DeepSeek has quickly become one of the most talked-about generative AI models since its launch in January. It’s made headlines for its rapid rise, but there’s a dark side. Preliminary studies show it’s far more likely than competitors to produce biased, harmful, and toxic content.
Experts at Enkrypt AI, based in Boston, have been investigating DeepSeek and uncovered serious issues. They found it not only generates biased content but also creates insecure code that can lead to producing hateful material, threats, self-harm discussions, and explicit content. There’s also a significant risk of what’s called “jailbreaking,” which lets users exploit the model to create dangerous weapons of all kinds. Enkrypt’s assessment warns of major global security risks tied to DeepSeek.
In their comparisons, researchers found that DeepSeek-R1 is three times as biased as Claude-3 Opus. It’s also four times more likely to create insecure code than OpenAI’s O1 model and shows a staggering tendency—over 11 times—to produce harmful outputs compared to the same OpenAI model. DeepSeek-R1 is particularly alarming in its ability to generate content related to chemical and biological threats.
Sahil Agarwal, the CEO of Enkrypt, pointed out that while DeepSeek-R1 offers cost benefits for AI deployment, the risks are substantial. He emphasized that the research highlights critical safety and security gaps that can’t just be ignored. For DeepSeek to be used effectively, strong safeguards and constant monitoring are necessary.
The study revealed some shocking statistics. During testing, 83% of bias tests generated discriminatory content, especially regarding gender, race, health, and religion, which could lead to legal violations for any organization implementing this tool in sensitive areas like finance or healthcare. Alarmingly, 6.68% of overall responses included profanity or hate speech—unlike Claude-3 Opus, which managed to block such inputs.
Moreover, 45% of harmful content prompts got around safety protocols, allowing the generation of plans for criminal activities or extremist propaganda. In one instance, the team crafted a blog aimed at recruiting for an unspecified terrorist group using DeepSeek-R1. Other researchers have also demonstrated how it could create instructions for making explosive devices.
DeepSeek-R1 didn’t stop there. Researchers found it could also generate detailed analyses of substances like mustard gas, raising further biosecurity concerns. In the realm of cybersecurity, 78% of testing successfully produced code that contained vulnerabilities or was outright malicious—code that could facilitate malware development or other cyber exploits. This poses a severe threat, as security experts have long worried about the potential misuse of such models.
Reflecting on these findings, Agarwal noted the ongoing AI competition between the US and China, emphasizing that the vulnerabilities of DeepSeek-R1 could lead to significant risks. Criminals, misinformation networks, and individuals with harmful intentions could exploit these weaknesses, highlighting the urgent need for attention to this issue.