On January 31, Texas became the first US state to ban the Chinese-owned generative artificial intelligence (AI) application, DeepSeek, on state-owned devices and networks. New York swiftly followed suit on February 10 with Virginia imposing a ban on February 11.
The Texas state governor’s office stated: “Texas will not allow the Chinese Communist Party to infiltrate our state’s critical infrastructure through data-harvesting AI and social media apps. State agencies and employees responsible for handling critical infrastructure, intellectual property, and personal information must be protected from malicious espionage operations by the Chinese Communist Party. Texas will continue to protect and defend our state from hostile foreign actors.”
The state of New York sounded a similar note: “Serious concerns have been raised concerning DeepSeek AI’s connection to foreign government surveillance and censorship, including how DeepSeek can be used to harvest user data and steal technology secrets.”
Virginia said: “China’s DeepSeek AI poses a threat to the security and safety of the citizens of the Commonwealth of Virginia…We must continue to take steps to safeguard our operations and information from the Chinese Communist Party.”
These are stark warnings that the private sector in other states and other Western countries should now take very seriously. There is currently a strong danger that private sector organizations, particularly small and medium-sized companies, may have read about the potential benefits of generative AI applications in general and the “good value” of China’s DeepSeek offering, without understanding the genuine risks and dangers involved.
At the weekend, Forbes magazine also issued a stark warning on the growing problem of companies blindly adopting AI in order not to be left behind by competitors and the danger of them sending critical data to the West’s adversaries.
“The AI craze has led to a reckless willingness to share sensitive information with unvetted platforms. We are quite literally handing over our most critical data—business plans, legal documents, financial records—to systems with zero transparency about where that data goes and how it’s being used,” said Forbes
China has already used AI-generated scams
Last year, Microsoft issued a warning that China was using AI-generated fake social media accounts to influence the outcome of the US presidential elections. The report, Same targets, new playbooks: East Asia threat actors employ unique methods detailed China’s attempts to discredit the US government. These included misinformation regarding: the Kentucky train derailment in November; the Maui wildfires the previous August; the disposal of Japanese nuclear wastewater, illegal drug use in the US as well as exacerbating racial tensions across the US.
Companies should start by telling staff not to download DeepSeek’s AI application under any circumstances. They must then take a step back from AI applications in general and fully evaluate the security risks involved. Otherwise, they may find that they have unwittingly handed over their critical data to hostile nation-states as well as to ruthless cybercriminal organizations.
