Italy bans DeepSeek AI over data security concerns

Today

Italy recently imposed a ban on the AI technology known as DeepSeek, which has been deemed problematic from a data security standpoint.

Adam Casey, Director of Cyber Security and CISO at Qodea, suggests that Italy's decision to ban DeepSeek might be the first of many similar actions by governments worldwide. He stated, "Italy will be only the first government to enact a ban on DeepSeek; more are certain to follow. DeepSeek is extremely problematic from a data security and compliance perspective. China has a history of espionage, and most western governments therefore consider technologies from China to be high risk. We have seen similar issues with companies like TikTok, Hikvision and Huawei, but with DeepSeek the risk is even higher as it's learning from inputted data."

Casey elaborated on the potential risks, particularly concerning intellectual property. "For it to be successful, it needs western data that is not available on the internet. By using DeepSeek, we are freely providing information that the Chinese government are hungry for. This raises several compliance risks if you are a regulated business or government entity. If you use DeepSeek to review code, for example, you are giving away your IP to a country that can replicate and sell at a much lower cost."

DeepSeek also faces challenges related to data transparency, especially in relation to the General Data Protection Regulation (GDPR) in the European Union. "Under GDPR there is a requirement around data transparency that DeepSeek cannot meet," Casey noted. "You need to know how a system works, where the data is processed, and whether you have consent for that data to be shared – it's a minefield."

The potential for further bans stems from these significant security and compliance concerns. However, Casey warned that such bans might face challenges, especially regarding the technology's integration into supply chains. "With these factors in mind, it's likely many organisations and governments will ban the use of DeepSeek. But these types of bans are not always that effective. The challenge governments and businesses will face is the introduction of the technology within the supply chain. We are already seeing that AI technologies are being introduced by stealth – by employees and through third parties – without organisations being aware."

Further insights into the workings of DeepSeek were provided by Devendra Sharma, Chief Data & AI Officer at Qodea. He highlighted the reasons behind DeepSeek's low operational costs compared to more established models. Sharma explained, "DeepSeek has done three very clever things that have allowed its model to operate at a fraction of the cost and compute power of other GenAI models, and thus completely upend the AI market. DeepSeek is much more efficient when training."

He outlined the technical methods employed by DeepSeek to achieve these efficiencies: "DeepSeek managed to conduct its training with only around 2,000 GPUs, and can use lower-powered chips. Most current AI models—ChatGPT, Gemini, etc.—perform numerical computations up to 32 decimal places. But DeepSeek decided this level of precision is unnecessary, and instead their model only calculates up to 8 decimal places."

Sharma also noted DeepSeek's approach to reducing active parameters. "DeepSeek takes a different approach. Instead of keeping all those 'experts' active at the same time, it only activates them when needed. This is a huge cost-saving move," he said, although he acknowledged the potential disadvantages of integration for businesses.

Share on: