A recent investigation by a Canadian cybersecurity firm, Feroot Security, suggests that the source code of the popular AI chatbot DeepSeek might contain components that could transmit user data to China Mobile, a telecom provider previously banned in the US.
The Associated Press, citing the Feroot Security report, stated that the code pertains specifically to the account creation and login processes on DeepSeek’s web client.
While the findings do not conclusively prove that DeepSeek is currently sending data to China Mobile, cybersecurity experts have been unable to dismiss the possibility either. The report, validated by multiple independent experts, raises concerns given China Mobile’s past associations. In 2019, the US government banned China Mobile from operating within its borders, citing national security risks linked to the company’s connections with the Chinese government and, in 2021, its ties to the Chinese military.
The investigation revealed code that could allow the AI firm to send login credentials and user queries directly to servers operated by China Mobile. This revelation poses a more severe risk than previously noted with platforms like TikTok, which faced a temporary ban in the US. Ivan Tsarynny, CEO of Feroot, emphasized the gravity of the situation to the AP, stating, “The implications of this are significantly larger because it could expose personal and proprietary information at a much grander scale and with more precision than TikTok, which mainly shares entertainment content.”
DeepSeek Could Send User Information to Chinese Government Telecom, Say Researchershttps://t.co/iw4rl2EUzG#DeepSeekR1 pic.twitter.com/6xgJaKNVTB
— Republic (@republic) February 5, 2025Additionally, it is worth noting that the researchers have not yet analyzed tDeepSeek’s mobile application, which could contain similar vulnerabilities. Recently, tDeepSeek’s iOS app climbed to the top of the App Store’s “Top free apps” chart in the US, surpassing OpenAI, suggesting a high level of user engagement and potential risk exposure.
Read: DeepSeek R1 Shakes Up AI Market, Challenging US Tech Dominance
The findings underscore the ongoing concerns regarding data privacy and security associated with AI applications, especially those potentially linked to foreign entities with government ties.
