House lawmakers introduced a bill this week to ban Chinese generative AI startup DeepSeek from government devices as concerns about China's access to data grow.
Reps. Josh Gottheimer (D-N.J.) and Darin LaHood (R-Ill.) proposed the bipartisan "No DeepSeek on Government Devices Act" to prohibit federal employee use of DeepSeek on federally issued devices. South Korea, Australia, Taiwan and other countries have already implemented bans on using DeepSeek.
The proposed legislation mirrors how the U.S. government handled another Chinese-based service, TikTok. Senate legislators started by passing the "No TikTok on Government Devices Act" in 2022, with Congress passing a full ban in 2024. President Donald Trump signed an executive order Jan. 20 delaying the TikTok ban for 75 days.
The lawmakers who proposed the legislation pointed to research claims that DeepSeek's code links directly to the Chinese Communist Party (CCP) by sharing user data with China Mobile International USA Inc., a communications equipment provider banned from operating in the U.S. by the Federal Communications Commission.
There's proof they're influencing the model, so why would you want to send your sensitive information to China?
Avivah Litan Analyst, Gartner
The government's move to prohibit employees from using DeepSeek should signal to enterprise businesses that the AI model isn't safe to use, according to Gartner analyst Avivah Litan.
While Litan recognized DeepSeek's innovation in machine learning and artificial intelligence, she said from a trust and security perspective "it's a disaster."
"You know the Chinese government has their hands on this model," Litan said. "There's proof they're influencing the model, so why would you want to send your sensitive information to China? It throws data protection and privacy out the window."
Push for national privacy law renews
Not only does DeepSeek pose a security risk by potentially giving the CCP access to model data, it also provides a way for the CCP to create backdoors to access data and business operations outside the model. Litan described backdoors as the biggest threat, particularly for the U.S. government.
Data breaches through backdoors often occur when threat actors gain access through contractors rather than directly working with an enterprise business or government. Threat actors using backdoors can access passwords and other sensitive information or take over systems, Litan said.
"The worst case is that the Chinese government has backdoors and maybe the developers don't even know about it," she said. "Through backdoors, they're not even after the data you're putting in the model. They're out to steal everything you have -- like your intellectual property."
DeepSeek underscores another concern from businesses. On Jan. 28 , the U.S. Chamber of Commerce, along with other trade and business associations, sent a letter to Congress urging policymakers to consider passing a national data privacy law to ensure consumer data is "safeguarded and used responsibly."
The U.S. government has struggled to pass a national data privacy law due to disagreements across the aisle on issues such as private right of action, a legal tool that allows consumers to sue businesses that violate the law. Without an overarching federal law, U.S. states began passing their own data privacy protections, creating a regulatory patchwork in the U.S.
Jake Parker, senior director of government relations for the Security Industry Association, said many lawmakers feel that issues around data privacy go hand in hand with AI.
"Passing data privacy is a necessary first step to addressing AI," he said. "You do that at the national level, you take a lot of issues off the table."
Makenzie Holland is a senior news writer covering big tech and federal regulation. Prior to joining Informa TechTarget, she was a general assignment reporter for the Wilmington StarNews and a crime and education reporter at the Wabash Plain Dealer.
