The South Korean Personal Information Protection Commission announced today (24th) the results of an investigation into the Chinese artificial intelligence (AI) startup company DeepSeek, indicating that DeepSeek unlawfully transferred Korean user information to foreign companies, including the parent company of TikTok, ByteDance.
The South Korean Personal Information Protection Commission released the “Pre-inspection Results of DeepSeek” decided at the meeting on the 23rd, stating that from January 15th when DeepSeek launched its services in Korea until it was suspended on February 15th, user information was transferred to 3 Chinese companies and 1 American company, including ByteDance’s Volcano Engine.
The report pointed out that during the transfer of user personal information by DeepSeek, user consent was not obtained, and the publicly available personal data processing policies in Chinese and English did not include the required elements under Korean data protection law such as data destruction procedures and security measures.
During the investigation process, DeepSeek has rectified the deficiencies and submitted a Korean version of the personal data processing policy to the Personal Information Commission.
DeepSeek admitted that it transferred user data to the Volcano Engine without user consent, but argued that it was to improve data security vulnerabilities and enhance user experience by utilizing the services of the Volcano Engine.
In response, the Personal Information Commission deemed it unnecessary to transfer user input content, and on April 10th, DeepSeek had ceased further data transfers. The Commission also requested the immediate destruction of user input content already transferred to the Volcano Engine.
Since DeepSeek started offering services in Korea in January, due to concerns over excessive data collection, it has sparked controversy locally. In February, the Commission restricted the download of DeepSeek from app stores and advised users who had already downloaded the service to avoid entering personal and other sensitive information.
In addition to DeepSeek, data security issues in Chinese e-commerce companies such as Alibaba and Temu are increasingly being emphasized in South Korea. Following the investigation of DeepSeek, local authorities are speeding up efforts to address data privacy risks from China.
(This information is translated from the Central News Agency)