The app transmits sensitive data over the internet without using encryption to protect it if the info is intercepted. When certain information is encrypted, the app uses outdated encryption keys and stores data like usernames, passwords, and encryption keys insecurely. This makes it easier for attackers to steal this data. The app also collects user and device data which can be used for de-anonymization allowing it to track individuals. Lastly, user data is sent to servers controlled by TikTok owner ByteDance possibly giving the Chinese government access to personal information.
While individuals might not be in as much danger of having their identity checked out by the PRC, NowSecure suggests that companies and government agencies remove the DeepSeek iOS app from managed and BYOD (Bring Your Own Device) environments. Also, NowSecure suggests that business and government agency users look for alternate AI apps that prioritize data protection and mobile app security.
To summarize its issues with the DeepSeek app, NowSecure posted this list:
- Privacy issues due to insecure data transmission
- Vulnerability issues due to hardcoded keys
- Data sharing with third parties such as ByteDance
- Data analysis and storage in China
The above issues can lead to:
- Loss of intellectual property and sensitive data
- Compromised data integrity due to security flaws
- Tracking and surveillance from data collection
- Loss of control over data sent to and governed by China


Asking DeepSeek (L) who won the Stanley Cup only gives us the results of the 2023 Stanley Cup Finals while ChatGPT (R) correctly shows my Florida Panthers as the 2024 champs. | Image credit-PhoneArena
This writer’s experience with DeepSeek revealed that it has not been trained with data more current than December 2023 which means that its responses are not as current as Google’s Gemini and OpenAI’s ChatGPT. So for the moment, for security reasons, you might consider deleting the app from your iPhone even if you’re not a corporate entity or a government agency.