With incidents of personal information leaks and hacking originating from China continuing, security concerns are growing. However, it has been identified that major domestic game corporations are using Tencent’s cloud services. Recently, it emerged that the artificial intelligence (AI) chatbot ‘DeepSeek’ transferred user information to the operator of TikTok, causing controversy. Additionally, there is growing distrust regarding Chinese IT devices such as robotic vacuum cleaners due to allegations of backdoor access (secret channels allowing system access). Particularly, the fact that the Chinese government has mandated local companies to submit collected information under the ‘Data Security Law’ adds to the anxiety.
◇ Tencent Cloud is over 30% cheaper than AWS
According to the gaming industry on the 21st, Tencent operates two data centers (regions) in Seoul. After establishing the first data center in the country in 2018, the second center opened at the end of 2020. Tencent Cloud provides cloud infrastructure suitable for large-scale traffic environments such as gaming, video, and commerce for Korean and global corporations.
Most major domestic game corporations, including Nexon, NCSOFT, Netmarble, Krafton, Wemade, WEBZEN, and SHIFT UP, are operating game servers using Tencent Cloud. The cloud service is favored in the gaming industry due to its ease of integration with mainland China and low data transmission costs, which are significant in large-scale traffic environments.
According to the ’2023 supplementary communication business status survey' published last year by the Ministry of Science and ICT, Amazon Web Services (AWS) holds the first position in the domestic cloud market with a 60.2% market share, followed by Microsoft (24.0%), Naver (20.5%), Google (19.9%), Oracle (8.2%), and KT (7.0%) while NHN records a 7.0% share. In contrast, the market share of Tencent Cloud is so minimal that it is not even recorded in the domestic private market.
Domestic game corporations do not have to necessarily use Tencent Cloud to enter the Chinese market. Nonetheless, Tencent’s know-how in acting as a ‘local publishing partner’ or preparing for censorship by the Chinese government makes it advantageous, and its competitive internet line costs have led to a distinct ‘Tencent preference’ phenomenon throughout the gaming industry.
The data transfer fee for Tencent Cloud’s Seoul region is $0.0798 per GB (gigabyte), which is more than 30% cheaper than AWS’s Seoul region ($0.114 per GB). Assuming 1 terabyte (TB) is transmitted, Tencent Cloud costs around $81.7, while AWS incurs $116.7, resulting in a difference of approximately $35.
A representative from the cloud industry noted, ‘There is also an aspect of collaboration with Tencent for domestic game companies to secure Chinese users reliably. Connecting the domestic region with the Chinese region allows for smooth handling of large-scale traffic. In terms of transmission costs or service support, Tencent Cloud offers significant price competitiveness.’
◇ Tencent is listed on the U.S. Department of Defense blacklist… Did not receive personal information management system certification in Korea
However, the revelation that Tencent has been included on the list of ‘Chinese military-affiliated corporations’ has raised security concerns. This is due to Tencent’s inclusion in the list of ‘Chinese military companies (CMC)’ released by the U.S. Department of Defense in January. The U.S. believes that companies on this list could provide sensitive information at the request of the Chinese government.
Tencent explains that its cloud service has received international information security certification and that it has been certified for ISMS (Information Security Management System) through the Korea Internet & Security Agency (KISA) in Korea. However, security experts emphasize that practical control measures beyond ‘best practice verification’ are necessary to protect data. In particular, it is essential to fully eliminate the institutional risks where the Chinese government may request personal information from domestic corporations.
While Tencent Cloud has obtained ISMS certification, it has not yet acquired ‘ISMS-P (Personal Information Protection Management System)’ certification, which includes personal information processing. Domestic cloud service providers such as Naver Cloud, NHN Cloud, and KT Cloud all possess ISMS-P.
Chairman Yeom Heung-yeol of the Korea Personal Information Protection Committee stated, ‘The ISMS certification is a management system that checks information leaks caused by hacking attacks or administrator negligence, but it is insufficient compared to ISMS-P, which focuses specifically on personal information processing areas (collection, use, third-party provision, etc.).’ He further stated, ‘China operates a ‘Data Security Law’ that requires domestic corporations to provide information collected at the request of the government, and although the personal information stored on Korean servers, it is difficult to completely exclude the suspicion that the Chinese government could make such requests technically or legally.’
Tencent said in a statement that Tencent Cloud complies with all applicable Korean laws and follows international best practices. The company added that it is not a military company in any sense of the word and is working with U.S. authorities to clarify the misunderstanding.