Public Cloud Opening Imminent... Domestic Industry Pleads "Save Us" in Protest

[Asia Economy Reporter Yuri Choi] "Please save us. We are not asking to save companies, but to consider the cloud industry ecosystem." As the domestic public cloud market is about to open, native companies have voiced strong complaints. There are concerns that not only will the market be taken over by foreign companies such as Amazon and Microsoft (MS), but data sovereignty will also be shaken.

On the 16th, Yoon Young-chan, a member of the Democratic Party of Korea, held a forum at the National Assembly Members' Office Building on the theme of "Desirable Cloud Ecosystem Development Plans." This was a place to gather industry opinions as the Ministry of Science and ICT announced a plan to reform cloud security certification. The Ministry of Science and ICT will complete the collection of opinions by the 18th and release the final revision within this month.

The revision divides the security certification that cloud service providers must obtain to provide services to the state and public institutions into high, medium, and low levels. The "low" level, which deals with public data that does not include personal information, will have relaxed security. Unlike the existing requirement for physical network separation, only logical network separation will be necessary. This means that only software that achieves the effect of network separation needs to be applied. In this case, foreign companies that use only logical network separation in Korea will be able to enter the public market.

On the 16th, Yoon Young-chan, a member of the Democratic Party of Korea, held a discussion forum on the theme of "Desirable Development Plans for the Cloud Ecosystem" at the National Assembly Members' Office Building.
[Photo by Choi Yuri]

The domestic cloud industry fears that even the public market will be dominated by foreign companies. In the private market, foreign cloud services already account for 80%. Junbeom Kim, Director at Naver Cloud, said, "In Korea, the market started from the public sector and then entered the private sector. If the barrier that blocked foreign companies from entering the public sector disappears, it is questionable whether we can build competitiveness."

There have also been complaints about reverse discrimination against domestic companies that have invested in physical network separation. Jaehee Ko, External Affairs Director at Kakao Enterprise, said, "We invested expecting business opportunities if we obtained security certification, but even a large company like Kakao found it difficult to create references," adding, "Introducing a grading system and opening the low level when it is uncertain how much the market will grow is problematic."

Concerns about data sovereignty were also raised. There is a risk that important national data could be leaked through foreign cloud providers. Even at the low level, which does not include personal information, personal data may be stored in the cloud systems managing it. Security issues in public institution management infrastructure could spread to other public services. Jongsu Ki, Executive Director at NHN Cloud, stated, "Just as the Eulsa Treaty surrendered national sovereignty, the reform of the certification system could have a significant impact on data sovereignty," and argued, "It is not too late to thoroughly review and supplement the reform before implementation."

Harsh criticism from small and medium cloud companies continued. They lamented that if foreign clouds enter while they are losing in competition with large companies, they will have no place to stand. Byungchul Kim, CEO of SmileServe, said, "To alleviate the concentration of overseas operators, they should also be required to allocate computing resources," expressing concern that "otherwise, a data center failure could cause all services to go down."

The industry emphasized that even if logical network separation is allowed for public operators, minimum standards are necessary. This could include mandating a certain level of technological investment or imposing obligations on sovereign clouds. Sovereign clouds refer to clouds that have data centers locally and comply with government regulations. Hongjun Kim, Executive Director at Namu Technology, said, "To protect data sovereignty, measures to prevent third-party data provision or overseas transfer must be implemented simultaneously."

© The Asia Business Daily(www.asiae.co.kr). All rights reserved.