In recent years, electronic commerce (e-commerce) platforms catering to Saudi users have experienced significant growth. Analyzing the privacy policies of these platforms is crucial to ensure data protection and transparency for Saudi users, especially in light of Saudi Arabia’s Vision 2030. However, existing studies on these platforms are limited in scope and fail to address key dimensions comprehensively. This study investigates the current state of privacy policies across 500 e-commerce websites serving Saudi users. The analysis focuses on policy availability, language, readability, and compliance with Saudi Arabia’s Personal Data Protection Law (PDPL). The findings reveal that 19.40% of websites lack privacy policies, and 2.01% fail to provide an Arabic version. On average, the privacy policies are lengthy, with approximately 981 words and 115 sentences, and are written in complex language that is difficult for users to understand. This study also identifies gaps in compliance with the PDPL, particularly in clarifying how data is collected and processed, and in explaining user rights. This study highlights the need for clearer, more accessible, and legally compliant privacy policies to enhance user trust and data protection.
Alotaibi et al. (Fri,) studied this question.