For the first time under Europe’s data law, a government has asked Apple and Google to investigate an AI app, not because it is malfunctioning, but because of where the data is being sent. On June 27, 2025, Germany formally requested that both tech giants remove DeepSeek, a Chinese-developed chatbot, from their national app stores. The reason? Alleged violations of the EU’s data protection laws and concerns that personal information from German users is being routed through servers in China without adequate legal safeguards in place. It’s a coalition of artificial and digital diligence, sovereignty, and geopolitical trust.
As Brussels sharpens its stance on foreign technology, Germany is signalling action and a new era of enforcement, with the GDPR, seen as a privacy framework, now becoming a frontline in Europe’s AI regulation. The DeepSeek case can set a new precedent for who gets to operate in the EU under what terms and with what accountability. So let’s explore how the story unfolded, what the legal Challenge is, and why the China-EU AI split may be deeper than it looks.
What triggered Germany’s action?
At the centre of the decision is one simple and serious issue: DeepSeek is transferring personal data from EU users to China. And it’s affecting the GDPR.
Germany’s Federal Commissioner for Data Protection and Freedom of Information flagged that the application of their internal reviews.
They suggest that it’s not only collecting sensitive data that user inputs, but also storing and processing it through infrastructure outside EU jurisdiction, specifically on servers linked to mainland China.
Germany has responded by sending formal notices to both Apple and Google, requesting that they remove DeepSeek from their respective app stores within Germany’s national borders. The request is currently under legal review, but if either tech company agrees, it will result in a shift.
This isn’t the first time that DeepSeek has drawn scrutiny:
In Italy, the app had been previously blocked entirely, and the Netherlands, Australia, and Taiwan had banned it from government devices.
However, Germany’s move is slightly different; it’s not just a restriction, but rather a signal that the GDPR is now being enforced not only on European firms but also on foreign AI companies operating in the open market.
The China-EU AI trust gap is widening.
At the heart of this issue is a trust gap. Europe does not believe Chinese AI platforms will protect users’ data to meet EU standards. To provide a brief example:
China’s 2017 National Intelligence Law grants the state access to private data, which has made European governments nervous.
Add to that the previous security concerns surrounding Huawei and TikTok, and DeepSeek was always going to face scrutiny. It just took longer to reach the enforcement stage.
This is also happening as the EU AI Act begins to finalise. With these mandatory transparency requirements on obligations on non-EU providers, Germany’s move is an early test, and more bans may follow if apps like DeepSeek are seen as exporting not just code but also foreign influence.
GDPR is used as a Tech firewall, a filter that makes it powerful, especially when backed by governments willing to take action, as Germany did, to protect its citizens and data.
What happens next?
As of now, Apple and Google have not yet confirmed whether they’ll comply with Germany’s request. However, there is pressure that if either platform removes DeepSeek from the German app stores, it will trigger a domino effect across the EU, with countries like France, Spain, and even Belgium following suit.
Even if the app isn’t banned Europe-wide, the message is clear: foreign AI apps that handle EU user data will be held to EU standards — or shown the door.
This moment also sets a precedent. Developers outside the bloc are now on notice:
If your infrastructure crosses into jurisdictions like China or Russia
If your data handling is vague, or your legal setup murky
If you can’t guarantee GDPR-level safeguards, then your app could be next
Compliance isn’t optional. It’s the cost of entry.