Transforma logo

New Transforma Insights Regulatory Database catalogues the ‘DNA of Regulations’ for enterprise Digital Transformation

AUG 17, 2023
region: ALL vertical: ALL Internet of ThingsHyperconnectivityArtificial IntelligenceDistributed Ledger3D Printing and Additive ManufacturingAutonomous Robotic SystemsData Sharing

Leading analyst firm Transforma Insights unveils regulatory database covering disruptive technologies such as Artificial Intelligence and the Internet of Things. It builds on the regulatory framework outlined in the report ‘The DNA of Regulations for Digital Transformation’.

Technology industry analyst firm Transforma Insights has launched a new product, the ‘Transforma Insights Regulatory Database’, to help enterprises and technology vendors navigate their way through the increasingly complex regulatory environments associated with enterprise digital transformation. At launch the database will include country-by-country regulations for eighteen key countries, covering three key areas of technology: Artificial Intelligence, Internet of Things and Hyperconnectivity. It will be subsequently expanded to include a broad range of technology areas under the umbrella of enterprise digital transformation, including topics such as Data Sharing, Privacy and Distributed Ledger and also with the inclusion of more countries within scope.

The underlying structure of the database follows a framework laid out in the Transforma Insights report ‘The DNA of Regulations for Digital Transformation’ which identifies a long list of key aspects of enterprise digital transformation initiatives that are often subject to laws, regulations, licensing regimes, and other restrictions around the world. The resulting ‘DNA of Regulations’ is comprised of eight categories, as illustrated below.


Report author and Founding Partner of Transforma Insights Jim Morrish comments “Regulations that might apply to digitally transformative applications and solutions are diverse in nature. Technologies that underpin digital transformation enable a complex range of applications and solutions that often draw data from multiple domains, often rely on regulated connectivity, and often interface with private individuals. Consequently, many digitally transformative solutions will need to satisfy regulatory provisions originating from multiple domains, along with a new generation of regulations specifically intended to control new and emerging technologies such as AI”.

Paras Sharma, Transforma Insights Lead Analyst responsible for the research added: “Regulations that apply in the context of enterprise Digital Transformation form an incredibly complex patchwork that varies by country and often with multiple overlapping regulations in different countries. The Transforma Insights Regulatory Database allows for quick and efficient navigation of this environment by using the ‘DNA of Regulations’ framework to identify regulations that might impact specific aspects of any digitally transformative solution.

The ‘DNA of Regulations’

Transforma Insights has detailed the key aspects of regulations (the ‘DNA of Regulations’) that apply in a range of new and emerging technology domains, such as the Internet of Things, Hyperconnectivity, Artificial Intelligence, Data Sharing, Distributed Ledger, Additive Manufacturing, and Autonomous Robotic Systems. A further domain relates to Privacy, which will often need to be considered alongside any technology-specific regulations.

The framework includes a three-level hierarchy consisting of mostly technology groups, intermediate groups of regulatory aspects, and the identified regulatory aspects themselves.

The regulations in each of the technology domains are as follows:

  • Internet of Things (IoT): In terms of IoT, the framework is dominated by the concept of security, including regulations that aim to ensure that IoT solutions and associated data are managed in a secure way over their lifecycle. We have described 14 key aspects of regulations as they apply to IoT solutions across five groups, including three groups relating to IoT Security (Concept, Live Operations, and Context), a fourth group relating to standards, and a fifth ‘General’ group.
  • Hyperconnectivity: The ‘Hyperconnectivity’ category relates to the provision of telecommunications networks and services. Regulations are mostly focussed on cellular wireless networks, with some elements relating to licence-exempt IoT connectivity technologies and also fixed-line PSTN (Public Switched Telephone Network) provision. In total, we have identified 18 aspects of regulations and divided them into three groups (Roaming, Spectrum, and Other).
  • Artificial Intelligence (AI): Currently, there are very few regulations related to AI in force around the world, although various significant AI regulations are in the making. For instance, the US has set out guidelines for future AI regulations, and the UK and China have published principles of regulations for AI, with invitations for feedback. The EU is currently finalising draft regulations. Hence, in the ‘DNA of Regulations’, we have drawn from draft regulations and proposals that have not yet been implemented. We have included 17 aspects across three groups (Concept, Live Operations, Context).
  • Data Sharing: In the context of a ‘DNA of Regulations’, Data Sharing refers to some level of enforcement or regulatory support for sharing of data and data sovereignty. We have identified six different aspects of regulations regarding the same. 
  • Distributed Ledger: Regulations about Distributed Ledger mostly focus on the subset of this technology group that is related to crypto assets. Otherwise, regulations are related to ESG (Environmental, Sustainability, and Corporate Governance) reporting for distributed ledger solutions and the legal validity of smart contracts. In our ‘DNA of Regulations’ we have detailed six aspects of regulations for distributed ledger.
  • Additive Manufacturing: Although, regulations related to Additive Manufacturing are few, objects manufactured through this technique must satisfy existing regulations that would apply to a traditionally manufactured equivalent object. In our report, we have detailed two aspects of regulations, relating to their use in medical contexts and the use of such techniques to produce objects that are themselves regulated (such as firearms).
  • Autonomous Robotic Systems: Regulations relating to Autonomous Robotic Systems are generally aimed at ensuring safety in contexts where such systems could potentially interact with humans, but also include the use of AI to enable evolving functionality and provisions for reliability. Our ‘DNA of Regulations’ report details six key aspects of relevant regulations.
  • Privacy: In recent years, regulators around the world have increasingly engaged with privacy and personal data governance. Privacy-related regulations are not typically associated with any specific technology, but they become relevant when end-users interact with applications in ways, where ‘personal’ information may be collected and/or processed. In our ‘DNA of Regulations’, we have listed 15 aspects of Privacy regulations across three groups (Concept, Live Operations, Context).

About the Database

The Transforma Insights Regulatory Database includes analysis of regulations using the ‘DNA of Regulations’ framework noted above. The Regulatory Database includes analysis of specific regulations and also the regulatory environment in specific countries.

Currently, the database includes regulations related to the Internet of Things, Hyperconnectivity and Artificial Intelligence technologies. It covers 18 key markets (Australia, Brazil, Canada, China, France, Germany, India, Indonesia, Italy, Japan, Mexico, Netherlands, Saudi Arabia, South Korea, Spain, Turkey, the United Kingdom, and the United States) as well as supra-national regulations and relevant other initiatives in the EU, G7 and globally. In the coming months, it will expand to include other technology domains as discussed above, as well as additional countries.

The Transforma Insights Regulatory Database is comprised of three main views, providing:

  • A detailed analysis of the regulations in force in any given country using the standardised ‘DNA of Regulations’ framework.
  • Summaries of individual laws, regulations, licencing regimes and other provisions that are in force.
  • A facility to compare regulations across different territories in the context of any individual element of the ‘DNA of Regulations’.

The database is searchable by country and by each of the identified regulatory aspects. Where appropriate, the database also includes links to published regulations and other guidelines.

Regulation Database Screenshot.png

In some cases, the regulatory approaches that we have identified in both the report and the database are at a relatively early stage and exist in the form of draft regulations, regulatory proposals for comment, or voluntary codes. These are included since service providers should ideally consider any provisions of draft and proposed regulations alongside those of regulations that are already in force.

The Database is available to all subscribers to Transforma Insights’ Advisory Service.

About the report

The ‘DNA of Regulations for Digital Transformation’ report identifies the ‘DNA of Regulations’ in the context of enterprise digital transformation. The report identifies a long list of key aspects of different regulations that are in force around the world based on detailed analysis of relevant regulations. These key aspects are documented in the ‘DNA of Regulations’ report along with specific examples drawn from the Transforma Insights Regulatory Database.

We have provided relevant regulatory aspects for seven emerging technologies (Internet of Things, Hyperconnectivity, Artificial Intelligence, Data Sharing, Distributed Ledger, Additive Manufacturing, and Autonomous Robotic Systems) and added another technology-agnostic category in the form of ‘Privacy’, which is often relevant in the context of digital transformation projects.