Saudi Arabia

Subscribe to Saudi Arabia via RSS
Flowing particle lines

Organizations should prioritize compliance efforts in light of mounting regulatory scrutiny and potential fines.

By Brian A. MeenaghDanielle van der Merwe, and Faisal Imam*

The Kingdom of Saudi Arabia’s Personal Data Protection Law (PDPL) is now firmly in its active enforcement phase. The one-year grace period granted to organizations to achieve compliance ended on September 14, 2024, and the Saudi Data and Artificial Intelligence Authority (SDAIA) has moved from awareness-building and guidance to regulatory action. Businesses operating

Flowing particle lines

The draft law proposes a data embassy ecosystem and comprehensive framework in Saudi Arabia, promoting its position as a global AI hub.

By Brian Meenagh, Ksenia Koroleva, and Faisal Imam*

On April 14, 2025, Saudi Arabia’s Communications, Space and Technology Commission (CST) issued a consultation draft of a “Global AI Hub Law.” This draft law marks Saudi Arabia as the first G20 nation to publish a draft of a comprehensive legal framework that embraces the

The PDPL has broad extraterritorial scope and substantial penalties for non-compliance, with full enforcement expected to start in September.

By Brian A. Meenagh and Lucy Tucker

The Personal Data Protection Law (PDPL) is the first comprehensive data protection law in Saudi Arabia. The Saudi Data and Artificial Intelligence Authority (SDAIA) is expected to start full enforcement of the PDPL from 14 September 2024, after the current compliance transition period ends. SDAIA emphasised that it expects entities to take measures to achieve compliance with the PDPL by the September deadline.  

Tech-electronic-microchip_dreamstime_79398511

The amended PDPL diverges from international privacy laws in several areas, including personal data transfers, penalties, and breach notification.

By Brian A. Meenagh and Lucy Tucker

An amended version of the Kingdom of Saudi Arabia’s Personal Data Protection Law (PDPL) was published in the Official Gazette of the Kingdom of Saudi Arabia on April 7, 2023. The amended PDPL contains the same wide extra-territorial scope as the original PDPL. It applies to any processing of personal data that takes place in the Kingdom, and applies to the processing of personal data of individuals located in the Kingdom by organizations outside of the Kingdom.

The amended PDPL contains concepts and requirements similar to those in international privacy laws, such as the GDPR, including concepts, such as personal data, controllers and processors, data processing principles, certain data subject rights, and the requirement to maintain a record of processing activities. However, the PDPL diverges from international privacy laws in several important areas, notably in relation to transfers of personal data outside of the Kingdom and penalties for non-compliance.

Dubai skyline view from the Marasi marina in city Business bay downtown area in the UAE

The Middle East’s rapidly advancing space sector has seen a slew of landmark achievements in the last few years.

By Alexander Hendry

In 2014, the UAE established the UAE Space Agency to oversee and grow its space sector, and it has since successfully completed numerous projects. In July 2020, it became the fifth country in the world to launch a probe to Mars, and in December 2022, the UAE-built Rashid Rover was launched on a path to the moon. Emirati astronaut Hazza Al Mansouri was the first person from the UAE in space, and Emirati astronaut Sultan Al Neyadi will soon embark on a six-month mission to the International Space Station. The Mohammed bin Rashid Space Centre has launched four satellites, and UAE-based satellite company Yahsat currently manages a fleet of five satellites and provides services in more than 150 countries. In 2022, the UAE established an US$817 million fund to support its space sector, including the development of a constellation of advanced radar imaging satellites.

Credit card detail photo focused on raised printed numbers

The updates are part of SAMA’s efforts to promote an innovation-based financial technology ecosystem in the KSA.

By Salman Al-Sudairi, Brian A. Meenagh, and Homam Khoshaim

Last month, the Saudi Arabian Monetary Authority (SAMA) issued an update to the recently implemented Payment Services Provider Regulations (PSPR), which was introduced in January 2020 to regulate Payment Services Providers (PSPs) operating in the Kingdom of Saudi Arabia (KSA). The PSPR provides a clear path for PSPs to obtain SAMA-issued licenses to provide payment services in the KSA. Notably, the PSPR applies concepts implemented by the European Union’s Payment Services Directive (PSD2). This should remove some of the friction involved in international PSPs launching operations in the KSA by allowing them to apply the same business models and operating processes already applied in the jurisdictions in which they operate.

Sand dunes

The Middle East and North Africa (MENA) is home to 14 of the 33 most water scarce countries globally, with six times less water availability than the worldwide average and less than 2 percent of the world’s renewable water supply. The Gulf Cooperation Council (GCC) states – Bahrain, Kuwait, Qatar, United Arab Emirates, Saudi Arabia and Oman – all rank in the top 10 most water scarce countries. The water crisis in the region is exacerbated by exploding

Riyadh - Saudi Arabia_dreamstime_12711865

For the past few decades, the obligations of companies with losses reaching 50% or more of their share capital has been a topic of high debate in the Kingdom of Saudi Arabia. That is due to the uncertainty surrounding the application of Articles 148 and 180 of the current Companies Law (Current Companies Law), which regulate this matter in connection with joint stock companies (JSCs) and limited liability companies (LLCs), respectively. On 9 November 2015, however, a new Companies Law

Riyadh Building_dreamstime_12712018Saudi Arabia’s recently announced plans to privatise several key industries in the Kingdom has once again brought the Kingdom’s privatisation agenda back into the spotlight. The announcements form part of the countries transformational initiatives as part of The 2016-2020 National Transformation Plan (NTP) to improve public sector efficiency and boost non-oil revenues in the region, and will reportedly include airports, municipalities, hospitals and education.

Privatisation covers many types of transactions but typically includes the divestiture, whether by sale or lease,