Specialized Committees Consider Personal Data Protection Law Violations in Saudi Arabia

The Committees for Reviewing Violations of the Provisions of the Personal Data Protection Law and Its Implementing Regulations in Saudi Arabia are actively considering complaints related to infractions of the law and imposing the legally prescribed penalties. Their work aims to ensure the protection of individuals' personal data following the conclusion of the grace period for compliance.
 These efforts are part of the Saudi Data and AI Authority (SDAIA)'s mandate to oversee the enforcement of the Personal Data Protection Law, established by Royal Decree No. (M/19) on Safar 9, 1443 AH, and amended by Royal Decree No. (M/148) on Ramadan 5, 1444 AH.
 In a statement on Sunday, SDAIA highlighted that the committees comprise technical and legal experts who operate under the powers granted to them, including the authority to review complaints related to the Personal Data Protection Law. The committees are authorized to summon individuals or organizations to provide testimonies or reports whenever deemed necessary, allowing a reasonable timeframe for responses. The committees may also summon whoever they consider relevant to provide testimonies in person, in writing, or through electronic communication methods they deem suitable, including electronic video or audio communication.
 The committees are specifically tasked with examining violations of the provisions and regulations of the law and imposing the legally prescribed penalties, as outlined in Article 36 of the Personal Data Protection Law.