A recent collaboration between AdviserSoftware, part of FTRC, and InterGen Data, an AI-based financial lifetime events prediction service, has shed light on the potential risks associated with using DeepSeek, a popular AI tool.
The analysis, conducted by Robert Kirk, founder and CEO of InterGen Data, and Ian McKenna, founder of AdviserSoftware, has identified several key risks and provided recommendations for financial advisers on how to navigate these risks.
Key Risks Identified:
- User Liability for Legal Costs: Under Section 7.2 of DeepSeek’s terms and conditions, users are required to reimburse the company for legal fees, arbitration costs, attorney fees, travel expenses, and fines arising from their actions. This includes liabilities from third-party claims tied to alleged violations of laws, regulations, or platform rules.
- Data Privacy and Government Access: DeepSeek stores all user inputs, including text, audio, files, and chat history, on servers in China. This raises concerns about data privacy and government access, as Chinese cybersecurity laws require companies to share data with authorities upon request.
Additionally, DeepSeek collects IP addresses, device identifiers, keystroke patterns, and payment details, which further exacerbates privacy and compliance concerns.
- Content Ownership and Licensing: While users retain rights to their inputs, DeepSeek secures broad usage rights, including non-exclusive, perpetual licenses to store, modify, and distribute user-generated content for commercial purposes. This raises concerns about the potential exposure of sensitive information shared in prompts.
- Compliance and Monitoring: DeepSeek scans inputs and outputs for compliance, including risk filtering mechanisms that prohibit content such as hate speech and politically sensitive topics.
Violations may lead to immediate suspension, removal of content, or bans without prior notice.
- Third-Party Data Sharing: DeepSeek implements SDKs from Chinese tech firms such as Tencent and ByteDance, potentially exposing user data to advertising partners, analytics platforms, and government-aligned entities under China’s data laws.
Recommendations for Financial Advisers:
- Avoid Sharing Sensitive Data: Refrain from inputting sensitive or confidential information, assuming all interactions with DeepSeek are monitored and stored indefinitely.
- Consider Jurisdictional Risks: Be aware of data storage in China, especially in relation to strict data protection laws in the EU and UK.
- Audit Third-Party Integrations: SDKs such as Volcengine and Fengkongcloud increase exposure to Chinese infrastructure.
- Understand Licensing Terms: Generated content may be repurposed commercially by DeepSeek, impacting confidentiality and proprietary information.
Robert Kirk, founder and CEO of InterGen Data, commented:
“Chasing the latest and greatest tech can be thrilling, but the hidden risks around data privacy, ownership, and liability exposure are significant and should not be overlooked. Firms must have a clear risk assessment framework and ensure their AI partners align with the highest standards of security, compliance, and ethical AI use.”
Ian McKenna, founder of AdviserSoftware.com added:
“The T&Cs give DeepSeek the right to store information, which even extends as far as payment data. Advisers should understand the above issues in the context of any AI tool or service they are using.”
The analysis conducted by AdviserSoftware and InterGen Data highlights the importance of carefully evaluating the risks associated with using AI tools like DeepSeek.
Financial advisers must be aware of the potential risks, including user liability, data privacy concerns, and content ownership issues.
By understanding these risks and taking steps to mitigate them, advisers can ensure that they are using AI tools in a responsible and compliant manner.