Two U.S. lawmakers have introduced a bipartisan bill to tighten export controls around artificial intelligence by regulating cloud computing services. The Cloud Security Act aims to close a critical loophole that could allow adversaries like China to circumvent existing restrictions on advanced AI hardware by renting computing power remotely from U.S.-based cloud providers.
Current export controls focus primarily on restricting the sale of cutting-edge AI chips, but these rules do not cover customers who access such technology by leasing processing capacity through cloud platforms rather than purchasing the physical chips outright. This loophole gives foreign adversaries a backdoor to access powerful AI tools without violating hardware export bans.
The bill would authorize cloud providers to voluntarily report suspicious activities or misuse of their services by users tied to countries restricted by export controls. Existing laws limit companies from sharing customer information with the government, creating legal hurdles for providers that detect potential threats. The proposed legislation seeks to remove these barriers by offering clearer legal protections for providers that flag suspicious cloud usage, while requiring better user identity verification processes.
One of the bill’s sponsors highlighted concerns about China’s aggressive efforts to acquire advanced computing resources both through purchases and cyber activities. China’s push to train AI models using cloud computing services could enhance military and surveillance capabilities, increasing national security risks.
The legislation specifically targets services offered by major American cloud providers where users rent access to powerful AI chips remotely. Lawmakers argue that guarding only the sale of physical AI chips without addressing cloud-based access creates a significant enforcement gap, undermining the effectiveness of U.S. export controls aimed at curbing technology transfer to adversaries.