Privacy Challenges of Digital Transformation in Critical Government Organizations Handling Sensitive Data in the United Arab Emirates: A Systematic Literature Review and Documentary Analysis

Authors

  • Majed Adel Almadani Hamdan Bin Mohammed Smart University

DOI:

https://doi.org/10.47604/jppa.3858

Keywords:

Digital Transformation, Privacy Governance, Sensitive Data, Critical Government Organizations, United Arab Emirates

Abstract

Purpose: The purpose of this study was to understand the privacy concerns surrounding the digital transformation of critical government organizations handling sensitive data in the United Arab Emirates (UAE). It examined privacy risks arising from technologies, organizational practices, legislation, and third-party involvement during public-sector digital transformation.

Methodology: This study adopted a qualitative systematic literature review and documentary analysis. Scholarly sources were retrieved from Scopus, ScienceDirect and Emerald Insight journals by applying specific search terms for digital transformation, privacy, data protection, security, governance and regulation. The literature search was carried out in English-language sources from 2022 to 2026. Grey literature was collected from official UAE government sources, UAE regulatory and legislative platforms, Digital Dubai sources, and recognized international organizations. A final evidence base of 20 scholarly sources and 12 grey-literature documents was collected.

Findings: The findings demonstrate that privacy risks do not stem from technology alone. They are produced as a result of interactions among digital systems, organizational routines, interpretation of regulations, and external providers. Issues include linkage of data, re-identification, loss of anonymity, opaque artificial intelligence (AI) inferences, excessive access privileges, poor consent models, fragmented governance, cloud vulnerabilities, third-party processing, and reduced public trust. The evidence also reveals that technical measures such as encryption, anonymization, access control, differential privacy, homomorphic encryption, and federated learning are significant but are not enough on their own to ensure privacy.

Unique Contribution to Theory, Practice and Policy: The study demonstrates that risks to privacy are a result of interactions between technologies, people, institutions, rules, and external actors, and thus contributes to Socio-Technical Systems Theory. It also demonstrates the extension of Privacy by Design, highlighting that purely technical measures to store and manage embedded privacy cannot be sufficient without organizational and regulatory support. The four-layer privacy-governance framework it offers is practical and includes technical safeguards, organizational governance, regulatory accountability, and third-party oversight. For policy, it calls for stronger coherence across UAE digital-government, AI, cloud, cybersecurity, and data-protection policies.

Downloads

Download data is not yet available.

References

Ahmadon, M. A., Napp, N., Rao, S., Silva, C., Lizar, M., Gorog, C., Lu, G., Hawkins, S.-K., & Zanero, S. (2025). Digital privacy: Trends, challenges, and the future. IT Professional, 27(3), 69–77. https://doi.org/10.1109/MITP.2025.3546433

Alcántara, J. C., Tasic, I., & Cano, M. (2024). Enhancing digital identity: Evaluating avatar creation tools and privacy challenges for the metaverse. Information, 15(10), 624. https://doi.org/10.3390/info15100624

Alhammadi, A. A., Alhashmi, S. M., Lataifeh, M., & Rice, J. L. (2024). The influence of national digital identities and national profiling systems on accelerating the processes of digital transformation: A mixed study report. Computers, 13(9), 243. https://doi.org/10.3390/computers13090243

Alhazmi, A. (2025). Privacy in smart digital healthcare during Hajj and Umrah: Challenges and recommendations. In 2025 2nd International Conference on Advanced Innovations in Smart Cities (ICAISC) (pp. 1–7). https://doi.org/10.1109/ICAISC64594.2025.10959406

Alzarooni, A. I., Alhashmi, S. M., Lataifeh, M., & Rice, J. (2024). Navigating digital transformation in the UAE: Benefits, challenges, and future directions in the public sector. Computers, 13(11), 281. https://doi.org/10.3390/computers13110281

Banaeian Far, S., & Imani Rad, A. (2022). Applying digital twins in the metaverse: User interface, security and privacy challenges. Journal of Metaverse, 2(1), 8–15. https://dergipark.org.tr/en/pub/jmv/issue/67967/1072189

Bansod, S., & Ragha, L. (2022). Challenges in making blockchain privacy compliant for the digital world: Some measures. Sādhanā, 47, 184. https://doi.org/10.1007/s12046-022-01931-1

Barati, M. (2023). Open government data programs and information privacy concerns: A literature review. JeDEM - eJournal of eDemocracy and Open Government, 15(1), 73–123. https://doi.org/10.29379/jedem.v15i1.759

Braun, V., & Clarke, V. (2022). Thematic analysis: A practical guide. SAGE Publications.

Brown, D., Butt, U., Naqvi, B., & Farag, S. (2026). Bridging the digital gap: Security, privacy and challenges for older adults in governmental digital services. Information & Computer Security. Advance online publication. https://doi.org/10.1108/ICS-09-2025-0352

Chomanski, B. (2025). The challenge of regulating digital privacy. Critical Review of International Social and Political Philosophy. https://doi.org/10.1080/13698230.2025.2478725

Chomanski, B., & Lauwaert, L. (2025). Digital privacy and the law: The challenge of regulatory capture. AI & Society, 40(4), 2777–2787. https://doi.org/10.1007/s00146-024-02041-8

De Cassai, A., Dost, B., Tulgar, S., & Boscolo, A. (2025). Methodological standards for conducting high-quality systematic reviews. Biology, 14(8), 973. https://doi.org/10.3390/biology14080973

Del-Real, C., De Busser, E., & van den Berg, B. (2025). A systematic literature review of security and privacy by design principles, norms, and strategies for digital technologies. International Review of Law, Computers & Technology, 39(3), 374–405. https://doi.org/10.1080/13600869.2025.2457227

Digital Dubai. (2024a, July 17). Digital Dubai launches initiative to enhance data quality, aligning with highest international standards. https://www.digitaldubai.ae/newsroom/news/digital-dubai-launches-initiative-to-enhance-data-quality-aligning-with-highest-international-standards

Digital Dubai. (2024b, September 26). Digital Dubai launches Dubai Data and AI Platform, ushering in a new phase of digital transformation. https://www.digitaldubai.ae/newsroom/news/digital-dubai-launches-dubai-data-and-ai-platform-ushering-in-a-new-phase-of-digital-transformation

Digital Dubai. (2025, April 23). Digital Dubai and Dubai Future Foundation launch inaugural Dubai State of AI Report, showcasing government adoption trends. https://www.digitaldubai.ae/newsroom/news/digital-dubai-and-dubai-future-foundation-launch-inaugural-dubai-state-of-ai-report-showcasing-government-adoption-trends

Digital Dubai. (2026, April 28). AI Integration Matrix Framework for Government Organizations. https://www.digitaldubai.ae/knowledge-hub/publications

Eom, S., & Lee, J. (2022). Digital government transformation in turbulent times: Responses, challenges, and future direction. Government Information Quarterly, 39(2), 101690. https://doi.org/10.1016/j.giq.2022.101690

Govers, M., & van Amelsvoort, P. (2023). A theoretical essay on socio-technical systems design thinking in the era of digital transformation. Gruppe. Interaktion. Organization. Zeitschrift für Angewandte Organisationspsychologie (GIO), 54(1), 27–40. https://doi.org/10.1007/s11612-023-00675-8

Haug, N., Dan, S., & Mergel, I. (2024). Digitally-induced change in the public sector: A systematic review and research agenda. Public Management Review, 26(7), 1963–1987. https://doi.org/10.1080/14719037.2023.2234917

He, C., Luan, T. H., Lu, R., Su, Z., & Dong, M. (2023). Security and privacy in vehicular digital twin networks: Challenges and solutions. IEEE Wireless Communications, 30(4), 154–160. https://doi.org/10.1109/MWC.002.2200015

Ikumapayi, O. M., Bayode, A., Jaiyesimi, B. G., Egwuche, O. S., Bello, K. A., Azeez, T. M., Ogunnigbo, C. O., & Onu, P. (2025). Security and privacy challenges in the digital transformation system. NIPES Journal of Science and Technology Research, 7(2), 3674–3680. https://doi.org/10.37933/nipes/7.4.2025.SI452

Irani, Z., Abril, R. M., Weerakkody, V., Omar, A., & Sivarajah, U. (2023). The impact of legacy systems on digital transformation in European public administration: Lessons learned from a multi-case analysis. Government Information Quarterly, 40(1), 101784. https://doi.org/10.1016/j.giq.2022.101784

Kim, P. W. (2025). Fog computing for artificial intelligence digital textbooks: Educational scaffolding and security and privacy challenges. Expert Systems, 42(2), e13801. https://doi.org/10.1111/exsy.13801

Kolaski, K., Romeiser Logan, L., & Ioannidis, J. P. A. (2023). Guidance to best tools and practices for systematic reviews. Paediatric Rehabilitation Medicine, 16(2), 171–193. https://doi.org/10.3233/PRM-230019

Kolaventi, S. S., Dash, S., Raju, D., Gupta, M., Setia, N., Niranjan, A., & Jamuna, K. V. (2024). Ethical and privacy challenges in cloud-based health informatics for digital health records. Seminars in Medical Writing and Education, 3, 511. https://doi.org/10.56294/mw2024511

Krishna, V. R., Maad, A. H., Alanssari, A. I., Nimah, N. R., Jabbar, K. A., & Thuniki, P. (2025). Ethics, privacy, and security challenges in AI and blockchain-driven digital health ecosystems. In 2025 4th OPJU International Technology Conference (OTCON) on Smart Computing for Innovation and Advancement in Industry 5.0 (pp. 1272–1277). IEEE. https://doi.org/10.1109/OTCON65728.2025.11070382

Kuštelega, M., Mekovec, R., & Shareef, A. (2024). Privacy and security challenges of the digital twin: Systematic literature review. Journal of Universal Computer Science, 30(13), 1782–1806. https://doi.org/10.3897/jucs.114607

Landerdahl Stridsberg, S., Richardson, M. X., Redekop, K., Ehn, M., & Wamala Andersson, S. (2022). Gray literature in evaluating effectiveness in digital health and health and welfare technology: A source worth considering. Journal of Medical Internet Research, 24(3), e29307. https://doi.org/10.2196/29307

Mišić, J., van Est, R., & Kool, L. (2025). Good governance of public sector AI: A combined value framework for good order and a good society. AI and Ethics, 5, 4875–4889. https://doi.org/10.1007/s43681-025-00751-3

Misra, S., Barik, K., & Kvalvik, P. (2025). Trust in digital sovereignty: A review of security, privacy, and governance challenges. Public Organization Review. Advance online publication. https://doi.org/10.1007/s11115-025-00968-0

OECD. (2024). AI, data governance and privacy: Synergies and areas of international co-operation (OECD Artificial Intelligence Papers No. 22). OECD Publishing. https://doi.org/10.1787/2476b1a4-en

Quach, S., Thaichon, P., Martin, K. D., Weaven, S., & Palmatier, R. W. (2022). Digital technologies: Tensions in privacy and data. Journal of the Academy of Marketing Science, 50(6), 1299–1323. https://doi.org/10.1007/s11747-022-00845-y

Saleha, N., Widiasih, R., Pramukti, I., Dhamayanti, M., & Aprilatutini, T. (2026). Privacy rights versus surveillance, challenges of sex education in the digital age: An exploratory qualitative study in Indonesia. BMC Public Health, 26, 837. https://doi.org/10.1186/s12889-026-26281-z

Song, B., Pokhrel, S. R., Deng, M., Lan, Q., Doss, R., Zhu, T., & Li, G. (2025). Digital privacy under attack: Challenges and enablers. ACM Computing Surveys, 58(4), 107, 1–35. https://doi.org/10.1145/3770853

Telecommunications and Digital Government Regulatory Authority. (2023, December 18). TDRA releases the Digital Enablers Report 2023. https://tdra.gov.ae/en/media/press-release/2023/tdra-releases-the-digital-enablers-report-2023

Tukur, M., Schneider, J., Househ, M., Dokoro, A. H., Ismail, U. I., Dawaki, M., & Agus, M. (2023). The metaverse digital environments: A scoping review of the challenges, privacy and security issues. Frontiers in Big Data, 6, 1301812. https://doi.org/10.3389/fdata.2023.1301812

UAE Government. (2024a, December 30). The UAE Digital Government Strategy 2025. The Official Portal of the UAE Government. https://u.ae/en/about-the-uae/strategies-initiatives-and-awards/strategies-plans-and-visions/government-services-and-digital-transformation/uae-national-digital-government-strategy

UAE Government. (2024b, June 10). UAE Charter for the Development and Use of Artificial Intelligence. UAE Legislation. https://uaelegislation.gov.ae/en/policy/details/the-uae-charter-for-the-development-and-use-of-artificial-intelligence

UAE Government. (2024c, December 30). Overseeing digital transformation in the UAE. The Official Portal of the UAE Government. https://u.ae/en/about-the-uae/digital-uae/digital-transformation/cooperation-and-collaboration/overseeing-digital-transformation-in-the-uae

UAE Government. (2025a, November 27). Data protection laws. The Official Portal of the UAE Government. https://u.ae/en/about-the-uae/digital-uae/data/data-protection-laws

UAE Government. (2025b, October 23). National Cloud Security Policy. The Official Portal of the UAE Government. https://u.ae/en/about-the-uae/digital-uae/digital-transformation/strategies-policies-and-initiatives/National-Cloud-Security-Policy

UAE Government. (2025c). Artificial intelligence in government policies. The Official Portal of the UAE Government. https://u.ae/en/about-the-uae/digital-uae/artificial-intelligence/artificial-intelligence-in-government-policies

United Nations Department of Economic and Social Affairs. (2024). United Nations E-Government Survey 2024: Accelerating digital transformation for sustainable development. United Nations. https://publicadministration.un.org/egovkb/en-us/Reports/UN-E-Government-Survey-2024

Vera-Arenas, C. J. (2025). ‘Human digital twins’ and blockchain: Some challenges and solutions for digital identity and privacy. In C. Pastor Sempere (Ed.), Governance and control of data and digital economy in the European Single Market (pp. 473–488). Springer. https://doi.org/10.1007/978-3-031-74889-9_21

Verma, A., & Gurtoo, A. (2024). Evaluating global data policies around non-personal data on social and public goods. Digital Policy, Regulation and Governance, 26(1), 72–94. https://doi.org/10.1108/DPRG-03-2023-0044

World Bank. (2025). Digital public infrastructure and development: A World Bank Group approach. World Bank. https://documents1.worldbank.org/curated/en/099031025172027713/pdf/P505739-84c5073b-9d40-4b83-a211-98b2263e87dd.pdf

Zhou, Y. (2025). Cybersecurity and privacy protection in the digital age: Challenges and countermeasures. In 2025 IEEE International Symposium on Broadband Multimedia Systems and Broadcasting (BMSB) (pp. 1–6). IEEE. https://doi.org/10.1109/BMSB65076.2025.11165675

Downloads

Published

2026-07-08

How to Cite

Almadani, M. (2026). Privacy Challenges of Digital Transformation in Critical Government Organizations Handling Sensitive Data in the United Arab Emirates: A Systematic Literature Review and Documentary Analysis. Journal of Public Policy and Administration, 11(2), 36–65. https://doi.org/10.47604/jppa.3858

Issue

Section

Articles

Similar Articles

<< < 2 3 4 5 6 7 8 > >> 

You may also start an advanced similarity search for this article.