Legislation such as GDPR, CCPA, and VCDPA grants users the right to control how data is collected about them by apps and websites. As a result, you must obtain users’ consent before they store, retrieve, or use data stored on individual devices. Basically you have to meet the lowest common denominator.
Apologies if I didn’t interpret the question as you wanted. The headline says what are the country criteria. There’s all sorts of criteria including financial reporting, data privacy, trademark laws, taxes, etc. I chimed in with my knowledge that I thought would be helpful.