Germany’s Deepseek Demand: A Closer Look at Data Transfer Concerns
- Home
- Germany’s Deepseek Demand: A Closer Look at Data Transfer Concerns
On June 27, 2025, Germany’s data protection commissioner, Meike Kamp, took a significant step by requesting that Apple and Google remove the Chinese AI app DeepSeek from their app stores in Germany.
This action stems from concerns that DeepSeek is unlawfully transferring user data to China, violating the European Union’s stringent data protection regulations.
Ronin Legal examines this latest development in the ongoing scrutiny of data privacy practices by international tech companies.
DeepSeek, a Chinese artificial intelligence startup, has gained attention for its cost-effective AI model and popular chatbot app, downloaded millions of times globally. It also attracted worldwide interest for having developed a fast and competitive model, despite its reliance on less advanced Nvidia chips. However, its data handling practices have raised certain red flags.
According to Meike Kamp, Berlin’s commissioner for data protection and freedom of information, DeepSeek transfers German users’ data to servers in China without ensuring protection equivalent to EU standards. This practice violates the EU’s General Data Protection Regulation (GDPR), which governs how personal data must be handled.
In May 2025, Kamp’s office had asked DeepSeek to comply with EU data transfer requirements or voluntarily withdraw its app from the German market. The company did not meet these demands, prompting the formal request to Apple and Google.
Further, she also expressed concern over the fact that Chinese authorities possess broad access privileges to personal data, that is within the operational reach or control of Chinese companies.
The core issue is that Chinese authorities have extensive access to personal data held by Chinese companies, creating a conflict with EU privacy laws.
The General Data Protection Regulation (GDPR), enacted in 2018, is one of the world’s most robust data protection frameworks. It restricts the transfer of personal data outside the EU, unless the destination country ensures that an adequate level of protection or appropriate safeguards are in place.
China lacks an EU adequacy decision, meaning companies like DeepSeek must implement measures like Standard Contractual Clauses (SCCs), requiring parties to ensure similar standards of privacy and data protection as the EU’s GDPR, through evaluations such as the Transfer Impact Assessment (TIA) during data transfers.
However, DeepSeek has not provided convincing evidence that it meets these standards. For example, the company’s privacy policy indicates that user data, including personal files and conversations, is stored on Chinese servers, where local laws allow government access for national security purposes. This lack of transparency and compliance has fuelled Germany’s concerns.
As of July 1, 2025, DeepSeek has not issued a public statement addressing Germany’s allegations.
Google has confirmed that it has received the notice and is reviewing it, while Apple has not yet commented.
This is not DeepSeek’s first encounter with European regulators. In February 2025, Italy’s data protection authority, Garante, raised concerns about the app’s data handling practices.
In response, DeepSeek claimed it did not operate in Italy and therefore considered EU legislation inapplicable. However, Garante found the response unsatisfactory and proceeded to block the application.
Ireland also initiated an inquiry into DeepSeek’s data processing in January 2025. These actions suggest a growing European consensus on the risks posed by the app’s data practices.
Germany’s request could have significant consequences. If Apple and Google comply, DeepSeek would lose access to the German market, a key part of the EU’s digital economy.
Furthermore, a ban in Germany could lead to similar actions across the EU, as GDPR applies uniformly across member states.
This case also underscores broader tensions between Chinese tech firms and Western regulators. Chinese companies often face challenges balancing local laws, which may require data sharing with the government, with international privacy standards.
For instance, a Reuters report alleged that DeepSeek supports China’s military and intelligence operations, adding to concerns about its data practices.
Global Context and Related Developments
The scrutiny of DeepSeek is part of a global trend. In the United States, lawmakers are considering a bill to ban Chinese-developed AI models in government agencies, citing national security risks.
In April 2025, South Korea’s Personal Information Protection Commission (PIPC) completed a status examination of DeepSeek following concerns about the app’s handling of personal data.
The investigation revealed significant issues including inadequate transparency in the privacy policy, unlawful cross-border data transfers to China and the U.S., and a lack of user consent mechanisms for data used in AI training.
The company was also found to have transferred user input to a third party, Beijing Volcano Engine Technology, without sufficient justification. DeepSeek has since made changes, including suspending downloads in Korea, updating its privacy policy, introducing opt-out features, and implementing age verification procedures.
The PIPC issued formal recommendations for correction and improvement, and will monitor DeepSeek’s compliance moving forward.
The Netherlands has banned DeepSeek on government devices, and Belgium has received complaints regarding the data privacy risks posed by it, potentially setting the stage for yet another investigation into the company’s practices. Spain’s consumer rights group requested an investigation in February 2025, though no ban is currently in place.
These actions reflect growing apprehension about the privacy and security implications of AI apps developed by companies under different data governance frameworks.
Apple and Google now face a critical decision. Complying with Germany’s request could set a precedent for how tech giants enforce GDPR compliance. If they remove DeepSeek, it may prompt other EU countries to follow suit, potentially leading to a broader ban. Conversely, non-compliance could lead to further regulatory action against the tech giants themselves.
For DeepSeek, the path forward involves addressing these concerns, possibly by restructuring its data handling practices to align with GDPR requirements. Failure to do so could limit its global expansion, particularly in privacy-conscious markets like the EU.
In the tech industry, this incident may prompt companies to reassess their data transfer practices, especially for countries without EU adequacy decisions. It could lead to increased use of data localization or enhanced security measures to ensure compliance.
Authors: Shantanu Mukherjee, Alan Baiju
My relationship with Ronin Legal and Shantanu has advanced exponentially in a very positive direction in a very short time. The Ronin team is zealous in their partnership with us to advance the mission of our small start-up to become a world leader in neuroscience development. Ronin has taken the lead with review of our legal and technical documents and contracts. They are subject matter experts in general counsel services across our global environment. It is a pleasure to work with a team that is pragmatic and responsive in all circumstances. They are second to none.
Executive Director, Clinical Development, Engrail Therapeutics
Shantanu and the team at Ronin have been invaluable partners for our investment firm’s expansion into co-development of specialty pharmaceutical drugs. As we made the transition from more traditional VC investing to direct drug development collaborations, the team at Ronin have utilized their deep domain expertise in cross border pharma to help us set up an effective and compliant structure for our project. I would highly recommend Ronin to any organization in the life sciences space that is looking for legal partners with in depth understanding of the various nuances of this dynamic sector.
Managing Director, Spektar Therapeutics
I’ve been very happy with Ronin’s ability to ramp resources up or down depending on what we require in a particular week or month. In addition, the ability to connect with multiple lawyers across jurisdictions quickly (US, UK, UAE, Singapore), help us to assess international law firms and then work with them to get the best legal advice is very appreciated.
Chief Business Officer, Ultrahuman
Shantanu and the Ronin team have been very pragmatic and responsive business partners, working with Konfer – an agentic genAI product for confident continuous compliance to Regulations. They analysed the state of AI regulation in various countries, and reviewed the EU AI Act and other relevant AI legislation offerings of our product. The team’s ability to align complex legal information to product offerings has been invaluable to us. Ronin Legal has negotiated our business contracts for partnerships. They’re solution-oriented and cost-effective, and I would highly recommend Ronin Legal to startups and tech companies everywhere, and especially those building AI powered businesses.
CEO, Founder, Konfer.AI.
I have worked with the Shantanu, and his team, for a number of years during which time his insight and acumen have helped us greatly in the negotiation of a number of pharmaceutical licensing agreements and in the formation of new subsidiaries. I thoroughly recommend Ronin Legal to anyone seeking advice and guidance in pharmaceutical deal making.
Chairman, Altus Group of Companies
Shantanu and team Ronin were meticulous, detailed, persevering and most importantly batting entirely for our side through our seed round fundraise and beyond. They were always approachable, available and balancing principle with pragmatism. I would highly recommend the team for any startup related legal matter.
Founder, 26 Décor
First of all, of behalf of SIIX Corporation, we wish to congratulate you & team on the launch of your new website!
We are very happy to be engaged with you & your professional team on our business venture in India and on establishing our JV initiatives. With your expertise, integrity, and commitment to providing trusted legal guidance, we truly believe to achieve our goals and successfully complete our JV partnership and, to expand our business in India with your support.
Managing Director, SiiX India Private Limited
Ronin Legal has become an integral part of our deal process. Their solution-oriented mindset, combined with consistently high-quality work and exceptional responsiveness, makes contract negotiations smoother and more efficient. They truly understand our business needs
Working with Shantanu and Ronin Legal has been truly transformative for my startup. From our very first meeting, Shantanu stood out with his approachable manner and deep commitment to understanding my business. He consistently showed genuine interest and empathy, always providing clear, practical advice that’s perfectly tailored to our needs.
What truly sets Shantanu and Ronin Legal apart is their unique blend of legal expertise and a true partnership mindset. They deeply understands the challenges of building a startup, cutting through jargon to give advice that’s actually useful and helping us avoid costly mistakes without any pressure. It feels less like a traditional client relationship and more like having a dedicated co-pilot invested in our journey. They have become an invaluable ally, that we trust and depend on.
Founder & CEO, OrgDesignWays Consulting
I cannot speak highly enough about the exceptional service provided by Ronin Legal. Their team made what could’ve been a complicated and stressful IP process feel smooth and manageable. From the outset, their team demonstrated a deep understanding of intellectual property law, offering not only expert legal guidance but also a strategic mindset advising on protection of our brand in various regions. They were responsive, thorough, and truly acted as partners in safeguarding our IP assets. Their attention to detail, clarity in communication, and professionalism gave us complete confidence throughout the process thus far. I wouldn’t trust anyone else with our intellectual property.
The Wrong Gym
Copyright © 2025 | Ronin Legal | Website Maintained by Law Strings Management | Privacy Policy | Cookie Policy | Terms of Use
