Sign In

Guidelines on the implementation of regulations

Guidelines on the implementation of regulations

The guidelines established in this section are to provide stakeholders clarity and guidance on CITC's implementation of the Net Neutrality regulatory framework and determining whether ISP practices comply with the general provisions.

 

Article 3 – Scope of regulations

a)      Article 3-1 sets out the services included within the scope of the provisions of the Net Neutrality framework.

b)      Internet access services (IAS) are services that provide end-users and content-providers access to the internet regardless of the network technology (e.g., Fiber-to-the-home, DSL, mobile, satellite, etc.) or the device used (e.g., laptop, tablet, phone, etc.).

c)       Interconnection services, whether transit or peering, and content delivery network (CDN) services are distinct from internet access services. Consequently, interconnection and CDN agreements between content providers, ISPs and internet exchange points are not within the scope of the provisions of this document. However, CITC may prohibit interconnection policies of service providers if it has an impact on accessing content under Article 4-1.

For example, if a service provider uses interconnections or CDNs to restrict or block certain lawfully permissible content to end users, this will be considered a breach of Net Neutrality

If the service provider prefers to use certain internet exchange points or CDNs over another, this does not fall within the scope of the provisions of this document.

d)      Private networks that use private address spaces are not routed through the public internet and are distinct from internet access services. They are typically used for local area networks (LANs) in residential, office or enterprise environments. This also includes wide area private networks, such as those operated by national utilities. They are not within the scope of the provisions of this document.

Article 4 – Open internet access

Article 4-1 – End-users rights to accessing content

  1. Article 4-1 sets out the end-users right to freely access and distribute data that is lawfully permissible regardless of the terminal device used.
  2. “Access and distribute" means that users are able to send or receive data without restriction.
  3. “Lawfully permissible" refers to all data that complies with relevant local laws, regulations, judiciaries, and court decisions in the Kingdom. The provisions of this document do not seek to regulate the lawfulness of the data.
  4. “Regardless of the terminal device used" refers to the end-users right to use the terminal devices of their choice. However, devices that fall under the same form factor should be treated equally. Some potential examples of same form factor devices include but are not limited to:
  • Mobile phones
  • Laptops
  • Tablets
  • Smart watches
  • Computers
  • Smart TVs
  • Self-driving vehicles

Article 4-2 – Service providers' preserving end-user rights

  1. Agreements between service providers and end-users on the commercial and technical conditions of the internet services (such as data usage, prices, speeds, etc.) shall not affect the rights of users outlined in this article.
  2. Agreements that include bundling with other services (e.g., free subscriptions to certain applications) are not deemed to limit the exercise of end-user rights, provided it is not subject to preferential traffic management or violates other articles.
  3. Service providers cannot impose network usage fees on content providers for the last mile IAS traffic based on the usage of users. End-users already pay for that usage, and any-restrictions to content based on enforcing Network usage fees to content providers will infringe on Article 4-1.

 

Article 5 – Equal internet traffic

Article 5-1 – Obligations to treat traffic equally

a)      Article 5-1 sets out the obligation on service providers to treat all traffic equally when providing in-scope services without technical or commercial discrimination, restriction, or interference.

 

b)      By treating all traffic equally, data packets need to be processed agnostic to the sender, receiver, to the class of content, or device used.

 

c)       The “class of content" or “content class" refers to content, services or applications that belong to the same category. Some examples of potential content classes included by service providers are, but not limited to:

 

  • Social media: Platforms whose primary purpose is to facilitate social interaction and content sharing between users, content on such platforms is pre-dominantly user generated (e.g., Facebook, Instagram, Snapchat, etc.)
  • Social messaging: Platforms whose primary purpose is to facilitate social communication between users, content on such platforms is pre-dominantly user generated (e.g., WhatsApp, Botim, Signal, etc.)
  • Gaming: Platforms that allow users to play games (downloadable or on cloud) using the internet with the purpose to monetize from the gaming service, either through user fees or other revenue generating features such as advertisements or partnerships (e.g., PUBG, Fortnite, etc.)
  • Audio on demand/ Audio streaming: Platforms that provide on-demand audio content (music, podcasts, audiobooks, or other audio) over the internet to users, content on such platforms is pre-dominantly not user generated (e.g., Apple Music, Spotify, Anghami, etc.)
  • Video OTT Platforms: Platforms that provide linear or on-demand video content to users, with active editorial control on the content available on the platform, content on such platforms is pre-dominantly not user generated
  • Video Sharing Platforms: Platforms that provide linear or on-demand online content to users with limited editorial control over the content available on the platform, content on such platforms is pre-dominantly user generated
  • Healthcare: Platforms that provide healthcare content and services to users, such as news and updates on the COVID-19 pandemic (e.g., Tawakkalna, etc.)
  • Education: Platforms that provide educational content and services to users (e.g., Madrasati, etc.)
  • Government: Platforms that provide government supported content to users (e.g., Ehsan, etc.)

Classification of content under a certain class can change depending on offerings of the specific website or application; and will be evaluated by CITC on a case-by-case basis. New content classes might emerge in the future.

 

d)      Equal treatment of traffic does not imply end-users will experience the same network performance or quality of services, since packets can experience varying transmission performance.

 

e)      Service providers blocking, slowing down, restricting, interfering with, degrading, or discriminating access to specific content, services, or applications, except during the exceptions of Articles 5-3 and 5-4 are considered to infringe on Article 5-1.

Article 5-2  – Guidelines on differential pricing practices

  1. Many differential pricing practices can have an impact on end-user's choice and ensuring a fair playing field among content providers. Differential pricing practices include but are not limited to, zero-rating, sponsored data (e.g., content providers subsidizing their own data), or subscriptions that offer end-users to choose zero-rated content from a range of applications.
  2. Differential pricing practices are evaluated by CITC (if necessary) on a case-by-case basis following the framework below.
  3. The framework below is a general guideline for CITC's assessment of differential pricing offers (zero-rating or other offers). CITC will also take into account other factors into consideration, including the respective market positions of the service or content provider.

 

1.       Does the offer have the potential to limit or exclude end-users' access to certain content or applications?

Any zero-rating offer (or similar offers) that limits or excludes end-users' access to content or applications outside of the zero-rating offer despite having the necessary data allowance will constitute a breach of Article 4-1.

Any zero-rating offer (or similar offers) where all content is blocked or throttled when the data allowance is reached except for the zero-rated content may potentially be considered discriminatory and a breach of Articles 5-1 and 5-2.

 

2.       Is the offer exclusive to a particular group of subscribers or select content providers?

Any publicly offered zero-rating package (or similar offers) that is exclusive to subscribers to a particular data plan is likely to be considered a breach of Article 5-2. In-line with the non-exclusivity mentioned in Article 5-2, offers need to be open to any consumer who would like to enroll, without unjustified discrimination.

Any zero-rating offer (or similar offers) that is exclusive to only certain players from a certain class of content is likely to be in breach of Article 5-2.

Service providers need to be transparent to end-users as to which content is included in the zero-rating offer.

Service providers need to be transparent, non-discriminatory, fair, and reasonable in how they classify content under a certain class. The process for content providers to apply to join an offer, needs to be straight forward and transparent. The technical and commercial conditions need to be applicable to all content providers of the same class (this includes local content providers as well). Entry barriers (administrative, commercial, technical) need to be deemed reasonable. Content providers should not be discriminated against based on their location, the origin or destination of their content.

Service providers can provide zero-rating offers to entire classes of content without issue. Service providers can provide end-users their choice of content providers from an entire class.

 

        1. Does the offer appear to have the ability to influence end-user choice?

Any zero-rating offer (or similar offer) which may lead to situations where end-users' choice maybe be materially reduced may be considered in breach of Article 5-2. This will likely occur if zero-rating offers are open to a few applications only.

 

Article 5-3 – Guidelines on internet traffic management practices

a)      Article 5-3 states that the principle of equal internet traffic in Article 5-1 does not prevent service providers from employing internet traffic management measures provided they are reasonable, non-discriminatory, proportionate, and transparent.

 

b)      Service providers can deploy internet traffic management practices at their own discretion; however, CITC may intervene and investigate if potential infringements are observed.

 

c)       Service providers can request for CITC's guidance on their internet traffic management practices. Any CITC guidance at that stage will not be legally binding.

 

d)      Given the varying and evolving nature of user needs and trend, and services offered by service providers, traffic management practices are assessed on a case-by-case basis. The framework below is a general guideline for CITC's assessment of whether traffic management practices are compliant. However, depending on the specific circumstances of the case, other factors may be relevant.

 

1.       Does the internet traffic management address a justifiable need and purpose?

Service providers need to demonstrate that their traffic management practice addresses a particular need or purpose; this can typically include, but not limited to:

  • Comply with KSA laws, regulations, judiciaries, or court decisions
  • Guarantee the integrity or security of the network from any threats (e.g., cyber security)
  • Prioritize safety critical services
  • Overcome temporary and exceptional network congestion such as during Hajj, peak umrah, special events (e.g., Formula 1, football games, concerts, etc.), weather emergencies, cable cuts, etc.

Traffic management practices based on commercial agreements are not considered a justifiable need.

Permanent internet traffic management practices are permitted provided they address a justifiable need.

 

2.       Is the internet traffic management practice non-discriminatory?

Service providers need to ensure that practices treat same classes of content equally. This does not preclude service providers from implementing measures which differentiate between different classes of traffic.

Content or services that require similar quality of services to operate properly need to be treated similarly.

If there is any discrimination against an end-user or content, the service provider must demonstrate a justifiable reason.

 

3.       Is the internet traffic management practice proportionate?

Service providers must demonstrate their traffic management measures are necessary and suitable and to address the need in question 1. The traffic management measures have to be appropriate in balancing the competing requirements of different classes.

Service providers must establish that there is not a more effective yet less interfering measure to achieve that need.

Service providers must ensure that such practices are not maintained longer than necessary.

 

4.       Is the internet traffic management practice transparent?

Service providers need to disclose to end-users, through their websites, customer contracts, and terms of service, clearly and prominently, information related to their traffic management practices. Furthermore, any updates to their traffic management practices, need to be conveyed to the end-users.

This should typically include:

  • Why are traffic management practices introduced?
  • Who is affected by them?
  • When will/did it occur?
  • What classes of content are subject to the measures?
  • How will the measures affect the end-user's internet experience?

 

Article 5-4 – Guidelines on specialized internet services

  1. Article 5-4 states that the principle of equal internet traffic in Article 5-1 does not prevent service providers from providing special internet services for certain information, content, applications or services, when necessary, provided the specialized services are reasonable, non-discriminatory and transparent.
  2. Service providers can enter commercial agreements for specialized services, including offering 5G network slicing services. These services can be priced differently over regular internet access services since they do offer better internet quality and serve a different need.
  3. Service providers can provide specialized internet services at their own discretion; however, CITC may intervene and investigate if potential infringements are observed.
  4. Service providers can request for CITC's guidance on whether their offered specialized internet services do not violate the provisions of this document. Any CITC guidance at that stage will not be legally binding.
  5. Specialized internet services will be assessed by CITC on a case-by-case basis to ensure compliance. The approach below sets out guidelines for CITC's assessment of specialized internet services. However, depending on the specific circumstances of the case, other factors may be relevant.

1.       Does the specialized internet service address a justifiable need and purpose for special services?

Service providers need to demonstrate that specialized internet services are provided to certain information, content, services or applications to ensure they are able to meet quality requirements for their successful operation; this can typically include, but not limited to:

  • Autonomous driving
  • Healthtech
  • IoT
  • Linear IPTV

Service providers must provide information about the specialized internet services offered, including what the relevant levels of quality are that are not assured by regular internet access services. They must also provide how the specialized internet services objectively ensure successful operation of the certain content, applications or services. They must not be offered as a replacement for internet access services.

Due to evolving trends and operation requirements, content, applications or services might no longer require specialized internet services in the future. CITC will continuously reassess whether a content or service still qualifies for specialized internet service on a case-by-case basis.

Offering specialized internet services, based on purely commercial agreements are not considered a justifiable need.

Specialized internet services cannot be provided to circumvent the provisions of traffic management practices in Article 5-3.

2.       Are the specialized internet services offered non-discriminatory?

The process for content providers to be considered for specialized internet services, needs to be straight forward and transparent. The technical and commercial conditions need to be applicable to all content providers of the same class. Entry barriers (administrative, commercial, technical) need to be deemed reasonable. Content providers should not be discriminated against based on their location, or the origin or destination of their content.

If there is any discrimination against an end-user or content, the service provider must demonstrate a justifiable reason. Any discriminatory paid prioritization of services that are not mentioned in Article 5-4 is likely to be in breach of Articles 4-1 and 5-4 and may be subject to penalties as conferred by Article 8-1.

3.       Is the network capacity sufficient to provide specialized internet services without impacting regular internet access services?

Service providers shall offer specialized internet services only when the network capacity is capable of handling such distinction. Specialized internet services shall not affect the availability or degrade the general quality of regular internet access services for end-users.

CITC may assess whether specialized internet services are affecting the quality of IAS through measuring their upload and download speeds and assessing if there is any delay. Small-scale and temporary speed fluctuations shall be considered normal and must not be considered deteriorating to the quality of Internet Access Services.

CITC should intervene if persistent perceptible decreases in the quality and performance of Internet Access services are detected.

4.       Are the specialized internet services transparent?

Service providers need to disclose to end-users, through their websites, customer contracts, and terms of service, clearly and prominently, information related to specialized internet services. Furthermore, any updates to their specialized internet services, need to be conveyed to the public.

This should typically include:

  • Why certain content, applications and services required specialized internet services?
  • Who is affected by them?
  • How will specialized internet services affect other internet access services?
  • What are the levels of quality provided to specialized services and other IAS?

CITC may request information from service providers about their specialized internet services using powers cited in Article 7-2. Service providers must give transparent information in their response about their specialized services.

 

Article 6 – Transparency measures

Article 6-1 – Guidelines on transparency measures

  1. Service providers need to disclose to end-users, through their websites, customer contracts, and terms of service, clearly and prominently, information related to the provisions referred to in Article 6-1, and in line with the Regulations on the Protection of Rights of ICT Services' Users and on the Terms of ICT Service Provision
  2. The provided information needs to be accurate, up to date, easily accessible and easily understandable by end-users.

     

Article 6-1-1 – Differential rating practices

a)      Service providers need to disclose to end-users, through their websites, customer contracts, and terms of service, clearly and prominently, information related to their differential rating practices. Furthermore, any updates to package, need to be conveyed to the end-users.

This should typically include:

  • What content is included in the package?
  • When will the package expire?
  • What happens when the package expires?
  • How will the package affect the end-user's internet experience?
  • How will the package protect their privacy, and the protection of their personal data?

b)      Service providers need to disclose to content providers the process to apply to join a package, including the technical and commercial conditions.

 

Article 6-1-2 – Transparency on traffic management practices

a)      Service providers need to disclose to end-users, through their websites, customer contracts, terms of service and marketing content, clearly and prominently, information related to their traffic management practices. Furthermore, any updates to their traffic management practices, need to be conveyed to the end-users.

This should typically include:

  • Why are traffic management practices introduced?
  • Who is affected by them?
  • When will/did it occur?
  • What classes of content are subject to the measures?
  • How will the measures affect the end-user's internet experience?
  • How will the measures protect their privacy, and the protection of their personal data?

     

b)      Service provides must also disclose through their website to the general public detailed technical information on their internet access traffic management practices.

 

 

 

Article 6-1-3 – Transparency on specialized interenet services

a)      Service providers need to disclose to end-users, through their websites, customer contracts, and terms of service, clearly and prominently, information related to specialized internet services. Furthermore, any updates to their special internet services, need to be conveyed to the public.

This should typically include:

  • Why certain content, applications and services required specialized internet services?
  • Who is affected by them?
  • How will specialized internet services affect other internet access services?
  • What are the levels of quality provided to specialized services and other IAS?

     

b)      Service providers must also disclose through their website to the general public detailed technical information on their specialized internet services.

 

Article 6-3 – Transparency on the complaints process

  1. Service providers will need to address complaints of end-users and content providers in line with Article 24 of the Regulations on the Protection of Rights of ICT Services' Users and on the Terms of ICT Service Provision

 

Article 7 – Monitoring and supervision

Article 7-1 – Requesting information

  1. In addition to the information provided in the annual reports mentioned in Article 7-1, CITC may request from the service providers relevant information set out in Articles 4, 5 and 6 to monitor compliance.
  2. Service providers must provide the requested information in a timely manner and in accordance with the level of details mentioned in the request.
  3. The requested information may include, but are not limited to:
  • Additional details and clarifications on the content included in differential pricing packages and the selection process
  • Additional details and clarifications about when, how and to which end-users internet traffic management practices are applied
  • Information about the technical effect of internet traffic management practices applied on regular internet access services
  • Justifications of any traffic management practices applied, or specialized internet services offered, including whether such practices adhere to the exceptions of Articles 5-3 and 5-4, and the time period for which they are applied
  • Details on commercial agreements between ISPs and content providers related to practices disclosed in Article 5
  • Details on the processing of personal data of end-users by service providers
  • Information about the approach taken to address end-user complaints and the number and type of complaints received by service providers

 

Article 7-2 – Updating the Network Neutrality framework

  1. CITC may update the regulations, when necessary to address any evolving trends, including:
    • The KSA market, such as evolving market position of players, new services and technologies, changing consumer habits, and strong stakeholder sentiments
    • International markets, including new best-in class regulations, new services and technologies
  2. In case 5 years pass with no review or update to the provisions of this documents, CITC will trigger a review and public consultation on the topic to ensure it is in line with current KSA market and future ambitions.

 

Article 8 – Enforcement an​d Compliance

Article 8-1 – Enforcement and Compliance

  1. In case service providers misreport their Net Neutrality practices, CITC may impose sanctions on them, in line with its Telecom act and bylaws.

b)    In case service providers infringe or violate Net Neutrality regulations, CITC may impose sanctions on them, in line with its Telecom act and bylaws. 



By continuing to use our website, you acknowledge the use of cookies Privacy Policy