Last month, DeepSeek, an AI start-up based in China, grabbed headlines with claims that its latest large language AI model, DeepSeek-R1, could perform on par with more expensive and market-leading AI models despite allegedly requiring less than $6 million dollars’ worth of computing power from older and less-powerful chips.  Although some industry observers have raised doubts about the validity of DeepSeek’s claims, its AI model and AI-powered application piqued the curiosity of many, leading the DeepSeek application to become the most downloaded in the United States in late January.  DeepSeek was founded in July 2023 and is owned by High-Flyer, a hedge fund based in Hangzhou, Zhejiang.

The explosive popularity of DeepSeek coupled with its Chinese ownership has unsurprisingly raised data security concerns from U.S. Federal and State officials.  These concerns echo many of the same considerations that led to a FAR rule that prohibits telecommunications equipment and services from Huawei and certain other Chinese manufacturers.  What is remarkable here is the pace at which officials at different levels of government—including the White House, Congress, federal agencies, and state governments, have taken action in response to DeepSeek and its perceived risks to national security.  

Federal Government-Wide Responses

  • Bi-Partisan Bill to Ban DeepSeek from Government Devices:  On February 7, Representatives Gottheimer (D-NJ-5) and LaHood (R-IL-16) introduced the No DeepSeek on Government Devices Act (HR 1121).  Reps. Gottheimer and LaHood, who both serve on the House Permanent Select Committee on Intelligence, each issued public statements pointing to grave and deeply held national security concerns regarding DeepSeek.  Rep. Gottheimer has stated that “we have deeply disturbing evidence that [the Chinese Communist Party (“CCP”) is] using DeepSeek to steal the sensitive data of U.S. citizens,” calling DeepSeek “a five-alarm national security fire.”  Representative LaHood stated that “[u]nder no circumstances can we allow a CCP company to obtain sensitive government or personal data.”
  • While the details of the bill have not yet been unveiled, any future DeepSeek prohibition could be extended by the FAR Council to all federal contractors and may not exempt commercial item contracts under FAR Part 12 or contracts below the simplified acquisition (or even the micro-purchase) threshold, similar to other bans in this sector.  Notably, such a prohibition may leave contractors with questions about the expected scope of implementation, including the particular devices that are covered.
  • Other Legislative Activity:  Several legislative efforts, targeted more broadly at curtailing Chinese access to AI and other technology, may impact DeepSeek as well.  On January 29, Senator Hawley (R-MO) introduced a sweeping U.S.-China AI Decoupling Bill that we previously covered here.  If passed, this bill could effectively ban the use of DeepSeek’s AI models in the U.S.
  • And on February 7, Representative Mark Green (R-TN-7) introduced the China Technology Transfer Control Act (HR 1122).  The bill, among other things, directs the President to “control the export or re-export to or transfer in” China of any “covered national interest technology or intellectual property” under U.S. jurisdiction or exported by any U.S. person.  Although identical to a bill introduced by Rep. Green in 2023, Green now frames the bill as a response to DeepSeek and allegations that DeepSeek used U.S. chips and technology to develop its AI models. 
  • National Security Council Review:  On January 28, the White House confirmed that a National Security Council review of DeepSeek’s AI model was ongoing, although no further information has yet been released.    

Agency & Component-Specific Responses

  • Department of Defense Response:  Predictably, the Pentagon and Defense Components have been early movers against DeepSeek.  The Defense Information Systems Agency (“DISA”) began blocking access to DeepSeek on the Pentagon’s IT networks on January 28, following reports that Department of Defense employees had used DeepSeek on government devices for about two days before the ban.
  • Meanwhile, the U.S. Navy issued a memo on January 24 to service members prohibiting the use of DeepSeek’s AI models “in any capacity” because of “potential security and ethical concerns associated with the model’s origin and usage.”  They explained to members of the Operational Navy that it is imperative that team members do not use DeepSeek’s AI “for any work-related tasks or personal use” and that they should “refrain from downloading, installing, or using the DeepSeek model in any capacity.”
  • NASA Response:  On January 31, NASA’s Chief AI Officer issued a memo to agency personnel prohibiting the use of DeepSeek products and services “with NASA’s data and information or on government-issued devices and networks.”  The memo noted that NASA personnel are not permitted to use DeepSeek to “share or upload agency data on DeepSeek products or services,” and are not authorized to “access DeepSeek via NASA devices and agency-managed network connections.”
  • U.S. House of Representatives Response:  The U.S. House of Representatives’ Chief Administrative Officer issued a notice around January 30 to congressional offices prohibiting House staffers from installing DeepSeek on House-issued phones, computers, and tablets or for “official House use,” noting that “threat actors are already exploiting DeepSeek to deliver malicious software and infect devices.”

State Government Responses

  • Texas Issues First State-Level Ban:   On January 31, Governor Greg Abbott issued a ban on the use of AI applications affiliated with China, including DeepSeek, on state government-issued devices, making Texas the first state to do so.  Abbott stated that “Texas will not allow the Chinese Communist Party to infiltrate [Texas’] critical infrastructure through data-harvesting AI.”  He further noted that “state agencies and employees responsible for handling critical infrastructure, intellectual property, and personal information must be protected from malicious espionage operations by the Chinese Communist Party.” 
  • New York and Virginia Governors Follow:  On February 10, New York Governor Kathy Hochul announced a statewide ban on the use of DeepSeek’s AI application on state government-managed devices and networks, citing “serious concerns” related to foreign government surveillance and censorship.  On February 11, Virginia became the third state to prohibit DeepSeek on government devices with Governor Glenn Youngkin’s signing of Executive Order 46.  The EO prohibits (1) any “employee or contract employee of any agency” from downloading or using DeepSeek’s AI on state government-issued devices, (2) any person or entity contracting with the state from downloading or using DeepSeek’s AI on state-owned or leased equipment, and (3) any person from downloading or using DeepSeek’s AI through state “owned, operated, or maintained wireless networks.”
  • State Legislative Activity:  While responses to DeepSeek in Texas, New York, and Virginia were led by the executive branch, state lawmakers took the lead in Georgia and Kansas by introducing bills, SB 104 and HB 2313, respectively, that would ban the use of DeepSeek and other Chinese AI models from use on state government-issued devices.  These bills remain under consideration.

We anticipate additional legislative and executive agency action regarding the use of DeepSeek by government agencies and their industry partners in the coming weeks and months.  This is particularly true given the apparent agreement between key agencies and Congress on the potential risks of this technology.  What is clear already is that any use of DeepSeek in connection with U.S. public sector projects will be subject to significant scrutiny. 

Photo of Nooree Lee Nooree Lee

Nooree Lee represents government contractors in all aspects of the procurement process and focuses his practice on the regulatory aspects of M&A activity, procurements involving emerging technologies, and international contracting matters.

Nooree advises government contractors and financial investors regarding the regulatory aspects of…

Nooree Lee represents government contractors in all aspects of the procurement process and focuses his practice on the regulatory aspects of M&A activity, procurements involving emerging technologies, and international contracting matters.

Nooree advises government contractors and financial investors regarding the regulatory aspects of corporate transactions and restructurings. His experience includes preparing businesses for sale, negotiating deal documents, coordinating large-scale diligence processes, and navigating pre- and post-closing regulatory approvals and integration. He has advised on 35+ M&A deals involving government contractors totaling over $30 billion in combined value. This includes Veritas Capital’s acquisition of Cubic Corp. for $2.8 billion; the acquisition of Perspecta Inc. by Veritas Capital portfolio company Peraton for $7.1 billion; and Cameco Corporation’s strategic partnership with Brookfield Renewable Partners to acquire Westinghouse Electric Company for $7.8+ billion.

Nooree also counsels clients focused on delivering emerging technologies to public sector customers. Over the past several years, his practice has expanded to include advising on the intersection of government procurement and artificial intelligence. Nooree counsels clients on the negotiation of AI-focused procurement and non-procurement agreements with the U.S. government and the rollout of federal and state-level regulations impacting the procurement and deployment of AI solutions on behalf of government agencies.

Nooree also counsels clients navigating the Foreign Military Sales (FMS) program and Foreign Military Financing (FMF) arrangements. Nooree has advised both U.S. and ex-U.S. companies in connection with defense sales to numerous foreign defense ministries, including those of Australia, Israel, Singapore, South Korea, and Taiwan.

Nooree maintains an active pro bono practice focusing on appeals of denied industrial security clearance applications and public housing and housing discrimination matters. In addition to his work within the firm, Nooree is an active member of the American Bar Association’s Section of Public Contract Law and has served on the Section Council and the Section’s Diversity Committee. He also served as the firm’s Fellow for the Leadership Council on Legal Diversity program in 2023.

Read more about Nooree LeeNooree's Linkedin Profile
Show more Show less
Photo of Robert Huffman Robert Huffman

Bob Huffman counsels government contractors on emerging technology issues, including artificial intelligence (AI), cybersecurity, and software supply chain security, that are currently affecting federal and state procurement. His areas of expertise include the Department of Defense (DOD) and other agency acquisition regulations governing…

Bob Huffman counsels government contractors on emerging technology issues, including artificial intelligence (AI), cybersecurity, and software supply chain security, that are currently affecting federal and state procurement. His areas of expertise include the Department of Defense (DOD) and other agency acquisition regulations governing information security and the reporting of cyber incidents, the Cybersecurity Maturity Model Certification (CMMC) program, the requirements for secure software development self-attestations and bills of materials (SBOMs) emanating from the May 2021 Executive Order on Cybersecurity, and the various requirements for responsible AI procurement, safety, and testing currently being implemented under the October 2023 AI Executive Order. 

Bob also represents contractors in False Claims Act (FCA) litigation and investigations involving cybersecurity and other technology compliance issues, as well more traditional government contracting costs, quality, and regulatory compliance issues. These investigations include significant parallel civil/criminal proceedings growing out of the Department of Justice’s Cyber Fraud Initiative. They also include investigations resulting from False Claims Act qui tam lawsuits and other enforcement proceedings. Bob has represented clients in over a dozen FCA qui tam suits.

Bob also regularly counsels clients on government contracting supply chain compliance issues, including those arising under the Buy American Act/Trade Agreements Act and Section 889 of the FY2019 National Defense Authorization Act. In addition, Bob advises government contractors on rules relating to IP, including government patent rights, technical data rights, rights in computer software, and the rules applicable to IP in the acquisition of commercial products, services, and software. He focuses this aspect of his practice on the overlap of these traditional government contracts IP rules with the IP issues associated with the acquisition of AI services and the data needed to train the large learning models on which those services are based. 

Bob is ranked by Chambers USA for his work in government contracts and he writes extensively in the areas of procurement-related AI, cybersecurity, software security, and supply chain regulation. He also teaches a course at Georgetown Law School that focuses on the technology, supply chain, and national security issues associated with energy and climate change.

Read more about Robert Huffman
Show more Show less
Photo of Ryan Burnette Ryan Burnette

Ryan Burnette is a government contracts and technology-focused lawyer that advises on federal contracting compliance requirements and on government and internal investigations that stem from these obligations. Ryan has particular experience with defense and intelligence contracting, as well as with cybersecurity, supply chain…

Ryan Burnette is a government contracts and technology-focused lawyer that advises on federal contracting compliance requirements and on government and internal investigations that stem from these obligations. Ryan has particular experience with defense and intelligence contracting, as well as with cybersecurity, supply chain, artificial intelligence, and software development requirements.

Ryan also advises on Federal Acquisition Regulation (FAR) and Defense Federal Acquisition Regulation Supplement (DFARS) compliance, public policy matters, agency disputes, and government cost accounting, drawing on his prior experience in providing overall direction for the federal contracting system to offer insight on the practical implications of regulations. He has assisted industry clients with the resolution of complex civil and criminal investigations by the Department of Justice, and he regularly speaks and writes on government contracts, cybersecurity, national security, and emerging technology topics.

Ryan is especially experienced with:

Government cybersecurity standards, including the Federal Risk and Authorization Management Program (FedRAMP); DFARS 252.204-7012, DFARS 252.204-7020, and other agency cybersecurity requirements; National Institute of Standards and Technology (NIST) publications, such as NIST SP 800-171; and the Cybersecurity Maturity Model Certification (CMMC) program.
Software and artificial intelligence (AI) requirements, including federal secure software development frameworks and software security attestations; software bill of materials requirements; and current and forthcoming AI data disclosure, validation, and configuration requirements, including unique requirements that are applicable to the use of large language models (LLMs) and dual use foundation models.
Supply chain requirements, including Section 889 of the FY19 National Defense Authorization Act; restrictions on covered semiconductors and printed circuit boards; Information and Communications Technology and Services (ICTS) restrictions; and federal exclusionary authorities, such as matters relating to the Federal Acquisition Security Council (FASC).
Information handling, marking, and dissemination requirements, including those relating to Covered Defense Information (CDI) and Controlled Unclassified Information (CUI).
Federal Cost Accounting Standards and FAR Part 31 allocation and reimbursement requirements.

Prior to joining Covington, Ryan served in the Office of Federal Procurement Policy in the Executive Office of the President, where he focused on the development and implementation of government-wide contracting regulations and administrative actions affecting more than $400 billion dollars’ worth of goods and services each year.  While in government, Ryan helped develop several contracting-related Executive Orders, and worked with White House and agency officials on regulatory and policy matters affecting contractor disclosure and agency responsibility determinations, labor and employment issues, IT contracting, commercial item acquisitions, performance contracting, schedule contracting and interagency acquisitions, competition requirements, and suspension and debarment, among others.  Additionally, Ryan was selected to serve on a core team that led reform of security processes affecting federal background investigations for cleared federal employees and contractors in the wake of significant issues affecting the program.  These efforts resulted in the establishment of a semi-autonomous U.S. Government agency to conduct and manage background investigations.

Read more about Ryan Burnette
Show more Show less
Photo of August Gweon August Gweon

August Gweon counsels national and multinational companies on data privacy, cybersecurity, antitrust, and technology policy issues, including issues related to artificial intelligence and other emerging technologies. August leverages his experiences in AI and technology policy to help clients understand complex technology developments, risks…

August Gweon counsels national and multinational companies on data privacy, cybersecurity, antitrust, and technology policy issues, including issues related to artificial intelligence and other emerging technologies. August leverages his experiences in AI and technology policy to help clients understand complex technology developments, risks, and policy trends.

August regularly provides advice to clients on privacy and competition frameworks and AI regulations, with an increasing focus on U.S. state AI legislative developments and trends related to synthetic content, automated decision-making, and generative AI. He also assists clients in assessing federal and state privacy regulations like the California Privacy Rights Act, responding to government inquiries and investigations, and engaging in public policy discussions and rulemaking processes.

Read more about August Gweon
Show more Show less
Photo of Akash Shah Akash Shah

Akash is an associate in the firm’s Washington, DC office and a member of the Government Contracts and Life Sciences Transactions Practice Groups.

Akash also maintains an active pro bono practice focused on civil rights and immigration matters.

Read more about Akash Shah
Bolatito Adetula

Tito Adetula is an associate in the firm’s Washington, DC office. She is a member of the Data Privacy and Cybersecurity Practice Group and the Government Contracts Practice Group.

Tito also maintains an active pro bono practice focused on data privacy and cybersecurity matters.

Read more about Bolatito Adetula