cross-posted from: lemmy.sdf.org/post/33548424

Archived

  • The agency said that before DeepSeek’s chatbot was removed from app stores in South Korea, the company was transferring user data to firms in China and the U.S. without consent.
  • The findings were released in relation to an ongoing investigation into DeepSeek, and the company has been sent corrective recommendations.

South Korea’s data protection authority has concluded that Chinese artificial intelligence startup DeepSeek collected personal information from local users and transferred it overseas without their permission.

The authority, the Personal Information Protection Commission [PIPC], released its written findings on Thursday in connection with a privacy and security review of DeepSeek.

It follows DeepSeek’s removal of its chatbot application from South Korean app stores in February at the recommendation of PIPC.

[…]

During DeepSeek’s presence in South Korea, it transferred user data to several firms in China and the U.S. without obtaining the necessary consent from users or disclosing the practice, the PIPC said.

The agency highlighted a particular case in which DeepSeek transferred information from user-written AI prompts, as well as device, network, and app information, to a Chinese cloud service platform named Beijing Volcano Engine Technology Co.

[…]

When the data protection authority announced the removal of DeepSeek from local app stores, it signaled that the app would become available again once the company implemented the necessary updates to comply with local data protection policy.

That investigation followed reports that some South Korean government agencies had banned employees from using DeepSeek on work devices. Other global government departments, including in Taiwan, Australia, and the U.S., have reportedly instituted similar bans.