Composite Score
64.4
out of 100
Morocco places in Tier 1 of the ITU Global Cybersecurity Index 2024 — a role-modelling posture across the legal, technical, organizational, capacity-development, and cooperation pillars. A comprehensive data-protection statute is in force, and a designated supervisory authority is identified in the IAPP Global Privacy Directory. On the question of artificial intelligence policy, a national AI policy is registered in the OECD AI Policy Observatory; on the question of open-government practice, Morocco is a member of the Open Government Partnership. Domestic data-center capacity is substantial — the country sits within the top tier of physically-installed compute observed in the public datasets, and foundational digital identity coverage is developing — the World Bank ID4D dataset records meaningful issuance with gaps. The country has ratified the original Council of Europe Convention 108.
With a composite of 64.4 out of 100, Morocco sits at rank 45th out of the 194 States surveyed in Edition 0. The country's strongest pillar at this Edition is Technical & Operational Safeguards, scoring 7.7 out of 10; its thinnest is Sovereign Haven Infrastructure, at 5.4 out of 10. Within the MENA region, Morocco sits above the regional average composite of 44.3. The pillar pattern is the substantive material the Charter invites the State to engage with — neither a leaderboard position, nor a final verdict, but a structured picture of where the open-source record is full and where it remains to be built.
On the side of what helps: ratification of the original Council of Europe Convention 108 provides a multilateral data-protection commitment; a comprehensive data-protection statute supplies the domestic statutory foundation; the designated supervisory authority is identified in the IAPP Global Privacy Directory and provides an institutional channel for enforcement; an ITU Global Cybersecurity Index Tier 1 posture indicates a serious and matured technical-and-organizational implementation of cyber capacity; a national AI policy registered in the OECD AI Policy Observatory provides a published baseline against which Article 6 of the Charter can be tested; Open Government Partnership membership provides a formal venue for civil-society scrutiny. On the side of what has not yet been done: there is no public registry of access requests under the capital-crime exception, leaving the question of compulsory access opaque to citizens and to international observers.
The complete IDSI Edition 0 (2026) report — methodology, sources, sub-indicators for all 194 States.
Get the full IDSI Edition 0 (2026) reportStates, civil-society organizations, and individuals may request a re-evaluation of any entry. The Custodian commits to a written response within thirty days.
Request a re-evaluation of Morocco's entryWhat Morocco is currently doing on data sovereignty. The links below lead to government databases, international legal trackers, and contemporaneous news. They are the public record from which the Custodian’s scoring is drawn — and the starting point for any reader seeking to understand the country’s posture in depth.
All links open in a new tab. The Custodian does not control these third-party sites and is not responsible for their content. If you find a more authoritative government source for any item above, please let us know via the re-evaluation form below — we will update the page within thirty days.
Submissions are received under the standing Correction Notice protocol. Provide as much public-source detail as you can — the Custodian re-scores from open-source evidence, not from claim alone.
Standing Correction Notice — the State of Morocco may request, in writing, the publication of a corrected entry within thirty days of any factual error. Edition 0 entries are derived from the open-source record only; nothing on this page is offered as a verdict, and the Initiative welcomes engagement that improves accuracy.