CITC publishes in-depth study on the legislative and regulatory status of cloud computing worldwide

Riyadh, The Communications and Information Technology Commission (CITC) released a study, outlining the legislative and regulatory status of cloud computing at a global level. This study, which benchmarks Saudi Arabia against ten other countries and regions, comes at a crucial time given the global trend towards digitalization and data usage caused by the COVID-19 pandemic, and the recent announcements that Google and Alibaba will work with Saudi entities to create cloud networks in the Kingdom.
Cloud computing will play a role in building the new digital economy and healthy competition, facilitated by proper regulation, will encourage innovation. The study mentions a tech innovation “arms race”, a result of intense competition between major cloud service providers, which has helped foster a better technology ecosystem to the benefit of partners, enterprises and consumers.
Among the countries surveyed, Kingdom of Saudi Arabia is one of the earliest to adopt specific regulations for cloud service providers. The Cloud Computing Regulatory Framework (CCRF), produced by CITC, clearly describes the governance of responsibility between service providers and the customer. In addition, the commission compiled the Guide for Cloud Service Providers, laying out the registration requirements for cloud providers.
In terms of data protection, three Saudi government agencies are in close cooperation to classify data, protect national security and interests and safeguard public data. These are CITC, the National Data Management Office (NDMO) and the National Cybersecurity Authority (NCA). The NCA has made a partnership with the International Telecommunication Union (ITU) to build on two initiatives launched by HRH Crown Prince Mohammed bin Salman. The first initiative focuses on constructing a global platform to protect children in cyberspace and the second will empower women in cybersecurity by helping them obtain the education and necessary qualifications to participate effectively in this sector.
In October 2020, the Saudi Ministry of Communications and Information Technology published and implemented the Kingdom’s Cloud First Policy, intended to encourage government entities to adopt cloud services in place of traditional IT solutions. The policy, which falls in line with the digital transformation under the Kingdom of Saudi Arabia’s Vision 2030, seeks to increase quality of service by using more innovative solutions across government services, reduce total cost of ownership by improving IT utilization and removing duplication in government spend, improve cybersecurity robustness and enable interoperability between authorities.
The study highlights the benefits of cloud services and the different types of cloud networks, including private, public, community and hybrid cloud services. The key benefits of cloud computing are also described, cost reduction, scalability, disaster recovery and control over user data. The countries and regions included are the Kingdom of Saudi Arabia, United Kingdom, United States, South Korea, Japan, European Union, Bahrain, Germany, Nordics (Denmark, Sweden and Norway), Benelux (Belgium, Netherlands and Luxembourg) and Australia.


Source: Saudi Press Agency