SubSite Banner

About Portal

 Right to Information Policy

Main Principles & General Rules for Freedom of Information:
This policy applies to all requests from individuals to view or obtain public information, that is not protected, regardless of its source, form, or nature, including paper records, emails, computer-stored information, audio or video tapes, maps, photographs, manuscripts, handwritten documents, or any other recorded information.

The provisions of this policy do not apply to protected information, including:
  1. Information whose disclosure would harm the national security, policy, interests, or rights of the state.
  2. Military and security information.
  3. Information and documents obtained under an agreement with another country and classified as protected.
  4. Investigations, seizures, inspections, and monitoring operations related to a crime, violation, or threat.
  5. Information that includes recommendations, suggestions, or consultations for the purpose of issuing legislation or a government decision that has not yet been issued.
  6. Information of a commercial, industrial, financial, or economic nature, the disclosure of which would lead to illegal profit or loss avoidance.
  7. Scientific or technical research or rights containing an intellectual property right, the disclosure of which would prejudice a moral right.
  8. Information related to competitions, bids, and auctions, the disclosure of which would prejudice the fairness of the competition.
  9. Information that is confidential or personal under another system or requires certain legal procedures to access or obtain it.
Main Principles of Freedom of Information
First Principle: Transparency
Individuals have the right to access information regarding the activities of public agencies. This promotes integrity, transparency, and accountability within the system.

Second Principle: Necessity & Proportionality
Any limitations on requests to view or obtain protected information held by public agencies must be clearly and explicitly justified.

Third Principle: Principle of Public Information Disclosure
Every individual has the right to access public information that is not protected. This right is not contingent on the person's specific ability or interest in the information, nor does it subject them to any legal accountability.

Fourth Principle: Equality
All requests to access or obtain public information should be treated with equality and without discrimination among individuals.

Obligations of Public Bodies

  1. Public agencies are responsible for developing and implementing policies and procedures related to the right to access or obtain public information. The primary official of the agency should approve and endorse these policies and procedures.
  2. Public agencies should establish an administrative unit linked to the data management offices in government agencies, pursuant to Royal Order No. 59766 dated 11/20/1439 AH. This unit will be responsible for developing, documenting, and monitoring the implementation of approved policies and procedures related to the right of access to information. The unit's tasks also include establishing appropriate standards for data classification levels and using them as a reference when processing requests to view or obtain public information, according to data classification policy.
  3. Public agencies must provide means, such as general information request forms - either paper or electronic - through which individuals can request access to or obtain public information.
  4. Public agencies must verify the identity of individuals before granting them the right to view or obtain public information, following the controls approved by the National Cybersecurity Authority and relevant authorities.
  5. The agency should establish standards to determine the fees associated with processing requests to view or obtain public information. These fees should be based on factors such as the nature and size of the data, the effort involved, and the time required, following the data monetization policy document.
  6. Public agencies should document all records of requests to access or obtain information, as well as the decisions made regarding these requests. These records should be reviewed to address cases of misuse or non-response.
  7. The public agency shall prepare and document policies and procedures for maintaining and disposing of application records in accordance with the regulations and legislation related to the entity's work and activities.
  8. The public agency should prepare and document the necessary procedures for managing, processing, and documenting extension requests and rejected requests. These procedures should specify the tasks and responsibilities of the relevant work team and outline the cases in which the regulatory body and the office should be notified, following the administrative hierarchy and the specified time for processing the applications.
  9. The public authority should notify the individual, in an appropriate manner, if the application is rejected either in whole or in part. The notification should include an explanation of the reasons for the rejection, the right to appeal, and the process for exercising this right, and it should be sent within a period not exceeding 15 days from the decision being made.
  10. The public agency should develop awareness programs to promote a culture of transparency and increase awareness levels, in alignment with the policies and procedures of freedom of information approved by the senior management of the agency.
  11. The public agency is responsible for periodically monitoring compliance with the policies and procedures of freedom of information. The monitoring reports should be presented to the chief official of the agency or his authorized representative. The corrective measures to be taken in case of non-compliance should be determined, documented, and reported to the regulatory agency and the office, following the administrative chain of command.
Main Steps to View or Obtain Information
Requirements for Requests to Access or Obtain Public Information:
  1. The request must be submitted in writing or electronically.
  2. The "General Information Request Form" approved by the public agency should be filled out.
  3. The request must be made for the purpose of accessing or obtaining public information.
  4. The application form should include details on how to send the final decision and notifications to the individual (national address, email, agency website, etc.).
  5. The application form should be sent directly to the public agency.

Main Steps for Viewing or Obtaining General Information:
First: Requests are submitted by filling out an electronic or paper "General Information Request Form" and submitting it to the public agency having the information.
Second: The public agency, upon receiving the request to view or obtain public information, should make one of the following decisions within a specific period of 30 days:
  1. Approval: If the public agency approves the request to access or obtain information, either in whole or in part, the individual should be notified in writing or electronically about the applicable fees. The public agency should make the information available to the individual within a period not exceeding 10 working days from the receipt of payment.
  2. Rejection: If the request to access or obtain information is rejected, the rejection should be communicated in writing or electronically. The rejection communication should include the following information:
  • Whether the application was rejected completely or partially.
  • Reasons for the rejection, if possible.
  • The right to appeal the rejection and the process for exercising this right.​
3. Extension: If it is not possible to process the request for access to information within the given timeframe, the public agency must extend the response period by a reasonable amount, depending on the volume and nature of the requested information. For example, an additional 30 days may be granted. The agency should provide the individual with the following information:
  • Notice of the extension and the expected completion date of the application.
  • Reasons for the delay.
  • The right to appeal this extension and the process for exercising this right.

4. Notification: If the required information is available on the agency's website or falls outside its jurisdiction, the individual should be notified in writing or electronically. The notification should include the following information:

  • Type of notification, such as whether the requested data is available on the agency's website or not within its jurisdiction.
  • The right to appeal this notice and the process for exercising this right.
Third: If the individual wishes to appeal the rejection of the application by a public agency, they can submit a written or electronic grievance to the agency's office within a period not exceeding 10 working days from receiving the public agency's decision. The grievance committee in the agency's office will review the application and make a decision. The individual will be notified of the committee's decision and fees (if the request is approved and the appeal is successful, any fees paid for the review will be refunded).

General Provisions:
First: Public agencies should align this policy with their organizational documents, policies, and procedures. It should be circulated to all affiliated or associated agencies to ensure integration and the achievement of the policy's goals.
Second: Public bodies must balance the right to access and obtain information with other necessary requirements, such as national security and the protection of personal data privacy.
Third: Public agencies must comply with this policy and periodically document their compliance according to the mechanisms and procedures determined by these agencies, after coordination.
Fourth: The regulatory authorities, in coordination with the office, should develop mechanisms, procedures, and controls for handling complaints within a specified timeframe and according to the organizational hierarchy.
Fifth: Public agencies must notify the office in case of rejecting a request to view or obtain public information or if the specified period for providing the information is extended (within the scope).
Sixth: When a public agency enters into contracts with other agencies, such as companies providing public services, it must periodically verify compliance with this policy by those agencies. The agency should establish mechanisms and procedures to ensure compliance, including subsequent contracts undertaken by other agencies.
Seventh: Public agencies have the authority to establish additional regulations for processing requests pertaining to specific types of public information based on their nature and sensitivity, in coordination with the office.
Eighth: Public agencies are required to create forms, whether in paper or electronic format, for accessing or obtaining public information. These forms should specify the necessary information and available methods for providing the requested information.

Freedom of Information & Open Data:
Open data programs and policies implemented worldwide are often designed to support national economic growth and foster innovation. Making a specific set of public information available and accessible to researchers, entrepreneurs, innovators, and startups creates an environment conducive to business expansion and demonstrates a commitment to transparent governance.

Open data programs and policies proactively ensure the right to access public information by releasing or publishing a designated set of information, such as open data, before formal requests are made. By doing so, governments can reduce the volume of information requests and minimize associated processing costs.

Relevant Legislation:

In line with the national data governance policies announced by the Saudi Authority for Data and Artificial Intelligence (SDAIA).

Last Update : 12/14/2023 6:10 PM