Lawmakers push for DeepSeek ban from federal devices over China concerns

Two lawmakers have introduced a bill to ban the Chinese artificial intelligence platform DeepSeek from any federal devices.

Reps. Josh Gottheimer (D-N.J.) and Darin LaHood (R-IL) unveiled the “No DeepSeek on Government Devices Act” on Thursday to address security concerns about DeepSeek since it emerged as a powerful, low-cost alternative to U.S.-made AI tools like ChatGPT.  

“The Chinese Communist Party has made it abundantly clear that it will exploit any tool at its disposal to undermine our national security, spew harmful disinformation, and collect data on Americans,” Gottheimer said. “Now, we have deeply disturbing evidence that they are using DeepSeek to steal the sensitive data of U.S. citizens. This is a five alarm national security fire.”

Gottheimer compared the situation with DeepSeek to China’s control over TikTok’s algorithm and data, warning that the U.S. “cannot allow it to happen again.” 

“We simply can’t risk the CCP infiltrating the devices of our government officials and jeopardizing our national security,” he added. The legislation was first reported by the Wall Street Journal. 

Two weeks ago, DeepSeek’s AI assistant — a new reasoning model called R1 that is designed to rival OpenAI’s o1 — took over ChatGPT’s top spot in Apple’s App Store after a flood of interest. DeepSeek made its model open-source, allowing any developer to create products with it. 

The bill verbalizes some of the concerns raised by much of the business community since DeepSeek emerged — namely the issue of where data put into the platform is held. 

The two congressmen claim, without providing evidence, that DeepSeek’s code “is directly linked to the Chinese Communist Party (CCP), with the capability to share user data with China Mobile,” the largest wireless carrier in China, which is state-owned.  

Since it debuted last month, a flood of security reports and warnings have emerged related to the platform. 

Last week, Italy’s data protection authority banned DeepSeek from operating in the country after the company told regulators it does not fall under the purview of European data privacy laws. 

Australia, the Netherlands and South Korea have also instituted bans on DeepSeek while states like Texas have banned its use on government devices. The U.S. Navy and NASA have also restricted employees from using it on government-owned devices. 

Researchers at cybersecurity firm Wiz found an exposed DeepSeek database that had over a million lines of log streams containing chat history, secret keys, backend details, and other highly sensitive information. Wiz researchers told Recorded Future News that when they reported the issue to DeepSeek, they never got a response but the issue was promptly fixed. 

Several other cybersecurity firms said there are few guardrails on the platform stopping them from using it to create malware or other malicious tools that could be used to assist in cyberattacks. Some questioned the content moderation policies of the platform that restricted it from providing answers on topics sensitive to the government of China. 

Casey Ellis, founder of cybersecurity firm Bugcrowd, said the bill is likely as much about geopolitics and trust as it is about technical vulnerabilities.

“The ban is a defensive move in a much larger strategic competition. While it's a step in the right direction, it also underscores the need for a proactive, rather than reactive, approach to securing U.S. technology and data,” he said.

In announcing the bill, the congressmen claimed Americans are “sharing highly sensitive, proprietary information” like contracts and financial records with a platform allegedly controlled by the CCP, which they called a “known foreign adversary.”

Despite the concerns about data theft, LaHood admitted that some of the backlash is about the larger issue of U.S. dominance over the AI market. 

“The technology race with the Chinese Communist Party (CCP) is not one the United States can afford to lose,” LaHood said. 

Bugcrowd’s Ellis explained that the concerns raised by the two congressmen are valid because apps like DeepSeek “can be weaponized for surveillance or data exfiltration,” meaning the fear “isn't just theoretical.”

“The concerns raised by LaHood and Gottheimer about the app's potential for espionage align with a broader pattern of scrutiny around Chinese-affiliated technologies,” he said. “The underlying issue here isn't just about DeepSeek itself but the broader risk posed by software and hardware tied to entities that operate under CCP influence.”