Eying China, US proposes 'know your customer' cloud computing requirements

The Biden administration is proposing requiring U.S. cloud companies to determine whether foreign entities are accessing U.S. data centers to train AI models, U.S. Commerce Secretary Gina Raimondo said on Friday.

ADVERTISEMENT

Proposed Regulation to Prevent China's Use of US Cloud Computing

The Biden administration is taking steps to prevent China from using U.S. technology for artificial intelligence. U.S. Commerce Secretary Gina Raimondo has announced a proposed regulation that would require U.S. cloud companies to verify whether foreign entities are accessing U.S. data centers to train AI models. This measure aims to prevent non-state actors or China from using American cloud infrastructure for potentially malicious activities.

Raimondo emphasized the need to deny China the compute power and resources it requires to train its own AI models. She expressed concern that even if the United States restricts China's access to certain technologies, they could still use U.S. cloud services for their AI training. The proposed regulation, known as the 'know your customer' requirement, aims to address this issue.

The regulation, released for public inspection, is expected to be published on Monday. Raimondo called it a significant development in preventing China from accessing U.S. cloud infrastructure for AI training purposes.

Requirements of the Proposed Regulation

The 'know your customer' regulation for U.S. cloud computing companies would have several key requirements. First, it would mandate the verification of the identity of foreign users who sign up for or maintain accounts using U.S. cloud computing resources. This verification process would be part of a 'know-your-customer program or Customer Identification Program.' Second, minimum standards for identifying foreign users would be established. Finally, cloud computing firms would be required to certify compliance with these regulations on an annual basis.

Raimondo emphasized that U.S. cloud computing companies should have the responsibility of knowing their biggest customers and the models they are training. The information gathered through this regulation will be used as deemed necessary by the government to address potential risks and threats.

The proposed regulation is part of a broader effort by the Biden administration to enforce stricter controls on AI technology that poses risks to national security. President Joe Biden previously signed an executive order requiring developers of AI systems to share safety test results with the U.S. government. The Commerce Department plans to send requests for survey responses to companies, with a 30-day response period. Raimondo highlighted that non-compliance with these requirements will be seen as a red flag.

Concerns and Potential Impacts

The proposed regulation has raised concerns in the tech industry. Carl Szabo, the general counsel at NetChoice, a tech industry trade group, considers the Biden administration's executive order and the subsequent reporting requirements for AI as 'illegal.' He also expressed concerns that requiring U.S. cloud companies to report the use of their resources by non-U.S. entities for training large language models could discourage international collaboration in AI development.

Key cloud providers, such as Amazon.com's AWS, Alphabet's Google Cloud, and Microsoft's Azure unit, would be impacted if the proposed regulation becomes law. These providers would need to comply with the verification and reporting requirements for their foreign users accessing U.S. cloud infrastructure for AI training purposes.

The Biden administration's focus on preventing China's access to U.S. technology for AI training reflects the growing security concerns around the global growth of AI. The proposed regulation is aimed at ensuring that U.S. cloud infrastructure is not exploited for unauthorized AI training by foreign entities.