DeepSeek, a Chinese AI startup, has been accused by South Korea of sharing user data with the Chinese owner of TikTok. According to the South Korean data protection authority, “We confirmed DeepSeek communicating with ByteDance,” Yonhap News Agency reported. Due to worries over data security, the nation has already taken DeepSeek out of app stores over the weekend. The Chinese app’s assertions that its new model was trained at a significantly lower cost than US competitors like ChatGPT sent shockwaves through the AI sector in January, wiping billions off global stock markets.
Since then, several nations have issued warnings that user data might not be adequately safeguarded, and in February, a US cybersecurity firm claimed that DeepSeek and ByteDance may have shared data.
Despite now rating significantly lower than ChatGPT in the UK, DeepSeek’s apparent overnight impact caused it to soar to the top of the App Store charts in the US, UK, and many other countries. Before it was removed from the Google and Apple App Stores on Saturday night, it had been downloaded more than a million times in South Korea. The application can still be accessed and used via a web browser by current users. Despite discovering a connection between DeepSeek and ByteDance, the data regulator, the Personal Information Protection Commission (PIPC), told South Korea’s Yonhap News Agency that it was “yet to confirm what data was transferred and to what extent.”
Chinese state critics have long said that the National Intelligence Law gives the government access to any information it desires from Chinese businesses. Nonetheless, a number of international investors own ByteDance, which has its headquarters in Beijing. Others claim that the same regulation permits the protection of private businesses and personal information. The US Supreme Court maintained a ban on TikTok, which is controlled by ByteDance, in part due to concerns about user data being transported to China. In an effort to mediate a settlement, President Donald Trump has put the US ban on hold until April 5.
Exercise caution
On February 10, the cybersecurity firm Security Scorecard posted a blog post on DeepSeek that included “multiple direct references to ByteDance-owned” businesses. “These references suggest deep integration with ByteDance’s analytics and performance monitoring infrastructure,” the evaluation stated while discussing the Android app from DeepSeek. According to Security Scorecard, DeepSeek “user behaviour and device metadata [are] likely sent to ByteDance servers” in addition to privacy threats. Data “being transmitted to domains linked to Chinese state-owned entities” was another discovery.
Insufficient transparency in DeepSeek’s privacy policy and traffic created by third-party data transfers were discovered by South Korea’s PIPC on Monday. It stated that DeepSeek was assisting the regulator and admitted that it had overlooked South Korean privacy regulations. However, users were cautioned by the agency to “avoid entering personal information into the chatbot.” South Korea has already banned DeepSeek from government equipment, joining a number of other nations like Taiwan and Australia. For a reaction, the BBC has reached out to ByteDance, the parent firm of DeepSeek, and the PIPC.