Abstract
Information privacy issues have been noticeably reinforced and its significance has gained momentum after the prevalent usage of communications, data storage and processing technologies. A massive volume of personal information and data stored on the Internet and internal systems of public and private organization which created serious legal, ethical, and technological problems regarding issues related to information collection, processing, dissemination, and invasion. This paper provides an overview of a country-wide research project that targets a current state assessment of information privacy in Saudi Arabia. This project should facilitate the development of some tools that would help to implement privacy on some IT applications used in the country. The project consists of three phases. The first phase delivers a comprehensive assessment of information privacy practices at the public, health, banking, and private sectors. The second phase involves development of privacy templates based on eXtensible Access Control Markup Language (XACML) which complies with privacy regulations of the above mentioned sectors and the templates. Finally, the third phase involves the development of an open source system that acts as a Policy Enforcement Point (PEP) between the file system and the end user; this system aims to enforce privacy requirements on various file types.