DeepSeek: Rising Start in AI or Privacy Nightmare?

Author: Eddie Hernandez

Published: Jan 28, 2025 [Source: LinkedIn]

DeepSeek, a Chinese AI startup founded by Liang Wenfang in 2023, has recently made headlines with its latest large language model (LLM), DeepSeek R1. According to Techopedia, this model has shown remarkable performance when compared to other AI models, like OpenAI, Claude, and Meta’s own LLaMA. This is particularly true when it comes to reasoning tasks. However, as an information security professional, I have concerns about the implications of using such a powerful tool, particularly regarding data privacy and national security and in this article, I’d like to touch up on a few points.

Performance Benchmarks and Comparisons

DeepSeek R1 has been benchmarked against several other LLMs, and has shown impressive results. The technology behind it is open-source and you can download it and use it for free. It uses techniques like reinforcement learning and chain-of-thought reasoning to improve accuracy. On benchmarks, DeepSeek R1 performs on par with or even surpasses various commercial AI models. This has sparked a debate about the potential of open-source AI models to compete with proprietary ones. As a supporter of open-source development, there are advantages we cannot ignore, such as quicker and more innovative growth capacity.

Data Privacy Concerns

One of the major concerns with DeepSeek is its data privacy policies. According to its privacy policy, DeepSeek collects a wide range of user data, including names, emails, numbers, passwords, and usage data. This information is stored on servers located in China, and may be shared with law enforcement agencies and other authorities. This raises significant concerns about the potential misuse of personal data, especially given China’s data protection laws that allow the government to seize data with minimal pretext. Certainly one can argue that this is true of any software platform and the country of origin.

Impact on the Stock Market

The release of DeepSeek R1 has had a notable impact on the stock market. Nvidia, a major supplier of GPUs used in AI development, saw its stock plunge by 17%, wiping out $600 billion in market value. This reaction highlights the growing influence of AI startups like DeepSeek on the tech industry and the broader economy.

National Security Implications

DeepSeek’s rise has also raised national security concerns, particularly in the United States. U.S. government officials and cybersecurity experts worry that the technology could pose a threat to national security, given the potential for data misuse, cyber surveillance, and espionage. These concerns are amplified by the fact that DeepSeek’s services are widely used by American users.

While DeepSeek R1’s performance is impressive, the concerns about data privacy and national security cannot be ignored. Corporations investigating in use of AI tools need to remain vigilant and advocate for robust data protection measures. The impact of AI on the stock market and national security underscores the need for a balanced approach to technological advancements.

A Balanced Approach: AI in the Workplace

Companies looking to invest in AI should consider the following approaches to ensure a balanced and responsible implementation:

1. Prioritize Data Privacy and Security: Implement robust data protection measures to safeguard user data. This includes encryption, access controls, and performing regular security internal audits and health checks.
2. Adopt Ethical AI Practices: Develop and adhere to ethical guidelines for AI usage. This involves transparency, fairness, and accountability in AI systems to prevent biases and ensure ethical decision-making.
3. Collaborate with Experts: Work with data privacy experts, ethicists, and cybersecurity professionals to navigate the complexities of AI implementation and address potential risks.
4. Invest in Employee Training: Provide ongoing training for employees to ensure they understand AI technologies and their implications. This helps in fostering a culture of responsible AI use and helps to reinforce the priority of data protection.
5. Monitor and Evaluate AI Systems: Continuously monitor AI systems for any anomalies or biases. Regular evaluations can help identify and rectify issues early on.
6. Engage with Regulatory Bodies: Stay informed about and comply with regulations related to AI and data privacy. Engaging with regulatory bodies can help companies stay ahead of legal requirements. Ensure your organization has a Governance, Risk, and Compliance (GRC) team equipped with adequate knowledge. Legal teams are not always the best equipped to handle GRC concerns.
7. Promote Transparency: Be transparent with users and customers about how AI systems are used and how their data is handled. This builds trust and fosters a positive relationship with customers. Do not fail to disclose that AI is being used when responding to customer information security questionnaires (ISQs) during RFIs and RFPs.

By adopting these approaches, companies can harness the power of AI while mitigating risks and ensuring responsible use.

###End of Article

The views and opinions shared in this post are of the author’s personal and professional opinion and are in no way the opinions of his employer, both present and prior, or any of their affiliates. This is not to be understood to be legal advice or advice of any kind. Personnel seeking advice should retain the services of a qualified information security and privacy governance subject-matter expert.