The Queensland and South Australian governments officially prohibit the use of DeepSeek products, applications, and online services across all government-provided Information and Communication Technology (ICT) systems and devices. Federal security instructions identify DeepSeek’s AI platforms as major cybersecurity concerns, prompting this quick response. 

Queensland and South Australia enforce the bans to stop illegal access to private government data, minimise breaches, and ensure compliance with national cybersecurity policies. This decision is based on recent reviews that highlight DeepSeek’s data retention policies and the potential risks associated with generative AI tools, which could negatively impact public trust and government systems.

AI security risks

DeepSeek’s AI-powered systems raise several cybersecurity concerns due to their great capacity for collecting, storing, and processing data. These systems store large volumes of private data to train artificial intelligence models, which raises the risk of data leaks and unauthorised access. Generative AI techniques like DeepSeek make government systems more vulnerable, which means that data could be changed, privacy could be lost, and malicious people could use the systems.

The Australian Cyber Security Centre (ACSC) warns that improperly controlled generative artificial intelligence programmes can unintentionally reveal confidential material. These risks include the chance that AI outputs will accidentally reveal private government data and the fact that AI systems can be attacked by people who want to do harm, which can change or mislead decision-making processes.

Stephen Mullighan, South Australia’s Treasurer, highlighted the need to tackle these threats, stating, “We have taken swift action to ban DeepSeek on government devices, based upon the best advice from federal security advisors and our Chief Information Officer. This is a necessary and prudent measure to protect the security of government information and any information held on behalf of the general public.”

AI risk mitigation

The Queensland and South Australian governments have acted decisively to address the cybersecurity risks associated with DeepSeek and similar AI platforms by implementing targeted measures:

1. Identify and remove existing installations: Every agency must conduct thorough audits of all government devices, including smartphones, tablets, laptops, and desktops, to locate and remove any DeepSeek products currently installed. For instance, fleet management tools like Microsoft Endpoint Manager systematically identify and eliminate unauthorised applications across all connected devices.
2. Prevent future access and installations: Government IT departments must set up gateway and internet filtering systems to effectively block DeepSeek web services and prevent any future installations. Network security solutions, including firewalls and secure web gateways, are updated to implement rules that explicitly block access to DeepSeek’s servers and related IP addresses.
3. Strengthen BYOD policies: Agencies changed their Bring Your Own Device (BYOD) rules to specifically forbid the use of DeepSeek or related artificial intelligence apps on personal devices linked to government networks. This ensures that security breaches cannot originate from any equipment, including non-governmentally owned ones.
4. Adopt approved AI tools only: Agencies should apply only AI tools that their cybersecurity teams have approved and screened. Queensland Government employees should adopt QChat, a government-approved AI application that meets strict data governance and security standards.
5. Conduct regular security assessments: Evaluate and assess business impact regularly to determine the security classification of information assets and identify potential vulnerabilities that may arise from using AI tools. This proactive strategy guarantees continuous adaptation to emerging AI challenges while maintaining robust data governance practices.
6. Enhance supply chain risk management: Agencies must carefully review outside suppliers and vendors to ensure that incorporating generative artificial intelligence technologies into the supply chain does not introduce any additional risk. Define transparent policies and contractual obligations that require providers to disclose their data management and artificial intelligence applications.

These steps are based on the Australian Signals Directorate’s (ASD) Information Security Manual and the ACSC’s Guidance for Engaging with Artificial Intelligence. Together, they make up a full framework that lowers the risks associated with AI and protects the security and integrity of government ICT systems.

Check out: “AI sparks risks, reinforces cybersecurity”

AI cybersecurity threats

Australia’s public sector networks prohibit DeepSeek products, reflecting a strategic response to current cyber threats and signalling a significant shift in government strategies concerning the convergence of artificial intelligence (AI), data governance, and cybersecurity. By implementing these measures, Australia establishes an important standard for protecting sensitive government information and defending its digital infrastructure against threats from generative AI technologies.

Artificial intelligence has transformative potential, but it also presents complex challenges related to data security. Generative AI models like DeepSeek rely heavily on cloud storage and data analytics, actively preserving user inputs to boost their performance. This practice enhances AI capabilities and presents considerable risks for governments, including unauthorised data retention, potential misuse, and the exploitation of sensitive information. Queensland and South Australia have recognised these challenges and acted quickly to tackle vulnerabilities in their IT systems.

Michael Brown, Assistant Minister for Artificial Intelligence and the Digital Economy, stated, “We know the potential and opportunities of AI, however when it comes to unacceptable risk to sensitive government information it is imperative that we take swift action. As a Government we must be nimble to the emerging opportunities and threats of AI and we have moved quickly to protect the government and community from the potential threat posed by this platform.”

AI governance Australia

All departments of the Queensland Government, statutory bodies, and accountable officials must apply this policy in its entirety, as specified in the Financial and Performance Management Standard 2019 and the Public Sector Act 2022. This ensures a coherent approach to managing cybersecurity risks across the public sector. The policy acknowledges the interconnected elements of modern government operations, including contractors, consultants, and suppliers accessing government networks and tools. 

This strategy is crucial for addressing weaknesses related to outside access and for preserving consistent security standards among all users of government systems. Agencies should change their Bring Your Own Device (BYOD) rules to improve the security architecture. This effort addresses the issues related to unlicensed artificial intelligence apps on personal devices, following the general Queensland Government directions on the use of ICT services, facilities, and devices. 

Agencies can greatly reduce the danger of data leaks and illegal access to critical data by ensuring personal device compliance with security criteria. The policy aims to be exhaustive but permits some exceptions in specific cases. The accountable officer of the agency approves these exclusions, ensuring that any deviations undergo careful review and explanation.

The Queensland Government actively addresses the challenges posed by generative artificial intelligence tools like DeepSeek, demonstrating its commitment to preserving private data and maintaining the integrity of its ICT systems. The government adopts a comprehensive policy framework, demonstrating a proactive attitude to solve vulnerabilities, preserve public confidence, and set a benchmark for ethical AI governance. 

This project highlights the growing awareness of artificial intelligence’s dual nature: its significant ability to enhance efficiency and creativity, alongside the serious risks it presents to ethical standards and data security. The Queensland Government’s projects set a standard for other areas as they navigate the complexities of effectively integrating artificial intelligence technologies. 

The government fosters an environment marked by openness, responsibility, and security by accepting international standards, including Australia’s AI Ethics Principles, and implementing thorough recommendations for responsible AI use. This approach ensures that the benefits of artificial intelligence can be accessed without compromising public confidence or safety, effectively addressing current issues and positioning Queensland as a leader in the responsible application of AI.

Justin Lance Marcel Lavadia

+ postsBio

Justin Lavadia is a content producer and editor at Public Spectrum with a diverse writing background spanning various niches and formats. With a wealth of experience, he brings clarity and concise communication to digital content. His expertise lies in crafting engaging content and delivering impactful narratives that resonate with readers.

• Justin Lance Marcel Lavadia

  https://publicspectrum.co/author/justine-lavadia/

  Military fortifies frontline against LLM AI
• Justin Lance Marcel Lavadia

  https://publicspectrum.co/author/justine-lavadia/

  Mastering media security, defending your data
• Justin Lance Marcel Lavadia

  https://publicspectrum.co/author/justine-lavadia/

  AI governance shapes ethical digital future
• Justin Lance Marcel Lavadia

  https://publicspectrum.co/author/justine-lavadia/

  Safeguarding public safety with data protection