The BSA Global Cloud Scorecard analyzes the legal and regulatory framework and broadband infrastructure of 24 countries that together make up 80 percent of the global ICT market. Each country's score is computed using a item scoring grid and analyses.
A number of basic fact-finding questions are excluded from the scoring system. Each group of questions is weighted to reflect its importance to cloud computing and each individual question is also weighted to reflect its importance within the group.
To help with the scoring and usability of the study, the assessments are based on a series of questions that are framed so that a "yes" response reflects a favorable policy setting for global cloud computing. The weights are shown in the table below and the results are available in the downloadable report.
The first-ever report to track year-over-year change in the international policy landscape for cloud computing shows that cloud readiness is improving, if unevenly. The Scorecard also includes a detailed country-by-country analysis of legislation, regulations, case law, government policy and standards. To help with the scoring and usability of the study, the assessments are based on a series of questions that are framed so that a "yes" response reflects a favourable policy setting for global cloud computing.
Galexia has completed a comprehensive review of digital economy laws and infrastructure in 14 Asia Pacific countries - the Asia Pacific Digital Economy and Cloud Computing Scorecard. The Security section also examines electronic signature laws and Internet censorship or filtering requirements.
The Scorecard reveals that most countries do have clear, technology neutral electronic signature laws. In addition, security requirements are in place in most jurisdictions, and security audit requirements were generally absent.
A number of countries — ranging from advanced markets like Korea 6. Some such regimes regulate criminal conduct, including distribution of illegal material, particularly child pornography.
However, a number of the filtering or censorship schemes appear to include a strong political element, in that they regularly block sites that expressed political dissent. China, for example, restricts access to online content under a large and complex legal and technical regime that invokes the protection of national security and social order.
This factor played a significant factor in China scoring just 2. As cloud computing involves the aggregation of massive amounts of data in large data centers, it creates new and highly tempting targets.
As criminals turn their attention to these vaults of information, it will become increasingly challenging to protect such data centers from both physical and cyber attacks.
Governments should ensure that domestic laws provide an effective mechanism for law enforcement, and for cloud providers themselves, to combat unauthorized access to data stored in the cloud.
This section examines these issues as well as rules relating to investigation and enforcement, including access to encrypted data and extraterritorial offences. The Scorecard finds that most countries have either computer crime legislation or cybercrime legislation, and many laws are broadly compliant with the Convention on Cybercrime.
Many countries in the study the EU members, Japan and the United States have signed the Convention, and several other countries are considering signing Australia and Mexico are close. Unfortunately, a few key jurisdictions still have gaps and inconsistencies in their cybercrime laws. Canada, for example, signed the Council of Europe Cybercrime Convention in , but it has failed to ratify the Convention for more than a decade.
And while the country has a comprehensive computer crime law in place, it lacks essential online investigation and enforcement tools.
Read more. CRN India, January 12, BSA is the leading advocate for the global software industry before governments and in the international marketplace. Learn More. In the meantime the United States is working on implementing the new Consumer Privacy Bill of Rights, which could provide a layer of protection through enforceable codes of conduct, and the key regulators are becoming more active in enforcing existing sectoral privacy protections. Consumers of cloud computing and other digital services including both private-sector and government users need assurance that cloud service providers understand and appropriately manage the security risks associated with storing their data and running their applications on cloud systems.
This section of the Scorecard examines whether security criteria and the ongoing testing of security measures are the subject of regulation in each jurisdiction.
The security section also examines electronic signature laws and Internet censorship or filtering requirements. China, Indonesia, Thailand, and Vietnam score poorly. The Scorecard reveals that most countries have clear, technology-neutral electronic signature laws. In addition, security requirements are in place in most jurisdictions, and security audit requirements were generally absent. However, some overly prescriptive security requirements have begun to appear.
These include a new regulation in Indonesia that — among other negative developments — requires service providers to locate their data centers inside the country and proposed legislation in Korea that would create unilateral security standards. A number of countries have implemented Internet filtering or censorship regimes that may act as a barrier to the expansion of the digital economy and cloud computing. The key intention of the schemes is to address criminal conduct, including distribution of illegal material, particularly child pornography.
However, several of the filtering or censorship schemes regularly block sites that express political dissent. In Russia introduced new Internet censorship rules, and its score in this section fell significantly. On a positive note, Australia dropped plans for mandatory filtering, and its score improved.
Because cloud computing involves the aggregation of massive amounts of data in large data centers, it creates new and highly tempting targets. As criminals turn their attention to these vaults of information, it will become increasingly challenging to protect such data centers from both physical and cyberattacks. Governments should ensure that domestic laws provide an effective mechanism for law enforcement, and for cloud providers themselves, to combat unauthorized access to data stored in the cloud.
This section examines these issues as well as rules relating to investigation and enforcement, including access to encrypted data and extraterritorial offenses. The Scorecard finds that most countries have either computer crime laws or cybercrime laws and that many of these laws are broadly compliant with the Convention on Cybercrime.
Many countries in the study Australia, EU members, Japan, and the United States have now ratified the Convention, and several other countries are considering signing. Unfortunately, a few key jurisdictions still have gaps and inconsistencies in their cybercrime laws. For example, Canada and Korea have not updated their criminal laws, and Russia has chosen a legal approach that does not follow international best practice.
Australia, France, Germany, and Japan score extremely high in the cybercrime section.
0コメント