Saudi Arabia: Opened Public Consultation on SDAIA Draft Data Sovereignty Public Policy

On 10 March 2024, the Saudi Data and AI Authority (SDAIA) opened a public consultation on the Draft Data Sovereignty Public Policy until 9 April 2024. The Draft is divided into 4 principles. The first principle is data as a national asset, which aims to ensure data sovereignty by complying with local laws and regulations, enhancing transparency and access to public information, and promoting open data practices for economic growth. The second principle is data protection. In particular, it aims to protect data against breach, damage, loss, misuse, alteration, or unauthorised access. It also emphasises the importance of regulating the hosting and storage of non-personal data produced, collected, or handled by government entities and private entities that are classified as Critical National Infrastructure (CNIs). The third principle is data availability. The aim is to ensure that competent authorities have timely access to the necessary data to fulfil their duties while managing foreign entities' data access requests in accordance with national laws. Finally, the fourth principle is the encouragement of local and foreign investments.