Delhi High Court Seeks Centre’s Response on Chinese AI Chatbot DeepSeek Over Privacy and Security Concerns

The Delhi High Court has asked the Central Government to clarify its position on DeepSeek, a Chinese-origin artificial intelligence chatbot, amid growing concerns over data privacy, national security, and digital sovereignty. The directive came during a hearing on a Public Interest Litigation (PIL) filed by advocate Bhavna Sharma, who argued that platforms like DeepSeek present significant risks to user privacy and may compromise India’s strategic interests. 

A Division Bench comprising Chief Justice Devendra Kumar Upadhyaya and Justice Tushar Rao Gedela questioned the government’s preparedness to address the potential misuse of foreign AI platforms operating in India. “There is no doubt that this is an issue that needs to be addressed at the initial stage. How is the Ministry going to tackle this?” the Bench remarked, and directed the Centre to seek instructions from the relevant ministries and submit its response. 

The PIL alleges that DeepSeek collects and processes user data without adequate safeguards, potentially transmitting sensitive information to servers outside India. The petitioner contends that such practices violate the right to privacy under Article 21 of the Constitution and could be detrimental to India’s sovereignty and integrity. The chatbot’s origin in China has further intensified scrutiny, given geopolitical tensions and concerns over surveillance technologies. 

The court has clubbed the matter with other pending cases related to AI regulation and digital safety. It is signalling a broader judicial interest in establishing legal oversight over emerging technologies. The Centre has been granted time to file its affidavit and clarify whether DeepSeek complies with India’s data protection laws, including the Digital Personal Data Protection Act, 2023. 

📰 Mini Headlines 

• UK ICO Outlines Enforcement Strategy After Afghan Data Breach Fallout 

The UK Information Commissioner’s Office (ICO) has issued a new enforcement approach following criticism over its handling of a 2021 data breach involving Afghan nationals. The breach, caused by the Ministry of Defence, exposed personal details of over 250 Afghan interpreters via a bulk email error. In response, the ICO now plans to prioritise transparency, proportionality, and public interest in its enforcement actions. It aims to improve communication with victims, clarify decision-making timelines, and ensure accountability across government departments.  

Data Breach  

Read More →   https://www.mondaq.com/data-protection/1687008/adgms-new-data-protection-rules-balancing-privacy-and-public-interesthttps://www.mlex.com/mlex/data-privacy-security/articles/2406110/uk-privacy-watchdog-sets-out-enforcement-approach-amid-afghan-data-breach-backlash 

• Google, YouTube Agree to $30M Settlement Over Children’s Data Collection 

Google and YouTube have agreed to pay $30 million to settle allegations that they illegally collected personal data from children under 13 without parental consent. The lawsuit, brought by several U.S. states, claimed the platforms violated the Children’s Online Privacy Protection Act (COPPA) by tracking kids’ viewing habits for targeted advertising. The settlement requires Google to implement stricter age verification, limit data collection on child-directed content, and enhance transparency in its privacy policies. Regulators emphasised that tech companies must prioritise child safety and comply with federal privacy laws when designing and monetising digital platforms for young audiences. 

Personal Data  

Read More →   https://www.newsnationnow.com/business/your-money/google-youtube-settlement-30m-childrens-data/amp/   

• Hong Kong to Enforce First-Ever Cybersecurity Law from January 2026 

Hong Kong’s first dedicated cybersecurity law is set to take effect on January 1, 2026. It will mark a major step in the city’s digital regulatory framework. The legislation will impose mandatory cybersecurity obligations on critical infrastructure operators, including sectors like finance, energy, and telecommunications. It introduces requirements for risk assessments, incident reporting, and compliance audits, with penalties for non-compliance. The law also establishes a central authority to oversee enforcement and coordinate cyber resilience efforts. 

Cybersecurity Law  

Read More →       https://insightplus.bakermckenzie.com/bm/data-technology/hong-kong-the-citys-first-cybersecurity-law-is-expected-to-take-effect-on-1-january-2026