Saudi New Law | Protect Customer Information | Telecom Companies

According to the Saudi National Cybersecurity Authority (NCA), the new Communications and Information Technology (CIT) Law (the “Law”), which was recently approved by the Council of Ministers, requires service providers and digital content platforms to enter into agreements to ensure cybersecurity and critical infrastructure protection.

The NCA warned against breaking the law, which might result in the service provider's license being suspended or a punishment that may reach up to SR25 million. The Law established the essential safeguards to protect user information and call confidentiality.

According to the new legislation, the service provider is required to take all reasonable steps and establish arrangements to maintain the confidentiality of the user's personal information and documents, and not to reveal them without the user's consent. If the user's information or documents have been compromised in any way, the service provider must immediately notify him and take the appropriate steps to protect them.

The Law specifies that the NCA is responsible for establishing the necessary rules for announcing, promoting, or amending price tariffs, for entering into agreements with a service provider, outside the Kingdom, to provide international roaming or any other service, or for establishing, selling, promoting, or using calling cards.

The Law also protects the privacy of phone calls and information made or received over public telecommunication networks, stating that they may not be viewed, listened to, or recorded unless the regulations allow it.

The Law also prohibits the possession, sale, lease, manufacture, production, or circulation of any device, hardware, tool, service, system, program, or the like related to telecommunications or information technology that does not comply with the authority's approved technical specifications and standards, as well as the authority's requirements and controls.

Anyone who acts in any behavior that undermines competition in the CIT sector, damages, infringes, cuts telecommunication networks, benefits illegally from them, disrupts communications, or restricts the interchange of information, is also penalized under the legislation.

Penalties will be imposed if these offenses are committed intentionally or negligently, or if any CIT devices are possessed without the necessary authorization.

_________________________________________

For further information, please get in touch by sending your query to admin@j-plegal.com or Layan.F@j-plegal.com

Disclaimer: This publication is for informational purposes only and does not provide any legal advice.

‍