U.S. Department of Commerce Issues Proposed Rule Impacting AI and U.S. IaaS Providers to Counter…>
Ankura Blog – Randall Cook, Morial Shah, Bojan Lazarevski, Alex Trafton, Tracy Gronewold
on Jan 29 2024, The Bureau of Industry and Security (BIS) proposed new rules to address risks from foreign actors using US cloud infrastructure to develop large AI models for cyberattacks.
It would require US IaaS providers and foreign resellers to implement customer identification programs (CIPs), including know-your-customer checks and reporting certain foreign customers to the government.
Providers must report transactions that could result in a “large AI model” being trained, which will be defined based on technical criteria like compute used during pre-training.
The rules aim to deny malicious foreign access to advanced computing enabling AI under recent executive orders on cybersecurity and AI.
Compliance will require CIP programs, monitoring foreign customer AI use, addressing any government prohibitions, and adjusting customer relationships.
Ankura can help clients navigate requirements through services like CIP development, FedRAMP compliance, incident response planning, and technical advisory on issues like HPC security.
The proposal communicates expectations around customer due diligence, will define regulated AI models, and establish baseline rules for the cloud/AI industry.
Link: https://angle.ankura.com/post/102j004/u-s-department-of-commerce-issues-proposed-rule-impacting-ai-and-u-s-iaas-provi