DeepSeek, a popular new artificial intelligence tool, may be able to transfer user data directly to the Chinese government, according to cybersecurity experts. This revelation comes amid growing concerns about the security of American user data in the hands of Chinese-based companies.
Has DeepSeek redefined the role of AI? @mgualtieri talks to @guardian about how DeepSeek will push US tech giants to experiment and accelerate their #AI development https://t.co/CYzBt6JZJs
— Forrester (@forrester) February 4, 2025
Experts have identified potential security loopholes in DeepSeek’s code that could allow the Chinese government to access sensitive user information.
DeepSeek is a significant advancement for AI and open-source. But it's essential to remember that an AI model cannot be a censored propaganda machine for China or, even worse, propagating falsehood. pic.twitter.com/vPqce4JE4H
— Aravind Srinivas (@AravSrinivas) February 4, 2025
Ivan Tsarynny, CEO of Feroot Security, an Ontario-based cybersecurity firm, expressed alarm at the findings, stating, “We see direct links to servers and companies in China that are under the control of the Chinese government. This is unprecedented.”
What concerns come with open-source AI?
Proofpoint cybersecurity strategist Matt Cooke discussed the #datasecurity implications of #DeepSeek in this recent @CNBCi article by @Ryan_Browne_. https://t.co/SFs5tWHTBG
— Proofpoint (@proofpoint) February 5, 2025
Using AI software to decrypt DeepSeek’s code, Tsarynny discovered what appears to be intentionally hidden programming capable of sending user data to CMPassport.com, the online registry for China Mobile. China Mobile, a state-owned telecommunications company, has been banned from operating in the U.S. since 2019 due to national security concerns and was added to the FCC’s list of national security threats in 2022.
John Cohen, a former acting Undersecretary for Intelligence and Analysis for the Department of Homeland Security, emphasized the seriousness of the issue, saying, “National security officials always suspect that technology sold by a Chinese-based company has a backdoor making that data accessible to the Chinese government.
DeepSeek data poses serious concerns
In this case, the backdoor’s been discovered, it’s been opened, and that’s alarming.
Rep.
Josh Gottheimer (D-NJ), a member of the House Intelligence Committee, called for immediate action to prevent potential risk, stating, “I think we should ban DeepSeek from all government devices immediately. No one should be allowed to download it onto their device. And I think we have to inform the public.”
DeepSeek’s terms of service explicitly state they “shall be governed by the laws of the People’s Republic of China.” The app’s privacy policy also discloses extensive data collection practices, including chat and search query history, keystroke patterns, IP addresses, and activity from other apps.
However, experts suggest knowing the exact data DeepSeek might be sending to China Mobile is impossible. Tsarynny also mentioned that DeepSeek’s web tool creates a digital “fingerprint” for each unique user, tracking activity beyond the use of the app. Rep.
Raja Krishnamoorthi (D-IL), the top Democrat on the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party, described the situation as “very disturbing,” stating, “This pattern of data collection is really familiar to people who study the use of CCP controlled-company apps, and you use those apps at your own risk.”
DeepSeek and its parent company, High-Flyer, along with China Mobile, did not respond to multiple requests for comment.
Noah Nguyen is a multi-talented developer who brings a unique perspective to his craft. Initially a creative writing professor, he turned to Dev work for the ability to work remotely. He now lives in Seattle, spending time hiking and drinking craft beer with his fiancee.
