How Saudi Arabia is protecting users’ privacy and data from harmful AI

As artificial intelligence seeps deeper into everyday life — from smart assistants and facial recognition to online shopping and AI-generated selfies — so too do the threats to personal data and privacy.

The dazzling capabilities of AI come at a cost many users do not fully grasp: exposure to data collection, surveillance, and potential misuse. And in a world where convenience often trumps caution, experts are urging users and organizations alike to slow down and scrutinize the digital tools they engage with.

“AI systems often depend on vast amounts of data, including sensitive personal information, which raises significant privacy issues,” Osama El-Masry, who leads data protection and privacy practice delivery for the Middle East region at the IT consulting firm Cognizant, told Arab News.

“Many users are unaware of how their data is collected, stored, and utilized, leading to fears of unauthorized access or misuse. For example, technologies like facial recognition can infringe on individual privacy without consent, posing risks of surveillance and tracking.”
This warning comes amid growing concerns about how AI software processes user data — especially in apps and platforms that seem harmless at first glance.

While regulation and ethical oversight are often viewed as a government or corporate responsibility, El-Masry stresses that users must also play an active role.

“This means reading privacy policies and being aware of what personal information is collected and how it may be used or shared,” he said.

“A critical aspect of this responsibility is limiting the sharing of personal data when using AI tools. Users should strive to provide only the minimum necessary information required to achieve their desired outcomes, avoiding unnecessary disclosure of sensitive data.”

In short, treat AI tools like you would any new technology: with a mix of curiosity and caution. The onus is on users to learn how their data is handled and to be wary of oversharing. On the flip side, organizations must prioritize privacy from the very beginning of product design.

“This involves implementing strong data protection measures, ensuring transparency and explainability in data usage, and adhering to AI and privacy regulations/principles,” El-Masry said. “Organizations should also clearly communicate their data practices to users, fostering an environment of trust.