Donate
Telecommunications companies

e&

Rank: 9th
Score: 21%out of 100

Headquartered in the United Arab Emirates (UAE), e& (previously known as Etisalat Group) offers mobile, fixed broadband, and technology services to 248 million aggregate subscribers across Africa, Asia, Europe and the Middle East.

Telefónica1
57%
MTN2
42%
América Móvil3
41%
Deutsche Telekom4
40%
Vodafone5
39%
AT&T6
38%
Telenor6
38%
Orange8
36%
e&9
21%
Axiata10
20%
Bharti Airtel10
20%
Ooredoo12
14%

e& moved up two places to 9th this year, following improvements in its governance transparency. The company, previously known as Etisalat, rebranded as e& (etisalat and) in 2022 and has been diversifying its services by expanding into digital offerings, such as AI-driven services, cloud computing, and ride-sharing. The company now describes itself as a “global technology group.”

This year, with an over 20-point increase, the company achieved the largest improvement in governance disclosures among all telcos evaluated. However, e& still lagged behind most of its peers in the ranking and remained opaque about key areas affecting its users. For instance, it continued to provide limited information on how it handles network shutdown demands despite operating in a number of markets that witnessed internet shutdowns over the past two years, including Afghanistan and Pakistan.

In business, the company continued to broaden its product portfolio and expand its operations. For instance, in December 2023, it acquired a 50.03 percent share in Careem Technologies, “an everything app” that provides services that include food delivery, ride sharing, and bicycle renting in the Middle East, Africa, and South Asia. In 2024, e& expanded its operations in Europe by buying a 50 percent plus one share in Netherlands-based PPF Telecom Group’s assets in Bulgaria, Hungary, Serbia, and Slovakia. The company’s expansion and diversification strategies seem to be paying off as it reported record revenue and net profit in 2024.

The company, however, still faced scrutiny over its human rights impacts. In December 2023, KLP, Norway’s largest pension company, removed e& and 10 other companies, including its telco rival Ooredoo, from its investment portfolio, citing “an unacceptable, sector-specific risk of contributing to human rights abuses.” The decision followed a due diligence process of KLP’s investments in the Gulf region.

Key Takeaways

  • Despite slight improvements, the company’s due diligence processes remained weak across all issues assessed by RDR. In particular, it did not disclose anything on whether it assesses human rights risks associated with its policy enforcement processes, targeted advertising practices, and zero-rating programs.
  • The company did not share its process for handling government demands to remove content and accounts or to access user data. While it is a criminal offense in the UAE not to comply with government blocking orders, there is no law prohibiting the company from disclosing how it handles these demands or its compliance rates with either government or private content-blocking requests.
  • Though it published brief resources to help users protect themselves against fraud and scams, e& failed to provide comprehensive information that would allow them to understand how their information is processed and meaningful options to control and access their own information.

Recommendations

  • Conduct human rights due diligence. The company should conduct robust human rights impact assessments to help it assess, understand, and mitigate the risks to privacy, freedom of expression, and non-discrimination posed by its business operations and services, especially as it develops new services and enters new markets. The scope of these assessments should include the company’s targeted advertising policies and its development and use of algorithmic systems.
  • Strengthen freedom of expression policies. e& has significant room for improvement in this category, for instance, by publishing ad content and targeting policies, and explaining its process for responding to third-party demands to censor content and network shutdown demands.
  • Improve security policies. The company should roll out policies for responding to data breaches and addressing security vulnerabilities. It should also provide users with better resources and information to protect themselves from cybersecurity risks.

Services evaluated:

  • Etisalat UAE (Prepaid mobile)
  • Etisalat UAE (Postpaid mobile)
  • Etisalat UAE (Fixed-line broadband)
  • Operating company evaluated: e& UAEFor telecommunications companies, the RDR Index evaluates relevant policies of the parent company, the operating company, and selected services of that operating company.
  • Market cap: USD 43.43B (as of May 18, 2026)
  • ADX, based in Abu Dhabi: EAND
  • Read more about how stock structures can be a barrier to shareholder participation
  • Website: https://www.eand.ae/en/index.html

The 2026 RDR Index: Telco Giants Edition covers policies that were active on August 31, 2025. Policies that came into effect after August 31, 2025 were not evaluated for this ranking.

Scores reflect the average score across the services we evaluated, with each service weighted equally.

  • Lead researchers: Afef Abrougui, Farah Rasmi
Download data and sources

Changes since 2022

  • e& improved its commitment to privacy by grounding it in international human rights standards. It also disclosed ethical principles guiding “development and deployment of AI-powered products and services.”
  • It strengthened its governance and management oversight of privacy at board, executive and management levels.
  • It provided a general description on its use of algorithmic systems to enforce its rules, although this information was limited.
  • It explained how it collects user information in some cases and made a commitment to data minimization.

Scores since 2017

100%0%2017201820192020202220268%8%8%10%13%21%
Most companies’ scores dropped between 2019 and 2020 with the inclusion of our new indicators on targeted advertising and algorithmic systems. To learn more, please visit our Methodology development archive.
Governance39%
Freedom of expression9%
Privacy22%

We rank companies on their governance, and on their policies and practices affecting freedom of expression and privacy.

Governance 39%

e& performed best in this category. It made a strong commitment to privacy, but did not explicitly commit to freedom of expression and information (G1). The company disclosed strong governance management oversight of privacy at board, executive and management levels, but did not explicitly state that this oversight covers freedom of expression (G2). The company shared almost nothing about its due diligence processes (G4). While it provided a grievance mechanism enabling users to submit privacy and freedom of expression complaints, it was unclear how it processed complaints and provided remedy (G6a).

Freedom of expression 9%

The company’s performance in this category remained poor, with little progress from the 2022 RDR Index. Out of 24 indicators in this category, e& received no credit on 15 of them. Its mobile service was relatively clear about the types of content and activities it prohibits, but provided limited clarity on how it enforces these rules (F3a). It disclosed nothing about its policies for ad content and targeting (F3b, F3c) and how it handles third-party demands, particularly government requests for restricting content and accounts, or any data relevant to these requests (F5, F6).

Privacy 22%

Although it improved in some areas, e& still lagged behind all companies ranked in the privacy category, with the exception of Ooredoo. It disclosed some of the information it collects (P3a) and shares (P4), but did not report on the types of information it infers (P3b). Nor was it transparent about its data retention policies and practices (P6). It kept silent about how it handles government surveillance demands (P10a). It had a relatively strong performance on security oversight (P13), but offered no information about how it addresses security vulnerabilities (P14) and responds to data breaches when they occur (P15).

Indicators