Australia’s Department of Home Affairs has issued a directive banning the use or installation of DeepSeek products, applications and web services on all government devices. The directive, PSPF Direction 001-2025, was signed by Home Affairs Secretary Stephanie Foster on February 4, 2025.
The Protective Security Policy Framework (PSPF) applies to non-corporate Commonwealth entities subject to the Public Governance, Performance and Accountability Act 2013. The PSPF provides that, having considered advice from technical authority entities, the Secretary of the Department of Home Affairs may issue a direction to accountable authorities to manage a protective security risk to the Commonwealth.
“After considering threat and risk analysis, I have determined that the use of DeepSeek products, applications and web services poses an unacceptable level of security risk to the Australian Government,” said Foster. “Entities must manage the risks arising from DeepSeek’s extensive collection of data and exposure of that data to extrajudicial directions from a foreign government that conflict with Australian law.”
The directive also orders the removal of any existing instances of DeepSeek products, applications and web services on government devices.
However, any entity may seek an exemption for a legitimate business reason, limited to national security and regulatory functions, for the use of DeepSeek products, applications and web services on government devices and must ensure that appropriate mitigations are in place. A legitimate business reason is defined as something necessary to conduct business and/or achieve a work objective.
