US Proposes Regulation on Foreign Use of AI Cloud Services

The move aims to prevent foreign actors, particularly from China, from using US cloud services for potentially malicious AI development.

The US Department of Commerce has proposed a regulation requiring US-based infrastructure-as-a-service (IaaS) operators to report when foreign actors use their services to train large AI models that could be used in malicious cyber activities.
Under the proposed regulation, IaaS operators would need to strengthen their know-your-customer (KYC) procedures and retain data on customers undertaking such activity for two years.
The regulation is aimed at preventing foreign actors, particularly from China, from accessing US cloud services to train their AI models.
Cloud service providers such as Amazon, Google, and Microsoft would be required to disclose the names and IP addresses of their foreign customers and report any suspicious activity.
The proposed regulation is open for comments until April 29, and exceptions may be granted for foreign subsidiaries of US cloud providers.