December 02, 2021

Chinese Cloud Services

Chinese Cloud Services

The global cloud computing market was valued at roughly $275 billion in 2020, and with much fewer noticeable effects from COVID-19 than most industries, the market is set to continue surging to over a trillion dollars by 2028, per Grand View Research. China is already one of the largest markets for the cloud, and Chinese cloud services should skyrocket in value over the next several years. 

China cloud services landscape

The Chinese market has been especially vigilant in rebounding from the pandemic, as the entire country posted a 2.3% growth rate in 2020 despite the pandemic, becoming the only major economy to grow in the year. The cloud was a key part of this economic comeback, as office workers going remote during extended lockdowns fueled many companies that had yet to switch to cloud computing to embrace the technology. 

Although the cloud and the internet are well-intertwined with the government in China, the market, due to its sheer size, astonishing recent growth rates, and prospects for further success make China perhaps the hottest market in the world. In preparation for this coming surge in the market, China has spent much of the past two years drafting and organizing data protection legislation to get a better grip on the sector. With the country’s new comprehensive law, the Personal Information Protection Law, or PIPL for short, the rules for international companies looking to do business in China and how they’ll need to store and process data have become clearer. 

PIPL is a strict bill, particularly when compared to other countries’ laws, and since compliance is essential for international companies when expanding, the companies will need to adhere to China’s cloud computing market if they wish to do business there. 

Chinese cloud providers

The Chinese cloud services market is already gigantic even with expectations of significant growth to come. Currently, the global clouds in China–Amazon, Microsoft, and Google—do not have as much of an impact there as they do in most international countries. In fact, Google’s cloud services, due to long-standing issues between the company and the Chinese government, do not operate there at all. China’s cloud providers, such as Alibaba Cloud, dominate the industry, with China’s cloud providers having a much larger collective share than international providers do. Along with Alibaba Cloud, the largest individual cloud provider in the country, Tencent Cloud, China Telecom Cloud, Huawei Cloud, and Baidu Cloud are all influential. 

Chinese cloud providers
The most popular Chinese cloud providers

Even so, Chinese cloud providers are gaining influence by the day, and PIPL will likely only help them solidify market shares. The recent news stories about Microsoft shutting down LinkedIn within China and Yahoo also leaving the country were in direct response to growing data regulations. 

That leaves Chinese cloud providers with tremendous advantages in their home market. If international companies continue to pull out or hesitate on compliance, domestic options may soon have the vast majority of the market.

incountry and alibaba

Demand for cloud services in China

Demand for cloud services in China has been hot for years, but the pandemic is sure to kickstart another round of market growth. Chinese consumers already use tons of digital services, such as e-commerce, online payment, and online entertainment. With the cloud underpinning those services and more people signing up for them during COVID, Chinese cloud services are sure to see significant growth in the coming years. 

China’s sustained growth over the years has not yet shot its cloud market to the top of the globe. Despite being the second largest economy in the world, contributing 16.3% of global GDP in 2019, per World Bank data, the public cloud market only accounted for 5.1% of global GDP (IDC, 2019). That misalignment in figures pre-pandemic, combined with the overwhelming shift to digital over the past 24 months, shows that the demand for cloud services in China and the cloud in China are almost guaranteed to see vast increases in value and usage. With the compound annual growth rate of China’s public cloud market at 61.1% over the past five years, it may be a matter of time before the country hosts the most valuable single cloud market in the world. 

The uniqueness of Chinese cloud services

Domestic Chinese cloud services dominate the market, and for good reason. Chinese companies like Alibaba, Huawei, Baidu, and Tencent have the inside track on a number of issues facing cloud service providers. Mainly, that is the issue of how difficult it is for international providers to procure a Chinese data center. Even before PIPL, the Chinese Cybersecurity Law, in addition to other legislation, put restrictions in place for how data could be stored. 

China does not allow foreign cloud service providers to own and operate their own data centers within the country. This is why the largest international cloud providers, Amazon (AWS) and Microsoft (Azure), do not run their typical deployment in Chinese data centers. To operate a data center in China, a locally registered company that has less than 50% foreign investment must obtain a value-added telecom permit, a process that is as long as it is challenging. 

By virtue of this, local Chinese companies have unfiltered access to any Chinese data center, while international competition needs to go through a local partner to get into a data center in China. The disparity helps explain why international giants do not have a stronger foothold there. 

The need for a local data center in China is why AWS China is operated by separate entities. AWS is run by Sinnet in Beijing and by Ningxia Western Cloud Data Technology (NWCD) in Ningxia precisely to comply with this standard. Likewise, Microsoft Azure is branded as Azure China and operated locally by 21Vianet. Even the complete service availability and operational models offered by Azure China and AWS China are not exact copies of the companies’ standard international offerings. 

This difference in offerings is due to a many things, but one primary reason is China’s Great Firewall. Per Microsoft Azure’s China Playbook, “The network latency between China and the rest of the world is inevitable, because of the intermediary technologies that regulate cross-border internet traffic. Website users and administrators might experience slow performance.” 

In simpler terms, data coming from other countries into China needs to pass through the Great Firewall, which significantly slows things down and often compels companies to pare down services that may be unsupported within China to keep latency manageable. Since VPNs are illegal in China, a normal workaround is not an option, leaving China’s cloud providers with another advantage. 

data violations fines
China’s fines for data violations are vastly higher than any other country’s

InCountry’s solution for Chinese cloud services

The bottom line for operating in China and using cloud services there is compliance. Chinese cloud services need a solution for data localization, which is where InCountry comes in. InCountry’s unique data residency-as-a-service allows companies to store and process data in over 90 countries worldwide, including China. InCountry is the best solution for international companies solving for data governance because we prioritize compliance within the tech stack. If a company can’t stay in line with changing local data protection laws, the operation might not last. 

To help guarantee compliance, InCountry has come together with Alibaba Cloud, China’s largest cloud provider and the host of innumerable Chinese data centers, to offer international businesses the best solution for entering the Chinese market organized and in compliance. In addition to Alibaba Cloud’s local expertise, InCountry has notable certifications to store data such as PCI DSS, SOC 2 Type II, and SOC 3, and is PIPL-compliant. See all of our certifications here.

How InCountry for Alibaba Cloud works
How InCountry for Alibaba Cloud separates regulated data

Chinese data regulation laws

China has ramped up its data protection laws throughout 2020 and 2021. The primary laws regulating the sphere include:

  • Personal Information Protection Law (PIPL)
  • China’s CyberSecurity Law, 2017
  • Data Security Law 2021
  • Regulation on the Cybersecurity Multi-level Protection Scheme 2.0
  • Internet Content Provider certification by the Ministry of Industry and Information Technology (MIIT)

Prior to the passing of PIPL, these other regulations and mandates formed a patchwork for data governance. The topic has been a key focus for the Chinese government in 2021 however, with multiple laws passing and new standards being set. PIPL itself passed in August and officially became law on November 1st, 2021, a remarkably quick turnaround. The Chinese government has also been adamant that tech companies establish presences within the country, a trait other countries like Russia and Turkey have also pushed for. 

While PIPL cleared up several points of confusion from previous data governance legislation, it won’t be until the law has a few months on the books that the full scope becomes clear. However, from what is clear now, Cross-border data flows are largely not permitted, meaning companies will need to localize data within China. 

For rare cases where data might go abroad, PIPL outlines a few necessities: First, the Cyberspace Administration of China, the appropriate authority, needs to explicitly approve any data transfer abroad; second, large data handlers and critical information infrastructure providers (CII), which generally constitute any company running a large operation, must register under the designation of CII and localize all data within the country.

While the wording does not 100% ban data transfers abroad, the unlikelihood of being given permission to do so effectively acts as a stop to the process.

China data storage requirements according to PIPL 

PIPL requires any information on Chinese citizens to be stored locally within a Chinese data center. Cloud services in China also:

  • “Must ask users to provide authentic identity information and verify it when settling access service formalities for users.”
  • And per ICP regulations, “Cannot offer services for access to entities or individuals if they fail to obtain an operating license or to complete the non-operating Internet information service filing formalities in accordance with the law.”

With requirements to store data domestically and international companies needing to run their services through local data centers in China, PIPL and the entire picture of data localization in China can be interpreted as quite strict. The need for companies to register and oftentimes the need to gain licenses for certain operations is exactly the kind of demanding legal environment that LinkedIn and Yahoo both cited as their reason for departing the market.

What are fines for non-compliance with PIPL?

Under PIPL, fines have been increased significantly, with companies now facing financial hits of over $7 million or 5% of the previous year’s revenues per violation. The cost of not complying with Chinese data regulations is higher than nearly anywhere else. Experts in data governance and Chinese law have advised any companies looking to do business within the country to seek local legal counsel. 

How is Chinese cloud storage capacity and the Chinese data center landscape?

China has been watching the cloud market abroad for quite some time, and thus has been preparing for the inevitable rise of the cloud within China. Accordingly, the country does not have a major shortage of data centers in China. This is in stark contrast to other growing economies where the governments are scrambling to secure more data centers domestically. 

How did 2020 affect Chinese cloud service providers?

Somewhat surprisingly, 2020 was a boon for Chinese cloud services and China’s cloud providers. The demand for cloud services and Chinese data centers rose rapidly when offices closed. This fueled the growth of China’s public cloud domains, which reached a total value of $14.8 billion in 2020.

Accordingly, the market grew by 24% in 2020 alone. The year was so successful that the government took notice of the sector, which may lead to additional amendments in the Chinese data localization law and Chinese data protection. 

Issues facing the Chinese cloud market

Data localization in China is something to watch in the coming years, as the country has recently been enforcing the Chinese data localization law with increasing frequency against both Big Tech and even domestic Chinese companies. How frequently China wields its data protection regulations against corporations could indicate how likely international players are to stay in the market in the long term.

Typical cloud-based fears also play a role in China. Clear challenges in the process of cloud migration are the adaption of cybersecurity controls, compliance with legal and regulatory requirements, and migrating IT systems to a cloud-based infrastructure. The need to keep data within Chinese data centers does not alter those challenges. 

Chinese cloud services face the same biases many industries and regions have had about using the cloud. Although the cloud brings massive positives to business, such as cost optimization, unmatched scalability, and never-before-seen efficiency, it has its detractors due to perceived safety flaws. The Chinese government understands this and has acted on it by passing strict data regulations that should accomplish two things: first, increasing cloud security so customers and companies feel more comfortable using the cloud, and second, making sure cloud providers, domestic and international, abide by how the government wants sensitive data handled and stored. 

If your company is undeterred by cloud-based fears and wants to do business in China, the InCountry plus Alibaba Cloud solution is the best way to comply with PIPL and set your company up for success in the region.