South Korea has paused new downloads of the Chinese artificial intelligence (AI) chatbot DeepSeek due to concerns over its compliance with the country’s data protection regulations. The suspension, effective as of 6:00 p.m. local time on February 15, 2025, was announced by the Personal Information Protection Commission (PIPC). While the web service remains accessible, the agency’s decision comes after it identified issues with the app’s communication functions and personal information processing policies, especially in relation to third-party service providers. DeepSeek’s developers acknowledged their oversight in failing to consider South Korea’s privacy laws when launching the service.
The PIPC launched its analysis of DeepSeek immediately following its introduction in South Korea and discovered several shortcomings. The app was found to have failed to meet local privacy standards, particularly in how it handled personal data. In response, DeepSeek has appointed a local representative and agreed to implement necessary changes to ensure the app aligns with South Korea’s Personal Information Protection Act (PIPA). The suspension will remain in place until the app meets these compliance requirements.
In addition to the privacy concerns, recent findings have raised alarms regarding the security of DeepSeek’s Android and iOS apps. These versions of the app were found to have security vulnerabilities that allow certain data to be transmitted to servers in an unencrypted format, exposing users to potential risks. PIPC has cautioned users not to input personal information into the app’s prompts until the issues are fully addressed. The agency also intends to strengthen its oversight to prevent similar issues from recurring in the future.
The suspension of DeepSeek follows a series of developments regarding the app’s data practices. The National Intelligence Service (NIS) of South Korea had earlier criticized DeepSeek for excessively collecting personal data and using it to train its AI systems. Beijing has responded by asserting that it allows foreign companies to operate in China, provided they follow local regulations and do not violate laws related to data collection and storage.
