The data stored in Korea will not be leaked overseas.
Lim Jong-jin, a senior solutions architect at Alibaba Cloud, said this on the 19th during a media briefing for the launch of the new data center held at the Grand Intercontinental Parnas inGangnam, Seoul. This directly rebuts the ‘security concerns’ regarding Chinese corporations. However, he avoided a direct answer regarding the local laws in China that stipulate ‘any organization must cooperate with Chinese intelligence activities.’
Alibaba Cloud is the fourth largest cloud service provider (CSP) in the world based on revenue, according to a survey by market research firm Gartner. As of 2023, it ranked first in the Asia-Pacific cloud infrastructure services (IaaS) market with approximately 22% market share, which is 5 percentage points higher than Amazon Web Services (AWS).
Alibaba Cloud entered Korea in 2016 and has steadily expanded its business. It participated as a partner in the 2018 Pyeongchang Winter Olympics, and in March 2022, it opened its first data center in Seoul. The second data center, set to open at the end of June, is also being established in Seoul.
◇ Alibaba must solve the ‘security concerns’ while avoiding a direct answer to China’s security laws
Although it has been 10 years since Alibaba Cloud entered the domestic market, the ‘security concerns’ remain a task to address. Yoon Yong-Joon, Country Manager of South Korea, Alibaba Cloud Intelligence, noted, ‘It is true that there are many unverified prejudices simply because we are a Chinese cloud company,’ and he added, ‘As a global cloud provider, we comply with security and regulations and possess a high-security system.’
Alibaba Cloud presented as evidence that its system has a high level of security that it adheres to local security and technical regulations suitable for each market. In Korea, it obtained Information Security Management System (ISMS) certification overseen by the Korea Internet & Security Agency (KISA) in December 2023. It has also received General Data Protection Regulation (GDPR) certification. Additionally, it possesses over 150 security and compliance requirements, including an international standard for information security management system certification (ISO 27001) and service management system standard (ISO/IEC 20000-1), as well as including a System and Organization Controls (SOC) report.
However, Lim avoided a direct response regarding the ‘information leakage’ concern stipulated by Chinese law. Article 28 of the Chinese Cybersecurity Law states, ‘Network operators must support and cooperate with public security agencies and national security agencies in maintaining national security and conducting criminal investigations according to the law.’ Furthermore, Article 7 of the Chinese National Intelligence Law mandates that all organizations and individuals must support and cooperate with national information operations in accordance with relevant laws. This has raised concerns both domestically and abroad that Chinese government agencies may demand user information from corporations under the guise of national security or criminal investigation.
Lim noted, ‘It is difficult to share specific details regarding Chinese laws,’ but he also stated, ‘Since we have obtained ISMS in Korea and the challenging-to-obtain European GDPR, Alibaba Cloud services would not have achieved these if they posed a threat.’
◇ ‘We will secure Korean customers in a multi-cloud environment’
Alibaba Cloud pointed out ‘providing customized services to meet diverse customer demands’ as the background for opening its second data center in Korea. With a total of 87 availability zones in 29 regions worldwide (geographical areas that manage clusters of data centers), it has only operated a single data center in Korea, showing limitations for business expansion. It aims to overcome this by building a ‘multi-cloud’ environment.
Lim stated, ‘Korean customers often require maintaining a ‘multi-data center’ for reasons such as service stability,’ and added that ‘although we have suggested combining the existing Seoul data center with the Japan region, companies with sensitive data are hesitant about having their data stored abroad.’ He further remarked, ‘With the opening of the second data center, we expect to offer even more diverse cloud services.’
Earlier, Alibaba Group announced that it would invest a minimum of 380 billion yuan (approximately 76 trillion won) in AI and cloud infrastructure over the next three years. This amount surpasses the total investment for the last 10 years, aiming to prepare capabilities for the era of artificial general intelligence (AGI) in the medium to long term. The opening of the second data center in Korea is part of this investment plan. According to Alibaba, the second data center aims to provide a variety of products optimized for AI applications such as cloud-native services, big data, and databases.