Live

Too much data, too little protection

On June 27, Berlin’s data protection authority called on Apple and Google to remove the DeepSeek app from their German app stores. The reason? Major privacy concerns and the transfer of sensitive user data straight to China.

DeepSeek, an AI chatbot app developed in China, has raised eyebrows from the very beginning. While it promises advanced content generation, the real issue lies in how it collects and handles user data.

The app reportedly gathers a wide range of personal information — not just what you type, but also your location, device ID, network info, full chat history, and even every keystroke. That’s a lot of data. And according to EU privacy rules, if this data is sent outside the EU (like to China), strict protections must be in place.

Here’s the catch: China does not offer legal privacy protections equivalent to those in the EU. That means transferring EU user data to Chinese servers could violate the GDPR, Europe’s gold-standard privacy law.

DeepSeek can’t prove it’s safe

German authorities say DeepSeek has failed to prove that user data is properly secured when sent to China. No solid evidence of encryption, anonymization, or safeguards against Chinese government access has been presented.

Meike Kamp, Berlin’s data protection commissioner, stated clearly: without these guarantees, the app should not be available to EU users.

Spy fears add fuel to the fire

It gets more serious. Some media reports suggest that DeepSeek might be sharing data with Chinese intelligence or military services. While no concrete proof has emerged, these suspicions raise the stakes — especially in the context of geopolitical risk assessments, now required under EU law.

The risk of data being used by third-country authorities—without adequate control mechanisms and the possibility for EU citizens to seek redress—has already been highlighted by the European Data Protection Board in the context of data processing in China, Russia, and India.

Too little, too late?

Under pressure from the Greek data protection authority, DeepSeek attempted to comply with the formal requirements of the GDPR. To this end, it appointed its legal representative in the EU – the Austrian company Prighter EU Rep GmbH, based in Vienna.

This step is required for a non-EU entity to legally process EU citizens’ data and respond to inquiries from data protection authorities.

However, as Berlin Commissioner Meike Kamp points out, the formal appointment of a representative does not solve the key problem: the lack of guarantees that user data will not be transferred to China in a manner that does not comply with EU standards.

If DeepSeek is unable to provide detailed technical and organizational documentation demonstrating that data is properly encrypted, anonymized, and protected from access by Chinese authorities, mere compliance with formal obligations may prove insufficient.

Apple and Google in the hot seat

Instead of banning DeepSeek outright, Berlin’s authorities are taking a smart detour: asking Apple and Google to remove the app from their stores. This reflects a new enforcement trend — putting pressure not only on app creators, but also on the tech giants that distribute them.

So far, Apple and Google haven’t responded. But past cases show that they’re willing to remove apps if legally required. If they comply, DeepSeek would no longer be downloadable or updatable in Germany.

A crucial test for Europe’s digital sovereignty

The DeepSeek saga is more than a one-off privacy case — it’s a test of Europe’s digital resilience.

As Chinese tech expands in Europe, regulators face tough questions:

  • Can the EU defend user rights in a global tech market?
  • Are current laws strong enough to stop data misuse across borders?

This is likely just the beginning. As more EU users turn to foreign AI tools, Europe’s watchdogs will need to step up — balancing innovation, privacy, and geopolitical risks in the digital age.

Written by

Shape the conversation

Do you have anything to add to this story? Any ideas for interviews or angles we should explore? Let us know if you’d like to write a follow-up, a counterpoint, or share a similar story.

Write a counterargument article Write a related article

Same serie articles

PulseZ monthly editorial – April edition

Two Massive Marches in Warsaw

3 AI startups that could change how we learn forever – Gen-E chapter 1

Words that hurt: the hidden bias in machine translation

TikTok Under Fire: the EU Launches a Crackdown to Defend Democracy

Europe’s workforce is shrinking – and that’s a big deal

More than just rooftops: five facts about solar power