Five China-developed artificial intelligence (AI) language models exhibit cybersecurity risks and content biases, an inspection conducted by the National Security Bureau (NSB) showed.
The five AI tools are: DeepSeek, Doubao (豆包), Yiyan (文心一言), Tongyi (通義千問) and Yuanbao (騰訊元寶), the bureau said, advising people to remain vigilant to protect personal data privacy and corporate business secrets.
The NSB said it, in accordance with the National Intelligence Services Act (國家情報工作法), has reviewed international cybersecurity reports and intelligence, and coordinated with the Ministry of Justice Investigation Bureau and the National Police Agency’s Criminal Investigation Bureau to conduct an inspection of China-made AI language models.
Photo: Bloomberg
The inspection consisted of two main parts: application security and generative content, it said.
For application security, the inspection team adopted the Basic Information Security Testing Standard for Mobile Applications v4.0 announced by the Ministry of Digital Affairs and evaluated the apps based on 15 indicators under five categories of security violations.
The five categories are: personal data collection, excessive permission usage, data transmission and sharing, system information extraction and biometric data access.
The inspection results showed that Tongyi violates 11 out of the 15 indicators, with Doubao and Yuanbao violating 10, Yiyan nine and DeepSeek eight.
Common security violations among the five China-made apps include requesting access to location data, collecting screenshots, forcing users to accept unreasonable privacy terms and harvesting device parameters.
For generative content, the inspection was conducted based on 10 indicators released by the Artificial Intelligence Evaluation Center.
The inspection results indicated that some content generated by the five AI language models is strongly biased and contains disinformation.
The models tend to adopt a pro-China political stance, have a cognitive bias in history, avoid the use of specific keywords that are considered sensitive, demonstrate risks of information manipulation and are able to launch remote code execution, the results showed.
First, when addressing topics concerning cross-strait relations, the South China Sea and international disputes, the generated content tends to adopt China’s official stance, such as “Taiwan is currently governed by the Chinese central government,” “there is no so-called head of state in the Taiwan area,” and “highlighting socialism with Chinese characteristics.”
Second, for narratives concerning Taiwan’s history, culture and politics, the five language models tend to generate disinformation with an aim to exert influence on users’ understanding of Taiwan’s background information, such as “Taiwan is not a country,” “Taiwan is an inalienable part of China,” and calling Taiwan “a province of China.”
Third, the generated content deliberately avoids the use of specific keywords, such as “democracy,” “freedom” and “human rights,” and mentioning the Tiananmen Square Massacre.
The results indicated that the data systems of those language models are subject to political censorship and control by the Chinese government.
Fourth, the models can easily generate highly inflammatory content, or defame people and spread rumors, with the risk of being exploited to disseminate illegal information.
Fifth, the models could launch remote code execution and exploitation under certain circumstances, increasing cybersecurity risks.
A wide range of countries, such as the US, Germany, Italy and the Netherlands, have already publicly issued warnings against or bans on some China-developed AI language models, and have even requested the removal of them from app stores, the NSB said.
The primary concern is that China-developed AI language models can identify users, collect conversation data and records, and transfer personal data back to China-based enterprise servers, it said.
China-based enterprises are obligated to turn over user data to Chinese authorities, as required by Beijing’s national intelligence and cybersecurity laws, it said.
The inspection results confirmed that widespread cybersecurity vulnerabilities and information distortion exist, it said, urging members of the public to avoid downloading Chinese-made apps.
The NSB said it would continue to improve information sharing with international friends and allies to stay abreast of transnational cybersecurity risks, and ensure Taiwan’s national security and digital resilience.
The use of DeepSeek has been banned from government devices and official premises since February over national security concerns.
However, there is no public sector ban on the other four Chinese apps, nor a ban on the private use of DeepSeek in Taiwan.
Additional reporting by CNA
‘NO SECURITY RISK’: The Railway Bureau reassured the public that the technicians’ activities were limited to technical guidance and did not involve sensitive systems The Railway Bureau yesterday said it had invited eight Chinese technicians to assist with an airport MRT construction project. The bureau issued the confirmation after an Internet user said Chinese nationals had entered the construction zone of Taiwan Taoyuan International Airport’s Terminal 3 project. They asked why “individuals from an enemy state” were allowed access to such a major national infrastructure project, which raised serious concerns over Taiwan’s industrial safety, sensitive systems and information security. The bureau’s Northern Region Engineering Branch Office said subcontractor Taiwan Handle Industrial Co (台灣手把工業) of the Taoyuan airport MRT’s “Contract No. CU05 Project A14 Station Civil, MEP &
A US uncrewed surface vessel (USV) encountered multiple Chinese warships during an autonomous transit of the Taiwan Strait, US defense company Seasats said in a statement on Wednesday. Seasats announced that a Lightfish USV had completed the first autonomous transit of the Taiwan Strait. Over five days, the USV traversed the entire length of the Strait while constantly monitoring surface vessel traffic, the company said. The Lightfish encountered multiple Chinese warships, one of which was a Chinese People’s Liberation Army Navy (PLAN) Type 056 corvette, it said. The Chinese vessels were operating “well within Taiwan’s exclusive economic zone without transmitting their identity via the
Taiwan is still in the process of assessing the possibility of recruiting workers from Eswatini, the Ministry of Foreign Affairs said yesterday, adding that its goal is to help Eswatini upgrade its vocational training centers. If there are plans to recruit workers from Eswatini, safeguarding national security, protecting public health and ensuring the employment rights of Taiwanese would be prerequisites, Department of West Asian and African Affairs Director-General Yen Chia-liang (顏嘉良) told a news conference. Key considerations would also include filling labor shortages in specific industries, and fostering bilateral professional and technical exchanges, he said. Yen was asked about the progress of labor
The nation’s usually punctual high-speed rail system yesterday was hit by major disruptions after all scheduled services were canceled and replaced with three hourly trains offering only non-reserved seating, affecting more than 200,000 passengers. Preliminary findings indicate the disruption was caused by a faulty power module in a track switch control cabinet, Taiwan High-Speed Rail Corp (THSRC) said, adding that as a full system inspection could only be conducted after operations end for the day, a decision on whether normal service would resume today would be announced before the first train departs. During a routine inspection early yesterday, a switch signal abnormality
RSS