Why? Data Journey How We Score Roadmap

GLARS Scoring Methodology

Understanding GLARS (Geo-Legal Access Risk Score)

The Geo-Legal Access Risk Score (GLARS) is a comprehensive metric developed to quantify jurisdictional risks associated with data storage, processing, and transfer. GLARS evaluates legal frameworks, government access powers, and geopolitical factors to provide an objective risk assessment.

The GLARS score ranges from 0-100, with higher scores indicating greater jurisdictional risk:

Low Risk
0-33
Medium Risk
34-66
High Risk
67-100

GLARS Components

The GLARS score is calculated based on seven critical components, each measuring a different aspect of jurisdictional risk:

Judicial Oversight

80

Measures the independence and effectiveness of judicial controls on government data access. Lower scores indicate stronger judicial safeguards.

Agency Powers

75

Evaluates the scope and limitations of government agencies' authority to access private data, including national security exceptions.

Technical Requirements

45

Assesses mandatory technical measures like encryption backdoors, key escrow, or local data storage requirements.

Extraterritoriality

85

Measures how aggressively a jurisdiction extends its legal reach beyond its borders to access data stored elsewhere.

Transparency

55

Evaluates public visibility into government data requests, including reporting requirements and notification processes.

Embargo Impact

90

Assesses how international embargoes affect data flows and service provision in the jurisdiction.

Sanction Severity

85

Measures the impact of international sanctions on data processing and transfer capabilities.

GLARS Calculation Formula

The GLARS score is calculated using a weighted average of component scores:

GLARS = (JO × 0.20) + (AP × 0.20) + (TR × 0.15) + (EX × 0.15) + (TR × 0.10) + (EI × 0.10) + (SS × 0.10)

Where:

  • JO = Judicial Oversight score
  • AP = Agency Powers score
  • TR = Technical Requirements score
  • EX = Extraterritoriality score
  • TR = Transparency score
  • EI = Embargo Impact score
  • SS = Sanction Severity score

Risk Categories

Legal Framework Risk

Evaluates the legal structures governing data access, considering:

  • Surveillance laws and limitations
  • Requirements for warrants or court orders
  • Legal principles like data localization
  • Cross-border data sharing agreements
Contribution to overall score: 40%

Embargo Risk

Assesses restrictions on data flows due to international trade restrictions:

  • Impact of country-specific embargoes
  • Restrictions on technology transfer
  • Export control requirements
  • Conflict with blocking statutes
Contribution to overall score: 30%

Sanctions Risk

Evaluates the impact of international sanctions on data processing:

  • Designated party screening requirements
  • Service restriction obligations
  • Financial transaction limitations
  • Technology export prohibitions
Contribution to overall score: 30%

Data Sources

GLARS components are calculated using a combination of:

  • Analysis of national legislation and case law
  • Legal scholarship and expert assessments
  • Transparency reports from major technology companies
  • International sanctions and embargo databases
  • Historical compliance enforcement patterns
  • Technical requirements for data systems by jurisdiction

Our methodology is continuously refined to incorporate the latest legal developments and international relations changes that impact data governance.