South Korea discovers DeepSeek transferred user data to Chinese servers without consent

• South Korean regulators found DeepSeek transferred user data to a Chinese cloud service without consent.
• The leaked data included user inputs, device details, and network information, raising national security fears.
• DeepSeek was suspended in South Korea after regulators discovered it transferred user data without consent to Volcengine, a cloud provider whose owner, ByteDance, has previously faced accusations of sharing data with the CCP.
• U.S. officials warn Chinese AI tools could weaponize data for state surveillance, pushing stricter oversight and potential bans.
• The scandal underscores urgent global concerns over Chinese tech’s ties to CCP surveillance and the need for AI regulation.

South Korean data regulators have uncovered that the Chinese AI app DeepSeek transferred personal information, including user inputs and device details, to a Beijing-based cloud service provider without users’ authorization.

This revelation has sparked concerns over privacy violations and national security risks, particularly as Chinese tech companies face scrutiny for alleged ties to the Chinese Communist Party (CCP). The finding, announced by the Personal Information Protection Commission (PIPC), has led to DeepSeek’s suspension in South Korea and echoes longstanding fears about data exploitation by Chinese firms like TikTok’s parent company, ByteDance.

Sharing data without permission

According to the PIPC, DeepSeek shared user data with companies in both China and the United States without obtaining explicit consent or disclosing the practice in its privacy policy. PIPC official Nam Seok emphasized that the company transferred data to the Chinese cloud platform Volcano Engine, also known as Volcengine.

“In particular, it was confirmed that DeepSeek transferred not only device, network, and app information, but also user inputs in AI prompts to Volcano Engine,” he reported. The commission ordered DeepSeek to destroy the illegally transferred data and establish legal safeguards for future cross-border sharing.

DeepSeek, which claimed to offer a low-cost alternative to western AI tools, briefly dominated global headlines earlier this year. Yet its rapid rise has been matched by alarms over its opaque data practices.

While the company asserted the transfers were meant to improve user experience, the lack of transparency has fueled fears that sensitive data could end up in the hands of the CCP. Volcengine, the cloud service provider, is owned by ByteDance, the firm behind TikTok, which has faced years of accusations of facilitating data transfers to China under government pressure.

National security implications

The incident underscores a broader problem with AI tools developed by Chinese firms: their potential to serve as vehicles for state-backed surveillance or intelligence gathering. For South Korea, a country situated close to China and frequently entangled in geopolitical tension with Beijing, the leakage of personal and communications data could directly compromise national security.

For Americans, the risks are equally dramatic. U.S. officials have repeatedly warned that Chinese tech companies prioritize compliance with CCP directives over user privacy. As DeepSeek expands globally, its ability to vacuum up private conversations, searches, and inputs raises the specter of personal and proprietary information being weaponized by a foreign power.

In response to the findings, China’s Foreign Ministry spokesman Guo Jiakun insisted the CCP has “not and will never” mandate illegal data collection, but the denial rings hollow. As lawmakers and watchdogs note, Chinese firms operate under a legal framework requiring them to assist the CCP’s intelligence and security services.

In the United States, the DeepSeek controversy has intensified calls for stricter oversight of AI tools. The White House is reportedly accelerating reviews of foreign-made AI apps, with some lawmakers pushing for bans on government use of Chinese-developed systems. Experts caution that the solution isn’t wholesale rejection of AI tools but rigorous scrutiny of their data policies and geographic boundaries.

The DeepSeek scandal is a wake-up call. The serious risks of Chinese AI must be met with proportionate caution and legal safeguards. Whether it’s South Korean users’ personal data or American freedom, the cost of complacency in this era of digitalization could prove catastrophic.

Sources for this article include:

TheNationalPulse.com

Reuters.com

CNBC.com