Saudi Arabia: Saudi Data and AI Authority adopted General Rules for Secondary Use of Data establishing data governance framework

On 25 December 2025, the Saudi Data and AI Authority (SDAIA) adopted the General Rules for Secondary Use of Data. They establish a data governance framework across government and private entities, defining scope, objectives, and mechanisms governing data-sharing requests, including controls for data classification levels and confidentiality of government data. The rules set out procedures for submitting, assessing, approving, or rejecting data-sharing requests through the Data Marketplace platform and other approved secure methods. They introduce a use licensing mechanism for private entities requesting government data, with licenses issued under procedures established by the National Data Management Office and including possible provisions on intellectual property rights and commercial confidentiality. They complement SDAIA's Data Sharing Policy and allocate oversight and procedural roles to the National Data Management Office.