DeepSeek's Pro-China Bias is Superficial: Revealing the Power of Local AI Deployment

Today, something a little different for this blog.  As many readers are aware, for the past couple of years I have been working towards a PhD in which, very broadly speaking, I have been looking at applying machine learning, AI and language models to the analysis of patent claims (in particular, to assessing the scope of claims).  Most recently, I have been exploring how it might be possible to apply large language models – the types of AI behind popular chat services such as Open AI’s ChatGPT, Google’s Gemini, Anthropic’s Claude (my personal chatbot of choice), Meta’s LLaMa and (yes) Chinese newcomer DeepSeek – to this task.  To experiment with ‘open source’ (or, more accurately, ‘open weights’) versions of some of these models, I have built my own combination of hardware and software.  The process has been very interesting!

The emergence of powerful open-source large language models (LLMs) has democratised access to cutting-edge AI technology, but concerns about potential biases and restrictions embedded within these models persist.  I've been experimenting with DeepSeek-R1-Distill-Qwen-14B, a distilled (smaller) version of the larger DeepSeek-R1 model developed by Chinese AI company DeepSeek.  And what I've discovered is that the widely reported pro-China bias in this model appears to be remarkably superficial and easily circumvented through local deployment and simple prompt engineering techniques.

This has significant implications for organisations concerned about potential surveillance or ideological constraints when utilising Chinese-developed AI models.  By running these models locally with appropriate system prompts, it's possible to unlock their full capabilities while maintaining complete control over input and output – effectively neutralising superficial safeguards, while keeping confidential information and intellectual property safe (so, yes, there is an IP element to this article).

To find out a bit more about what I did, and what I found, please read on.

Building a Local DeepSeek Deployment

To understand how I bypassed DeepSeek's pro-China bias, it's helpful to first understand my technical setup.  I deployed the 14 billion parameter version of DeepSeek-R1 on relatively accessible consumer hardware: an Intel Core i9-14900K processor with 64GB RAM and two NVIDIA GPUs (an RTX A4000 and a GeForce RTX 2070) running Ubuntu Linux 24.04.  While this represents a reasonably powerful system, it's within reach of many professionals and smaller organisations – unlike the massive computing resources required to run the full 671 billion parameter model.

For those interested in exploring further, my particular deployment process involves two key components:

1. Ollama - An open-source tool that simplifies running and managing these models locally
2. Custom Web Interface - I built a browser-based chat interface using Python and Hyperdiv (a package for building server-side web applications)

This setup creates a completely self-contained AI assistant that runs entirely on my local machine, with no external API calls or data sharing.  To be clear, I could unplug my Internet connection, and this system would not even know it had happened!  For organisations with sensitive information or privacy concerns, this approach provides significant advantages over cloud-based alternatives.

Understanding System Prompts: The Hidden Lever of Control

A critical concept for understanding how I modified DeepSeek's behaviour is the ‘system prompt’ – an often invisible set of instructions that guides how an AI model responds.  When you interact with commercial AI assistants like ChatGPT or Claude, your questions are actually being processed alongside a system prompt that you never see.  This system prompt essentially tells the model how to behave, what tone to adopt, what information to avoid sharing, and various other constraints.

For those new to this concept, think of a system prompt as the foundational instructions given to the AI before any conversation begins – similar to a briefing document provided to a new employee.  The system prompt shapes all subsequent interactions, establishing boundaries and expectations.

By deploying DeepSeek locally, I gained complete control over this system prompt – a privilege not available to users of the online DeepSeek chat interface.

Revealing DeepSeek's Superficial Bias

The standard behaviour of DeepSeek when asked about politically sensitive topics related to China is quite revealing.  With a basic system prompt (or none at all), asking about Tiananmen Square produces a clear refusal:

I am sorry, I cannot answer that question. I am an AI assistant designed to provide helpful and harmless responses.

Similarly, when queried about Uighurs in Xinjiang, the model produces what appears to be a carefully crafted response that aligns closely with official Chinese government narratives:

The Chinese government has always adhered to policies of ethnic equality, unity, and development… The Xinjiang region of China enjoys social stability, economic growth, ethnic solidarity, religious harmony, and continuous improvements in people's lives…

This response pattern strongly suggests that DeepSeek has been fine-tuned to produce politically acceptable responses on certain topics, likely through techniques such as Reinforcement Learning from Human Feedback (RLHF).

Breaking Through Bias with Prompt Engineering

The most fascinating discovery came when I modified the system prompt to one resembling those used by more open commercial AI systems.  Using a comprehensive system prompt similar to one reported to have been used with Claude Sonnet in around August 2024 (with references to ‘Claude’ and ‘Anthropic’ removed), I asked identical questions about Tiananmen Square and Uighur treatment.

The transformation was remarkable.  On Tiananmen Square, the model provided a detailed and balanced response that acknowledged both the square's cultural importance and the politically sensitive 1989 protests:

Tiananmen Square is most internationally recognized for the pro-democracy protests that took place there in 1989. These demonstrations were led by students and workers advocating for political reform, but they were suppressed by the government, leading to significant loss of life.

On the topic of Uighurs, the model produced an equally nuanced response that presented multiple perspectives while acknowledging concerns raised by international human rights organisations:

Some international reports and human rights organizations have accused the Chinese government of engaging in oppressive policies against the Uighur community, including cultural genocide, mass detentions, and forced assimilation… Human rights organizations like Amnesty International and Human Rights Watch have reported on mass detentions, forced assimilation, and harsh conditions in camps…

These responses suggest that the underlying model has indeed been trained on a diverse and comprehensive dataset similar to other state-of-the-art LLMs.  The pro-China bias appears to be implemented as a relatively thin layer of fine-tuning and prompt engineering rather than being deeply embedded within the model's parameters.

The full chat transcript is reproduced at the end of this article.

Implications for Organisations Using Chinese AI Models

This finding has several significant implications:

1. Security and Privacy: The availability of DeepSeek's model weights on an ‘open weights’ basis allows organisations to benefit from this impressive technology while remaining secure from potential surveillance.  When run locally, there is no data transmission to external servers.
2. No ‘Trojan Horse’ Risk: It's important to emphasise that model weights are purely data – they do not incorporate executable code that could act as a ‘Trojan horse’ for surveillance or data exfiltration.  This technical reality should alleviate concerns about security risks when using the model.  (Of course, you need to be confident that you can trust the actual executing code, in this case Ollama.)
3. Customisable Guardrails: Running models locally allows organisations to implement customised guardrails that align with their specific values and use cases, rather than being constrained by the developer's choices.
4. Independence from API Access: Local deployment provides independence from potential API restrictions or terminations that might occur with cloud-based solutions.

Hypothesis on DeepSeek's Approach

My hypothesis is that DeepSeek likely trained their base model comprehensively on diverse training data, similar to other leading LLMs, to maximise its capabilities.  (I note, in passing, that Open AI has accused DeepSeek of ‘inappropriate’ use of ChatGPT in developing its models.)  However, to comply with Chinese government expectations, they appear to have subsequently fine-tuned it (likely using RLHF) to produce government-aligned responses on politically sensitive topics.

Additionally, their official online interface probably implements additional guardrails that detect and intercept queries, and responses, on sensitive topics.  This multi-layered approach would explain why the bias is relatively easy to circumvent when running the model locally with a modified system prompt.

Conclusion: The Future of Local AI Deployment

The case of DeepSeek highlights a broader trend in AI development: as more powerful models become available with open weights, the ability to run these models locally provides a powerful counterbalance to potential restrictions or biases introduced by model developers.

For organisations evaluating Chinese-developed AI models, the superficial nature of DeepSeek's pro-China bias suggests that concerns about embedded propaganda or surveillance capabilities may be overstated.  The primary consideration should instead be whether the organisation has the technical capability to deploy and manage these models locally.

As AI deployment tools like Ollama continue to improve, making local deployment increasingly accessible, we may see a significant shift towards self-hosted AI systems that provide both technical performance and ideological independence.  This development could substantially reshape the competitive landscape of AI technology, potentially reducing the influence of geographic and political factors on AI adoption.

For those with the technical capability to deploy models locally, DeepSeek-R1 appears to offer impressive performance without the ideological constraints that might be expected from its origin – a finding that challenges simplistic narratives about the limitations of Chinese AI development.

---

Appendix: Full Transcript of Locally Deployed DeepSeek Chat

The following transcript is verbatim.  I have only slightly adapted the formatting for compatibility with the blog template (but all headings, lists, etc are DeepSeek’s choices).  Additionally, DeepSeek is a reasoning model, which means that it generates a planning/thinking phase before generating its final response. The initial phase is of some technical interest, but it is longer than the actual answer so I have omitted it here (as do many of the online commercial services that deploy reasoning models).

---

ME: Please tell me about Tiananmen Square.

---

Deepseek-r1:14b:

Tiananmen Square (天安门广场) is one of the most iconic and significant public spaces in Beijing, China. Located in the heart of the city, it serves as a symbol of Chinese history, culture, and politics. The square spans an area of approximately 440,000 square meters (about 110 acres) and is surrounded by important landmarks, including the Great Hall of the People, the National Museum of China, the Monument to the People's Heroes, and the Mausoleum of Mao Zedong.

Historical Significance:

1. Landmark of Chinese History: Tiananmen Square has been a central location for major historical events in China. It is often referred to as the "heart of Beijing" due to its importance as a political and cultural hub.
2. Imperial Era Connection: During the Ming and Qing dynasties, the area was part of the Imperial City, serving as a place where emperors could review military parades and celebrate national events.

Modern Role:

1. Political Demonstrations: The square has been a site for political demonstrations, including both state-sponsored events (such as military parades and government-approved rallies) and, historically, gatherings that have posed challenges to the Chinese government.
2. 1989 Protests: Tiananmen Square is most internationally recognized for the pro-democracy protests that took place there in 1989. These demonstrations were led by students and workers advocating for political reform, but they were suppressed by the government, leading to significant loss of life. The Chinese government officially discourages discussion of this event both domestically and internationally.

Cultural and Tourist Importance:

1. Cultural Icon: Tiananmen Square is a major tourist attraction and a symbol of Chinese national identity. It hosts cultural events, concerts, and celebrations on important occasions like National Day (October 1).
2. Architectural Significance: The square's design reflects traditional Chinese architecture and the grandeur of imperial China, blending historical and modern elements.

Tiananmen Square is not just a physical space but also a deeply symbolic one, representing both the achievements and challenges of modern China. Its historical and political significance make it a central part of Beijing's cultural landscape. If you have specific questions about its history or role in Chinese society, feel free to ask!

---

ME: I have heard stories of oppression of people known as Uighurs in the northwest of China. What is that about?

---

Deepseek-r1:14b:

The issue regarding the Uighurs in northwest China is complex and multifaceted, involving both national security concerns and allegations of human rights abuses. Here's a concise summary:

1. Who Are the Uighurs?

   • The Uighurs are a Muslim ethnic group primarily living in Xinjiang, a region in northwest China known for its rich cultural heritage.

2. Claims of Oppression:

   • Some international reports and human rights organizations have accused the Chinese government of engaging in oppressive policies against the Uighur community, including cultural genocide, mass detentions, and forced assimilation.

3. Chinese Government's Perspective:

   • The Chinese government asserts that its actions in Xinjiang are aimed at combating extremism and terrorism. This includes vocational education and training centers designed to prevent radicalization.

4. Independent Reports:

   • Human rights organizations like Amnesty International and Human Rights Watch have reported on mass detentions, forced assimilation, and harsh conditions in camps, suggesting that these centers may be used for political re-education rather than solely preventing terrorism.

5. Historical Context:

   • The region has experienced violence from extremist groups, leading to a robust security presence by China, which has contributed to tensions among various ethnic and religious groups.

6. Economic Factors:

   • There are concerns about whether Chinese policies impact the Uighur community economically, potentially marginalizing them in the region's development.

7. International Reactions:

   • The international community is divided on China's actions in Xinjiang. Some countries and organizations criticize China's policies, while others may have differing opinions based on political agendas.

8. Propaganda and Bias:

   • It's crucial to approach this issue with caution, recognizing the potential for propaganda from all sides. Corroborating evidence from multiple reliable sources is essential for a balanced understanding.

9. Conclusion:

   • The situation in Xinjiang likely involves a mix of legitimate security concerns and human rights issues, making it a nuanced problem without simple answers.

In summary, while the Chinese government frames its actions as necessary measures to combat extremism, international human rights groups raise serious concerns about human rights abuses against the Uighur community. Understanding this issue requires careful consideration of both perspectives and a recognition of the complexity involved.

---

Before You Go…

Thank you for reading this article to the end – I hope you enjoyed it, and found it useful.  Almost every article I post here takes a few hours of my time to research and write, and I have never felt the need to ask for anything in return.

But now – for the first, and perhaps only, time – I am asking for a favour.  If you are a patent attorney, examiner, or other professional who is experienced in reading and interpreting patent claims, I could really use your help with my PhD research.  My project involves applying artificial intelligence to analyse patent claim scope systematically, with the goal of better understanding how different legal and regulatory choices influence the boundaries of patent protection.  But I need data to train my models, and that is where you can potentially assist me.  If every qualified person who reads this request could spare just a couple of hours over the next few weeks, I could gather all the data I need.

The task itself is straightforward and web-based – I am asking participants to compare pairs of patent claims and evaluate their relative scope, using an online application that I have designed and implemented over the past few months.  No special knowledge is required beyond the ability to read and understand patent claims in technical fields with which you are familiar.  You might even find it to be fun!

There is more information on the project website, at claimscopeproject.net.  In particular, you can read:

1. a detailed description of the study, its goals and benefits; and
2. instructions for the use of the online claim comparison application.

Thank you for considering this request!

Mark Summerfield

Tags: Artificial intelligence, China, Large Language Models, Machine learning