US Proposes “Know Your Customer” Cloud Computing Requirements

Reuters reported the Biden administration is proposing requiring U.S. cloud companies to determine whether foreign entities are accessing U.S. data centers to train AI models U.S. Commerce Secretary Gina Raimondo said on Friday.

“We can’t have non-state actors or China or folks who we don’t want accessing our cloud to train their models,” Raimondo said in an interview, with Reuters. “We use export controls on chips,” she noted. “Those chips are in American cloud data centers so we also have think about closing down that avenue for potential malicious activity.”

The Biden administration is taking a series of measures to prevent China from using for artificial intelligence, as the burgeoning sector raises security concerns.

The proposed “know your customer” regulation was released Friday for public inspection and will be published Monday. “It is a big deal,” Raimondo said.

The proposal would require U.S. cloud computing companies to verify the identity of foreign persons who sign up for or maintain account that utilize the U.S. cloud computing through a “know-your-customer” program or Customer Identification Program.” It would also set minimum standards for identifying foreign users and would require cloud computing firms to certify compliance annually.

PCMag reported.Now, when OpenAI and other tech companies start new AI projects they’ll need to inform the US Government of their plans.

According to PCMag, The Biden administration has plans to use the Defense Production Act to require tech companies to let the government know when they train an AI model using a significant amount of computing power, Wired reported. The companies will also be required to provide information about the safety testing being done on the models they create.

The ruling making the requirement could happen as soon as next week.

Wired noted that the requirement will give the US Government unprecedented insight into sensitive projects going on inside Open AI, Google, Amazon, and other tech companies. The US government, for instance, will be the first to know when OpenAI begins work on GPT-5.

In addition to notifying the government of their projects, companies will also be required to share when a foreign company uses their technology to train a large language model.

Mashable reported that OpenAI, Google, and other AI companies will soon have to inform the government about developing foundational models, thanks to the Defense Production Act. According to Wired, US Secretary of Commerce Gina Raimondo shared new details about this impending requirement at an event held by Stanford University’s Hoover Institute last Friday.

“We’re using the Defense Production Act… to do a survey requiring companies to share with us every time they train a new large language model, and share with us the results – the safety data – so we can review it,” said Raimondo.

According to Mashable, the new rules are part of President Biden’s sweeping AI executive order announced last October. Amongst the broad set of mandates, the order requires companies developing any foundation model “that poses a serious risk to national security, national economic security, or national public health and safety,” to notify the federal government and share the results of its testing.

Foundational models are models like OpenAI’s GPT-4 and Google’s Gemini that power generative AI chatbots. However, GPT-4 is likely below the threshold of computing power that requires government oversight.

Overall, I think it’s a good idea for the U.S. government to institute some control over who can access AI systems. Doing so might put an end to “deep fakes” that spread misinformation about what a celebrity didn’t do or what a President didn’t say.