Saudi Arabia’s Data and Artificial Intelligence Authority has announced it has approved the final version of the Artificial Intelligence Principles. They made the announcement via social media.

The Authority has analysed global practices and standards to develop these Principles. They are designed to help entities adopt standards and ethics when building and developing Artificial Intelligence-based solutions to ensure their responsible use and protect the privacy of data subjects and their rights with respect to the collection and processing of their data.

It will apply to all Artificial Intelligence stakeholders designing, developing, deploying, implementing, using, or being affected by Artificial Intelligence systems in the Kingdom. This will include public entities, private entities, non-profit entities, researchers, public services, institutions, civil society organisations, individuals, employees and consumers.

The Principles cover Fairness, Privacy and Security, Humanity, Social and Environmental Benefits, Reliability and Safety and Transparency and Explainability and Accountability and Responsibility.

The final version has introduced a new Artificial Risks section. This outlines the categories of risks associated with the use of Artificial Intelligence. There are four categories. These are little or no risk where no restrictions will be placed on Artificial Intelligence provided those systems are ethically compliant. There is also a limited risk category where Artificial Intelligence systems will be subject to the Principles. In addition, there is a high-risk category. Artificial Intelligence systems must undergo pre- and post-conformity assessments, consider the relevant statutory requirements and comply with Artificial Intelligence ethics in this category. Finally, there is an unacceptable risk category. These Artificial Intelligence systems cause harm to people’s safety, livelihood and rights are not allowed.

The new Principles also state Principle 5 on Reliability and Safety, in deployment and monitoring will be adopted. This means continuous monitoring is required to assess the alignment of an Artificial Intelligence model’s operations with its design and frameworks while ensuring the system’s safety to prevent malicious exploitation of data and results that could harm entities or individuals. Ongoing implementation and development efforts are necessary to maintain the system’s reliability over time.

The Authority is responsible for reviewing and updating the Artificial Intelligence ethics principles and monitor compliance with them. It will also develop the necessary national guides, standards and directives to ensure the effective management of Artificial Intelligence and ensure the goals are met.

The latest version includes Optional Registration as well. The aim is to encourage relevant entities to adopt Artificial Intelligence ethics when developing these systems.

Motivational Badges have also been added. This means the Authority may grant entities implementing the principles motivational badges that reflect the level of compliance and progress on Artificial Intelligence ethics implementation.

Finally, as part of the Artificial Intelligence Ethics tools, particularly privacy and security standards, the ISO 23894 risk standard has been explicitly defined along with the standards issued by the Saudi Standards and Metrology Organisation. ISO 23894 provides guidance on how organisations that develop, produce, deploy or use products, systems, and services deploying Artificial Intelligence can handle Artificial Intelligence risks. In addition, the final version has introduced additional data protection methods like data loss prevention, data governance and data minimisation.

For more news and content, try Lexis Middle East. Click on lexis.ae/demo to begin your free trial of Lexis® Middle East platform.

You can also explore the legal landscape by subscribing to our Weekly Newsletter.

Want to learn more about Lexis® Middle East? Visit, https://www.lexis.ae/lexis-middle-east-law/.