In brief The Personal Data Protection Law (“PDPL”) of Saudi Arabia (“KSA”) was recently amended pursuant to Royal Decree No. M/148, dated 05/09/1444H (corresponding to 27 March 2023G) (“Amended PDPL”). These amendments were preceded by a public consultation launched by the Saudi Data and Artificial Intelligence Authority (“SDAIA”) in late 2022. The Amended PDPL expands the scope under which Controllers could collect personal data from third parties and process it for purposes other than that for…
The Council of Ministers of Saudi Arabia adopted a resolution dated 03/06/1444H (corresponding to 27 December 2022G) clarifying the consequences in terms of eligibility to compete for government contracts for companies that fail to locate their Regional Headquarters (“RHQ”) in Saudi Arabia. This clarification has been anticipated for some time, since the Kingdom first announced at the end of 2020 that multinationals wishing to continue contracting with the government would need to locate their RHQs…
In brief On 20 November 2022, the Saudi Data and Artificial Intelligence Authority (SDAIA) launched a public consultation on proposed amendements to the Personal Data Protection Law, promulgated by Royal Decree No. M/19, dated 09/02/1443H (“PDPL”), which was orginally published on promulgated on 24 September 2021. You can acces our previous alert on the publication of the PDPL here. The public consultation will remain open up until 20 December 2022 and all organisations are invited…
On 31 March 2022, the Ministry of Commerce published for consultation a draft Consumer Protection Law (“Draft Law”) on the Public Consultation Platform, which will close for comments on 15 May 2022. The Draft Law is intended to be administered by a yet to be defined competent governmental authority, presumably a department within the Ministry of Commerce (“Competent Authority”). The scope of the Draft Law is limited to business to consumer (B2C) transactions, as it…
In brief On 10 March 2022 the National Data Management Office (the “NDMO”) published for consultation a draft of the executive regulations (the “Regulations”) to the Personal Data Protection Law, promulgated by Royal Decree No. M/19, dated 09/02/1443H (the “PDPL”). You can access our previous alert on the publication of the Law here. You can access the consultation and a full draft of the Regulations here. The consultation invites comments on the Regulations and will…