Galexia

BSA & Galexia Global Coud Computing Scorecard (2018) - Galexia Analytics Release

9. Scoring Methodology (updated for the 2018 Scorecard)

The Scorecard is derived from the 24 Country Summaries (including historic scores and ranks), which are available online at www.bsa.org/cloudscorecard. Using these results, a weighted score has been allocated to a selection of key questions. A number of basic fact-finding questions are excluded from the scoring system. Each group of questions is weighted to reflect its importance to cloud computing. Each individual question is also weighted to reflect its importance within each group. The weights are shown in the following table:

#

Theme / Question

Weight

Value out of 100

A

DATA PRIVACY

12.5%

12.5

1.1.

Is a data protection law or regulation in place? 

30%

3.75

1.5.

Is the data protection authority enforcing the data protection law or regulation in an effective and transparent manner? 

20%

2.5

1.6.

Is the data protection law or regulation compatible with globally recognized frameworks that facilitate international data transfers?

10%

1.25

1.7.

Are data controllers free from registration requirements? 

10%

1.25

1.9.

Are cross border data transfers free from arbitrary, unjustifiable or disproportionate restrictions, such as national or sector-specific data or server localization requirements? 

10%

1.25

1.10.

Is there a personal data breach notification law or regulation? 

10%

1.25

1.11.

Are personal data breach notification requirements transparent, risk-based and not overly prescriptive? 

10%

1.25

B

SECURITY

12.5%

12.5

2.1.

Is there a national cybersecurity strategy in place? 

20%

2.5

2.2.

Is the national cybersecurity strategy current, comprehensive and inclusive? 

20%

2.5

2.3.

Are there laws or appropriate guidance containing general security requirements for cloud service providers? 

10%

1.25

2.4.

Are laws or guidance on security requirements transparent, risk-based and not overly prescriptive? 

20%

2.5

2.5.

Are there laws or appropriate guidance containing specific security audit requirements for cloud service providers that take account of international practice? 

10%

1.25

2.6.

Are international security standards, certification and testing recognized as meeting local requirements? 

20%

2.5

C

CYBERCRIME

12.5%

12.5

3.1.

Are cybercrime laws or regulations in place? 

40%

5

3.2.

Are cybercrime laws or regulations consistent with the Budapest Convention on Cybercrime? 

20%

2.5

3.3.

Do local laws and policies on law enforcement access to data avoid technology specific mandates or other barriers to the supply of security products and services? 

20%

2.5

3.4.

Are arrangements in place for the cross border exchange of data for law enforcement purposes that are transparent and fair? 

20%

2.5

D

INTELLECTUAL PROPERTY RIGHTS

12.5%

12.5

4.1.

Are copyright laws or regulations in place that are consistent with international standards to protect cloud service providers?

20%

2.5

4.2.

Are copyright laws or regulations effectively enforced and implemented?

20%

2.5

4.3.

Is there clear legal protection against misappropriation of trade secrets? 

10%

1.25

4.4.

Is the law or regulation on trade secrets effectively enforced? 

10%

1.25

4.5.

Is there clear legal protection against the circumvention of Technological Protection Measures? 

10%

1.25

4.6.

Are laws or regulations on the circumvention of Technological Protection Measures effectively enforced? 

10%

1.25

4.7.

Are there clear legal protections in place for software implemented inventions? 

10%

1.25

4.8.

Are laws or regulations on the protection of software implemented inventions effectively implemented? 

10%

1.25

E

STANDARDS AND INTERNATIONAL HARMONIZATION

12.5%

12.5

5.1.

Is there a regulatory body responsible for standards development for the country? 

10%

1.25

5.2.

Are international standards favored over domestic standards? 

20%

2.5

5.3.

Does the government participate in international standards setting process? 

10%

1.25

5.4.

Are e-commerce laws or regulations in place? 

30%

3.75

5.6.

Is there a law or regulation that gives electronic signatures clear legal weight? 

10%

1.25

5.7.

Are cloud service providers free from mandatory filtering or censoring? 

20%

2.5

F

PROMOTING FREE TRADE

12.5%

5

6.1.

Is a national strategy or platform in place to promote the development of cloud services and products? 

20%

2.5

6.2.

Are there any laws or policies in place that implement technology neutrality in government? 

10%

1.25

6.3.

Are cloud computing services able to operate free from laws or policies that either mandate or give preference to the use of certain products services, standards or technologies? 

20%

2.5

6.4.

Are cloud computing services able to operate free from laws, procurement policies or licensing rules that discriminate based on the nationality of the vendor, developer or service provider? 

20%

2.5

6.5.

Has the country signed and implemented international agreements that ensure the procurement of cloud services is free from discrimination? 

10%

1.25

6.6.

Are services delivered by cloud providers free from tariffs and other trade barriers? 

10%

1.25

6.7.

Are cloud computing services able to operate free from laws or policies that impose data localization requirements? 

10%

1.25

G

IT READINESS AND BROADBAND INFRASTRUCTURE

25%

25

7.1.

Is there a National Broadband Plan?

10%

2.5

7.2.

Is the National Broadband Plan being effectively implemented? 

10%

2.5

7.4.7.

Personal Computers (% of households) (2015)
- Average for all countries in this scorecard: 63%

5%

1.25

7.5.1.

ITU ICT Development Index (IDI) (2016)
(Score is out of 10 and covers 175 countries)
- Average for all countries in this scorecard: 6.58

20%

5

7.5.2.

World Economic Forum Networked Readiness Index (NRI) (2016)
(score is out of 7 and covers 139 countries)
- Average for all countries in this scorecard: 4.77

20%

5

7.6.2.

Internet Users (& of population) (2015)
- Average for all countries in this scorecard: 67%

5%

1.25

7.6.3.

International Internet Bandwidth (2015) (total gigabits per second (Gbps) per country)
- Total for all countries in this scorecard: 117,736 Gbps

5%

1.25

7.6.4.

International Internet Bandwidth (bits per second (bps) per internet user) (2015)
- Average for all countries in this scorecard: 97,747 bps

5%

1.25

7.7.5.

Average Broadband Data Connection Speed (Q1 2017) (total megabits per second (Mbps) per country)
- Average for all countries in this scorecard: 12 Mbps
- Average peak for all countries in this scorecard: 70 Mbps

5%

1.25

7.8.3.

Proportion of Fiber-to-the-home/building (FttX) Internet Subscriptions (% of fixed broadband subscriptions) (2015) 
- Average for all countries in this scorecard: 23%

5%

1.25

7.9.3.

Active Mobile Broadband Subscriptions (% of population) (2015) 
- Average for all countries in this scorecard: 77%

5%

1.25

7.9.4.

Average Mobile Data Connection Speed (Q1 2017) (total megabits per second (Mbps) per country)
- Average for all countries in this scorecard: 11 Mbps

5%

1.25



[ Galexia Dots ]