AI Infrastructure · Deep dive 01

When the model can't leave the boundary

Australia banned DeepSeek on government devices in 2025, open weights included in some directions. The procurement and data-residency case for running a capable model inside PROTECTED.

Draft outline · Sovereignty / policy lens
The anchor

In 2025 Australia (alongside South Korea, Taiwan, Italy and others) banned DeepSeek on government devices, and some directions extended to downloadable open-weight models, citing foreign-access and data-residency concerns. For a PROTECTED workload the question is not which SaaS model to trust, it is how to run a capable model where the data never leaves the boundary.

Sources we build on
Journalism

Independent reporting on the policy momentum and the arguments driving government bans.

Primary
Australian Government DeepSeek direction / cyber.gov.au

Primary source for the Australian government position on DeepSeek and foreign-access risk.

Article outline
  1. Why the bans happened. Foreign access, data residency, and why open weights got swept in.
  2. The PROTECTED constraint. The data cannot touch a public API, full stop.
  3. Running a model inside the boundary. Azure options, GPU sizing, classification-aware architecture.
  4. Capability versus control. The honest trade-off against frontier SaaS models.
  5. Supply chain of the model itself. Provenance of weights and dependencies.
How it aligns to what we do

A sovereignty and policy piece, not a security-scare piece. It leads with the procurement and residency argument a government reader is already having internally, and positions us as vendor-agnostic and sovereign-first, which is the product's whole stance.

Points to hit
Control it ratifies
ISM / E8 Supports ISM controls on data sovereignty, classification handling and offshore access; the architecture keeps PROTECTED data inside the accredited boundary.