Skip to main content
NOPE
In Effect Guidance AI Safety Context Relevance

SDAIA AI Framework

Saudi Arabia SDAIA AI Governance Framework

Comprehensive AI governance from Saudi Data & AI Authority: Ethics Principles (Sep 2023), Generative AI Guidelines (Jan 2024), AI Adoption Framework (Sep 2024). Combined with PDPL creates binding + guidance framework.

Jurisdiction

Saudi Arabia

SA

Enacted

Unknown

Effective

Unknown

Enforcement

SDAIA; National Data Management Office (NDMO)

Who Must Comply

This law applies to:

  • AI deployers in Saudi Arabia
  • Data controllers/processors under PDPL

Who bears obligations:

DeveloperDeployer

This regulation places direct obligations on deployers (organizations using AI systems).

Safety Provisions

  • AI Ethics Principles: Fairness, transparency, accountability, safety, privacy
  • Generative AI Guidelines: Output validation, bias prevention, human oversight
  • AI Adoption Framework: Governance, risk assessment, implementation
  • PDPL: Sensitive data (health, children) requires explicit consent
  • PDPL: Automated decision disclosure
  • PDPL: Children = under 18

Enforcement

Enforced by

SDAIA; National Data Management Office (NDMO)

Penalties

SAR 5M

Max fine: $5,000,000

PDPL: up to SAR 5M (~$1.33M). AI guidance voluntary.

Quick Facts

Binding
No
Mental Health Focus
Yes
Child Safety Focus
Yes
Algorithmic Scope
Yes

Why It Matters

Major Gulf market with AI investment. PDPL has extraterritorial reach. GenAI Guidelines specifically address chatbots.

Recent Developments

PDPL fully enforced September 2024 with extraterritorial reach.

Cite This

APA

Saudi Arabia. (n.d.). Saudi Arabia SDAIA AI Governance Framework. Retrieved from https://nope.net/regs/sa-sdaia-framework

BibTeX

@misc{sa_sdaia_framework,
  title = {Saudi Arabia SDAIA AI Governance Framework},
  author = {Saudi Arabia},
  year = {n.d.},
  url = {https://nope.net/regs/sa-sdaia-framework}
}

Related Regulations

In Effect SA Data Protection

Saudi Arabia PDPL

Saudi Arabia's comprehensive personal data protection law with extraterritorial scope, DPO requirements for sensitive processing, and National Data Governance Platform registration.

In Effect EG AI Safety

Egypt AI Strategy 2025

Ambitious national strategy positioning Egypt as regional AI hub for Africa and Middle East. Targets 7.7% ICT sector GDP contribution by 2030, training 30,000 AI specialists, establishing 250 AI companies. Built on six strategic pillars: governance, infrastructure, technology, data, ecosystem, and talent. Accompanied by Egyptian Charter for Responsible AI (April 2023) with ethics principles.

In Effect QA AI Safety

Qatar QCB AI Guidelines

Binding AI governance requirements for Qatar's financial sector. Mandates board-level accountability, risk assessments, human-in-the-loop for high-impact decisions, and prior QCB approval for high-risk AI systems.

In Effect AE-DIFC AI Safety

DIFC AI Regulation

First enacted AI-specific regulation in the Middle East, Africa, and South Asia (MEASA) region. Establishes risk-based framework for AI systems in the DIFC financial free zone, with requirements for transparency, human oversight, and accountability.

In Effect IL Data Protection

Israel Privacy Amendment 13

Israel's most significant privacy reform in 40 years, explicitly covering AI systems. Requires Data Protection Officers (DPOs) for entities processing sensitive data at scale, mandates Data Protection Impact Assessments (DPIAs) before AI deployment, and enhances Protection of Privacy Authority enforcement powers. One of first data protection laws to explicitly require DPIAs before AI development or deployment.

In Effect JO Data Protection

Jordan PDPL

Jordan's data protection law with medical data processing exceptions, data portability rights, and oversight including security services.

Back to all regulations Check if this applies to you