Cloud Computing Scorecard Praises Advances, and REALLY Dislikes Russia’s Data Localization Law


Most countries have continued to strengthen their privacy regimes and make data security a high priority, according to a recently-released report on cloud computing readiness.

The Business Software Alliance (BSA) released its first cloud computing scorecard in three years, finding many positives changes in the cloud computing policy environment since 2013.

Japan received the highest overall score, with the U.S. not far behind in second place. Canada received the highest score in data privacy for its comprehensive privacy regime, and has the distinction of the most improved overall ranking. Japan also received the highest score for data security.

BSA created its scores using a seven-factor index, including ensuring privacy and promoting security. 

The “ensuring privacy” metric emphasizes the balancing of information privacy with the ability to efficiently move data through the cloud. Countries that score well in this category have comprehensive privacy regimes and promote the transfer of data across borders. In addition to Canada, South Korea, Japan and South Africa scored well in this category.

The report called out Brazil, Thailand and Turkey for not having any comprehensive laws in place, and criticized Russia for its prescriptive data localization requirements.

The “promoting security” factor is based on users’ confidence that cloud providers can properly manage risks while giving service providers the flexibility to choose which technologies to use to achieve that goal. BSA looked at criteria related to the status of e-signature laws and Internet censorship laws.

In addition to Japan, the report ranked France, Italy, U.K. and U.S. highly in the security section. Malaysia and Vietnam received the lowest security scores. Russia was called out for its data localization laws in the security section also.

Overall, the report placed a lot of emphasis on free trade. 

It included a positive case study on data sharing rules in the Trans-Pacific Partnership, lauding the TPP as “an important step in the right direction” as the first multilateral trade agreement to create rules for cross-border data flows.

The report’s other case study called out Russia (again) for its data localization laws.

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.