Noncompliance with data privacy laws and data breaches may lead to sanctions, fines, and penalties. The amounts are usually calculated according to the risk to which personal rights were exposed and the preventive measures taken by the data controllers, processors and sub-processors in relation to their respective role in the chain of personal data processing.
Saudi Arabia does not currently have an overarching data privacy framework, so there are currently no sanctions set for violations. That said, general laws relating to disclosure of secrets, etc. are criminal laws, and violations of these laws may result in personal liabilities including fines or imprisonment.
