Italy and Ireland ban DeepSeek on Apple and Google devices

DeepSeek, the controversial Chinese AI chatbot, is no longer available for download in Italy and Ireland. Both countries pulled the app from Apple and Google stores on Jan. 29, accusing the company of dodging questions about its handling of personal data and causing fears of Chinese government access to user information.

Regulators are pressing the company for answers—and they’re not being polite about it. Users in Italy trying to download the chatbot were greeted with messages like, “currently not available in the country or area you are in” on Apple devices.

Google users also received a blunt “download not supported” notice. A Reuters investigation confirmed DeepSeek had disappeared from Google’s store. However, at least one Apple user still had access, according to a Jan. 29 report by The Guardian.

DeepSeek’s disappearance comes on the heels of its explosive rise as the most downloaded free app on Apple’s store in the US and UK. Released just last week, it offered AI performance comparable to ChatGPT, but at a fraction of the cost. Its rapid growth triggered panic, wiping over $1 trillion off the US stock market in just a day.

Regulators demand answers about data storage and access

Italy’s privacy watchdog, Garante, has given DeepSeek 20 days to explain what personal data it collects, where it’s stored, and whether any of it lands on Chinese soil. “Our office will launch an in-depth investigation to see if GDPR rules are being followed,” said Pasquale Stanzione, head of the agency, through the Italian news outlet ANSA on Jan. 29.

Garante wants specifics—what data is collected, what legal basis allows it, and what’s being done to protect users. If the company doesn’t cooperate, Italy could hit it with harsh penalties under Europe’s General Data Protection Regulation (GDPR).

Ireland’s Data Protection Commission also fired off its own inquiry. The Guardian’s report claims they’ve requested a detailed breakdown of how DeepSeek processes data tied to Irish citizens.

The investigation reportedly focuses on whether user information is being mishandled or shipped off to China without proper safeguards.

Privacy concerns have been brewing since it became known that DeepSeek’s privacy policy openly states user data is held on “secure servers located in the People’s Republic of China.” The UK government, meanwhile, has taken a more hands-off approach.

British officials said it’s up to citizens to decide whether to use the app. But they promised to act quickly if any serious security risks arise.

China’s national intelligence law doesn’t help ease fears. Under the law, all Chinese companies, organizations, and citizens must assist government intelligence efforts. Critics think this could force DeepSeek to hand over sensitive user data without warning.

Wiz Research finds DeepSeek’s database fully exposed

While regulators focus on privacy violations, security researchers have uncovered another nightmare for DeepSeek—an exposed database that leaves user data wide open to anyone on the internet.

Wiz Research investigated DeepSeek’s digital infrastructure and claims to have found a publicly accessible ClickHouse database. The database had no password, no authentication system, and no protections. 

“Within minutes, we had full access to sensitive information,” said the Wiz team. The database was hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000, both linked directly to DeepSeek’s core systems.

ClickHouse is designed for high-speed data processing, commonly used for storing logs, chat histories, and backend operational details. But leaving it unprotected created a major security threat, according to the Wiz report.

What kind of data did Wiz find? Tons. The database contained chat histories, API secrets, backend operations data, and sensitive log streams. Running a simple SHOW TABLES; command through the web interface revealed everything.

Even worse, the exposed database wasn’t limited to standard web browsing. Wiz researchers discovered the vulnerability by scanning non-standard HTTP ports—8123 and 9000—which DeepSeek left open. This mistake allowed the team to access the database through the browser without breaking a sweat.

As if DeepSeek didn’t have enough on its plate, OpenAI has accused it of theft. The American AI giant says there is evidence that DeepSeek may have stolen its technology through a method called distillation. Distillation involves taking a large, complex AI model and shrinking it down into a smaller, more efficient version.

“We know groups in China are working to replicate our models using distillation,” said OpenAI. “We’re taking aggressive countermeasures and working closely with the US government to protect our technology.”

Cryptopolitan Academy: FREE Web3 Resume Cheat Sheet - Download Now