Data Privacy & Digital Rights

Bahrain's PDPL (Law 30/2018) is in force since 1 August 2019, enforced by the Personal Data Protection Authority (PDPA) under the Ministry of Justice. Cybercrime Law 60/2014 covers NCII and online harassment.

Covered in this guide:

Removing Non-Consensual Intimate Imagery (NCII)
Your Rights Under Bahrain's Personal Data Protection Law (PDPL)
Cyberstalking and Online Harassment in Bahrain

Bahrain's Personal Data Protection Law (Law No. 30 of 2018, PDPL) has been in force since 1 August 2019. The regulator is the Personal Data Protection Authority (PDPA), with duties assumed by the Ministry of Justice, Islamic Affairs and Waqf by Royal Decree 78/2019. For NCII and unauthorised intimate imagery, the criminal framework is the Cybercrime Law 60/2014. Investigation runs through the MOI Cybercrime Directorate. Victims should also use StopNCII.org (18+) or takeitdown.ncmec.org (under-18) — both free.

Key Laws

Personal Data Protection Law (Law No. 30 of 2018, PDPL)

Law 30/2018 — issued 19 July 2018; in force 1 August 2019; PDPA established Article 27; duties assumed by Ministry of Justice (Royal Decree 78/2019)

Bahrain's comprehensive data protection statute. Data-subject rights of access, correction, deletion, consent withdrawal. Regulator: Personal Data Protection Authority (PDPA) under Ministry of Justice, Islamic Affairs and Waqf.

Cybercrime Law (Law No. 60 of 2014)

Law 60/2014

Covers hacking, electronic fraud, identity theft, content offences, information forgery. Enforcement: MOI Cybercrime Directorate.

Key Laws

Personal Data Protection Law (Law No. 30 of 2018, PDPL)

Cybercrime Law (Law No. 60 of 2014)

Removing Non-Consensual Intimate Imagery (NCII)

Your Rights Under Bahrain's Personal Data Protection Law (PDPL)

Cyberstalking and Online Harassment in Bahrain