The first four episodes of this series followed the concrete and the copper: the sites, the gigawatts and the graphics processors that the Gulf states have poured into the ground. Compute, though, is only half of a sovereign AI programme. The other half is the question of what may flow through those machines, who is permitted to touch it, and which government can compel its disclosure. That is the territory of data sovereignty, and it is where the region's ambitions meet their most awkward constraint. A nation can own every server in the rack and still not control the law that governs the bytes upon them.
Across the Gulf Cooperation Council, the past five years have produced a dense thicket of data protection statutes, cloud licensing regimes and residency rules. They were not written for the age of frontier models, yet they now define the perimeter inside which sovereign AI must operate. Understanding that perimeter matters more than ever, because the same governments writing the rules are also striking deals with Microsoft, Oracle, Google and OpenAI that quietly test how far sovereignty can be outsourced before it stops being sovereign.
The legal scaffolding
Qatar moved first. Its Law No. 13 of 2016 Concerning Personal Data Privacy Protection was the first comprehensive data protection statute in the Gulf, enforced through what is now the Compliance and Data Protection function under the National Cyber Security Agency. Bahrain followed with its Personal Data Protection Law No. 30 of 2018, and Oman with Royal Decree 6/2022, which took effect in February 2023.
The two heavyweights, though, are Saudi Arabia and the United Arab Emirates, and their frameworks reveal two different philosophies. The UAE enacted Federal Decree-Law No. 45 of 2021, the Personal Data Protection Law, overseen by the UAE Data Office. Crucially, it sits above, not over, the older free-zone regimes: the Dubai International Financial Centre runs its own Data Protection Law No. 5 of 2020, and Abu Dhabi Global Market its Data Protection Regulations 2021, both modelled closely on the European General Data Protection Regulation. The result is a layered map in which a single company may answer to three different data authorities depending on where its servers and its customers sit.
Saudi Arabia took a more centralised route. Its Personal Data Protection Law came into force on 14 September 2023, and the transition grace period expired exactly one year later, on 14 September 2024, since which point every organisation handling the personal data of people inside the Kingdom must comply or face penalties. Enforcement sits with the Saudi Data and Artificial Intelligence Authority, the same body that runs the national data strategy and, through its subsidiaries, much of the state's AI agenda. That concentration is deliberate. In Riyadh, data protection, data governance and AI policy are not separate departments to be coordinated; they are one institution.
Residency, classification and the transfer problem
For sovereign AI, the operative clauses are not the ones about consent notices. They are the ones about where data may be stored and when it may leave the country. Here Saudi Arabia has been the most explicit. On 1 September 2024, SDAIA issued an updated Regulation on Personal Data Transfer Outside the Kingdom, fleshing out Article 29 of the law. It sets out the conditions under which personal data may cross the border: an adequacy assessment of the destination country, or, failing that, approved safeguards such as standard contractual clauses or binding common rules, together with a documented risk assessment for continuous or large-scale transfers of sensitive data. The architecture is recognisably European, but the intent is local: keep Saudi data, by default, in Saudi Arabia.
Layered on top is a classification regime. The National Data Management Office sorts data into tiers, from public up through confidential, secret and top secret, and the Communications, Space and Technology Commission runs a Cloud Computing Regulatory Framework that grades cloud platforms by the sensitivity of workload they are cleared to host. A provider holding a higher classification can run government and regulated workloads; one without it cannot. This is the quiet machinery that decides which hyperscaler gets to touch a ministry's records, and it is why the cloud giants have spent so heavily to plant compliant regions inside the Kingdom rather than serve it from Ireland or Virginia.
The UAE applies a similar logic through sector-specific rules that often bite harder than the general law. Health data, for instance, is required to be stored and processed inside the country under federal health data legislation, and financial regulators impose their own residency expectations. For an AI developer hoping to train a diagnostic model on Emirati patient records, the constraint is absolute long before any general privacy principle is reached: the data simply may not leave.
The sovereign cloud bargain
This is where the rules collide with reality. A genuinely sovereign AI stack would mean national data, national compute and national control of the software in between. No Gulf state possesses the third element at frontier scale, and so each has struck a version of the same bargain: import the hyperscaler, but wrap it in sovereignty.
Abu Dhabi's arrangement with Microsoft and G42 is the clearest example. Following Microsoft's investment in G42, announced in April 2024, the partners have built a sovereign cloud for the emirate's government, run by G42's Core42 on Microsoft Azure. The platform is engineered to keep government data inside the country and under local legal control, processing what the partners describe as more than eleven million digital interactions a day between Abu Dhabi's entities, citizens and businesses. Core42 markets a layered offer: a sovereign public cloud built on Azure with an added controls plane it calls Insight, alongside a private cloud for the most sensitive, classified workloads. The pitch is that a customer gets the capability of a global hyperscaler with the legal assurances of a domestic provider.
The same template recurs. Oracle has stitched its cloud into the UAE's national AI plans and, through the Stargate UAE venture announced in May 2025 alongside G42, OpenAI, Nvidia, SoftBank and Cisco, into Abu Dhabi's largest compute build. Google Cloud has stood up regions in Dammam and Doha, giving Saudi and Qatari customers a way to use its services without their data leaving the Gulf. In each case the structure answers the same anxiety: how to access software the state cannot build itself without surrendering the data that makes the state sovereign in the first place.
The unresolved seam
The bargain has a seam that will not close easily. A sovereign cloud can guarantee that data is stored inside national borders and governed by national law. It is far harder to guarantee that no foreign jurisdiction can ever reach it, because the operator of the platform remains a company incorporated abroad and answerable to its home government. The Microsoft and G42 arrangement carried exactly this subtext: as a condition of the American technology and capital flowing in, G42 agreed to step back from Chinese hardware and align with US security expectations. Sovereignty, in other words, was not simply asserted by Abu Dhabi; it was negotiated with Washington. The data may stay home, but the terms of the lease are written partly elsewhere.
This is the structural tension that will define the next phase of MENA sovereign AI. Localisation rules and classification tiers give governments real leverage over where data lives and who may process it. Yet the frontier capability they want to apply to that data is held by a small number of firms in two countries, and access to it is increasingly mediated by export controls and bilateral understandings. The Gulf's regulators have built an impressive perimeter. The question the compute story could defer, and the data story cannot, is whether a perimeter you do not fully control is sovereignty or merely a well-appointed tenancy.
For now the region is betting that the bargain holds: that a domestic operator, a domestic legal regime and a wall of residency rules are enough to make an imported cloud genuinely national. It is a reasonable bet, and a necessary one, given that the alternative is to forgo frontier AI entirely. But it is a bet, not a settled fact, and every new sovereign cloud signed with a foreign hyperscaler raises the same quiet question. The data stays home. The control, for the moment, is shared.
