Telecommunication and Information Technology Act

Issued under the Council of Ministers Resolution No. (592), dated 01/11/1443 AH

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail

in determining of this Law.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Telecommunication and Information Technology Act

1443 AH

In the Name of Allah, the Most Gracious, the Most Merciful

Royal Decree (M/106), Dated 02/11/1443 AH

By the Grace of Allah

We, Salman bin Abdulaziz Al Saud,

King of Saudi Arabia

Based on Article (Seventy) of Basic Law of Governance, enacted by virtue of Royal Decree (A/90), dated

28/08/1412 AH;

Article (Twenty) of Law of the Council of Ministers, enacted by virtue of Royal Decree (A/13), dated

03/03/1414 AH;

Article (Eighteen) of Law of the Shura Council, enacted by virtue of Royal Decree (A/91), dated 27/08/1412

AH; and after reviewing Shura Council Resolution No. (85/16), dated 16/05/1443 AH; and

Council of Ministers Resolution No. (592), dated 01/11/1443 AH,

We have decided the following:

First: Approving the Telecommunications and Information Technology Act, in the enclosed form.

Second: Provisions of the Act, referred to in Clause “First” herein, shall not invalidate licenses issued prior

to enforcement thereof. Further, any entity providing telecommunication or information technology

services, since Act enforcement date, must correct its situation in accordance with its provisions within

twelve months as from its enforcement date.

Third: Enforcement of the Act, referred to in Clause “First” herein, and its Bylaws shall not prejudice

competencies and duties of the National Cybersecurity Authority.

Fourth: Communications and Information Technology Commission shall follow up on service providers’

exercise of due diligence to ensure protection of cybersecurity and critical infrastructure, in accordance

with NCA controls and guidelines. In this context, NCA has the right to:

1. Require service providers to conclude mutual agreements to realize the aforementioned

objectives, in accordance with National Cybersecurity Authority controls and guidelines.

2. Follow up and verify adequacy of cybersecurity level of service providers, in accordance with

National Cybersecurity Authority controls and guidelines.

3. Charge service providers cost of such follow-up process if found negligent.

4. Impose penalties stipulated in Article (Twenty-seventh) of the Act, referred to in Clause “First”

herein, on service providers breaching this Clause.

National Cybersecurity Authority Board of Directors may decide to revoke this Clause after coordinating

with Communications and Information Technology Commission.

Fifth: His Highness the Deputy Prime Minister, ministers and heads of independent concerned agencies,

each within its competence, must enforce this Royal Decree.

Salman bin Abdulaziz Al Saud

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

In the Name of Allah, the Most Gracious, the Most Merciful

Council of Ministers Resolution No. (592), dated 01/11/1443 AH

The Council of Ministers,

Having reviewed the Case received from the Royal Court No. (32021), dated 22/05/1443 AH, which includes

the Telegram of H.H the Minister of Communications and Information Technology No. (01/40/5118), dated

18/09/1440 AH, regarding the Draft Telecommunication and Information Technology Act;

Having reviewed the Draft Act referred to above; and

Telecommunications Act, enacted by virtue of Royal Decree (M/12), dated 12/03/1422 AH;

Notes No. (1157), dated 11/07/1442 AH, No. (1955), dated 11/11/1442 AH, No. (2273). dated 18/12/1442 AH, No.

(359), dated 12/02/1443 AH, No. (2192), dated 24/09/1443 AH, prepared by the Bureau of Experts at the

Council of Ministers;

Having reviewed recommendation issued by the Council of Economic and Development Affairs No. (12-

46/43/d), dated 11/10/1443 AH;

Having considered the Shura Council Resolution No. (85/16), dated 16/05/1443 AH; and

Recommendation of the General Committee of the Council of Ministers No. (9465), dated 29/10/1443 AH,

Decided the Following:

First: Approving the Telecommunications and Information Technology Act, in the enclosed form.

Second: Provisions of the Act, referred to in Clause “First” herein, shall not invalidate licenses issued prior

to enforcement thereof. Further, any entity providing telecommunication or information technology

services, since the Act enforcement date, must correct its situation in accordance with its provisions

within twelve months from its enforcement date.

Third: Enforcement of the Act, referred to in Clause “First” herein, and its Bylaws shall not prejudice

competencies and duties of the National Cybersecurity Authority.

Fourth: Communications and Information Technology Commission shall follow up on service providers’

exercise of due diligence to ensure the protection of cybersecurity and critical infrastructure, in

accordance with NCA controls and guidelines. In this context, National Cybersecurity Authority has the

right to:

1. Require service providers to conclude mutual agreements to realize the aforementioned

objectives, in accordance with National Cybersecurity Authority controls and guidelines.

2. Follow up and verify adequacy of cybersecurity level of service providers, in accordance with NCA

controls and guidelines.

3. Charge service providers cost of such follow-up process if found negligent.

4. Impose penalties stipulated in Article (Twenty-seventh) of the Act, referred to in Clause “First”

herein, on service providers breaching this Clause.

The National Cybersecurity Authority Board of Directors may decide to revoke this Clause after

coordinating with Communications and Information Technology Commission.

A Draft Royal Decree has been produced to that effect, in the enclosed form.

Fifth: Fees, referred to in Articles (Fourth) and (Thirty-ninth) of the Act, referred to in Clause “First” herein,

shall be determined in agreement with Ministry of Finance and Non-Oil Revenue Development Center,

until issuance of (Regulations for the Practice of Public Bodies, Institutions and the Like Imposing Fees

against their Services and Works) and application thereof.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Sixth: Amount deducted from fees stipulated in Paragraph (2) of Article (Fourth) of the Act, referred to in

Clause “First” herein, shall be deposited in a current account of the Ministry of Finance in the Saudi

Central Bank for the benefit of Ministry of Communications and Information Technology.

Seventh: Amount deducted from fees in favor of Ministry of Communications and Information

Technology, as stipulated in Paragraph (2) of Article (Fourth) of the Act, referred to in Clause “First” herein,

shall be within its budgetary provisions.

Eighth: Ministry of Communications and Information Technology shall carry out disbursement from the

account stipulated in Clause “Sixth” herein or from other bank accounts established for such purpose.

Ninth: Ministry of Communications and Information Technology and Ministry of Finance shall establish a

mechanism to govern the disbursement of deducted amount, as stipulated in Paragraph (2) of Article

(Fourth) of the Act, referred to in Clause “First” herein.

Prime Minister

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Telecommunication and Information Technology Act

Chapter One: General Provisions

Article (One)

The following words and expressions, wherever mentioned herein, shall have the meanings ascribed thereto,

unless the context requires otherwise:

Act: Telecommunications and Information Technology Act.

Bylaws: Bylaws of the Act

Ministry: Ministry of Communications and Information Technology

Minister: Minister of Communications and Information Technology.

Commission: Communications and Information Technology Commission.

Board: Commission Board of Directors.

Committee: Committee for the Consideration of Violations of the Act

Telecommunications: Any transmission or reception, between persons or things, of signs, written messages,

images, sounds, or information of any kind via wired or wireless systems.

Telecommunications Network: A system used to transmit any kind of communication by using electric,

magnetic, electromagnetic or other energy.

Public Telecommunications Network: Local or international wired or wireless telecommunications system,

which provides general telecommunications and information technology services to users.

Private Telecommunications Network: Limited network not connected to a public telecommunications

network, which provides telecommunications and information technology services in specific areas, for

specific users.

Information Technology: Technologies, software, systems, networks, and related processes used to create,

collect, obtain, process, store or analyze data or information, including telecommunications and information

technology applications, and does not include data or information per se.

Devices: Any wired or wireless device, radiosensitive equipment, interfering devices and equipment, and

any other equipment, device, product, tool, machinery or otherwise that are connected to a

telecommunications network or may, when used, affect technical capacity to provide telecommunications

or information technology services.

Infrastructure: Physical system used to provide services related to the Telecommunications and

Information Technology Sector, including facilities, networks, and devices.

Critical Infrastructure: Networks, hardware and software that are essential to the minimum of

telecommunications and information technology services, their disruption, in whole or in part, compromises

the stability or security of the Telecommunications and Information Technology Sector.

License: A document issued by the Commission to a person of a natural or legal capacity for the use or

provision of telecommunications services, information technology or devices in accordance with the Act

and bylaws. The document shall include: the type of service or device, the period of time, and general

provisions.

Registration: Recording information of the entity registered at the Commission.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Authorization: A document issued by the Commission to a person, of a natural or legal capacity, outside the

Kingdom, who provides services related to telecommunications or information technology services,

including digital content platforms, inside the Kingdom by displaying them in a way that enables the user to

access them.

Service Provider: The licensed, registered or authorized provider of telecommunications, information

technology or related services, including digital content platforms, to the public.

Controlling Service Provider: Controlling service provider pursuant to the provisions of Paragraph (2) of

Article (Fifteenth) of the Act.

Facility-Based Service Provider “FBSP”: Licensed telecommunications or information technology provider

licensed to create, own or operate infrastructure.

User: A natural or legal person using telecommunications, information technology or related services,

including digital content platforms, through the Service Provider.

Frequency Spectrum: A set of frequency bandwidths contained in the international radio systems, which

can be used in telecommunications networks.

The National Frequency Plan (NFP): A document regulating frequency spectrums in terms of identifying its

type, bandwidth and distribution to stakeholders.

Interconnection: A link that allows users of a particular Service Provider's communications network to

communicate between each other’s or with users of another service provider.

Access: Access to infrastructure, facilities, networks, devices, systems, services or otherwise used in the

provision of telecommunications and information technology services.

Universal Service: Providing a minimum of internet and telecommunications services at appropriate prices

and quality for each user.

Right to Universal Use: Giving the opportunity to all users in the Kingdom to benefit from the minimal

telecommunications and information technology services of appropriate quality, within a specified

geographical area and at an appropriate price; At the Ministry discretion, in coordination with the

Commission.

Numbering: A sequence of serial numbers identifying an intended final point in the public

telecommunications network and involves the information necessary to guide telecommunications to this

final point.

National Numbering Plan: A plan prepared by the Commission to determine the range of numbers used in

various telecommunications or information technology services.

Digital Transformation: Strategic reorganization based on data, information technology and

telecommunications networks.

Emerging Technologies: Technical innovations that represent a progressive step in a given field, and achieve

a competitive advantage over prevailing technologies.

Digital Government: Supporting administrative, organizational and operational processes within, and

between, government sectors to achieve digital transformation, develop, improve and enable easy and

effective access to government information and services.

Technical Identifiers: Any technical means of uniquely identifying resources, services or content that can

be accessed through the Internet.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Article (Two)

The Act aims at achieving the following:

1. Developing the Telecommunications and Information Technology Sector to improve the efficiency

of its services and infrastructure.

2. Encouraging digital transformation, stimulating the use and utilization of telecommunications and

information technology in all areas.

3. Encouraging technical innovation, entrepreneurship, research and development in

Telecommunications and Information Technology Sector, and developing subsectors and

emerging technologies, as well as developing new telecommunications and information technology

services.

4. Transferring and localizing technology in the Telecommunications and Information Technology

Sector and keeping up with its updates.

5. Protecting the public interest, the user and its interests, as well as raising its level of trust; by

providing appropriate quality telecommunications and information technology services, in addition

to providing protection against harmful content, and maintaining the confidentiality of

communications.

6. Promoting access to high-end, affordable telecommunications and information technology

services in all regions of the Kingdom.

7. Developing the share of local content in the Telecommunications and Information Technology

sector and stimulating demand on relevant national enterprise products and services.

8. Enhancing the competitiveness of the Telecommunications and Information Technology Sector

and its companies, ensuring the continuity and effectiveness of its level of competition, and raising

the competitiveness of telecommunications companies, regionally and globally.

9. Providing an attractive environment for investment in the Telecommunications and Information

Technology Sector, attracting leading international companies in the sector's priority areas, and

raising the level of work of national companies.

10. Regulating the use of the frequency spectrum to ensure its optimal use.

11. Using the National Numbering Plan effectively.

12. Achieving clarilty and transparency in procedures.

13. Achieving the principles of equality and non-discrimination.

Article (Third)

Ministry shall be competent to supervise the Telecommunications and Information Technology Sector

within the limits of provisions of the relevant Act and Regulations, and in a manner that is not inconsistent

with the functions and competencies of other entities in accordance with their laws and regulations

supervised by them. To this end, the Ministry may have the following tasks and competencies:

1. Developing strategies, policies, plans, programs, and infrastructure of the Telecommunications and

Information Technology Sector and supervising the implementation thereof as well as raising the

level of action required.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

2. Proposing draft acts and bylaws for the Telecommunications and Information Technology Sector, in

coordination with the Commission, and supervising their implementation after approval.

3. Representing the Kingdom before regional and international entities in relation to the

Telecommunications and Information Technology Sector. It may grant the Commission or any other

relevant entity the authority to represent the Kingdom.

4. Encouraging investment in the Telecommunications and Information Technology Sector and

contributing to the localization of jobs and the qualification of human resources.

5. Encouraging and supporting research, studies and development in the Telecommunications and

Information Technology Sector.

6. Issuing and updating policies on emerging technologies and the Internet s well as disseminating them

to relevant entities.

7. Conducting a comprehensive periodic review of the Telecommunications and Information

Technology Sector’s performance under the approved policies and it may disseminate its results to

the public.

8. Developing digital economy policies, standards and procedures, leading to the contribution of the

Telecommunications and Information Technology Sector to stimulating the economy, and taking the

steps necessary to facilitate the use of telecommunications and information technology in the digital

economy.

9. Strengthening standards and procedures related to digital transformation and digital government,

and supporting mechanisms to work on this among stakeholders.

10. Making the necessary arrangements, in coordination with the Commission, to ensure the continued

provision of basic telecommunications and information technology services in case the service

provider is unable to do so, in accordance with the rules and procedures established by the bylaw.

11. Ensuring universal service availability and the right to universal use.

By virtue of a decision of the Council of Ministers, the provisions of this article may be amended.

Chapter Two: Licenses

Article (Fourth)

1. A Fees, supplied to the general treasury of the state, shall be collected to issue and renew licenses, to

commercially provide telecommunications or information technology services, and to use frequencies.

2. An amount shall be deducted to the Ministry – to be determined by the Ministry in agreement with

the Ministry of Finance and the Non-Oil Revenues Development Center - from the Fees paid for the

commercial provision of telecommunications or information technology services; to be spent in the

development of the telecommunications and information technology sector as well as the

infrastructure.

3. Subject to Article (Two) of the Act, the Ministry shall determine, on the basis of the Commission

proposal, the Fees for the commercial provision of telecommunications or information technology

services, the issuance and renewal of licenses, and the use of frequencies.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Article (Fifth)

1. A license shall be obtained from the Commission before doing any of the following:

a. Providing telecommunications services to the public or using a communications network for

that purpose.

b. Providing infrastructure service for public telecommunications networks.

c. Using any numbering resource or frequency spectrum.

d. Providing Saudi domain name registration services or establishing centers for registration

thereof.

2. The Board, without prejudice to the competencies of other relevant entities, may require a license

or registration to be obtained from the Commission, in the following cases:

a. Providing certain services related to telecommunications or information technology, including

digital content platforms, and the Board shall determine the nature and provisions of such

services.

b. Acquiring or using telecommunications or information technology-related devices.

c. Establishing a private telecommunications network.

The Board shall set the necessary controls for obtaining a license, registration or permit.

3. The Commission shall identify cases in which its consent is required before connecting a private

telecommunications network to a public telecommunications network.

Article (Sixth)

1. The Commission may reject the request renewal of the license, registration or authorization, or to

cancel the license, registration or authorization, or to suspend or modify any of them; in any of the

following cases:

a. Failure of the licensee, registrant or authorized entity to respond to committed violations, within

a reasonable period to be determined by the Commission.

b. Expiration or dissolution of the licensee, registrant or authorized entity.

c. Any other case specified in the Bylaw.

2. By a reasoned decision, the Board may cancel, suspend or modify any license, registration or

authorizations in the event of changes in technology, market conditions or in the National Frequency

Plan, in accordance with the procedures established in the Bylaw.

3. A licensee, registrant or authorized entity may apply to the Commission for cancellation,

modification or suspension the license or authorization issued thereto.

4. The Commission shall, in the event that the license is not renewed, suspended or revoked; take

necessary actions to ensure continuity of service in accordance with the rules and procedures set out

in the Bylaw

5. The Bylaw shall identify the provisions resulting from cancelling, suspending or modifying the

license, registration or authorization, as well as the provisions necessary to ensure continuity of the

service.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Article (Seventh)

1. Without prejudice to other Acts, the Service Provider shall obtain the following:

a. Approval of the Commission before taking any of the following actions:

(1) Substantial change in ownership of the licensee or registrant

(2) Waiver of license, registration or authorization to others.

b. The Commission non-objection to make a substantial change in the senior management of the

licensee or registrant.

2. The Bylaw shall set out the controls and procedures for obtaining consent and non-objection

referred to in Paragraph (1) of this Article. The Commission shall in any event issue its decision within a

period not exceeding (ninety) days from the date of completion of the application. If the period referred

to in this paragraph has elapsed without a decision issued by the Commission, this shall be deemed as

an approval.

Article (Eighth)

1. The Board shall classify the license, registration and authorization into categories and set the terms

and conditions for each category.

2. The Service Provider shall abide by the terms and conditions of the granted license, registration or

authorization included therein.

Article (Ninth)

The Commission shall establish a private registry in which the data and information of the licensee,

registrant or authorized entity, and the category of its granted license or registration or authorization

in which it is included. Such data and information shall be identified in the Bylaw.

Chapter Three: Frequency Spectrum

Article (Tenth)

1. The frequency spectrum is a natural wealth owned by the State.

2. The Commission shall prepare the National Frequency Plan in coordination with the relevant

authorities, taking into account the requirements of other regulations and international

agreements to which the Kingdom is a party, in preparation for its approval by the Ministry.

3. The Ministry shall approve the National Frequency Plan in coordination with the military and

security agencies.

Article (Eleventh)

The Commission shall be responsible for the following:

1. Management of Frequency Spectrum for civil and commercial uses, as defined by the National

Frequency Plan.

2. Identification of levels of exposure to the electromagnetic fields of the non-ionizing frequency

spectrum, establishment of controls and standards for conformity and adherence to them and to

the procedures for measurement thereof, and taking whatever is necessary in this regard

according to the Bylaw.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Article (Twelfth)

No user or service provider may use any frequency unless allocated thereto by the Commission, and after

obtaining the necessary license and paying the Fees.

Article (Thirteenth)

If the frequency spectrum allocated for civil and commercial purposes is used in violation of the Act or

bylaw or the terms and conditions of the license, the Commission may disconnect or withdraw the devices

used in the violation from service and may use the competent security authorities when needed.

Article (Fourteenth)

The Commission shall establish a National Frequency Registry in the Kingdom, in which the data of

frequency spectrum are recorded, managed, updated, and kept confidential

Chapter Four: Interconnection or Access Submitted

Article (Fifteenth)

1. All Service Providers shall be obliged to satisfy reasonable requests for interconnection or access

submitted by other service providers, in accordance with the provisions specified in the Bylaw.

2. The Controlling Service Provider in the relevant markets shall be obliged to meet requests for

interconnection or access by other providers at fair terms and prices based on the cost approved

by the Commission. The provider shall be deemed controlling if its service covers at least (40%) of

the relevant telecommunications or information technology market or part thereof. The

Commission may adjust this proportion according to market conditions and may establish the

necessary controls to identify the Controlling Service Provider.

3. Each Service Provider shall be entitled to negotiate with any service provider to agree on

interconnection or access. If no agreement is reached between them, the Service Provider shall

apply to the Commission for a decision thereon. Commission’s decision in this regard shall be

binding on all parties.

4. The Commission shall establish the necessary rules for linking interconnection or access, including

service providers' obligations.

Article (Sixteen)

Service Providers shall be prohibited from entering into any interconnection or access agreements if it

endangers any person or its property, or damages other telecommunications networks, services or other

information technology.

Chapter Five: Use of Real Estate

Article (Seventeen)

All Facility-based Service Providers shall have equal access to public and private real estate for the

purpose of providing telecommunications or information technology services, provided that access to

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

such real estate shall be with the knowledge and consent of their owners, or persons of equivalent status

thereof, and to the extent that such provision of services need.

Article (Eighteenth)

1. FBSP shall agree with the property owner, or the equivalent, when FBSP requires installing any

devices or establishing or maintaining telecommunications networks inside the public or private

properties in order to provide the telecommunications or information technology services to the

public. In the event of failure to reach an agreement, FBSP shall submit an application to the

Commission to consider expropriation of such property in accordance with the relevant legal

provisions.

2. When FBSP requires installing any devices or establishing or maintaining telecommunications

networks inside the public or private properties in order to provide the telecommunications or

information technology services for a person residing in that property, the property owner or the

equivalent may not impose fees on or prevent FBSP from access to that property unless the

owner or the equivalent has reasonable and legal reasons for prevention, and both of the owner

and FBSP shall have the right to recourse to the Commission to decide on the dispute.

3. FBSP shall reinstate the property's situation to its previous condition upon completion of the

works set out in Paragraphs (1) and (2) of this Article.

4. The Bylaws shall determine the provisions related to the enforcement of what is stated in this

Article.

Article (Nineteen)

Without prejudice to the laws related to maintenance of the locations that have special importance, the

Bylaws shall determine the provision related to establishing, operating and maintaining public

telecommunications networks and provisions related to FBSP's participation in connection locations.

Chapter Six: Competition

Article (Twentieth)

1. Without prejudice to the provisions of other laws, the Service Provider shall obtain the Board's

approval before making any merger with other service provider inside or outside the Kingdom and

inform Commission within (five) business days of any initial agreement made in this regard.

2. The Service Provider or any natural or legal person shall obtain the Board's approval before

purchasing 5% or more of shares or stocks of a service provider licensed to operate in the

Kingdom, which may result in reaching the level of the Service Provider that controls a related

telecom market or part thereof.

3. The Commission shall, within the period stipulated by the Bylaws, decide on any received requests

in accordance with Paragraphs (1) and (2) of this Article.

Article (Twenty one)

Any Service Provider that controls a related telecom market or part thereof may not preform an activity

or procedure that constitutes an abuse of its situation. In addition, the Bylaws shall determine the

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Controlling Service Provider's obligations and the rules on the basis of which the activity is considered an

abuse of control situation.

Article (Twenty-Two)

The Service Providers shall be prohibited to agree to perform practices that may make the Service

Provider dominating a related telecom market or part thereof, limit or prevent competition or reduce its

effectiveness. In addition, the provisions set out in this regard in any agreement or decisions shall be

invalid. The Bylaws shall determine the decisions and practices that may limit or prevent competition or

reduce its effectiveness and the procedures that shall be taken in this regard.

Chapter Seven: Maintaining User's Information and Confidential Documents

Article (Twenty - Three)

1. The Service Provider shall take all measures and arrangements necessary for ensuring the

maintenance of confidentiality of the User's information and personal data and to prevent

accessing, reviewing and disposing such information and data illegally, including preparing and

submitting policies related to maintenance of confidentiality of such information and documents

to the Commission for approval in accordance with the relevant legal provisions.

2. The User's information or documents may only be disclosed under the User's consent according

to the relevant legal provisions.

3. Subject to the relevant legal provisions, the Service Provider shall, when the User's information or

documents are infringed in any way, take all procedures necessary for maintaining User's

information and documents and immediately inform the Commission and User of the incident's

details.

4. Without prejudice to the relevant legal provisions, the Service Provider shall keep the User's

information and documents for the period that Commission determines. In addition, such period

shall be calculated as of the date of the last service provision. In the event of a dispute that may

arise in connection with the service between the User and Service Provider, such information and

documents shall be kept until the dispute is solved.

Article (Twenty - Four)

1. The Commission shall, after making coordination with the competent authorities, make internet

filtering and limit access to a specific content on the internet, prevent or restrict access to

internet services on the gateways.

2. It is prohibited to bypass or swindle internet filtering or to provide the means to do so. In addition,

the Commission shall set the regulating controls and requirements.

Chapter Eight: Surveillance and Inspection

Article (Twenty - Five)

1. Commission's inspectors for whom the Board issues a resolution on naming them shall jointly or

severally perform investigation, examination and collection of inferences, control violations of the

provisions of the Act, Bylaws and regulatory decisions. In addition, the inspectors shall, during the

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

working hours, inspect the sites of the licensed or persons suspected to violate the provisions of

the Act or Bylaws, without prejudice to the relevant legal provisions, review and take a copy of the

documents, systems and databases and ask, when needed, for the help of competent security

agencies to enable them to implement their tasks.

2. The Commission shall investigate and take legal actions against the offenders and may cease the

service subject of the violation precautionarily. The Bylaws shall determine the necessary

provisions for the same.

3. The Commission shall keep the seized items until the Committee makes a decision on the

violation. If a final decision-proving occurrence of the violation is rendered, the Commission shall

be entitled to release the seized items as defined in the Bylaws without prejudice to the offender's

right to claim with compensation for damage.

4. The officers and employees in the places desired to be inspected shall enable the inspectors to

perform their work and shall not impede them and provide all facilities, information and

documents that they require.

5. The inspectors shall present their job cards when undertaking their duties.

Chapter Nine: Violations and Sanctions

Article (Twenty - Six)

Each of the following shall be considered a violation:

1. Acquisition, sale, lease, making available, manufacturing, producing or trading, in any form, any

device, equipment, tool, service, system, program or the like in relation to telecommunications or

information technology that are not compatible with the approved technical specifications and

standards or that are not compatible with the controls that the Commission sets.

2. Practicing any of the activities that their practice requires obtaining a license, registration or

permit before obtaining the license, registration or permit.

3. Providing misleading information for the public or competent authorities in relation to

telecommunications or information technology services.

4. Impeding inspector's work.

5. Misuse of telecommunications or information technology services.

6. Performing any practice that breaches competition in the telecommunications and information

technology sector.

7. Causing damage to, infringing, interrupting or making illegal use of telecommunications networks,

or preventing information exchange in general whether deliberately or through negligence or

omission.

8. Failure to provide the Commission with the required reports, information or documents that

enable the Commission to perform its work.

9. Owning any telecommunications or information technology device without obtaining the

necessary license.

10. Any other work that violates provisions of the Act, Bylaws or Commission 's regulatory decisions.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Article (Twenty - Seven)

1. Without prejudice to what is stated in the Act or any severe penalty provided for in any other law,

the person who commits any of the violations provided for in Article (Twenty - Six) hereof or

proceeds with or helped in committing such violations shall be punished with one or more of the

following penalties:

a. A fine not exceeding (twenty-five) million Riyals.

b. Ceasing service subject of the violation in full or in part.

c. Prohibiting the offender for a specific period from obtaining or renewing a license for

providing telecommunications or information technology services.

d. Blocking digital content platform in full or in part.

2. The decision made in relation to the penalty shall be considered effective as of the date of

communication to the offender.

3. Without prejudice to the affected party's right to claim with compensation, the offender shall, in

all cases, provide the Commission with the proceeds realized as a result of the violation after

returning the remaining fees to the User.

4. The offender shall cease, rectify or eliminate the violation, as the case may be, within the term that

the Committee determines. In addition, the Commission shall be entitled to request the

Committee to punish the offender with one or more of the penalties provided for in Paragraph (1)

of this Article if the offender does not cease, rectify or eliminate the violation within the term

determined by the Committee.

5. When imposing a penalty, such penalty shall be in proportion to the violation's volume, nature,

effect and reiteration by the offender.

6. The Committee shall be entitled to provide for in its decision regarding the penalty publishing the

operative part thereof electronically or in a local newspaper or any other method, provided that

the operative part is published after the decision becomes conclusive and at the offender's

expense.

Article (Twenty - Eight)

1. The Board shall form one Committee or more to consider violations of the provisions of the Act,

Bylaws and regulatory decisions and impose the penalties provided for in Article (Twenty - Seven)

hereof.

2. The Committee shall be formed of three members, one of them is the Committee's Chairman and

an alternate member to be named by the Board's resolution based on the Commission Governor's

nomination. In addition, the Committee's membership shall be for (four) renewable years.

Moreover, the resolution shall determine the Committee members' remunerations.

3. The Committee members shall be legally and technically qualified in the areas of

telecommunications and information technology, provided that the Committee Chairman is

legally qualified.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

4. The Committee shall consider the violations according to the rules and procedures that the Board

determines, and its decision shall be subject to grievance before the administrative court within

(thirty) days as of the date in which the offender is served.

Article (Twenty - Nine)

The persons against whom decisions are passed by the Commission shall be entitled to file a grievance to

the Minister according to the legal procedures adopted for objection to the administrative decision.

Chapter Ten: Closing Provisions

Article (Thirty)

Commission shall, according to its competencies, provide support and technical assistance to enforce the

final decisions rendered by the competent court against the Service Providers of digital platforms.

Article (Thirty - One)

The requirements of universal service and right to universal use shall apply in accordance with the rules

and principles that the Bylaws determines.

Article (Thirty - Two)

The phone calls and information sent or received via the public telecommunications networks shall be

considered confidential and shall not be reviewed, listened to, or recorded except in the cases set out in

the regulations.

Article (Thirty - Three)

The Bylaws shall set out the provisions and procedures that Commission shall take to protect the User

and handle the filed complaints.

Article (Thirty - Four)

Without prejudice to Paragraph (3) of Article (fifteenth) hereof, when a dispute arises between the Service

Providers, any of such Service Providers shall be entitled to submit an application to the Commission to

settle the dispute amicably. In the event of non-acceptance of settlement or lapse of (thirty) days without

reaching a settlement, such Service Provider shall be entitled to resort to the competent court. Moreover,

the Bylaws shall determine the procedures for amicable settlement.

Article (Thirty - Five)

Commission shall be competent to set the controls and rules necessary for the following:

a. Announcing, promoting or modifying tariff rates.

b. Entering into agreements with the Service Provider outside the Kingdom to provide

international roaming service or any other service.

c. Authenticating, selling, promoting or using SIM cards.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Article (Thirty - Six)

Commission shall set the technical specifications and standards for telecommunications and information

technology devices after making coordination with the Saudi Standards, Metrology and Quality

Organization and take the procedures necessary for ensuring that the devices are compatible with the

technical specifications that the Commission sets.

Article (Thirty - Seven)

The Service Provider, contracting distributors or sub-service providers and related persons for whom the

Act permits providing telecommunications and information technology services shall provide data,

information and documents that Ministry or Commission requires according to their respective

competencies in implementation of the provisions of the Act and Bylaws.

Article (Thirty - Eight)

In emergency cases, the Minister shall be entitled to oblige the Service Provider to undertake any of the

following:

a. Providing specific telecommunications and information technology services free of charge to

the extent required for the public interest.

b. Making interconnection or access between the Service Providers to serve the public interest.

c. Restricting use or making available of frequency spectrum for any other entity.

d. Sharing resources and network's elements and activating national roaming.

And the Bylaws shall determine the related procedures of this Article.

Article (Thirty - Nine)

1. Commission shall regulate, register and operate names of the Saudi domains and technical

identifiers, determine fees for registration services, make decisions on the dispute related thereto

and make coordination with the related international organizations in this regard.

2. Commission shall develop the National Numbering Plan, be responsible for its structuring,

management and amendment and determine the terms of allocation and use of numbering

resources and the fees thereof.

3. The Board shall be entitled to enter into agreements with the government or private entities to

authorize them to assume Commission's tasks set out in this Article.

4. The Service Providers shall provide the possibility of transferring the number to their network,

while complying with transferring User's number according to User's requirements. In addition, the

Bylaws shall determine the procedures and conditions necessary to thus do.

Article (Forty)

The Bylaws shall be issued by the Minister's resolution based on the proposal of the Commission Board

within (180) days as of the date of publishing the Act in the Official Gazette, and shall come into force as of

the date the Act comes into force.

Disclaimer: In the event of any discrepancy between the Arabic and the English versions, the Arabic version shall prevail in determining of this Law.

Article (Forty - One)

1. This Act shall supersede Telecommunications Act issued by Royal Decree No. (M/12) dated

12/03/1422 AH and shall repeal the provisions that conflict therewith.

2. The Act shall come into force after (180) days as of the date of being published in the Official

Gazette.