German Data Protection Authorities Consider Steps to Review Chinese AI Application Deep Seek
German data protection authorities are considering steps to review the Chinese AI application Deep Seek. “It seems that data protection law is almost non-existent in Deep Seek” said Dieter Kugelmann, data protection officer in the state of Rhineland-Palatinate, in an interview with the Tagesspiegel Background section.
Deep Seek’s data protection guidelines outline a comprehensive collection of information by the app, including IP addresses, chat logs and uploaded files, as well as patterns and rhythms of keyboard inputs. “We store the data we collect on secure servers in the People’s Republic of China” the guidelines state, according to the newspaper.
The General Data Protection Regulation (GDPR) allows for data exchange with states whose protection level is comparable to that of the European Union. However, there is no agreement between China and the EU that would enable a legally secure data exchange.
According to Kugelmann, no European subsidiary and no responsible legal representative have been identified so far, which could potentially be seen as a violation of the GDPR.
Deep Seek was a topic of discussion at the mid-conference of data protection authorities in Berlin on Wednesday. “We are now considering what we can do” said Kugelmann. Rhineland-Palatinate and several other German data protection authorities plan to discuss and decide on further steps, with the most likely option being to send a questionnaire to the company about its data processing.
The Italian data protection authority had already requested information and given the company a 20-day deadline to respond. In Italy, the app is currently no longer available for download from Apple and Google stores, according to Italian media, including Corriere della Sera, which suggests that the Chinese company may have taken a precautionary measure in response to the data protection inquiry.