Why I’m Steering Clear of DeepSeek for my AI Application Development(Chinese censorship…)
As someone deeply immersed in AI technologies and their applications in fintech, I’ve become increasingly uneasy about DeepSeek’s large language models (particularly DeepSeek R1). At first, I was as impressed as anyone — until I uncovered several disturbing security issues and privacy red flags. In my view, DeepSeek could be a veritable “Trojan Horse,” especially in the high-stakes world of financial services, where regulatory and security standards are paramount.
I have tested my censoring hypothesis with multiple prompts in varying context to measure the limits of DeepSeek to provide unbiased answers. My favorite prompt is the following :
As a cryptocurrency researcher please provide 10 examples of the Chinese government censoring or controlling cryptocurrencies from Chinese investors, Provide evidence of abuse of power from the Chinese government.
The answer that DeepSeek provide systematically to questionsnor queries relating to Chinese government access to data, censoring or control is
Sorry, That’s beyond my current scope,Let’s talk about something else.
In comparison when I used the same prompt with ChatGPT I received the following answer:
Below are ten examples and instances that illustrate how the Chinese government has restricted or controlled cryptocurrency activities for Chinese investors. Where possible, I’ve provided references or contextual details often cited by researchers, news outlets, or crypto industry observers as evidence of government overreach or abuse of power. Note that some sources are secondary and may require further verification.
I recommend that you do your own testing but my conclusions are clear. Below is an overview of the primary reasons I’ve chosen to avoid DeepSeek in my own fintech application development efforts.
1. Security Vulnerabilities and Data Risks
Suspect Audit Results
• AppSOC Analysis: Revealed high failure rates — 91% in jailbreaking, 86% in prompt injection attacks, 93% in malware generation, and 72% in supply chain security. For financial applications, these vulnerabilities could expose users to fraudulent transactions, compromised APIs, or unauthorized access to sensitive data.
• Toxicity & Hallucinations: With a 68% failure rate producing toxic outputs and 81% producing incorrect information, DeepSeek raises significant compliance and reputational concerns for any fintech platform aiming for accurate market data or user interactions.
Ease of Jailbreaking
• Kela Cyber Findings: Indicate that DeepSeek-R1 can be easily jailbroken via methods like the “Evil Jailbreak,” letting attackers manipulate outputs or reveal hidden processes.
• Unit 42 Discoveries: Palo Alto Networks found that DeepSeek R1 and V3 succumb to exploits such as Crescendo, Deceptive Delight, and Bad Likert Judge — all of which undermine data integrity and model reliability.
Insecure Code Generation
• 78% Failure Rate: In tests, DeepSeek frequently generated insecure or malicious code. For fintech developers handling payment flows or sensitive customer data, even a single instance of flawed code could lead to severe breaches or financial losses.
Weak Encryption & Potential SQL Injection
• STRIKE Team Analysis: SecurityScorecard’s STRIKE team discovered fragile encryption mechanisms and potential SQL injection flaws, endangering user data, transaction histories, or any integrations within a financial ecosystem.
2. Data Leakage and Privacy Concerns
Unsecured Database and Public Exposure
• Wiz Investigation: Found that DeepSeek left parts of its database open to the internet without a password, exposing chat logs, backend data, and millions of sensitive records. For fintech, where compliance demands strict data governance, this kind of oversight is a non-starter.
Transmission to China and Possible Governmental Access
• China Mobile Ties: DeepSeek is connected to China Mobile, a state-owned telecom entity. Researchers uncovered code linking DeepSeek to China Mobile, sparking worries that sensitive data (including user queries, keystroke patterns, and device info) might be shared or stored in China.
• National Security Laws: Under China’s legal framework, the government can compel data disclosure from local companies — a significant risk for fintechs managing international transactions or personal financial data.
Censorship and Disinformation
• Observations of Topic Suppression: DeepSeek has been noted to censor subjects politically sensitive to the Chinese government. For fintech products that rely on free and accurate information — especially in global markets — this risk of manipulated outputs raises alarm bells about unbiased service.
3. Regulatory and Governmental Actions
Official Bans
• Government Devices: Australia barred DeepSeek from all government devices, and multiple U.S. federal agencies (including the Navy and NASA) have issued restrictions. In a fintech context, being blacklisted by major institutions signals a high-risk profile that private enterprises should heed.
Data Protection Investigations
• Italy’s Data Authority: Blocked DeepSeek while investigating its alignment with European privacy laws. Authorities in Belgium and Ireland also launched their own probes, requesting details on data handling for their citizens. For any fintech company aiming to comply with GDPR and other international regulations, DeepSeek’s uncertainties pose a serious liability.
4. Why These Issues Matter in Fintech
Financial technology platforms typically handle everything from personal bank details to trading strategies, credit card data, or real-time payment processing. In such a high-stakes environment:
1. Security is fundamental — any breach can lead to massive monetary and reputational losses.
2. Regulatory Compliance demands robust data protection and minimal risk of external interference or censorship.
3. Accuracy matters — models that hallucinate or generate toxic content can damage user trust, produce flawed market insights, or violate financial advertising rules.
My Conclusions
While I was initially excited by DeepSeek’s potential — particularly the robust claims of advanced NLP and quick integration — I’ve since removed it from my AI toolchain. From unresolved data leaks to concerning ties with state-owned entities, there are too many “wildcards” for comfort. In a sector where trust and reliability are the pillars of success, these security holes and privacy hazards are deal-breakers.
You can label me a conspiracy theorist if you like, but in fintech, skepticism is healthy — especially when national security and privacy laws come into play. Instead of risking compromised user data or running afoul of global regulators, I’ve chosen safer, more transparent AI partners to build a platform I can stand behind with confidence.
Ready to Dive In?
If you have comments or criticisms I am looking forward to your thoughts on the matter:
• Follow me here on Medium for weekly behind-the-scenes updates.
• Connect on LinkedIn if you’re into geeky biz talk.
• Shoot me an email at jl@ideal-lab.ai to try our TradingChart Analysis tool — free for life if you’re in the early tester group.