Oklahoma – Governor Stitt has directed the Office of Management and Enterprise Services (OMES) to review the program DeepSeek and provide a recommendation regarding its use on state devices. After a thorough evaluation, the State of Oklahoma has decided to ban DeepSeek on all state-owned devices, including laptops, desktops, and mobile phones/tablets.
“We’re not going to take chances when it comes to protecting Oklahomans’ data,” said Governor Stitt. “DeepSeek has too many security risks, and we’re not about to let foreign adversaries have access to our state’s information. This is about keeping Oklahoma safe and making smart decisions for our future.”
The decision to ban DeepSeek comes after considering several key concerns:
– Security Risks: DeepSeek collects extensive user data, including chat history, uploaded files, and IP address information, all stored in China. This violates the state chief information officer’s data storage standard and poses a serious cybersecurity threat. The program has also been targeted by significant cyberattacks, exposing sensitive information.
– Regulatory Compliance Issues: Several state agencies must adhere to strict data protection regulations, including FERPA, HIPAA, IRS Pub 1075, and others. DeepSeek’s lack of compliance features creates a risk of non-compliance, potentially exposing state data to bad actors within the Chinese Communist Party and violating Executive Order 2024-11.
– Susceptibility to Adversarial Manipulation: DeepSeek-R1 has shown a high vulnerability to adversarial manipulation, allowing bad actors to bypass safety measures and generate harmful content.
– Lack of Robust Security Safeguards: DeepSeek lacks a layered security architecture, leaving it vulnerable to breaches and ethical violations. Furthermore, the app features weak encryption, increasing the likelihood of data leaks.
This decision underscores the state’s commitment to protecting sensitive information and ensuring the security of Oklahoma residents’ data.
