Popular AI App DeepSeek Sends Unencrypted Data to ByteDance Servers
Recent security analyses have revealed that the iOS version of DeepSeek, a widely-used AI chatbot developed by a Chinese company, transmits user data unencrypted to servers controlled by ByteDance. This practice exposes users to potential data interception and raises significant privacy concerns.
The unencrypted data includes sensitive information such as organization identifiers, software development kit versions, operating system versions, and user-selected languages. Apple's App Transport Security (ATS), designed to enforce secure data transmission, has been globally disabled in the DeepSeek app, further compromising user data security.
Security experts from NowSecure have identified these vulnerabilities and recommend that organizations remove the DeepSeek iOS app from managed and personal devices to mitigate privacy and security risks. They also note that the Android version of the app exhibits even less secure behavior and should be avoided.
In response to these findings, several U.S. lawmakers are advocating for a ban on the DeepSeek app on government devices, citing concerns over potential data sharing with the Chinese government. This mirrors previous actions against other Chinese-developed apps due to national security considerations.
Users should exercise caution and consider removing the DeepSeek app from their devices until these security issues are addressed. The situation underscores the importance of ensuring that applications adhere to strict data security protocols to protect user information.
The thiefs point their dirty fingers against each other.
I am still for heavy regulation for todays digital tech corporations and state actors to protect peoples every day life data instead of building a dystopia.
Sure, meanwhile the UK Demands Apple decrypt all user accounts globally for UK spies; (look that up) also in the last 24 hours, US senate hearing becomes major push for online surveillance, censorship and encryption backdoors.
This is a nothingburger. Have you read the privacy policy of any US-based AI client – or, for that matter, most free online services? With a few exceptions, they’re zero-privacy. Expecting a Chinese app to be any different is silly, and saying “you should uninstall the app” is inane, unless you uninstall your ChatGPT and Google and Meta apps while you’re at it.
Yep, your wise sentiment reflects the fact DeepSeek is the most downloaded app in America.
Regrettably, have to agree. There is no privacy with AI. I am using AIs (once in while) that supposed to be privacy focused: at least they are not supposed to match my IP, name or unique browser ID with recorded data. But if they do, I will not be surprised at all. This AI stuff is really expensive to develop and since very few people paying for the services, they have to start making money somehow. And selling private information is exactly how they do it.
My personal suggestion: put at least one layer of protection between yourself and AI companies. If you’re asking AI something important or private: do not use accounts, apps and always use VPN. Always do it through privacy focused browsers. It will block some tracking and makes it problematic to sort all your information in one place.
There are inconveniences with this method too, since you can not run continued conversations for days or use history in browser without account, but how much AI answers do you really need? If you can not help but have to use app, create multiple accounts for each topic or use different AI app for each topic. All of this will prevent them from aggregate your precise data.