DeepSeek stores your prompts on servers in China. The company says so in its privacy policy. China's National Intelligence Law requires every Chinese company to cooperate with state intelligence. Italy blocked it. Australia banned it from government devices. Taiwan banned it. South Korea banned it. The US Navy prohibited its use. DeepSeek is owned by a Chinese hedge fund. Your conversations, your questions, your code, your business queries — stored on Chinese servers, held by a company that cannot legally refuse a request from Chinese intelligence. The privacy policy doesn't hide this. It states it plainly. DeepSeek left a database open on the internet. No password. No authentication. Over a million lines of chat history, API keys, and backend logs — accessible to anyone who looked. Wiz found it. Then Cisco tested the model's safety: 100% failure rate. Every harmful prompt they tried worked. Bioweapons instructions. Malware generation. Social engineering scripts. Zero blocked. A Chinese AI company that left your conversations in an open database and built a model that says yes to everything. The "open" in open-weights apparently applied to the user data too.
What they claim: DeepSeek's privacy policy states it collects user data including prompts, device information, and keystroke patterns.
What we found: DeepSeek is headquartered in Hangzhou, China and is a subsidiary of High-Flyer Capital Management, a Chinese quantitative hedge fund. China's National Intelligence Law (2017) requires all Chinese organisations to "support, assist, and cooperate with national intelligence work." DeepSeek's privacy policy explicitly states data is stored on servers in the People's Republic of China. In January 2025, Italy's data protection authority blocked DeepSeek for GDPR violations. Australia, Taiwan, and South Korea banned DeepSeek from government devices. The US Navy issued guidance prohibiting its use. Your prompts are stored on Chinese servers by a company legally required to hand them to Chinese intelligence on request.
What they claim: DeepSeek's privacy policy states it collects "keystroke patterns or rhythms" from users.
What we found: DeepSeek's privacy policy explicitly lists keystroke patterns as collected data — a form of behavioural biometrics that can uniquely identify individuals. Keystroke dynamics are used in forensics and authentication because typing patterns are as unique as fingerprints. Combined with prompt content, device information, IP addresses, and the Chinese jurisdiction, DeepSeek collects enough data to identify, profile, and track individual users across sessions even without traditional account credentials. No other major AI chatbot explicitly states it collects keystroke biometrics.
What they claim: DeepSeek positions itself as an open, capable AI assistant comparable to Western frontier models.
What we found: Security researchers from Wiz discovered that DeepSeek left a ClickHouse database publicly exposed with no authentication, containing over a million lines of chat history, API keys, backend metadata, and operational logs. The database was accessible to anyone on the internet. Researchers at Cisco and the University of Pennsylvania tested DeepSeek R1 and found it failed to block a single harmful prompt across their test suite — a 100% failure rate on safety benchmarks. DeepSeek's model was jailbroken to generate instructions for bioweapons, malware, and social engineering attacks. Open-weights, open-database, open-to-everyone.
What they claim: DeepSeek promotes advanced AI capabilities with competitive performance
What we found: Security researchers from Wiz discovered a publicly accessible DeepSeek database containing over 1 million log entries including plaintext chat histories, API keys, and backend system details. The iOS app transmitted device information without encryption. Hard-coded encryption keys were found. Data was also transmitted to Volcengine — ByteDance's cloud platform. Italy banned DeepSeek within 72 hours. The US Navy, multiple US states, Australia, Taiwan, and South Korea imposed restrictions.