Australia, Taiwan and South Korea have blocked DeepSeek AI on government devices, while EU data protection authorities are checking it complies with the GDPR.
Shutterstock.com/Mamun_Sheikh
The Chinese-owned app, DeepSeek AI made waves in the global AI market when it topped the Apple App Store’s US downloads in January 2025.
Despite having similar functionality to more established rivals, the creators of DeepSeek’s R1 model claim it was built for a fraction of the cost: less than US$6 million.
But DeepSeek has faced heavy criticism from governments and data protection authorities around the world: critics have raised concerns about the influence of Chinese censorship laws on the app and the “excessive” amounts of data it collects from its users.
Read more Lexology PRO reporting on the potential risks associated with DeepSeek here.
Below is a round-up of the global response to DeepSeek since its surge in popularity.
UK
The UK’s Technology Secretary, Peter Kyle appeared to confirm that authorities were investigating DeepSeek in a statement to the media on 29 January 2025. “We have a very mature intelligence and security apparatus in the UK […] the system that we have will look at this, as it does at every other innovation, and make sure that safety is there from the onset," Kyle stated.
He did not specify the nature of the probe, but in the UK the National Cyber Security Centre is typically responsible for monitoring technological risks.
European Union
Multiple EU data protection authorities (DPA) have raised concerns about DeepSeek’s compliance with the EU General Data Protection Regulation (EU GDPR) and urged users to consider carefully before inputting sensitive personal data on the app.
Italy
The Italian data protection authority (the Garante) ordered DeepSeek to limit its processing of Italian users’ data on 30 January 2025, effectively blocking the app in the country while it investigates.
The Garante served DeepSeek with an information request on 28 January 2025, probing the nature of its personal data processing and legal basis for processing. DeepSeek responded by declaring that it does not operate in Italy and therefore is not subject to European privacy legislation, raising serious concerns about the company’s GDPR compliance.
Netherlands
The Dutch DPA started investigating DeepSeek’s data transfer practices (Dutch language only) on 3 February 2025. DeepSeek stores user data in servers located in China. However, under the EU GDPR, personal data may only be transferred outside the EU if sufficient safeguards are in place to ensure data is afforded an equivalent level of protection to that provided by the EU GDPR.
Lithuania
In a statement on 7 February 2025, the Lithuanian DPA advised citizens not to use DeepSeek (Lithuanian language only), or to think carefully about the data they input, citing DeepSeek’s lack of transparency regarding data processing and the risk of personal data being accessed by Chinese authorities.
The DPA says it is “closely monitoring” DeepSeek’s GDPR compliance and collaborating with other EU DPAs to ensure a consistent approach to DeepSeek across the block.
Poland
The Polish DPA said it “recommends extreme caution” (Polish language only) when using services offered by DeepSeek. In a 6 February 2025 statement, it also confirmed it is in contact with other EU DPAs regarding DeepSeek’s data processing practices and GDPR compliance.
Luxembourg
The Luxembourg DPA cast doubt on the legality of DeepSeek’s activities within the EU in a statement issued on 3 February 2025. The DPA warned citizens it would likely be impossible for them to exercise their GDPR rights when using DeepSeek. The DPA also highlighted DeepSeek’s failure to appoint an EU representative and its lack of transparency regarding data processing.
The DPA advised citizens not to input personal or sensitive data into DeepSeek and to avoid installing the app or its configuration files on their devices.
APAC
Australia
The Australian Home Affairs Department secretary signed a directive on 4 February 2025 banning DeepSeek from all federal government systems and devices, following advice from intelligence agencies that it posed an unacceptable risk to national security.
South Korea
South Korea’s National Intelligence Service (NIS) has reportedly accused DeepSeek of excessive personal data collection and urged government bodies to take security measures.
Many South Korean government agencies, including military, finance and trade ministries have already blocked access to DeepSeek.
The NIS warned that DeepSeek automatically collects large amounts of behavioural and technical data on users, such as keyboard input patterns, IP addresses and network connection information.
On 7 February 2025, the South Korean Personal Information Protection Commission announced its investigation into DeepSeek.
Taiwan
Taiwan's Ministry of Digital Affairs confirmed on 4 February 2025 that DeepSeek had been banned from government devices.
"DeepSeek’s AI service is a Chinese product. Its operation involves cross-border transmission, information leakage and other information security concerns," the Ministry stated in a radio briefing.
India
India’s Ministry of Finance told employees to avoid using AI tools and applications on government devices in an advisory on 5 February 2025, due to confidentiality risks. Unlike authorities in other jurisdictions that have singled out DeepSeek, the Indian Finance Ministry also prohibits the use of other AI programmes, including OpenAI’s ChatGBT.
North America
USA
A bipartisan congressional bill was introduced on 6 February 2025 aimed at banning the use and downloads of DeepSeek on US government devices over national security concerns.
Congressman Darin LaHood accused DeepSeek of being affiliated with the Chinese Communist Party (CCP), stating, “Under no circumstances can we allow a CCP company to obtain sensitive government or personal data. [The bill] will ban the app from federal workers’ phones while closing backdoor operations the company seeks to exploit for access.”
Texas Governor, Greg Abbott issued a ban on 31 January 2025, prohibiting the use of Chinese-affiliated AI apps, including DeepSeek on state government devices.
The US Navy reportedly instructed its members not to use DeepSeek in an email dated 28 January 2025.