• DeepSeek Sent User Data Abroad Without Consent

Before being removed from South Korea’s app store, DeepSeek’s chatbot was accused of transferring user data to companies in China and the United States without user consent. These findings were released as part of an ongoing investigation into DeepSeek. The company has been issued corrective recommendations in this regard.

 

South Korea’s data protection authority concluded that the Chinese artificial intelligence (AI) startup DeepSeek collected personal information from local users and transferred it overseas without their permission. The authority, known as the Personal Information Protection Commission, released its written findings related to DeepSeek’s privacy and security review.

 

In February, DeepSeek removed its chatbot application from the South Korean app store. The company is now reportedly expressing willingness to cooperate. It was revealed that DeepSeek had transferred AI prompts, as well as device, network, and app information, to a Chinese cloud service platform called Beijing Volcano Engine Technology Company.

 

The app’s growing popularity has raised national security and data privacy concerns outside China. This is partly due to Beijing’s requirement that domestic firms share data with the People’s Republic of China (PRC). Cybersecurity experts have also identified vulnerabilities in the app’s data handling.

 

The investigation was launched after reports surfaced that some South Korean government agencies had banned employees from using DeepSeek on work devices. Similar restrictions have reportedly been imposed by government departments in Taiwan, Australia, and the United States.

 

• European Union Fines TikTok for Espionage Concerns

The European Union’s privacy watchdog has imposed a fine of €530 million (approximately $600 million) on TikTok. A four-year investigation into the video-sharing app found that data transfers to China posed a risk of surveillance on users. This was deemed a violation of the EU’s data privacy regulations.

 

Ireland’s Data Protection Commission also sanctioned TikTok for a lack of transparency regarding where users’ personal data was being sent. The company has been ordered to comply with the regulations within six months.

 

Ireland’s national regulatory body acts as the primary data privacy authority for TikTok within the 27-member European Union, as TikTok’s European headquarters is located in Dublin. It was stated that TikTok failed to verify, guarantee, or demonstrate that the personal data of European users is secure.

 

TikTok has disagreed with the ruling and plans to appeal. The app’s parent company, ByteDance, is based in China. Authorities in Europe are currently investigating how the company handles users’ personal information. The probe found that TikTok failed to address potential access by Chinese authorities to European users’ personal data under China’s anti-terrorism, counter-espionage, cybersecurity, and national intelligence laws.

 

• Security Network & Social Media for Children

Amid missile strikes by India on Pakistan and Pakistan-occupied Kashmir, Indian banks have reinforced their security networks to guard against potential cyber threats. In light of the increasing risk of retaliatory attacks, banks have also enhanced physical security at branches located near border areas.

 

Punjab National Bank has established a 24-hour “war room” to prevent cyberattacks, bolstering its cybersecurity infrastructure. It has also implemented measures to ensure the safety of its employees. ATMs in border regions have been replenished with cash to avoid any inconvenience to customers.

 

Another public sector bank has deployed an anti-cyberattack system to safeguard its digital operations.

 

• New Satcom Rules Crucial for Cross-Border Security

Companies like Starlink are expected to play only a limited role in India’s connectivity landscape due to their expensive services, slow speeds, and niche market presence. The satellite internet service guidelines issued this week address critical cross-border security concerns, including threats related to Pakistan.

 

It has been noted that these satellite constellations orbit the globe, requiring special precautions. Companies such as Starlink, Kuiper, and Globalstar are looking to enter the Indian market. In light of this, the Ministry of Telecommunications has issued strict security directives to regulate their operations and ensure national security.

 

India is exercising caution regarding the entry of these companies. So far, the government has approved applications from Bharti Enterprises-backed Eutelsat OneWeb and Reliance Jio. However, Elon Musk’s Starlink, along with Kuiper and Globalstar, are still awaiting regulatory approval.

 

The government has also mandated data localization, lawful interception, and local manufacturing requirements for all satcom companies operating in the country.

 

• Proposal to Restrict Social Media for Children

New Zealand MP Catherine Wedd has proposed a law to ban the use of social media for children under the age of 16. This proposal follows Australia’s stringent regulations on digital platforms. Under the bill, social media companies would be responsible for verifying users’ ages and preventing minors from creating accounts. Companies that fail to comply could face penalties. They must ensure that users are at least 16 years old.

 

According to Wedd, the bill is aimed at protecting children under 16 from cyberbullying, inappropriate content, and social media addiction.

 

The proposal has received backing from Prime Minister Christopher Luxon, who stated that he is ready to adopt it as a government bill. This move would accelerate its passage through Parliament. Luxon emphasized that this is not a political issue but a matter of national interest for New Zealand, and he is seeking cross-party support.

 

The law will be reviewed for its impact three years after implementation. As per the proposed legislation, the responsibility for enforcing the minimum age requirement lies with social media companies—not with children, parents, or guardians.

 

• Drone Firm, Telecom & Road Accidents

SIT to Investigate Data Theft in Drone Firm

The Karnataka High Court has ordered the formation of a Special Investigation Team (SIT) to probe data theft allegedly carried out by former employees of NewSpace Research and Technologies Private Limited, a drone manufacturing company. The SIT will be headed by DGP Pranab Mohanty, with IPS officers Bhushan Gulabrao Borase and Nisha James serving as other team members. The court has directed that the investigation be handed over to the SIT immediately, with a report to be submitted within three months.

 

Significantly, the petitioner company caters to a wide range of national security stakeholders, including the Indian Army, Air Force, Navy, BEL, HAL, and DRDO. All of its contracts are classified as highly sensitive. The stolen data reportedly pertains to advanced unmanned aerial vehicle (UAV) technology. The court observed that the nature of the offense is akin to cyber espionage, which demands not only procedural efficiency but also a combination of technical expertise and forensic skills.

 

• Telecom Firms Urge Regulation of OTT Platforms Under Cyber Security Rules

Telecom companies in India are urging the government to bring over-the-top (OTT) communication platforms like WhatsApp and Telegram under the country’s cybersecurity regulations, treating them similar to telecom service providers. The Cellular Operators Association of India (COAI) argues that if OTT apps are not closely linked to SIM cards, the risk of uncontrolled spam and scam calls will increase.

 

Currently, a telecom number can be traced only to the city where the mobile is registered. However, the activities on OTT communication apps are difficult to track. In many cases, an app initially linked to one mobile number may continue functioning on a different handset while the SIM is used elsewhere. COAI’s member companies include Reliance Jio, Bharti Airtel, and Vodafone Idea.

 

• Immediate and Free Treatment for Road Accident Victims

The Central Government has announced a cashless treatment scheme for victims of road accidents, under which immediate and free medical care will be provided. As part of this scheme, accident victims will be eligible for treatment up to Rs. 1.5 lakh without any advance payment.

 

The scheme has been launched nationwide and ensures that individuals injured in road accidents will no longer have to bear the cost of emergency treatment from their own pockets. The scheme came into effect on May 5, 2025, as notified by the Ministry of Road Transport and Highways.

 

According to the notification, if an accident occurs due to a motor vehicle, the injured person will be treated under this scheme regardless of where the accident took place. There will be no financial burden on the victim, as the government and hospitals will settle the expenses directly.

 

The first 7 days of hospitalization following the accident will be covered completely free of charge, which is particularly critical in emergency cases. Full treatment will be available at designated government-approved hospitals, while only basic treatment will be offered at non-designated facilities.

 

Importantly, this scheme applies only to accidents involving motor vehicles.

***

Article Useful for:-

Cybersecurity & Data Privacy / National Security & Defence / Social Media & Children / Telecom & Regulation / Road Safety & Healthcare