European regulators are raising alarms over DeepSeek, a Chinese AI chatbot, due to concerns about data privacy and security. The Netherlands’ data protection authority (AP) issued a warning against using the service, while Italy has taken more aggressive action, blocking the chatbot outright. Both countries cite the risk of European user data being stored in China without adequate protections.
DeepSeek, a newly launched AI chatbot, has gained global traction, with millions of downloads in just a few days. It functions as a conversational AI designed to understand and process human language, similar to ChatGPT. However, the chatbot’s rapid adoption has raised concerns among European regulators over whether it adheres to GDPR (General Data Protection Regulation) requirements.
Dutch regulators warn against DeepSeek
Today, the Dutch Data Protection Authority (Autoriteit Persoonsgegevens, AP) issued a formal warning urging users to be extremely cautious when using DeepSeek. The watchdog highlighted serious concerns over the chatbot’s privacy policies and how it handles user data.
Aleid Wolfsen, chairman of the AP, warned users to think twice before entering personal or sensitive information into DeepSeek, stating:
“The AP warns due to serious concerns about the privacy policy of Chinese DeepSeek and the way the company appears to handle users’ personal data.”
A key concern is that DeepSeek stores user data — including information entered into the chatbot — on servers in China. According to the AP, transferring personal data of European citizens to non-EU countries is only permissible under strict privacy regulations, ensuring users retain control over their information. The regulator is now launching a broader investigation into data transfers to China, scrutinizing DeepSeek and similar Chinese AI firms.
Wolfsen also emphasized the risks of unintentionally exposing others’ personal data:
“If you, as a user in the Netherlands, upload a document containing personal data—such as a CV—into the DeepSeek chatbot, that personal data may be stored on a server in China. The same applies to any questions you enter into the chatbot. Be aware of this. Think about it. The system lives off the information you put into it.”
Italy blocks DeepSeek
Late last week, Italy’s Data Protection Authority (Garante per la Protezione dei Dati Personali) took a stronger stance by issuing an urgent order to block DeepSeek’s data processing operations in Italy. This effectively prevents the chatbot from handling Italian users’ personal data.
The Italian regulator stated that it received an unsatisfactory response from DeepSeek’s parent companies — Hangzhou DeepSeek Artificial Intelligence and Beijing DeepSeek Artificial Intelligence — regarding their compliance with EU data protection laws. The companies claimed they did not operate in Italy and were not subject to European regulations. However, the Italian authority rejected this argument and opened a formal investigation.
Italy has consistently taken a cautious approach to AI regulation, enforcing strict compliance with GDPR to safeguard user data. The country was the first in Europe to temporarily ban ChatGPT in March 2023 over privacy concerns and later fined OpenAI €15 million for failing to protect user information. Italian regulators have also scrutinized AI models for transparency, data processing practices, and risks related to minors’ access.
With European authorities now investigating DeepSeek, it remains uncertain whether more countries will follow Italy’s lead in restricting or banning the chatbot. Given the increasing availability of Chinese AI models in Europe, regulators are expected to maintain a close watch on compliance with data protection laws.
NETGEAR Fixes Critical RCE Flaws in Nighthawk Gaming Routers
same with google, facebook, nsa, apple…Are America so different?