Key Points 

• This article focuses on two main risks involving DeepSeek: security and privacy risks 

  
  

• When it comes to security, there are several concerns that raise alarm bells: just recently on January 28, 2025, DeepSeek experienced a cyberattack 

  
  

• With respect to privacy, there are also serious concerns about the way that DeepSeek collects and uses user data, and the company monitors keystroke activity 

My co-founder, Tommy Cooke, mentioned in a recent post that DeepSeek is a major disruptor in the AI market—it has even surpassed ChatGPT in downloads on Apple iPhones in the United States. 

Yes, DeepSeek is becoming more popular than ever: but what are the risks, and how can organizations mitigate those risks? This article answers these questions. 

What is DeepSeek? 

DeepSeek is a Chinese artificial intelligence company. Founded in 2023 by Liang Wenfeng, it develops large language models (LLMs), most notably DeepSeek V3 and DeepSeek-R1. Apparently, DeepSeek has claimed that it only cost USD $6 million to train its flagship AI model compared to the USD $100 million of ChatGPT’s latest model. 

The chatbot is free. It is possible to ask DeepSeek to answer questions, generate content and code, and solve complex problems. This is interesting; perhaps recent events have prompted Sam Altman to announce that once GPT-5 arrives, OpenAI plans to offer free users unlimited access to the model.  

What are the main risks of using DeepSeek? 

I would like to focus on two main risks—security and privacy risks.  

1. Security Risks 

   
   

Countries such as Australia, Italy, and Taiwan have already banned it. This may have something to do with the fact that cybersecurity researchers have uncovered several vulnerabilities involving AI jailbreak attacks. These attacks entail models being instructed to bypass their built-in safeguards. More specifically, jailbreaking techniques bypass the app’s security measures, allowing it to generate harmful content such as instructions for creating Molotov cocktails. Some very dangerous jailbreaks, referred to as “Evil” and “Leo” jailbreaks, can have numerous bad effects like adopting malicious or unrestricted personas—to the point where the model can be prompted to generate detailed instructions for creating infostealer malware.  

This situation is serious; compared to OpenAI’s o1 model, DeepSeek has been found to be 11 times more likely to generate harmful output, four times more vulnerable to generating insecure code, and 3.5 times more likely to produce chemical, biological, radiological, and nuclear content. DeepSeek simply fails to block harmful prompts. 

If that were not enough, DeepSeek also has a problem transmitting data securely. DeepSeek appears to transmit data over the internet without encryption, exposing sensitive information to potential interception. That is, it has already been found that data can be extracted following a bypassing of built-in restrictions. For instance, it has been possible to access a publicly accessible DeepSeek database and expose over a million lines of sensitive data, including chat histories, secret keys, backend details, and other sensitive information. 

And it is worth noting that there are deep connections between DeepSeek and the Chinese government. Not only does this raise considerable national security issues, but it also raises red flags when it comes to transmitting unencrypted data to Chinese companies and the State-controlled telecom, China Mobile. And since the data is stored on servers in the People’s Republic of China, the law allows the Chinese government access to the data upon request. 

There is more. There was a cyberattack. On January 28, 2025, the company stated, “Due to large-scale malicious attacks on DeepSeek's services, we are temporarily limiting registrations to ensure continued service”, and it was reported on February 8, 2025 that the incident had been resolved. The attack was reported to be a distributed denial-of-service attack targeting its API and web chat platform. 

This large-scale attack caused some people to put out warnings to “be very careful what you share, whether it’s your own personal information or—worse—your employer’s.  

2. Privacy Risks 

   
   

There are serious privacy concerns regarding DeepSeek. In fact, members of the United States Congress and their staff have been  warned by the House's Chief Administrative Officer not to use the app. 

Why? To start, DeepSeek collects “troves” of data, including chat and search query history, the device a user is on, keystroke patterns, IP addresses, internet connection and activity from other apps. And maybe even sensitive information. 

In addition, there are more concerns coming from a review of the company’s privacy policy, namely that DeepSeek reserves broad rights to use/exploit users’ personal data; retains broad rights to use inputs and outputs, including confidential information; passes on the responsibility for infringement and other liabilities/risks; and requires authenticity and accuracy of the output. 

Furthermore, it is important to mention that the company’s terms of use are governed by the People’s Republic of China. To that end, any dispute arising from the signing, performance, or interpretation of the terms of use, the parties must first attempt to resolve the dispute amicably, and if such negotiations fail, then either party has the right to file a lawsuit with a court having jurisdiction over the location of the registered office of Hangzhou DeepSeek. 

There are even more concerns regarding DeepSeek’s data retention. The company keeps the data for as long as it wishes, even after users leave the app. In fact, there is no deletion of data on user departure. Something that is quite troubling is that DeepSeek allows for keystroke tracking. There are even concerns about political censorship of outputs. 

But what is alarming is that users who log into DeepSeek using Google apparently allow access to personal information that is collected and stored by Google. Is that allowed? Yes—the privacy policy allows collection from a third-party service. 

Let’s take a look at this privacy policy. There are a few ways that DeepSeek collects information: information that users provide, that is automatically collected, and information that is collected from other sources. More precisely, users provide information when they set up the account with email address and passwords; when they input things such as text input, prompt, uploaded files, feedback, chat history, or other content; and when they contact the company with proof of identity or age, contact details, feedback or inquiries. 

The data that is automatically collected includes device and network information, log information, location information, cookies, and payment information. Information from other sources includes log-in, sign-up, linked services (logging in with Google or Apple), security information, and public information.  

The privacy policy states that DeepSeek uses information to operate, provide, develop, and improve its services. It also discusses sharing information and states, “We share information you provide, automatically collected information, and information from other sources with these service providers as necessary to enable them to provide their services”. The sharing of information with service providers can occur when DeepSeek wants to communicate with users through notifications, integrate third-party APIs such as Bing, use analytics, and use support and safety monitoring service providers. 

The privacy policy also points out that emails sent to or from the company may not be secure, so users should take special care in deciding what information they send to DeepSeek through the services or email. In addition, DeepSeek states that it is not responsible for circumvention of any privacy settings or security measures contained on its service, or third-party websites. 

Lastly, data is retained for as long as is necessary and stored in the People's Republic of China. Moreover, the privacy policy sets out more detailed and jurisdictional-specific information for the purposes of complying with the data protection requirements in the European Economic Area (EEA), Switzerland, and UK. For example, the chart sets out the purpose of processing (e.g. to communicate with users), personal information categories (e.g. account information or location information), and legal bases (e.g. performance of a contract with users). 

What can businesses do to mitigate these risks? 

Businesses are recommended to provide training to employees regarding privacy and security:  

• Be cautious about sharing personal information 

• Use strong, unique passwords 

• Beware of phishing attempts 

• Monitor accounts for suspicious activity 

• Remain up-to-date on security practices 

• Ensure that the privacy policy is transparent 

• Be aware of jailbreaking risks 

• Use reliable security software