This issue is filled with great insights and expert commentary on areas that are relevant to the legal landscape and highlight how the business community is embracing technology, media and telecommunications. There are various topics covered, from new ways of working and digital transformation in the finance sector to data protection regulatory updates and guidance. We also have a series of articles that focus on e-commerce across a number of jurisdictions.
You will also find insights from our lawyers around real estate analytics, tech trends, and data centres.
We hope this edition of Law Update provides some useful food for thought – enjoy the read!Take a read of the edition
The term ‘Internet Exchange Point’ or ‘IXP’ refers to physical infrastructure that allows networks to interconnect directly. Internet infrastructure and network providers, such as Internet Service Providers and Content Delivery Networks, can connect their networks and exchange traffic (i.e. data transmitted and received over the internet). IXPs allow for high speed data transfer, reduced latency, fault tolerance, improved bandwidth and routing efficiency. The costs associated with operating IXPs are usually shared between the participating infrastructure and network providers. IXPs often use a ‘peering’ arrangement, which permits exchange of internet traffic for free. Some large networks, with greater market share, may charge smaller networks for peering services.
In this article, we look at the status of IXPs in Saudi Arabia, and a recent proposal to regulate.
Currently, there is no legal framework specifically regulating IXPs in Saudi Arabia. In 2018, the Communication and Information Technology Commission (‘CITC’) issued a public consultation document on a draft IXP Framework, indicating its intention to regulate the operations of IXPs in Saudi Arabia.
The proposed IXP Framework covers topics such as IXP ownership, registration, participation, operations, international cable landing point access and the CITC’s powers. In its draft form, it is intended to apply to any and all IXP services provided within Saudi Arabia. Additionally, any entity engaged, in whole or in part, as an IXP service provider in Saudi Arabia is required to apply for registration with the CITC.
Notably, the draft IXP Framework provides for:
The draft IXP Framework contemplates empowering CITC to penalise IXP service providers for violations, and issue guidelines and standard contracts and clauses to help streamline the industry.
An IXP’s function is to exchange traffic rather than serving end users. As such, content is the responsibility of the IXP members and not the IXP itself. The draft IXP Framework states that IXP members are responsible for complying with local content and filtering requirements in Saudi Arabia, and that an IXP service provider will not incur any administrative or criminal liability based solely on the fact that unlawful content or infringing content has been uploaded, processed or stored on the IXP service provider’s network.
No obligation would be placed upon an IXP service provider to monitor its network, actively and constantly, for unlawful or infringing content. However, the draft IXP Framework contemplates IXP service providers promptly notifying CITC or any other appropriate authority if they become aware of any content or information on any IXP member’s network that may constitute a violation of any of the various content-related considerations set out in Saudi Arabia’s Anti-Cyber Crime Law (Royal Decree No. M/17; 8 Rabi 1 1428 / 26 March 2007).
Additionally, IXP service providers would be obligated to forward to the relevant authorities any complaints they receive from third parties about unlawful or infringing content on any IXP member’s network. IXP service providers would need to fully cooperate with the local authorities on such matters. If CITC designates an IXP as the Designated National IXP, CITC may impose additional requirements with regard to such matters.
Under the laws establishing the CITC, the CITC is empowered to impose penalties. Such penalties are without prejudice to such other penalties that may be imposed under any other applicable law in the Kingdom (such as the Anti-Cyber Crime Law).
One aspect of the draft IXP Framework that may be problematic is the requirement that all IXP related personnel be located within Saudi Arabia. We do not rule out the possibility that the final version of the IXP Framework may elaborate on this point.
A further aspect that may benefit from elaboration is the application of the IXP Framework to IXPs that are already in operation. At the very least we would expect that such IXPs will be given sufficient extra time in order to ensure compliance with the new requirements.
To reiterate, the IXP Framework is, at the time of writing, just a draft under consideration by local and international stakeholders. The timeline for completion of the consultation process and (if applicable) entry into force of the IXP Framework is not yet public.
Industry participants and potential investors would be well advised to watch this space. If the IXP Framework comes into effect, it would be appropriate to approach the CITC for clarification of any material concerns.
Al Tamimi & Company’s Technology, Media & Telecommunication team regularly advises on telecoms sector licensing issues. For further information please contact Nick O’Connell (email@example.com) or Zil Ur Rehman (firstname.lastname@example.org).