China’s artificial intelligence (AI)-powered chatbot, DeepSeek, is under intense scrutiny in the European Union over data protection concerns. Data protection authorities in Italy and Ireland have launched investigations into the platform’s data collection and usage practices. The probes are being conducted under the EU’s General Data Protection Regulation (GDPR), which aims to safeguard user data.
DeepSeek, a platform designed to compete with OpenAI’s ChatGPT, recently became one of the most downloaded apps on the Apple App Store and Google Play Store. However, its rapid rise in popularity has raised questions in European countries about how it handles user data. Of particular concern are China’s national intelligence laws, which require companies to cooperate with state authorities, a mandate that has alarmed European regulators.
Italy’s data protection authority, Garante, has ordered the removal of DeepSeek from app stores in the country. Italian users attempting to download the app now receive a message stating that it is “currently unavailable in your country or region.” Garante has given DeepSeek 20 days to clarify what type of data it collects, the purpose of such collection, and whether the data is stored in China.
Meanwhile, Ireland’s Data Protection Commission has also raised questions about DeepSeek’s data practices. The commission has requested information from the company regarding the handling of Irish citizens’ data. Ireland’s involvement is particularly significant, as the country serves as a hub for many tech companies, including major players in the AI sector.
Security expert Chester Wisniewski has warned that DeepSeek’s “open-source” nature makes it vulnerable to exploitation. According to Wisniewski, the platform could be used by cybercriminals, despite the significant resources required to operate it. He emphasized that companies must thoroughly assess the risks before using DeepSeek or any other AI model.
Rob T. Lee, Chief of Research at the SANS Institute, expressed concerns about DeepSeek’s approach to data privacy. Unlike OpenAI, which strives to protect user data, DeepSeek collects vast amounts of data in China and stores it in a non-anonymized format, posing significant risks, Lee noted.
The actions of European authorities reflect their serious commitment to protecting user data. The implications of these investigations for DeepSeek’s future remain unclear. However, the case has sparked an important debate about the responsibilities of tech companies and the potential risks associated with artificial intelligence.
Under the EU’s stringent data protection laws, DeepSeek may need to revise its practices or risk being forced to suspend its services in Europe. In the meantime, users are advised to exercise caution and ensure their data is protected when using such apps.
This situation underscores the growing tension between technological innovation and data privacy, highlighting the need for robust safeguards in an increasingly AI-driven world.
