Eyeing China, US may require clouds to report when foreign actors rent kit to build AI models

US-based infrastructure-as-a-service (IaaS) operators could soon be required to strengthen know-your-customer (KYC) procedures in order to prevent foreign actors renting the infrastructure needed to train AI models.

The US Department of Commerce published a proposed regulation on Monday.

The text of the draft regulation requires “providers of certain IaaS products” to submit a report “to the commerce secretary when a foreign person uses their services to train a large AI model with potential capabilities that could be used in malicious cyber-enabled activity.”

The document suggests a definition of relevant models as any with the “technical conditions of a dual-use foundation model, or that otherwise has technical parameters of concern, that has capabilities that could be used to aid or automate aspects of malicious cyber-enabled activity.”

Malicious cyber-enabled activity could include social engineering attacks, hunting for vulnerabilities, denial-of-service attacks, data poisoning, target selection and prioritization, disinformation related campaigns, and remote command-and-control.

Any activity that falls within these categories must be reported with 15 calendar days. Data on customers undertaking such activity must be retained by IaaS operators for two years.

The draft regulation released Monday notes that foreign malicious cyber actors using US IaaS products are hard to track, and that foreign resellers of IaaS services make life harder for stateside law enforcement agencies.

The Customer Information Program (CIP) the Commerce Department proposed therefore requires IaaS operators to identify users, and ensure their foreign resellers do the same – or at least make “all reasonable efforts” to do so.

While the document does not mention any specific entities the US hopes to curb, commerce secretary Gina Raimondo did not shy away from naming China – and no other nation – in an interview with Reuters last Friday. “We can’t have non-state actors or China or folks who we don’t want, accessing our cloud to train their models,” Raimondo argued ahead of the regulation’s release.

The secretary noted that the government places export controls on the very same chips that IaaS operators rent to their clients, and suggested “closing down that avenue for potential malicious activity.”

• Think tank warns North Korea uses AI for battle planning, maybe using cloudy resources
• Nvidia can’t sell its best chips to China, but India is more than happy to take them
• Banned US chipmaking equipment still ending up in China, says report
• Google settles with Singular Computing over claims of stolen AI chip tech

US export restrictions introduced in October prevent the sale of many technologies needed for advanced AI deployments, including datacenters, to China. Prior to that, Chinese web giants planned to purchase billions of dollars worth of Nvidia’s finest.

Speaking at an event last week on AI and innovation with Raimondo, former US secretary of state Condoleezza Rice referred to China as an adversary unlike any experienced by the US in the past when it comes to a race for fundamental and transformative technologies.

“When you listen to Xi Jinping talk about the fusion of civil technology and military technology so that China can take its rightful place in the world – which by the way, means displacing the United States to take that rightful place – one has to be concerned about the protection also of our intellectual property,” asserted Rice.

China may be the most pressing adversary for the United States, but as we reported last week, North Korea is thought to already be using rented AI infrastructure – potentially to bolster its military. ®