DeepSeek, the Chinese LLM that overtook ChatGPT as the most downloaded free app at the beginning of 2025, has earned its reputation as a disruptor. The open-source model has threatened the dominance of leading AI companies by offering an alternative where datasets, algorithms and models aren’t shrouded in secrecy. The cost and energy efficiency of the chatbot has undermined the assumption that generative AI depends on a high supply of GPUs. At a time when big-tech and the environment seem to be mutually exclusive, it offers a possible route to greener AI use. It can even tell you how many “r”s there are in “strawberry”. However, the impressive capability of the model is not without its flaws, especially with regards to privacy on both the DeepSeek app and website.
Before DeepSeek came to international attention, most of the familiar names in or behind AI were US-based: OpenAI, Anthropic, Meta, Alphabet, Perplexity, X. DeepSeek, on the other hand, is firmly Chinese. Its founder, Liang Wenfeng, co-founded the Hangzhou-based hedge fund High-Flyer, which wholly owns and funds DeepSeek. Founded in 2003 as an offshoot AI lab separate from the business’s main focus on AI-driven trading algorithms, every model DeepSeek has produced has been concurrent with US sanctions on chip exports, reportedly using a stockpile of Nvidia GPUs acquired in 2021, raising doubts as to whether these trade restrictions have produced the desired effect. The chatbot also has a few habits which give away the influence of China’s government on the model; users asking questions about Tiananmen Square and the Umbrella Revolution have been met with a blank “Sorry, that’s beyond my scope. Let’s talk about something else”. While users have increasingly been discovering workarounds for these obstructions, there is less wiggle room under China’s National Intelligence Law. DeepSeek’s privacy policy confirms that it stores data on servers located in the PRC. Under China’s 2017 cybersecurity laws, DeepSeek could be compelled to share data with the government upon request. Other Chinese chatbots such as search engine Baidu’s Ernie Bot and Moonshot’s Kimi AI have also been criticised on similar grounds; in the wake of DeepSeek’s January 2025 surge in popularity both have released free models. Conversely, Mistral’s Le Chat from France, launched in February 2025, is drawing interest as a competitively priced, yet GDPR-compliant option.
Whether DeepSeek sends your prompts and conversations to the state aside, the site has also been targeted by hostile actors worldwide. From 27 January to the first week of February 2025, DeepSeek also reported numerous “large-scale” DDOS cyberattacks on both the API and web chat service, causing the site to temporarily pause new user registrations. In addition to these concerns, DeepSeek has been accused of lax data security practices. On 29 January, Wiz, a cybersecurity firm based in New York, highlighted an exposed database of over one million records. The ClickHouse database was unsecured, unauthenticated, and publicly accessible; “within minutes” Wiz was able to gain access not only to chat and prompt history, but passwords, API authentication tokens, local files and proprietary information.
After Wiz notified DeepSeek of this exposure, the site reportedly fixed the issue within an hour. To those affected, this should not be taken as a cue to relax, as it is highly likely that other entities discovered the leak before it was officially communicated to DeepSeek. The researchers at Wiz were concerned by how basic the oversight was; Wired reported that the level of exposure is the sort of thing that Wiz typically finds after hours of searching through neglected services, emphasising that DeepSeek has failed to meet the “bare minimum” in defending against vulnerabilities.
The unholy trinity of fears over practice, external attacks, and the geopolitical tensions of China’s potential to access data mean that users should be extremely cautious about using both the API and web chat services, especially for proprietary information. Concerns over the chatbot’s data collection practices have already resulted in international action. At the end of January 2025, Italy’s data protection authority ordered a countrywide block, and Australia, Taiwan and the state of New York have banned the use of the app on government devices. The European Data Protection Board also met on 11 February to discuss DeepSeek, and South Korea has banned new downloads of the app, although existing users can still use the chatbot and the website remains accessible.
While the model may be operating on a very impressive level for the computing power it uses, at present it is hard to be confident in DeepSeek’s data. For those who have already used DeepSeek, crucially before the database leak was addressed, increased vigilance is recommended against known threats such as phishing. It may also be worth updating credentials. Regardless of the origin of a promising model, caution should always be exercised when trusting them with your sensitive data.
Privacy Policy.
Revoke consent.
© Digitalis Media Ltd. Privacy Policy.
Digitalis
We firmly believe that the internet should be available and accessible to anyone, and are committed to providing a website that is accessible to the widest possible audience, regardless of circumstance and ability.
To fulfill this, we aim to adhere as strictly as possible to the World Wide Web Consortium’s (W3C) Web Content Accessibility Guidelines 2.1 (WCAG 2.1) at the AA level. These guidelines explain how to make web content accessible to people with a wide array of disabilities. Complying with those guidelines helps us ensure that the website is accessible to all people: blind people, people with motor impairments, visual impairment, cognitive disabilities, and more.
This website utilizes various technologies that are meant to make it as accessible as possible at all times. We utilize an accessibility interface that allows persons with specific disabilities to adjust the website’s UI (user interface) and design it to their personal needs.
Additionally, the website utilizes an AI-based application that runs in the background and optimizes its accessibility level constantly. This application remediates the website’s HTML, adapts Its functionality and behavior for screen-readers used by the blind users, and for keyboard functions used by individuals with motor impairments.
If you’ve found a malfunction or have ideas for improvement, we’ll be happy to hear from you. You can reach out to the website’s operators by using the following email webrequests@digitalis.com
Our website implements the ARIA attributes (Accessible Rich Internet Applications) technique, alongside various different behavioral changes, to ensure blind users visiting with screen-readers are able to read, comprehend, and enjoy the website’s functions. As soon as a user with a screen-reader enters your site, they immediately receive a prompt to enter the Screen-Reader Profile so they can browse and operate your site effectively. Here’s how our website covers some of the most important screen-reader requirements, alongside console screenshots of code examples:
Screen-reader optimization: we run a background process that learns the website’s components from top to bottom, to ensure ongoing compliance even when updating the website. In this process, we provide screen-readers with meaningful data using the ARIA set of attributes. For example, we provide accurate form labels; descriptions for actionable icons (social media icons, search icons, cart icons, etc.); validation guidance for form inputs; element roles such as buttons, menus, modal dialogues (popups), and others. Additionally, the background process scans all of the website’s images and provides an accurate and meaningful image-object-recognition-based description as an ALT (alternate text) tag for images that are not described. It will also extract texts that are embedded within the image, using an OCR (optical character recognition) technology. To turn on screen-reader adjustments at any time, users need only to press the Alt+1 keyboard combination. Screen-reader users also get automatic announcements to turn the Screen-reader mode on as soon as they enter the website.
These adjustments are compatible with all popular screen readers, including JAWS and NVDA.
Keyboard navigation optimization: The background process also adjusts the website’s HTML, and adds various behaviors using JavaScript code to make the website operable by the keyboard. This includes the ability to navigate the website using the Tab and Shift+Tab keys, operate dropdowns with the arrow keys, close them with Esc, trigger buttons and links using the Enter key, navigate between radio and checkbox elements using the arrow keys, and fill them in with the Spacebar or Enter key.Additionally, keyboard users will find quick-navigation and content-skip menus, available at any time by clicking Alt+1, or as the first elements of the site while navigating with the keyboard. The background process also handles triggered popups by moving the keyboard focus towards them as soon as they appear, and not allow the focus drift outside of it.
Users can also use shortcuts such as “M” (menus), “H” (headings), “F” (forms), “B” (buttons), and “G” (graphics) to jump to specific elements.
We aim to support the widest array of browsers and assistive technologies as possible, so our users can choose the best fitting tools for them, with as few limitations as possible. Therefore, we have worked very hard to be able to support all major systems that comprise over 95% of the user market share including Google Chrome, Mozilla Firefox, Apple Safari, Opera and Microsoft Edge, JAWS and NVDA (screen readers), both for Windows and for MAC users.
Despite our very best efforts to allow anybody to adjust the website to their needs, there may still be pages or sections that are not fully accessible, are in the process of becoming accessible, or are lacking an adequate technological solution to make them accessible. Still, we are continually improving our accessibility, adding, updating and improving its options and features, and developing and adopting new technologies. All this is meant to reach the optimal level of accessibility, following technological advancements. For any assistance, please reach out to webrequests@digitalis.com