 of the Egyptian Constitution, whereby no one shall be subjected to arbitrary interference with his privacy and correspondence.

There is a number of criminal penalties imposed under the Egyptian Penal Code for infringing private life such as the provisions of Article 309-bis, which provides that any person infringes private life by mean of, inter alia, (i) eavesdropping, recording or transmitting any conversion made in a private place or via telephone calls; or (ii) taking pictures of another person in a private place, the first person shall be liable to a penalty of imprisonment for a period of no more than one (1) year.

For the first time in Egypt, on October 30, 2017, one of the members of the Egyptian House of Representatives (the “Parliament”) submitted a proposal to the Parliament to adopt a new law for protecting personal data (the “Draft Data Protection Law”).

The competent committees at the Parliament are currently in the process of reviewing and amending the proposed Draft Data Protection Law in order to be submitted to the General Committee of the Parliament for initial approval, and then if the said approval is obtained, the proposed Draft Data Protection Law along with the amendments thereof (if any) will be referred to the Council of the State for review from a legal point of view before the issuance of the final approval of the Parliament.

The proposed Draft Data Protection Law states that the provisions thereof shall apply to any personal data processing that (i) takes place in Egypt, or (i) uses automated or non-automated means in Egypt excluding any data processing made/to be made for (i) family-related purposes, (ii) official statistics purposes in application of law, or (iii) judicial investigations.

According to the proposed Draft Data Protection Law, a number of disclosure requirements shall be made as well as a prior explicit approval from the person owning the data shall be obtained before proceeding with the processing of such data. However, even after meeting the said requirements and obtaining the said approval, the said person will still have the right, in certain cases, to postpone, correct, remove or disable any access to his personal data that is subject of the pre-approved data processing.

The Draft Data Protection Law proposes also that any direct or indirect marketing e-messages using any personal data shall be prohibited unless a prior approval is obtained.

The proposed Draft Data Protection Law is a significant step and it will definitely affect the way of dealing with personal data by all entities in Egypt, especially information technology and telecommunication companies and B2C businesses.