Following a familiar pattern, state governments are increasingly targeting Chinese apps, with DeepSeek, an AI platform featuring open source large language models (LLMs), now facing bans and restrictions.
At least three states have banned DeepSeek on state devices in the last few weeks. The ripple effect echoes similar bans on TikTok, where more than half of state governments eventually enacted bans of the popular app on state devices.
WHY IS DEEPSEEK BEING BANNED?
The first state-level DeepSeek ban appeared in Texas, where Gov. Greg Abbott announced Jan. 31 that the state would not allow the use of AI and social media apps affiliated with the People’s Republic of China and the Chinese Communist Party on government-issued devices. The list of banned apps included DeepSeek, RedNote (an app that emerged as an alternative to TikTok), Webull, Tiger Brokers, Moomoo and Lemon8.
“State agencies and employees responsible for handling critical infrastructure, intellectual property and personal information must be protected from malicious espionage operations by the Chinese Communist Party,” said Abbott. “Texas will continue to protect and defend our state from hostile foreign actors.”
New York moved to ban DeepSeek on Feb. 10, citing foreign surveillance and censorship concerns, including the harvesting of user data and potential to steal technology secrets from the state.
The state’s chief cyber officer, Colin Ahern, added that the ban from state devices would help protect critical infrastructure and privacy.
“This action today demonstrates we will continue to defend New York from cyber threats,” Ahern said in a press release. The ban also had the support of the state’s top tech boss, CIO Dru Rai.
“The decision by Governor Hochul to prevent downloads of DeepSeek is consistent with the state’s Acceptable Use of Artificial Intelligence Technologies policy that was established at her direction over a year ago to responsibly evaluate AI systems, better serve New Yorkers and ensure agencies remain vigilant about protecting against unwanted outcomes,” said Rai. “I commend the governor for recognizing that this must continue to be the highest priority.”
In Virginia, Gov. Glenn Youngkin cited a similar reason for banning DeepSeek AI on state devices and state-run networks on Feb. 11.
“China’s DeepSeek AI poses a threat to the security and safety of the citizens of the Commonwealth of Virginia,” said Gov. Glenn Youngkin. “We must continue to take steps to safeguard our operations and information from the Chinese Communist Party. This executive order is an important part of that undertaking.”
WILL DEEPSEEK BANS REALLY PROTECT DATA?
Many states have already had their eyes carefully focused on how state employees are using AI, and have created policies about data protection and security for popular American-made LLMs like ChatGPT.
When it comes specifically to protecting American data from Chinese companies, Jim Coyle, the U.S. public sector CTO for Lookout, a data-centric cloud security company, said selectively targeting some hot-button Chinese apps may miss the mark. According to his company’s analysis, there are millions of apps that communicate with IPs, domains or servers in China.
“There’s a lot of focus on DeepSeek, there’s a lot of focus on TikTok, but at the end of the day, this is at the tip of the spear,” said Coyle. “Let’s not take a look at the one app or the two apps. In this case, let’s take a look at the other 9 million and just say, ‘This is a high risk, let’s just block that communication.’”
Coyle highlighted the lack of state data privacy attention about the popular shopping app, Temu, owned by the Chinese company Pinduoduo. In 2023, the company had another app removed from Google’s app store for security concerns and malware.
“But we’re not up in arms about Temu,” said Coyle. “So it does make me wonder. I do think there’s a political side in the grander and making waves with these orders.“
Coyle believes there’s a broader solution that exists with data sovereignty.
“Do you want your data leaving the bounds of the U.S. and going to another country? If your answer is no, then I think that needs to be taken on not just by the security teams, but also from a government policy perspective — state, local and federal,” said Coyle. “Put a stop to that and just say, ‘We’re going to ban that level of information leaving the U.S.’”
