A report has revealed that the Chinese AI company DeepSeek, whose chatbot became the most downloaded app in the U.S., may be sending user login information to China Mobile, a Chinese state-owned telecommunications company. This company has been banned from operating in the U.S. due to security concerns.
Security researchers discovered that the login page for DeepSeek’s chatbot contains obfuscated code, which, when decoded, points to connections with China Mobile’s infrastructure. This code is involved in user account creation and login processes on the DeepSeek platform.
DeepSeek’s privacy policy acknowledges that it stores user data on servers within China. However, this new discovery suggests a more direct connection between DeepSeek’s chatbot and the Chinese government than previously realized, with the involvement of China Mobile. The U.S. government has previously linked China Mobile to the Chinese military, leading to sanctions against the company. Both DeepSeek and China Mobile have not responded to requests for comment.
The expansion of digital services controlled by China has become a significant concern for U.S. national security officials. Last year, U.S. lawmakers, in a rare show of bipartisan support, passed legislation requiring the Chinese parent company of the widely-used video app TikTok to either sell its U.S. operations or face a potential nationwide ban. However, the app was granted a 75-day extension by then-President Donald Trump, who sought to facilitate a possible sale.
The connection between DeepSeek and China’s leading mobile provider was initially discovered by Feroot Security, a Canadian cybersecurity firm, which shared its findings with the media. These findings were then verified by a second group of cybersecurity experts, who confirmed the presence of code from China Mobile. While neither Feroot nor the other experts observed data being transferred to China Mobile during login tests in North America, they couldn’t completely rule out that some users’ data might be sent to the Chinese telecom company.
The analysis focused only on the web version of DeepSeek. The mobile version, which remains one of the most downloaded apps on both Apple and Google app stores, was not part of the investigation.
In 2019, the U.S. Federal Communications Commission (FCC) unanimously rejected China Mobile’s request to operate in the U.S., citing significant national security concerns due to the company’s ties with the Chinese government. In 2021, the Biden administration imposed sanctions on China Mobile, restricting American investments in the company after the Pentagon linked it to the Chinese military.
Ivan Tsarynny, CEO of Feroot Security, expressed concerns, stating, “It’s shocking that we’re unknowingly allowing China to monitor Americans without taking action.” He added, “It’s hard to believe this is accidental. There are so many odd aspects to this situation. As the saying goes, ‘Where there’s smoke, there’s fire.’ In this case, there’s a lot of smoke.”
Stewart Baker, a Washington, D.C.-based lawyer and consultant with past experience in senior roles at the Department of Homeland Security and the National Security Agency, expressed concerns about DeepSeek, stating that it raises similar issues as TikTok but with even more significant risks. He pointed out that the information shared on DeepSeek is likely to have greater national security and personal importance than the content people typically share on TikTok, one of the world’s most popular social media platforms.
As users increasingly input sensitive data into generative AI systems, ranging from confidential business information to personal details, the risks to data security grow. People are using these systems for everything from spell-checking to research and intimate conversations. The risks are heightened when the platform is owned by a geopolitical rival, potentially providing an intelligence goldmine for that country, experts warn.
Ivan Tsarynny, CEO of Feroot, further emphasized the magnitude of the issue, noting that the implications are much more significant than TikTok, as personal and proprietary information could be exposed. “It’s not just about sharing entertainment videos. It’s about sharing queries and sensitive information, including personal and business data,” he said.
Feroot, a company that specializes in identifying online threats, discovered computer code that is activated when a user logs into DeepSeek. Their analysis revealed that the code appears to gather detailed information about the user’s device, a process known as fingerprinting. This technique is commonly used by tech companies for security, verification, and advertising purposes.
Feroot’s analysis also found links within the code connecting it to China Mobile’s authentication and identity management systems. This suggests that the code may be involved in the login process for some DeepSeek users, potentially allowing China Mobile to access user information.
Two academic cybersecurity experts, Joel Reardon from the University of Calgary and Serge Egelman from the University of California, Berkeley, were asked to verify Feroot’s findings. After conducting their own independent analysis of the DeepSeek code, they confirmed the presence of links between the chatbot’s login system and China Mobile.
Reardon stated, “It’s clear that China Mobile is involved in the registration process for DeepSeek.” While he didn’t observe data being transferred during his testing, he concluded that it is likely happening for some users or specific login methods.