South Korea’s Personal Information Protection Commission (PIPC) has accused DeepSeek of transferring personal user data and AI prompts to companies in China and the United States without obtaining proper consent. This action, identified during DeepSeek’s launch in South Korea in January, has raised significant privacy concerns.
The PIPC’s investigation revealed that DeepSeek sent device, network, and app-related information, along with user inputs in AI prompts, to Beijing Volcano Engine Technology Co. Ltd. The company later stated that this data transfer aimed to enhance user experience and claimed to have ceased the transfer of AI prompt content as of April 10.
In response to these findings, the PIPC has issued a corrective recommendation for DeepSeek to delete any previously transferred prompt content and to establish a legal basis for future international data transfers. The Chinese Foreign Ministry has denied any illegal data collection, stating that the Chinese government does not and will not direct companies to collect or store data illegally.
This incident highlights the growing scrutiny of how international AI companies handle personal data, especially in jurisdictions with strict privacy standards. As AI technology continues to advance, ensuring transparency and compliance with data protection laws remains a critical issue.