WASHINGTON — The DeepSeek chatbot, a highly popular AI application in the United States, has been linked to potential user data transmission to China Mobile, a state-owned telecommunications firm that is prohibited from operating in the U.S., according to security researchers.
Investigation reveals that DeepSeek’s web login page contains obfuscated code indicating a connection to infrastructure owned by China Mobile, which appears to be integrated into the account creation and login processes.
DeepSeek’s privacy policy states that user data is stored on servers within the People’s Republic of China. However, the discovery of the connection to China Mobile raises additional concerns about the extent of the Chinese government’s influence over the chatbot. The U.S. government has previously cited links between China Mobile and the Chinese military as a basis for imposing sanctions on the company. Attempts to reach DeepSeek and China Mobile for comment went unanswered.
Growing concerns over Chinese digital services and their implications for U.S. national security have prompted Congressional action. Recently, bipartisan lawmakers voted to force the owner of TikTok to divest or face a ban in the U.S. Although a 75-day reprieve was granted by the former president to explore a sale, similar concerns linger over DeepSeek.
The concerning connection to China Mobile was initially discovered by a cybersecurity firm, which then shared its findings. Further verification by independent experts confirmed the presence of China Mobile code, although no data transfers to the company were observed during login tests in North America. However, researchers could not dismiss the possibility of data being sent for some users.
This analysis focused solely on the web version of DeepSeek, leaving the highly downloaded mobile app unexamined.
In 2019, the Federal Communications Commission rejected China Mobile’s application to operate in the U.S., citing significant national security concerns related to the company’s ties to the Chinese state. These concerns were echoed by the Biden administration, which imposed sanctions against the company in 2021 based on military affiliations.
Experts have raised alarms about the implications of such technology being owned by a geopolitical rival. “The risks are compounded when sensitive information is shared within these generative AI systems,” noted a cybersecurity CEO, emphasizing the potential for exposure of highly personal and proprietary data.
Security analysts revealed that the code associated with DeepSeek captures detailed device information during user logins—a method known as fingerprinting, commonly utilized for security and targeted advertising.
Further analysis indicated that the code linked to China Mobile could be integral to the login processes for users accessing DeepSeek. This situation mirrors the concerns surrounding TikTok, but on a broader scale as it involves much more sensitive personal and business information.
Cybersecurity experts verified these alarming findings, noting that data transmission to China Mobile could be active for certain users. “There is a clear involvement of China Mobile in registering for DeepSeek,” stated one expert, underlining the risks of using the application.
