Qatar: Digital Policy, Public Service Innovation, and Strengthening Data Protection

Qatar is building its digital governance framework through a combination of national strategy, sector-specific guidelines, and data protection legislation. The country's National AI Strategy (2019) and Digital Agenda 2030 provide the overarching vision, while Law No. 13 of 2016 on Personal Data Privacy establishes the foundational data protection regime. Qatar does not yet have a standalone AI law, but the National Cybersecurity Agency (NCSA) issued AI guidelines in 2024, and the Qatar Central Bank (QCB) published AI-specific guidelines for financial institutions in September 2024. With the December 2025 launch of Qai — a sovereign AI investment vehicle backed by the Qatar Investment Authority — and over USD 2.5 billion in AI-related commitments, Qatar is rapidly accelerating from policy foundations to strategic deployment.

Qatar's AI governance landscape has shifted significantly since 2024. The NCSA's AI guidelines, published in 2024, introduced risk-based principles for government and critical infrastructure AI deployments, marking the country's first formal AI-specific governance framework. The QCB followed in September 2024 with AI Guidelines for financial institutions, addressing algorithmic transparency, model governance, and customer data use in automated decision-making.

The most transformative development came in December 2025 with the launch of Qai, a sovereign AI investment platform established by the Qatar Investment Authority (QIA). Qai has already committed to a USD 20 billion partnership with Brookfield for AI infrastructure, with plans to build hyperscale data centres powered by Qatar's abundant natural gas reserves. Scale AI announced a partnership with Qatar to develop government AI applications and workforce training programmes. QCRI (Qatar Computing Research Institute) released Fanar 2.0, an Arabic-language large language model, advancing sovereign AI capabilities. Qatar is also investing in 6G testbed infrastructure and positioning itself as a regional connectivity hub.

Qatar's evolving digital governance framework impacts a range of domestic and international stakeholders. Government ministries and agencies must align with NCSA AI guidelines and the Digital Agenda 2030 priorities. Financial institutions operating under QCB supervision face specific AI governance requirements around model transparency, risk management, and consumer protection.

Technology companies and AI developers building solutions for Qatar's public sector or critical infrastructure must comply with NCSA guidelines and data localisation expectations. Energy sector operators — central to Qatar's economy — face growing expectations around responsible AI deployment in extraction, processing, and distribution. Education institutions are affected by national workforce development initiatives, including QCRI's training programmes and partnerships with international AI research institutions. International investors and technology partners engaging through Qai and related vehicles must navigate Qatar's regulatory expectations around data handling, local content requirements, and technology transfer.

Qatar's governance approach is characterised by strategic pragmatism, blending national vision documents with sector-specific regulatory action. The National AI Strategy (2019) identifies four priority areas: government modernisation, economic diversification, societal wellbeing, and human capital development. Data protection under Law No. 13 of 2016 establishes consent-based processing principles, data subject rights, and cross-border transfer restrictions, with enforcement handled through the Compliance and Data Protection Department within the Ministry of Transport and Communications.

The NCSA AI guidelines adopt a risk-proportionate approach, with higher scrutiny for AI systems deployed in critical infrastructure, healthcare, and national security contexts. The QCB's framework emphasises explainability, fairness, and human oversight in financial AI applications. Qatar's broader digital governance philosophy prioritises national security, economic sovereignty, and controlled innovation — supporting rapid technology adoption while maintaining state oversight of critical digital infrastructure and data flows.

For businesses, Qatar presents a high-investment, high-opportunity environment with evolving regulatory expectations. Companies operating in financial services must comply with the QCB's AI guidelines, which require documented model governance, regular auditing of algorithmic outputs, and clear accountability structures for automated decisions. Technology vendors serving government clients should familiarise themselves with NCSA guidelines and anticipate data localisation requirements for sensitive applications.

The launch of Qai creates substantial opportunities for AI infrastructure companies, cloud service providers, and enterprise AI solution vendors. The USD 20 billion Qai-Brookfield partnership and partnerships with Scale AI signal that Qatar is willing to deploy significant capital to attract global AI talent and technology. Businesses should prepare for Qatar's Digital Agenda 2030 procurement requirements, which increasingly favour AI-enabled solutions across government services, healthcare, education, and transportation. Companies handling personal data must comply with Law No. 13 of 2016, including obtaining valid consent, maintaining data processing records, and respecting cross-border transfer restrictions — particularly for data leaving the GCC region.

Qatar's AI governance trajectory will be shaped by several developments in 2026 and beyond. The expansion of Qai's investment portfolio and its impact on Qatar's AI infrastructure capacity will be a key indicator of the country's ability to attract and retain global AI companies. Watch for updates to the NCSA AI guidelines, which may evolve toward more binding requirements as Qatar's AI deployment matures.

Potential amendments to Law No. 13 of 2016 could modernise the data protection framework to address AI-specific concerns including automated decision-making, profiling, and algorithmic impact assessments. The QCB may expand its AI guidelines to cover insurance, capital markets, and digital assets beyond the current banking focus. Qatar's investments in 6G infrastructure and QCRI's continued development of Arabic-language AI models (including Fanar series successors) will influence the country's position in sovereign AI capability. Regional coordination through the GCC is also worth monitoring, as harmonised approaches to AI governance and data flows could reduce compliance complexity for businesses operating across Gulf states.