Report - Global Cloud Computing Scorecard (2013)
- Scorecard Themes
- Country Ranking
- 2013 Rank 1. Japan - Score: 84.5 | Change from 2012 Score: +0.8 - Rank: same
- 2013 Rank 2. Australia - Score: 79.9 | Change from 2012 Score: +0.68 - Rank: same
- 2013 Rank 3. US - Score: 79.7 | Change from 2012 Score: +1.17 - Rank: +1
- 2013 Rank 4. Germany - Score: 79.17 | Change from 2012 Score: +0.1 - Rank: -1
- 2013 Rank 5. Singapore - Score: 78.5 | Change from 2012 Score: +6.38 - Rank: +5
- 2013 Rank 6. France - Score: 78.3 | Change from 2012 Score: -0.02 - Rank: -1
- 2013 Rank 7. United Kingdom - Score: 76.9 | Change from 2012 Score: +0.38 - Rank: same
- 2013 Rank 8. Korea - Score: 76.2 | Change from 2012 Score: +0.15 - Rank: same
- 2013 Rank 9. Canada - Score: 75.8 | Change from 2012 Score: +5.42 - Rank: +3
- 2013 Rank 10. Italy - Score: 75.5 | Change from 2012 Score: -1.1 - Rank: -4
- 2013 Rank 11. Spain - Score: 73.7 | Change from 2012 Score: -0.18 - Rank: -2
- 2013 Rank 12. Poland - Score: 72.0 | Change from 2012 Score: +1.35 | Rank:- 1
- 2013 Rank 13. Malaysia - Score: 69.5 | Change from 2012 Score: +10.3 - Rank: same
- 2013 Rank 14. Russia - Score: 59.1 | Change from 2012 Score: 4.76 - Rank: +2
- 2013 Rank 15. Mexico - Score: 56.9 | Change from 2012 Score: +0.53 - Rank: -1
- 2013 Rank 16. Argentina - Score: 56.5 | Change from 2012 Score: +1.36 - Rank: -1
- 2013 Rank 17. India - Score: 53.1 | Change from 2012 Score: +3.11 - Rank: +2
- 2013 Rank 18. Turkey - Score: 52.4 | Change from 2012 Score: +0.31 - Rank: -1
- 2013 Rank 19. China - Score: 51.5 | Change from 2012 Score: +4.02 - Rank: +2
- 2013 Rank South Africa - Score: 51.3 | Change from 2012 Score: +0.82 - Rank: -2
- 2013 Rank 21. Indonesia - Score: 48.4 | Change from 2012 Score: -1.25 - Rank: -1
- 2013 Rank 22. Brazil - Score: 44.1 | Change from 2012 Score: +9.03 - Rank: +2
- 2013 Rank 23. Thailand - Score: 44.0 | Change from 2012 Score: +1.14 - Rank: -1
- 2013 Rank 24. Vietnam - Score: 40.1 | Change from 2012 Score: +0.54 - Rank: -1
Galexia has been working with The Software Alliance (BSA) since 2009 and has assisted in the development of an extensive body of cloud research, thought leadership and first to market analysis on key cloud issues.
Galexia has worked extensively with the Singapore and Washington BSA offices and has engaged with BSA stakeholders in more than 20 countries.
The 2013 Global Cloud Computing Scorecard — the first-ever report to track year-over-year change in the international policy landscape for cloud computing — shows that cloud readiness is improving, if unevenly.
These findings come against the backdrop of the massive and well-documented movement to cloud services by consumers, businesses, and governments. What hasn’t been documented until now is the less steady improvement in the policy environment to support global cloud computing, with some countries making big strides to improve their cloud readiness while others, including some of the world’s largest technology markets, have stalled or even backtracked.
The 2013 Scorecard follows on from the groundbreaking 2012 Scorecard and contains:
- Updates across 24 countries and 66 criteria, including:
- 27 significant (positive) changes
- 34 moderate (positive) changes
- 6 moderate (negative) changes
- 108 minor (no effect) changes
- 432 infrastructure changes
- Tracks change in score and rank from 2012
- Includes 3 new case studies
The Scorecard examines major laws and regulations relevant to cloud computing in seven policy categories as well as each country’s ICT-related infrastructure and broadband deployment. These policy categories align with the BSA’s Cloud Computing Guiding Principles, which underpin the Scorecard’s analytical framework and its suggestions for providing a workable framework to allow for the growth of cloud computing.
Cloud users will fully accept and adopt cloud computing only if they are confident that private information stored in the cloud, wherever in the world, will not be used or disclosed by the cloud provider in unexpected ways. National privacy regimes should be predictable and transparent and should avoid unnecessarily burdensome restrictions on cloud service providers such as registration requirements for data controllers and cross-border data transfers. Cloud providers should be encouraged to establish privacy policies that are appropriate for the particular cloud service they provide and the business model they use.
The Scorecard shows that most countries have data protection frameworks and have established independent privacy commissioners. Many laws are based on a mix of the Organisation for Economic Co-operation and Development Guidelines, the European Union Directive, and the Asia-Pacific Economic Cooperation Privacy Principles. Unfortunately, registration requirements for those who hold or process data or for data transfers may act as barriers to taking up cloud services. Such requirements exist in some countries, including in some EU countries for registering cross-border transfers.
Australia, Canada, Japan, and Korea score well in the privacy section, as they have comprehensive privacy regimes without any onerous registration requirements.
Singapore and China introduced new privacy laws in 2012, and existing laws were revised in Australia and Indonesia. Singapore received a big boost to its score and ranking for introducing a modern, balanced privacy regime. China received a smaller boost, as its approach is limited to the introduction of some basic privacy and security principles to a narrower class of data. Unfortunately, privacy reform in several countries has been delayed, with proposals in Brazil, India, South Africa, Thailand, and Turkey failing to gain parliamentary support.
Privacy laws in the EU and the United States are also the subject of significant debate and reform. The EU has proposed replacing the existing directive with a regulation containing some positive elements for consumers but potentially some new administrative burdens for cloud service providers. The draft regulation is the subject of ongoing debate. In the United States, the Obama administration has announced a commitment to general privacy legislation, although in practice this may be difficult to develop in the absence of a broader consensus among lawmakers. In the meantime the United States is working on implementing the new Consumer Privacy Bill of Rights, which could provide a layer of protection through enforceable codes of conduct, and the key regulators are becoming more active in enforcing existing sectoral privacy protections.
Consumers of cloud computing and other digital services (including both private-sector and government users) need assurance that cloud service providers understand and appropriately manage the security risks associated with storing their data and running their applications on cloud systems. This section of the Scorecard examines whether security criteria and the ongoing testing of security measures are the subject of regulation in each jurisdiction. The security section also examines electronic signature laws and Internet censorship or filtering requirements.
France, Japan, Italy, the United Kingdom, and the United States all score well in this section. China, Indonesia, Thailand, and Vietnam score poorly.
The Scorecard reveals that most countries have clear, technology-neutral electronic signature laws. In addition, security requirements are in place in most jurisdictions, and security audit requirements were generally absent. However, some overly prescriptive security requirements have begun to appear. These include a new regulation in Indonesia that — among other negative developments — requires service providers to locate their data centers inside the country and proposed legislation in Korea that would create unilateral security standards.
A number of countries have implemented Internet filtering or censorship regimes that may act as a barrier to the expansion of the digital economy and cloud computing. The key intention of the schemes is to address criminal conduct, including distribution of illegal material, particularly child pornography. However, several of the filtering or censorship schemes regularly block sites that express political dissent. In 2012 Russia introduced new Internet censorship rules, and its score in this section fell significantly. On a positive note, Australia dropped plans for mandatory filtering, and its score improved.
Because cloud computing involves the aggregation of massive amounts of data in large data centers, it creates new and highly tempting targets. As criminals turn their attention to these vaults of information, it will become increasingly challenging to protect such data centers from both physical and cyber attacks. Governments should ensure that domestic laws provide an effective mechanism for law enforcement, and for cloud providers themselves, to combat unauthorized access to data stored in the cloud. This section examines these issues as well as rules relating to investigation and enforcement, including access to encrypted data and extraterritorial offenses.
The Scorecard finds that most countries have either computer crime laws or cybercrime laws and that many of these laws are broadly compliant with the Convention on Cybercrime. Many countries in the study (Australia, EU members, Japan, and the United States) have now ratified the Convention, and several other countries are considering signing. Unfortunately, a few key jurisdictions still have gaps and inconsistencies in their cybercrime laws. For example, Canada and Korea have not updated their criminal laws, and Russia has chosen a legal approach that does not follow international best practice.
Australia, France, Germany, and Japan score extremely high in the cybercrime section. Canada, China, Korea, Russia, and Vietnam score poorly. The country that shows the most improvement is Brazil, which finally passed cybercrime laws after a long campaign.
This section also examines rules on investigation and enforcement, including access to encrypted data and extraterritorial offences. There is a greater divergence in results in these fields.
Intellectual Property Rights
Providers of cloud computing and digital economy technologies and services, as with other highly innovative products, rely on a combination of patents, copyrights, trade secrets, and other forms of intellectual property protection. Thus, to encourage investments in cloud research and development, as well as infrastructure, IP laws must provide strong incentives for these investments and clear protection and vigorous enforcement against misappropriation and infringement. Online intermediaries should have incentives to behave responsibly, and they should enjoy safe harbors from liability when they do so.
This section also examines investigatory and enforcement approaches, where there is a wide diversity of approaches and significant inconsistency. There are also concerns over the enforcement culture and resources available in some jurisdictions. Even countries with up-to-date IP laws sometimes fail to enforce these laws, and piracy rates remain high in many jurisdictions. The Scorecard reveals that countries are moving toward a consistent approach on many key rights and protections. Gaps exist, however, in the IP laws of some jurisdictions.
Significant law reform in intellectual property has occurred in the past year. Canada, India, Malaysia, and Russia passed important amendments to their copyright laws, bringing them in line with international standards. Malaysia signed the World Intellectual Property Organization (WIPO) Copyright Treaty. Enforcement also improved in several countries.
There were still some disappointments: Brazil failed to update its copyright laws, and Italy dropped promising online copyright regulations that had been in development for more than two years.
The leading countries in this section are Australia, Malaysia, Singapore, and the UK. The stragglers include Brazil, Indonesia, Thailand, and Vietnam.
Standards/International Harmonization of Rules
Data portability and seamless use of interoperable applications are key considerations for cloud computing and digital economy applications. Consumers are demanding interoperability in the cloud computing space, and industry is working hard through standards development organizations and other international avenues to meet this demand. Government support of these efforts and the avoidance of technological mandates are important.
This section of the Scorecard examines whether or not governments encourage standards to be developed through voluntary, industry-led standards processes. This section also examines international harmonization of e-commerce rules, tariffs, and relevant trade rules. The Scorecard reveals that governments take an inconsistent approach to standards development and that many ad hoc decisions are made in the absence of national frameworks and policies. Tariffs and trade barriers for online software and applications are rare, although a few jurisdictions still maintain tariffs on new technology products that are used to access cloud services.
In 2012 a positive development in this section was the finalization of cloud computing standards by the US National Institute of Standards and Technology.
The leading countries in international harmonization are Australia, Canada, India, Malaysia, and the United States, which all scored full marks in this section. Argentina, Brazil, Russia, and Vietnam score poorly.
Promoting Free Trade
Cloud services operate across national boundaries, and their success depends on access to regional and global markets. Restrictive policies that create actual or potential trade barriers will slow the evolution of cloud computing.
This section of the Scorecard examines and compares government procurement regimes and efforts to remove barriers to free trade, including countries’ requirements and preferences for particular products. The section also examines whether countries have joined the WTO Agreement on Government Procurement, which liberalizes such policies. The leading countries in this section include Canada, Germany, Japan, and Spain.
The Scorecard finds that a number of countries still provide preferential treatment for domestic suppliers in government procurement. Indonesia, South Africa, and Vietnam score poorly in this section.
This section also notes some very negative developments in Indonesia, where a new regulation introduces onerous requirements for electronic service providers, including potential requirements to locate data centers within the country and to hire local staff.
This section of the Scorecard examines and compares the infrastructure that is available in each country to support the digital economy and cloud computing. It is based on detailed comparative statistics on a range of important ICT indicators, including the presence of a national broadband plan, a country’s International Connectivity Score and International Internet Bandwidth. In addition, the Scorecard includes statistics on the number of subscribers for various services, reflecting the importance (and growth) of mobile broadband subscriptions.
Based on those factors, Japan, Korea, Singapore, and the United States score highest in this component of the Scorecard. Brazil, China, Poland, Russia, and Singapore show the most improvement in their infrastructure score for 2013.
Infrastructure is enhanced in those countries that have developed or are developing national broadband access networks. Several countries, including Japan, Korea, and Singapore have implemented impressive national broadband networks. In 2012 China announced a major national broadband plan to accommodate a projected 800 million Internet users by 2015.
Japan and Korea dominate the percentage of fiber Internet connections, with each having twice the level of penetration of any other country. Japan and Korea have more than half of the 60 million global fiber connections, followed by Russia with 9 million connections and the United States with 6 million.
Singapore stands out as having both the highest score in the infrastructure section and maintaining leading growth rates in a number of areas, such as International Internet Bandwidth.
The United States leads in the size of its public cloud services market and the sheer volume of the number of active mobile broadband subscriptions.
While major infrastructure improvements are under way in a number of countries, broadband penetration remains very inconsistent and some countries have both low infrastructure scores and low growth rates. There is a risk that some countries do not yet have the infrastructure (or plans) in place to take full advantage of the digital economy and cloud computing.
The first-ever report to track year-over-year change in the international policy landscape for cloud computing shows that cloud readiness is improving, if unevenly.
2013 Rank 1. Japan - Score: 84.5 | Change from 2012 Score: +0.8 - Rank: same
Japan has a comprehensive suite of modern laws that support and facilitate the digital economy and cloud computing.
Japan ratified the Convention on Cybercrime in 2012, setting a positive example for other countries.
Japan also has comprehensive privacy legislation in place, as well as intellectual property laws that cover the full range of protections relevant to cloud computing.
Japan is very active in the development of international standards.
Broadband penetration in Japan is already very high. The government has committed to ensuring that by 2015, all households will have very high-speed fiber broadband connections.
Overall, Japan’s score increases slightly in the 2013 Scorecard, and the country easily retains its top ranking in the overall rankings.
2013 Rank 2. Australia - Score: 79.9 | Change from 2012 Score: +0.68 - Rank: same
Australia is keen to promote cloud computing through the development and reform of relevant laws, regulations, and standards. For example, Australia has a strong commitment to international cooperation, free trade, and interoperability. Key laws are based on international models, and Australia is an active participant in the development of international standards.
Australia has up-to-date cybercrime laws and ratified the Convention on Cybercrime in late 2012. Australia also has comprehensive electronic signature and electronic commerce laws in place. In 2012 Australia passed further improvements to its existing privacy legislation, including stronger powers for the regulator.
Intellectual property laws in Australia provide a comprehensive and balanced layer of protection for cloud computing services and the digital economy. However, some uncertainty remains regarding ISP liability for copyright breaches that occur when subscribers participate in peer-to-peer sharing of copyrighted material.
In 2012 Australia dropped a long-term proposal for mandatory Internet content filtering that may have acted as a barrier for innovation in the digital economy.
Australian ICT infrastructure is reasonably well developed, and significant progress has been made in the rollout of a National Broadband Network that will provide further capacity to facilitate the digital economy.
Overall, Australia’s scorecard results remained fairly stable in the 2013 report. Improvements in the country’s security and cybercrime laws settings were offset by a small reduction in ICT infrastructure, and the country remained in 2nd place in the Scorecard rankings.
2013 Rank 3. US - Score: 79.7 | Change from 2012 Score: +1.17 - Rank: +1
The United States has comprehensive and up-to-date laws in place for e-commerce, electronic signatures, and cybercrime. The US has signed and implemented the Convention on Cybercrime and plays a leading role in the investigation of global cybercrime.
Although no general privacy laws are in place, the US still had a busy year in 2012 in relation to privacy protection. A new Consumer Privacy Bill of Rights was published, and work has begun on its potential implementation through enforceable codes of conduct. The key regulator, the Federal Trade Commission, also had a very active year enforcing existing sectoral rules.
The US approach to interoperability improved in 2012 with new standards developed for cloud services by the National Institute of Standards and Technology.
Intellectual property protection in the United States remans mixed. The US has signed all of the relevant international agreements, and a strong enforcement culture is in place. However, multiple conflicting court decisions leave considerable legal uncertainty about what constitutes an online copyright breach.
The United States is an active participant in international standards development processes and an advocate of free trade and harmonization. Some very limited domestic preferences remain in place for government procurement opportunities.
The United States has high levels of Internet use, but access to fast broadband remains patchy. The US has the 4th highest number of FttX connections and it has (by a considerable margin) the largest number of active mobile broadband connections.
Overall, the United States improved its ranking by one spot to 3rd in the 2013 Scorecard through a combination of positive policy developments and improved ICT infrastructure.
2013 Rank 4. Germany - Score: 79.17 | Change from 2012 Score: +0.1 - Rank: -1
Germany has comprehensive cybercrime legislation and up-to-date intellectual property protection in place. The combination of these laws provides reasonable protection for cloud computing services in Germany. However, there is some continuing uncertainty about whether Web-hosting businesses and access providers are liable under the Civil Code for copyright breaches that occur on their systems.
Germany also has modern electronic commerce and electronic signature laws in place. Like most European countries, Germany has comprehensive privacy legislation, but it includes onerous registration requirements that may act as a cost barrier for the use of cloud computing. In addition, Germany has 17 data protection authorities, which leads to uncertainty in the application of the law.
Germany has a strong commitment to international standards and interoperability.
Germany is making good progress on extending broadband access to the population.
Germany’s score improved by one-tenth of a point in the 2013 Scorecard, and the country slipped one spot in the rankings, from 3rd to 4th.
2013 Rank 5. Singapore - Score: 78.5 | Change from 2012 Score: +6.38 - Rank: +5
Singapore has an ambitious program of cyberlaw development and has some of the most modern digital economy laws in the region. For example, the Electronic Transactions Act 2010 implements the UN Convention on Electronic Contracting, which Singapore has ratified.
Singapore also has up-to-date cybercrime laws and intellectual property laws.
In 2012 Singapore passed comprehensive privacy law. The new law is an excellent example of providing a balanced approach between protecting personal information and facilitating innovation in cloud computing and the digital economy.
Singapore has some minor Internet censorship in place but generally promotes innovative business practices that are free from tariffs and government intervention.
Singapore has excellent ICT infrastructure in place and is developing a national network to bring high-speed fiber to the home.
Singapore’s score jumps by more than six points, and its ranking improved five places — to 5th — in the 2013 Scorecard based on its new privacy law and continued improvements in ICT infrastructure.
2013 Rank 6. France - Score: 78.3 | Change from 2012 Score: -0.02 - Rank: -1
France provides strong protection for cloud services, through a combination of comprehensive cybercrime legislation and up-to-date copyright protection. Enforcement of some key provisions remains a concern. France also has up-to-date electronic signature and electronic commerce laws in place.
Comprehensive privacy laws exist, though French privacy legislation includes onerous and cumbersome registration requirements that appear unnecessary.
France is making good progress toward its national broadband targets and is one of the best performers in the study in relation to ICT infrastructure.
France's results did not change significantly between the 2012 and 2013 Scorecards, but the country’s ranking slipped one place to 6th.
2013 Rank 7. United Kingdom - Score: 76.9 | Change from 2012 Score: +0.38 - Rank: same
The United Kingdom has a comprehensive set of cyberlaws in place. Data protection laws are particularly strong, with regular enforcement including large fines. However, businesses are required to register their data sets with the regulator, which seems to be an unnecessary burden on business and may act as a barrier to some cloud services.
The UK is free from Internet censorship and filtering, and up-to-date laws are in place for e-commerce and electronic signatures.
The UK is a signatory to the Convention on Cybercrime but has been criticized for not yet implementing one of its key provisions.
Advanced intellectual property laws are in place and are regularly enforced, although there is still a gap in relation to the exact role of ISPs in copyright enforcement.
The UK already has high rates of Internet use and broadband penetration, and it plans to increase the availability of super-fast broadband to 90% of the population by 2015.
Overall, the United Kingdom’s results do not change significantly in the 2013 Scorecard, but the country’s ranking slips slightly from a tie for 6th place to 7th.
2013 Rank 8. Korea - Score: 76.2 | Change from 2012 Score: +0.15 - Rank: same
Korea has a strong commitment to the promotion of the digital economy, and its laws and standards are generally based on international models.
Korea’s modern, comprehensive privacy laws and strong intellectual property laws facilitate the development and use of cloud computing services. However, cybercrime law does not cover the full range of relevant issues.
Korea is an active proponent of free trade and interoperability and is a member of the WTO Agreement on Government Procurement.
In 2012 Korea began discussions on the development of new, specific laws and regulations for cloud service providers. The early draft of the proposed rules appeared quite onerous for businesses, by including new registration and reporting requirements along with prescriptive security measures.
However, in November 2012 the Korean Communications Commission announced that it had listened to the concerns of cloud service providers and would work on revising the proposal.
Korea has a very high level of broadband penetration.
Overall, Korea’s results have not changed significantly, and in the 2013 Scorecard, the country’s ranking holds steady at 8th.
2013 Rank 9. Canada - Score: 75.8 | Change from 2012 Score: +5.42 - Rank: +3
Canada is a world leader in ICT adoption and innovation and has played a leading role in the development of international standards. It has a strong commitment to free trade and interoperability.
Canada also has very strong privacy and e-commerce laws, although no modern cybercrime laws are in place.
In 2012 Canada finally passed new copyright laws (at the fourth attempt). These laws provide appropriate protection for online material and will allow Canada to ratify the WIPO Copyright Treaty. This development is the major change between the 2012 and 2013 reports in Canada.
Although Canada does not have a cohesive and funded National Broadband Plan in place, the existing level of broadband penetration is quite high and the country continues to improve broadband access in regional areas.
Canada’s updated IP laws and improved infrastructure helped improve its ranking by three spots — to 9th place in the 2013 Scorecard.
2013 Rank 10. Italy - Score: 75.5 | Change from 2012 Score: -1.1 - Rank: -4
Italy has strong cybercrime laws and strict privacy laws in place. Like many EU countries, Italy's privacy law includes onerous registration requirements that appear unnecessary.
Italy’s copyright law also provides adequate protection for cloud computing services, although some uncertainty remains in relation to the enforcement of copyright breaches in practice. Unfortunately, the long anticipated regulations on ISP liability in Italy were dropped in 2012, and this has had a small negative impact on Italy’s score in the 2013 report.
Italy has modern electronic signature laws and electronic commerce laws, and Italy is committed to international standards and interoperability.
One risk in Italy is that limited Internet censorship is in place, including mandatory ISP-level filtering for certain content.
Italy has a moderate level of broadband penetration, and the “Italia Digitale” Plan aims to further bridge the digital divide.
Italy is one of just three countries whose overall score fell in the 2013 Scorecard, and the country’s ranking slipped four spots — from 6th to 10th.
2013 Rank 11. Spain - Score: 73.7 | Change from 2012 Score: -0.18 - Rank: -2
Spain has comprehensive privacy legislation in place, although it relies heavily on a data registration process that could act as a barrier for cloud computing services.
Spain has up-to-date cybercrime legislation and has ratified the Convention on Cybercrime. Spain also has comprehensive electronic commerce and electronic signature legislation, and ISPs are free from any Internet filtering or censorship.
Some minor gaps exist in intellectual property protection, especially regarding ISP liability. ?Spain is a very active participant in international forums and supports international standards development and interoperability.
Spain is one of just three countries whose score falls in the 2013 Scorecard (by just two-tenths of a point), and the country falls two spots in the rankings — to 11th.
2013 Rank 12. Poland - Score: 72.0 | Change from 2012 Score: +1.35 | Rank:- 1
Poland has up-to-date laws in place for privacy, electronic signatures, electronic commerce, and cybercrime. These laws provide a good platform for promoting confidence in cloud computing and the digital economy.
Poland also has one of the most comprehensive regimes for the protection of intellectual property, including specific rules for ISP liability. However, some gaps still exist in enforcement, and Poland has recognized that intellectual property enforcement requires greater skills and resources.
Poland promotes innovation and interoperability and has non-discriminatory policies in place for government procurement.
Broadband penetration remains slightly below the European average, but there are signs of improvement.
Small increases in Poland’s privacy and infrastructure scores were not enough to keep pace with changes in other countries, and Poland slips from 11th to 12th in the 2013 Scorecard rankings.
2013 Rank 13. Malaysia - Score: 69.5 | Change from 2012 Score: +10.3 - Rank: same
Malaysia has modern electronic signature laws and electronic commerce laws, and it introduced new privacy laws in 2010 (which came into force on January 1, 2013). These measures provide a strong level of protection for the digital economy and cloud computing in Malaysia.
In 2012, Malaysia updated and strengthened its copyright laws in accordance with international standards and signed the WIPO Copyright Treaty. This significant development resulted in a large increase of Malaysia’s score in the 2013 scorecard.
Malaysia has a moderate level of broadband penetration. It has committed to a target of providing 75 percent of households with access to high-speed broadband by 2015.
Malaysia made the biggest jump in the Scorecard scale — picking up more than 10 points for its policy and infrastructure improvements. Malaysia’s overall ranking remains unchanged at 13th, but with its increased score the country crosses the sharp divide between advanced economies and countries that continue to develop their cloud policy frameworks.
2013 Rank 14. Russia - Score: 59.1 | Change from 2012 Score: 4.76 - Rank: +2
Russia has a patchwork of laws that apply to the digital economy and cloud computing, and these laws contain significant gaps and limitations. For example, its laws on privacy and cybercrime do not follow recognized international standards.
In 2012 Russia introduced new Internet filtering and censorship regulations that are likely to act as a significant barrier to cloud computing. Russia also mandates the use of certain products and software in government procurement opportunities.
However, in a major positive development, Russia joined the WTO in 2012 and began the process of updating its copyright laws to align with international best practice. Russia also removed tariffs that were acting as trade barriers for cloud service providers.
Broadband penetration in Russia continues to increase steadily.
Overall, Russia’s score increases significantly in the 2013 Scorecard. The negative impact of the new censorship regime was outweighed by the positive impact of the copyright and trade developments, and the country’s ranking improved by two spots — from 16th to 14th.
2013 Rank 15. Mexico - Score: 56.9 | Change from 2012 Score: +0.53 - Rank: -1
Mexico has implemented many relevant cyberlaws, including privacy legislation, rules on data breach notification, and up-to-date cybercrime legislation.
Intellectual property laws in Mexico generally meet international standards, but enforcement action is rare and the bar is set very high for prosecution. Considerable improvement is required to gain confidence in intellectual property protection in Mexico.\
Mexico is also one of the few countries in the study group that retains domestic preferences in government ICT procurement opportunities.
Internet use and broadband penetration remain very low in Mexico, and the country continues to face challenges in delivering a modern ICT infrastructure that can facilitate cloud computing.
Overall, Mexico’s results did not change significantly in the 2013 Scorecard, and the country’s rank slipped one spot to 15th.
2013 Rank 16. Argentina - Score: 56.5 | Change from 2012 Score: +1.36 - Rank: -1
Argentina is committed to developing a strong ICT industry and updating its laws to facilitate cloud computing. Effective laws on cybercrime, electronic signatures, and data protection are already in place, although the implementation and enforcement of data protection regulation are limited.
However, Argentina’s laws on intellectual property have not kept pace with modern technology. There is no direct coverage of important issues such as the unauthorized “making available” of copyright material online. Argentina also has a poor track record of enforcing copyright laws, with lengthy court delays and few prosecutions. Some gaps also exist in the important areas of standards development and technology-neutral and non-discriminatory government procurement of ICT.
There were no major changes in Argentina’s results between the 2012 and the 2013 reports.
Argentina’s national broadband plan, “Argentina Conectada,” aims to ensure that all Argentinians have access to high-speed Internet. One goal is for more than 10 million homes to have broadband access by 2015, and Argentina is making good progress toward that goal.
Overall, the improvements in Argentina’s cybercrime laws and infrastructure statistics helped it move up one spot in the rankings to 16th.
2013 Rank 17. India - Score: 53.1 | Change from 2012 Score: +3.11 - Rank: +2
India is an important regional economy, with a strong interest in ICT services development. The law in India has not entirely kept pace with developments in cloud computing, and some gaps exist in key areas of protection; notably, India has not yet implemented effective privacy legislation.
India’s cybercrime legislation also requires updating to conform to international models. Some laws and standards in India are not technology neutral (e.g., electronic signatures), and these may be a barrier to interoperability.
However, in 2012, India finally updated its copyright laws to cover modern copyright issues such as rights management information and technical protection measures. India is now expected to ratify the WIPO Copyright Treaty. This makes a significant positive impact on India’s score in the 2013 report.
The development of India’s technology sectors remains challenging, with low levels of broadband and personal computer penetration.
Overall, India’s ranking in the 2013 Scorecard improved by two spots — from 19th to 17th — based on its updated intellectual property laws and enhancements to its infrastructure.
2013 Rank 18. Turkey - Score: 52.4 | Change from 2012 Score: +0.31 - Rank: -1
Turkey continues to have some gaps in its coverage of basic cyberlaws. For example, there is currently no data protection law in Turkey.
Turkey also has rules on Internet content regulation in place that may act as a barrier to cloud services. The enforcement of cybercrime laws remains weak, and there is some concern that the penalties imposed for Internet crimes are not an effective deterrent.
Intellectual property protection in Turkey is reasonably up to date, but enforcement is patchy.
Turkey is making progress toward integration with the European and international communities, but some domestic preferences are still in place for government procurement opportunities.
The government has an ambitious target of providing fast broadband to 95% of households by 2020. However, Turkey faces significant challenges in reaching this goal.
Turkey made minor improvements to its infrastructure score in the 2013 Scorecard, but its policy environment remains largely unchanged. Its ranking falls one spot — to 18th.
2013 Rank 19. China - Score: 51.5 | Change from 2012 Score: +4.02 - Rank: +2
China has a strong interest in ICT innovation and development. However, these goals are hindered by poor enforcement of intellectual property rights and the continued promotion of indigenous innovation policies that discriminate against foreign technology companies.
China has signed the UN Convention on Electronic Contracting and has applied to accede to the WTO Agreement on Government Procurement. China has also enacted strong cybercrime laws and greatly improved intellectual property laws, and while enforcement deficiencies remain significant they are also gradually improving.
In 2012, China introduced the first elements of a national level privacy regulation. This Guideline is new and has not yet been fully implemented, but it may help improve trust and confidence in cloud computing and the digital economy in China.
The extensive regulation of Internet content, including mandatory Internet filtering and censorship, remains a key issue in China. A foreign company also has to enter into a joint venture with a Chinese domestic partner to be eligible to apply for an Internet Content Provider license in order to provide cloud services in China.
China has made significant progress with respect to broadband coverage and in June 2012 adopted an ambitious national broadband plan to meet the predicted 800 million internet users there will be in China in 2015.
Overall China's results improved between the 2012 report and the 2013 report, thanks to improvements in privacy regulation and continued progress in ICT infrastructure.
2013 Rank South Africa - Score: 51.3 | Change from 2012 Score: +0.82 - Rank: -2
South Africa has some useful laws in place for cybercrime and electronic commerce but is in danger of falling behind international best practice in other key areas.
South Africa does not yet have privacy legislation in place. Draft legislation was supposed to be considered in 2012, but it has been delayed. Some limited Internet filtering and censorship also occurs, which may inhibit development of the digital economy.
South Africa has only very basic copyright laws, which are not aligned with current international best practice, and the country has not signed the WIPO Copyright Treaty.
Another potential barrier in South Africa is the existence of a complex system of domestic preferences in government procurement opportunities.
South Africa has low levels of broadband penetration and continues to face ICT infrastructure challenges.
Minor improvements in South Africa’s infrastructure were not accompanied by any policy changes, and the country falls two spots in the 2013 Scorecard rankings to 20th.
2013 Rank 21. Indonesia - Score: 48.4 | Change from 2012 Score: -1.25 - Rank: -1
Indonesia continues to update and reform laws and regulations in the ICT sector, and the result is not always positive for cloud computing. In 2012 Indonesia introduced a new regulation to complement its existing electronic commerce laws. The new regulation is positive in some areas, such as the introduction of strengthened privacy rules. However, in other areas the regulation introduces significant barriers for cloud service providers. It includes provisions requiring providers to register their services with a central authority and rules that will force some providers to establish local data centers and hire local staff.
Copyright law in Indonesia is now closely aligned with international models. However, some concerns remain regarding resources for investigating and enforcing copyright protections. The law remains uncertain regarding the exact role and liability of ISPs in relation to copyright breaches.
Indonesia has not yet developed effective laws and policies regarding interoperability, free trade, and government procurement.
Broadband penetration rates in Indonesia remain low, although the government continues to work to increase “meaningful” broadband penetration.
Overall, Indonesia’s results dropped slightly in the 2013 Scorecard, as the positive developments in privacy law were outweighed by negative results in relation to free trade. The country’s ranking fell one spot from 20th to 21st.
Note: Indonesia’s infrastructure score was adjusted by -0.75 in the 2013 Scorecard due to a calculation correction from the 2012 Scorecard.
2013 Rank 22. Brazil - Score: 44.1 | Change from 2012 Score: +9.03 - Rank: +2
Brazil is a fast-growing economy that recognizes the importance of ICT and the digital economy. However, some gaps in law and regulation have acted as barriers to ICT innovation in Brazil.
For example, no privacy legislation is in place, and Brazil has some gaps in intellectual property protection. Brazil has not signed the WIPO Copyright Treaty and has not updated its copyright laws to cover new technology. Online piracy in Brazil is widespread, and prosecutions are rare. Significant court delays add to the problems facing copyright holders in Brazil.
Brazil finally passed modern cybercrime legislation in 2012, and this has had a very positive impact on its score in the 2013 report.
Brazil continues to make good progress in the implementation of its National Broadband Plan — Programa Nacional de Banda Larga (PNBL) — and its broadband penetration remains the highest in South America.
Based on the changes to its cybercrime and IP laws and improved infrastructure, Brazil moved up two spots to 22nd in the 2013 Scorecard rankings.
2013 Rank 23. Thailand - Score: 44.0 | Change from 2012 Score: +1.14 - Rank: -1
Thailand’s laws and policies in relation to cloud computing and the digital economy are patchy, with strengths in some areas and significant gaps and weaknesses in others.
Thailand has implemented comprehensive cybercrime legislation, which helps to enhance confidence in ICT. Thailand also has good laws in place for electronic commerce and electronic signatures.
However, Thailand has no privacy laws in place, and this is a major weakness.
Thailand’s intellectual property laws also require significant updating and expansion, as they do not currently cover rights management information, technical protection measures, or anti-circumvention.
Additional risks in Thailand include mandatory Internet censorship (some of which is clearly political in nature) and filtering and some technology mandates.
Overall, Thailand’s results have not changed significantly between the 2012 and 2013 Scorecards but the country’s ranking has slipped one spot to 23rd.
2013 Rank 24. Vietnam - Score: 40.1 | Change from 2012 Score: +0.54 - Rank: -1
Vietnam continues to develop relevant cyberlaws that will enhance confidence in the digital economy and facilitate cloud computing. However, gaps still exist in key areas.
Modern laws are in place for electronic commerce, electronic signatures, and intellectual property. However, only very limited laws are in place for cybercrime and privacy, and these would require significant expansion to align Vietnam with international models.
An additional risk is that Vietnam has not yet developed appropriate laws and policies on interoperability and government procurement. However, of greater concern is that Vietnam is in the process of erecting some trade barriers may hamper the development of cloud computing and the digital economy, including a Draft Decree on IT Services and a Draft Decree on the management, Provision and Use of Internet Services and Information on the Network. These decrees may require cloud service providers to establish a presence and locate servers in Vietnam, as well as other onerous registration and licensing requirements.
Broadband penetration in Vietnam remains low, although there has been very strong growth in a number of key infrastructure indicators.
Overall, Vietnam's results have not changed significantly in the 2013 Scorecard, but the country's ranking has slipped one spot — to 24th.