Deepseek sends and stores, for example, conversation history and downloaded files to external servers.
According to Check Point, the Deepseek information management model can pose conformity risks to companies under the General Data Protection Regulation. A privacy policy can even lead to sanctions. Joel Maalmi
Deepseek, a Chinese artificial intelligence application that has become a hit, can bring significant security risks, says cyber security company Check Point Software.
The company warns in its announcement that Deepsek’s Privacy Policy enables the extent to use of user information. For example, the application sends and stores the history of conversation and downloaded files to external servers. Deepseek reserves the right to view any content sent by the user.
– The data collected can be utilized in model training, which can lead to sensitive company information to end up in future artificial intelligence models, says the company.
According to Check Point, the Deepseek information management model can pose conformity risks to companies under the General Data Protection Regulation. A privacy policy can even lead to sanctions.
“The Deepseek phenomenon shows how quickly the new artificial intelligence application can spread widely within the organization-often before the security teams have time to react,” Check Point says in a news release.
Other security problems have also occurred in Deepseek. For example, wired reportedthat one of the critical databases of the application was accidentally revealed on the Internet. In practice, the company’s error led to Deepseat to leak system logs, users promoters and even user-specific API keys.
Some of the organizations have already woken up to Deepseat’s privacy and security risks. For example, this week, the City of Helsinki banned the use of an artificial intelligence application from its employees.