**DeepSeek: The Well-Known Chinese AI Chatbot Raising Privacy Issues in the U.S.**

DeepSeek, a Chinese AI chatbot akin to OpenAI’s ChatGPT, has swiftly emerged as the most downloaded free app in the U.S. Nevertheless, its rapid rise to prominence in app store rankings has triggered considerable privacy issues, particularly as the U.S. government continues to examine Chinese tech platforms like TikTok for potential connections to the Chinese authorities.

Similar to most applications, DeepSeek necessitates that users consent to its privacy policy when signing up. However, as is frequently the case, many users probably overlook the fine details.

### What Insights Does DeepSeek’s Privacy Policy Offer?

As stated by Adrianus Warmenhoven, a cybersecurity specialist at NordVPN, DeepSeek’s privacy policy, which can be accessed in English, clearly indicates that user data—including conversations and generated answers—is stored on servers located in China. This raises alarms due to the contrasting privacy and security norms in China, where data collection legislation is more extensive and governmental access is obligatory.

Below is a summary of what DeepSeek gathers, as detailed in its privacy policy:

#### 1. **Information You Provide**
– Personal information such as date of birth, username, email address, phone number, and password.
– Content contributed to the app, including text, audio, chat histories, feedback, and uploaded documents.
– Information shared during customer support interactions, such as proof of identity or questions.

#### 2. **Automatically Collected Information**
– Internet activity data like IP addresses, device identifiers, and cookies.
– Technical specifications such as device model, operating system, keystroke patterns, system language, and diagnostic data.
– Usage statistics, including features utilized and payment details.

#### 3. **Information from Other Sources**
– Data from associated accounts (e.g., Google or Apple logins).
– Information from advertising and business collaborators, including purchase records.

### What Are “Keystroke Patterns or Rhythms”?

A particularly troubling element of DeepSeek’s data collection is its monitoring of “keystroke patterns or rhythms.” While this might seem unsettling, it’s not entirely unprecedented—TikTok gathers similar information, although platforms like Instagram do not.

Keystroke pattern tracking pertains to the timing of key presses rather than the specific keys involved. This creates a kind of biometric identification that can differentiate one user from another. While TikTok has clarified that this practice is not akin to keylogging, DeepSeek’s lack of transparency prompts questions regarding how this information might be utilized.

Nicky Watson, co-founder of the consent management service Syrenis, cautions that the increased use of biometrics brings new hazards, including identity theft, impersonation, and fraud. Unlike passwords, biometric data cannot be reset or revoked, elevating the stakes for identification.

### How Does DeepSeek Utilize Your Data?

DeepSeek employs collected data for typical purposes, such as sending targeted advertisements and informing users of service upgrades. However, its privacy policy also states that data may be shared with its corporate affiliates, law enforcement entities, or for purposes deemed of public interest.

What distinguishes DeepSeek is that its data resides on servers in China, a nation with stringent cybersecurity regulations requiring companies to assist with national intelligence initiatives. This has intensified worries about possible exploitation of user data, particularly given the Chinese government’s record of censorship and propaganda. For example, users reportedly cannot inquire about sensitive subjects like the 1989 Tiananmen Square incident.

Moreover, a review by WIRED discovered that DeepSeek transmits data to Chinese tech firms like Baidu and Volces. The privacy policy also implies that user inputs might be used to train future AI models.

### Why Should Users Be Alarmed?

Data security is frequently underestimated, yet the dangers are substantial. If a company such as DeepSeek suffers a data breach, sensitive user information—like personal messages or payment data—could be compromised. In the most severe cases, this could result in identity theft or financial damage. Recently, DeepSeek encountered “large-scale malicious attacks,” compelling the company to briefly suspend new registrations.

Warmenhoven emphasizes that as AI platforms become increasingly sophisticated, they also turn into prime targets for hackers. With the emergence of deepfakes and other AI-powered tools, the stakes for data security are higher than ever.

### Is DeepSeek More Concerning Than Other Tech Giants?

While DeepSeek’s connections to China amplify apprehensions, experts contend that many tech firms, including U.S.-based giants like Meta and OpenAI, also accumulate extensive user data. John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab, highlights that most companies establish their own data usage policies, and users often unwittingly agree to them.

Protecting your data from DeepSeek—or any tech platform—necessitates a proactive strategy. Warmenhoven encourages users to meticulously examine