PDPL Article 42, says that the president of the Competent Authority (currently SDAIA) is required to issue the detailed Implementing Regulations of the PDPL within 720 days from the Law’s official publication. Before doing so, the president must coordinate with key government bodies such as the Ministry of Communications and IT, Ministry of Foreign Affairs, CST, DGA, NCA, Saudi Health Council, and the Saudi Central Bank—each within their respective domains. This ensures the Regulations are comprehensive, harmonized, and tailored to sector-specific needs.
Saudi PDPL Article 42
Regulation Issuance Deadline
The president of the Competent Authority shall issue the Regulations within a period not exceeding (seven hundred and twenty) days commencing on the date of publishing the Law provided that the president must coordinate before issuing the Law with: (Ministry of Communications and Information Technology, Ministry of Foreign Affairs, Communications, Space & Technology Commission, Digital Government Authority, National Cybersecurity Authority, Saudi Health Council, and Saudi Central Bank), each in its own jurisdiction.
Explanation of Saudi PDPL Article 42
SDAIA president must publish PDPL regulations within 720 days & key authorities must be consulted before regulations are finalized
Saudi PDPL Article 42 says, the president of the Competent Authority must issue the PDPL Regulations within 720 days from the Law’s publication date. SDAIA must also coordinate with specific ministries and agencies before publishing the Regulations, based on each one’s jurisdiction.
