South Korea’s data protection agency has accused Chinese artificial intelligence startup DeepSeek of illegally transferring user data overseas without proper consent. The country’s Personal Information Protection Commission (PIPC) made the announcement on Thursday, raising fresh concerns about the privacy practices of foreign tech companies operating in the region.
According to the commission, DeepSeek — developed by Hangzhou DeepSeek Artificial Intelligence Co. Ltd. — shared personal information and user-entered AI prompts with multiple companies in China and the United States when it launched its app in South Korea in January. Authorities said the company did not seek user approval before sending the data abroad, violating South Korea’s strict privacy regulations.
Sensitive Prompts and Device Data Sent to China
The investigation revealed that DeepSeek transmitted not only personal details but also AI prompt content — the information users typed into the app — to Beijing Volcano Engine Technology Co. Ltd. Alongside these prompts, the company also sent device information, network data, and app usage details.
In response to the investigation, DeepSeek admitted that it had shared this data but claimed it was done to enhance user experience. The company told regulators that it stopped transferring AI prompt content to Volcano Engine on April 10.
South Korea Demands Immediate Action
Despite DeepSeek’s explanation, South Korea’s privacy watchdog has ordered the company to take immediate corrective steps. Regulators have asked DeepSeek to delete all AI prompt content previously transferred to Volcano Engine and to establish a clear legal basis before sending personal data to other countries in the future.
This action comes after South Korea suspended new downloads of the DeepSeek app in February, citing the company’s failure to comply with key privacy requirements.
Company Remains Silent
As of Thursday, DeepSeek has not issued any public statement in response to the government’s findings or the recommended corrective measures. The company also did not respond to requests for comment.
China Denies Any Role in Misuse of Data
In response to the accusations, China’s Foreign Ministry addressed the issue during a press briefing. A spokesperson stated that the Chinese government does not, and will not, instruct domestic companies to collect or store data illegally. The ministry emphasized that data privacy remains a top priority for Chinese regulators as well.
Broader Context: Heightened Scrutiny of Foreign Tech Firms
This case highlights increasing international concerns about data privacy, particularly involving Chinese technology companies. Countries across the globe — including South Korea, the United States, and members of the European Union — have ramped up enforcement of data protection laws as AI tools and apps become more integrated into everyday life.
South Korea, known for its robust privacy legislation, has taken a firm stance against non-compliant companies, especially those handling large volumes of sensitive user data. The DeepSeek case is the latest example of this strict regulatory approach.
What Happens Next?
It remains unclear whether DeepSeek will fully comply with South Korea’s demands or if the app will be permanently barred from the local market. For now, the company must take immediate action to clean up its data practices if it hopes to restore its standing and resume operations in the country.
This incident serves as a warning to other foreign AI developers: failure to respect national data laws can lead to swift and decisive action — especially in regions like South Korea where privacy protections are rigorously enforced.
