Agency Name: Bureau of Industry and Security at the Department of Commerce
Docket ID: BIS-2022-0025
Organization: The Center for Security and Emerging Technology (CSET)
Respondent type: Organization>Academic institution / Think tank
POC: Jacob Feldgoise, Data Research Analyst (jacob.feldgoise@georgetown.edu) and Hanna
Dohmen, Research Analyst (hanna.dohmen@georgetown.edu)
Summary and Recommendations
The Advanced Computing/Supercomputing (AC/S) IFR articulates two key objectives with
respect to regulating IaaS for the use of developing AI models. We address how BIS can
respond to these two objectives in two parts below.
Preventing Chinese Entities from Accessing Controlled Chips Outside of
China via IaaS Providers
We do not recommend implementing controls on U.S. companies providing IaaS to Chinese
entities for a few reasons.
1. The most concerning threat vector—Chinese IaaS provider’s data centers outside of
China—has already been addressed through the headquartered-based export controls
in the October 17, 2023 AC/S IFR.
2. The size of the problem (i.e., the number of Chinese entities seeking access to controlled
chips via U.S. IaaS providers) is likely minimal while the compute performance gap
between China and the rest of the world remains relatively small.
3. The costs of implementing a control (i.e., incentivizing foreign substitution, accelerating
China’s self-sufficiency, and loss of visibility into China’s AI developments) outweigh
the limited benefits.
Nonetheless, if BIS does decide to implement restrictions on Chinese entities accessing
controlled chips outside of China via IaaS providers using its current authorities, BIS would
need to rely on existing and new “U.S. persons” controls. BIS could implement either or both of
the following:
