Concerns Raised About DeepSeek Chatbot’s Link to Chinese Telecommunications
Concerns Emerge Over DeepSeek’s Data Handling and Links to China Mobile
Introduction to DeepSeek and Its Growth
DeepSeek, a Chinese artificial intelligence company, has recently gained significant attention after its chatbot became the most downloaded app in the United States. However, this rise in popularity has led to emerging concerns regarding data security and the potential implications of its ties to a Chinese state-owned telecommunications company.
Security Concerns Linking DeepSeek to China Mobile
Discovery of Obfuscated Code
Research conducted by Feroot Security, a Canadian cybersecurity firm, has revealed alarming findings regarding the web version of DeepSeek’s chatbot. The analysis uncovered heavily obfuscated computer code within the chatbot’s login page. When analyzed, this code shows connections to infrastructure owned by China Mobile, a state-run telecom provider barred from operating in the U.S. since 2019 due to national security issues.
This connection is particularly troubling as it raises questions about user data handling. Although the U.S. Federal Communications Commission (FCC) has denied China Mobile the authority to operate within the country, the link between DeepSeek and such a company raises substantial concerns about user privacy and security.
Potential Data Transfers
While Feroot’s initial assessments did not detect any data being transferred to China Mobile during login attempts made in North America, researchers acknowledged that they could not eliminate the possibility of some user data being sent to the Chinese telecom company. This lack of conclusive evidence leaves a gap in certainty regarding how user information might be processed.
Implications of User Data Security
Comparison with TikTok
The situation surrounding DeepSeek resonates with earlier concerns regarding the popular social media app TikTok, which has been under scrutiny for its links to Chinese ownership and data security practices. Lawmakers in the U.S. had considered measures to compel the owner of TikTok to sell the app or face a complete ban due to national security fears. As Stewart Baker, a former official at the Department of Homeland Security and the NSA, remarked, DeepSeek presents concerns comparable to those raised by TikTok, but with potentially more significant implications.
Users often input sensitive personal data into generative AI systems for various reasons, making the stakes even higher. The risk of exposing such information to a geopolitical adversary is considerable, turning platforms like DeepSeek into possible intel goldmines. As Ivan Tsarynny, CEO of Feroot, pointed out, the nature of data shared with AI systems can be more personal and sensitive compared to the content shared on social media platforms.
Potential Dangers of Fingerprinting Techniques
DeepSeek’s code includes processes that capture detailed information about the devices from which users log in, a technique known as "fingerprinting." This method is commonly employed by technology companies for security and ad targeting purposes. However, its use in connection with a platform potentially linked to Chinese state interests raises serious concerns about how that information might be used or shared.
Analysis by Cybersecurity Experts
To verify Feroot’s claims, two academic experts on cybersecurity, Joel Reardon from the University of Calgary and Serge Egelman from UC Berkeley, conducted their own examination of DeepSeek’s code. Their findings confirmed that there are links between the chatbot’s login systems and China Mobile, highlighting the increasing anxiety surrounding data safety and surveillance.
Complications in the Mobile Version of DeepSeek
It’s important to note that the scrutiny so far applies only to the web version of DeepSeek, with researchers not yet having analyzed its mobile application. Given that it remains one of the most downloaded apps in both Apple and Google app stores, this aspect presents an additional layer of concern regarding user data and privacy.
Conclusion
The connection of DeepSeek to China Mobile and the potential risks associated with user data handling have opened the door to serious discussions about data security, especially concerning digital services with ties to foreign governments. As concerns about information sharing and privacy loom, the implications for users must be rigorously addressed.
