By now, most have heard of Deepseek, the Chinese startup whose namesake AI model surprised the American tech sector with state-of-the-art capabilities delivered at a fraction of US costs.
For those in Washington concerned about the potential geostrategic risks of China’s rising tech sector, anxiety was swift and predictable. Since Deepseek’s release, some have fretted that the model’s rock-bottom prices might undercut the American market. Meanwhile others have voiced valid data security issues. It’s been noted all user conversations are stored in China and that application code enables direct communication to government-controlled servers.
Worries have since evolved into policy proposals to either limit or even ban Deepseek and other Chinese AI technologies. In a March 13, response to the Trump administration’s request for information for a federal “AI Action Plan,” OpenAI formally proposed banning Chinese-produced “models that violate user privacy and create security risks such as the risk of IP theft.” Meanwhile in the Senate, Sen. Josh Hawley introduced the Decoupling America’s Artificial Intelligence Capabilities from China Act, proposing an unqualified outright ban on all Chinese developed AI.
While neither proposal has clear momentum, these are influential voices, and together, they suggest interest in some form of Chinese model ban is growing. The TikTok divestiture bill set a clear precedent, and limits on foreign consumer-grade tech are on the table.
Policymakers must tread with caution: Prohibitions adopted in national security haste should not be taken lightly. Limiting technology access carries significant trade-offs for innovation and security, constraining developers’ ability to study, borrow from, and surpass promising foreign innovations.
In many cases, there are less restrictive means that can resolve national security concerns and minimize the impact on innovation or other values. Given this technology’s importance, serious consideration must be given to the potential unintended self-harm of any limits on foreign, consumer-grade AI models.
Innovation Risks
The greatest trade-off of any foreign AI technology ban is lost innovative potential. While the intent of a prohibition is to keep out untrusted AI, the result could be isolating the United States’ innovation ecosystem perhaps more than even China’s. Often such bans are not as narrowly tailored as authors might think, restricting access to needed technologies while constraining market dynamics and collaboration.
At a minimum, the consequence of such siloing will be to decrease American market dynamism by eliminating positive foreign competition. For US AI firms, the benefits of international pressure are already clear. Pushed to improve by Deepseek, Google recently released Gemma‑3, an AI model that roughly matches Deepseek’s performance while using just 3 percent of its processing power. The openness of the US system forced these innovators to significantly advance AI efficiency, driving better technologies. Under any AI ban, this potent incentive would be lost, and dynamism could slow.
Beyond depressing market dynamics, any foreign AI ban would further limit innovation by halting technological cross-pollination. Access to diverse technologies allows American engineers to freely experiment, learn, and integrate valuable innovations. In the long-dominant US AI sector, this dynamic may be underappreciated. However, if US industry falls behind, retaking the lead could very well hinge on such technology-free exchange.
Deepseek’s research illustrates this point. Alongside its release, Deepseek also published a demonstration of a remarkable training technique called “knowledge distillation.” Given access to just the outputs of a strong “teacher” AI model, knowledge distillation allows engineers to rapidly improve weaker “student” systems. In their experiment, Deepseek’s flagship model acted as a teacher to Meta’s Llama AI, significantly boosting its performance. On certain benchmarks, Llama exceeded the capabilities of OpenAI’s GPT-4o and Anthropic’s Claude 3.5 Sonnet—an impressive feat for a model previously considered inferior.
While knowledge distillation isn’t a fix-all panacea, the lesson of this experiment is clear: For innovators, foreign AI access can matter deeply. Whether or not the United States leads the AI market, international models are an important source of learning, ideas, and inspiration. If the United States ever loses the AI lead, however, the freedom to study and borrow from leading systems could be essential to our ability to catch up. If policymakers hazard a ban, the probable result will be solidifying foreign competitive advantage.
Security Risks
Limits on Chinese AI also risk cybersecurity weakness. AI systems are becoming increasingly cyber-capable—both for offensive and defensive purposes. Back-to-back OpenAI releases have underscored this evolution. In late February, OpenAI found North Korean hackers wielded ChatGPT to debug malware, research targets, and refine social engineering attacks. Days later, the lab showed that its Deep Research AI performed 33 percent better than its predecessor, GPT-4o, in hacking challenges.
These developments suggest AI will soon play a pivotal role in the cyber-threat landscape. For researchers, understanding and defending against any threats will demand an intimate understanding of foreign AI. Without ongoing unrestricted model experimentation, American security experts will lack the critical knowledge and familiarity needed to effectively counter malicious AI use cases.
For private-sector defensive cybersecurity, foreign model access could soon become even more crucial. In November, Google unveiled Big Sleep, an AI that autonomously discovered a previously unknown cybersecurity vulnerability. A global first. This breakthrough suggests AI could soon shift the cybersecurity balance of power—from reactive defense to proactively scanning and filling cyber cracks before products are released.
If AI-driven scanning tools become standard, access to a diverse range of models will be critical. Each model has unique strengths, weaknesses, and knowledge. Undoubtedly, each will find different vulnerabilities. Soon, a comprehensive cybersecurity strategy could require scanning software with multiple AI systems. For American organizations, any ban on Chinese or foreign AI would mean blindness to otherwise detectable vulnerabilities. With hands tied, America’s software will be more vulnerable, potentially allowing foreign competitors to set the global security standard.
Alternative Policy Responses and the Importance of a Measured Approach
In a rapidly shifting AI market, foreign technology access remains crucial for maintaining technical parity, innovation, and security. This does not mean the United States should ignore national security risks from foreign adversary technology. Ideally, advanced technology would be developed exclusively by market-oriented, liberal democratic nations, freeing it from servicing authoritarians in espionage, censorship, or the spread of deliberate cyber insecurities. However, that is not the reality we live in, and totalitarian and adversarial regimes will continue to invest in technological development. Deepseek specifically operates under Chinese government oversight, and skepticism is warranted given the government’s legal authority to request company data and its history of deliberately implanting security holes in consumer technology.
To preserve the necessary benefits of open technology access in the face of these risks, officials should avoid a catch-all ban. Instead, policymakers must pursue a less restrictive mix of informed use, app store security curation, and when required, regulation narrowly scoped to bounded, security-critical contexts.
For the average user, present Chinese AI security risks are likely marginal, and the best general risk mitigant is informed use. Given the wealth of AI market choice and product information, users have immense freedom to educate themselves and choose the specific models that align with their unique security and privacy needs. In most cases, users can and will default to American models. Yet, when they want to experiment with foreign alternatives, they should be allowed. In scenarios where self-education and choice might not go far enough, app store curation can act as a basic security backstop. Already, leading app stores actively scan offerings for clear security issues and, when needed, remove unsafe software.
In cases where Chinese or foreign AI systems present truly unacceptable risks, policymakers should narrowly tailor regulations to just those specific contexts. Highly sensitive federal data, for instance, should not touch Chinese AI. Appropriately scoped to this narrow circumstance is the No Deepseek on Government Devices Act, which would limit Deepseek’s use on federal systems. This regulatory model should guide similar efforts. Rules should be the exception, but when required, they should be context-specific to avoid necessary restraints on general freedom of use and experimentation.
Conclusion
Deepseek and other Chinese AI technologies unquestionably merit scrutiny and skepticism given the geopolitical tensions and conflict of values. Still, any catch-all ban would sacrifice not only general freedom of use, but crucial market dynamism, innovation opportunities, and cybersecurity advantages. By pursuing a measured approach that prioritizes informed use, app store curation, and, when needed, narrowly scoped regulation, the United States can maintain the technological openness key to both security and global leadership.
