º£½ÇÉçÇø

What is ?

DeepSeek is an AI company based in China that develops large language models (LLMs). It has gained attention in the AI field, with reports suggesting its models may be less energy-intensive, potentially more cost-effective, and competitive within the market.

Privacy and Security

Like all AI platforms, the use of DeepSeek involves general considerations common to the technology, including the possibility of generating inaccurate results, exhibiting bias, producing misinformation and raising privacy and information security questions.  

Specific points regarding DeepSeek's privacy and security practices have been noted by privacy and security experts in Canada and around the world. These relate particularly to the data collected by its mobile application, which may include:

• demographic information (e.g. names, dates of birth)
• user contact details (e.g. emails, phone numbers) 
• text or audio inputs, 
• user-generated content (e.g., text or audio inputs, prompts, uploaded files, feedback, chat histories)
• device and network connection information (e.g., device model, keystroke patterns, potentially payment information related to service use )

In addition, concerns have been raised about certain technical aspects of the platform's mobile application. These include allegations of potentially weak cryptographic protections, questions about transparency in data handling practices, and limited publicly available information regarding data residency, retention schedules and deletion processes. Currently, there is no public record of DeepSeek undergoing regular third-party security audits or certifying compliance with international privacy standards such as the European Union’s (GDPR) or .

The location of data storage and the legal environment in China are factors considered when assessing DeepSeek usage. Chinese national security laws include provisions that can require companies operating within the country to cooperate with state intelligence agencies.

Some peer institutions, such as the University of British Columbia (UBC) and the University of Toronto (U of T), have publicly addressed the use of DeepSeek. In March 2025, on installing or using DeepSeek on university-owned devices and networks, citing privacy and security concerns. The recommending that DeepSeek primarily be used for less sensitive data and that its outputs be critically reviewed, but has not implemented a ban.

Recommendations

It is recommended to use AI tools that have undergone internal vetting or offer established privacy and security safeguards. Examples include:

• Google Gemini (preferred): vetted by Information Services and Technology (IST) and approved for general use at the º£½ÇÉçÇø (not approved for sensitive use cases).
• OpenAI ChatGPT - not vetted by IST; not approved for sensitive use cases.
• Microsoft Copilot - not vetted by IST; not approved for sensitive use cases.

For situations where DeepSeek use is considered, users are advised to exercise careful judgment, avoid inputting personal or sensitive data and ensure any use complies with the º£½ÇÉçÇø’s policies, procedures and AI usage guidelines.

Questions

If you have questions or concerns, please reach out to any of the offices below:

• Chief Information Security Office ciso@ualberta.ca 
• Information and Privacy Office privacy@ualberta.ca