The US Commerce Department has proposed rules to prevent foreign actors accessing cloud-based AI platrms, ostensibly to prevent malicious “cyber-enabled” activities.
However, comments by the US commerce secretary make it clear the move is also aimed at extending the US’s AI blockade on China.
The move will likely spark data sovereignty concerns in Europe. However, a bigger worry for European researchers and businesses is that they could find it even harder to access cutting edge AI hardware.
The Commerce Department’s Bureau of Industry and Security said the proposed rules are in response to a 2021 executive order on, “Taking Additional Steps To Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities.”
That order asked for proposed “regulations requiring U.S. Infrastructure as a Service (IaaS) providers of IaaS products to verify the identity of their foreign customers, along with procedures for the Secretary to grant exemptions; and authorize special measures to deter foreign malicious cyber actors' use of U.S. IaaS products.
The executive order was in response to the possibility of foreign malicious cyber actors using “U.S. IaaS products to commit intellectual property and sensitive data theft, to engage in covert espionage activities, and to threaten national security by targeting U.S. critical infrastructure.”
The regulations are clearly aimed at foreign actors’ potential use of US-based AI infrastructure for “training runs by foreign persons for large AI models with potential capabilities that could be used in malicious cyber-enabled activity.”
Which given the myriad ways AI models can be used for malicious activities – from researching targets and composing phishing lures, to analysing systems for vulnerabilities and writing code – means any large model.
US Commerce Secretary Gina Raimondo told Reuters last week, “We can’t have non-state actors or China or folks we don’t want accessing our cloud to train their models.” She equated controls on access to American cloud data centres with the US’ increasingly draconian regulations on chip exports.
The Department said it “proposes to require providers to verify the identity of foreign customers” and “regulations related to foreign resellers of U.S. IaaS products that would apply to U.S. IaaS providers”.
US IaaS providers would be required to “report to the Department when they have knowledge they will engage or have engaged in a transaction with a foreign person that could allow that foreign person to train a large AI model with potential capabilities that could be used in malicious cyber-enabled activity”
U.S. IaaS providers’ “foreign resellers” would also be required “verify the identity of foreign persons who open or maintain an account with a foreign reseller.”
Exactly what counts would as a large AI model under the proposals is yet to be decided.
The department said several commenters had asked for clarification on the status of “foreign subsidiaries” of US entities.
The Department said it "proposes to clarify that a foreign subsidiary of a U.S. IaaS provider is not considered to be a 'United States Infrastructure as a Service provider.'"
This suggets that European subsidiaries of AWS, Azure, etc would not be required to hand over information. However, with the US becoming increasingly defensive over exports of AI standard chips, that might be academic.
The European Union has become so alarmed about access to AI infrastructure – particularly GPU-enabled kit – that it last week unveiled plans to repurpose its super computers for AI, for both researchers, and EU AI startups.
How effective this will be is open to question, given long lead times for GPUs and other AI essentials.
The commerce department also summarised responses to its initial request for comments. Needless to say, these included concerns over the admin headache and costs associated with the requirements. In a breakdown in the announcement, the department said it expects the costs of the requirement could be as high as $171.5m.