WebPKI Observatory — Jurisdiction Risk
Five jurisdictions are classified as high-risk for compelled disclosure and surveillance frameworks: China, Russia, the United Kingdom, Australia, and Hong Kong, with India and Turkey designated moderate-risk. These classifications reflect legal authorities for extraterritorial data access, mandatory decryption assistance, and warrantless surveillance that could compromise CA operations or key material. The geographic concentration finding shows 88.62% of issuance occurs in the United States, itself subject to FISA 702 and national security letter authorities, creating systemic exposure to a single legal regime.