US proposes new ‘know-your-customer’ restrictions on cloud providers

US Secretary of Commerce Gina Raimondo answering questions at a news conference, stood at a podium. Behind her, the US flag hangs from a pole and a backdrop carries the repeated emblem of the US Department of Commerce.
(Image credit: Getty Images)

The Biden administration has proposed new know-your-customer requirements on US cloud companies for clients looking to use American infrastructure to train their AI models.

The proposed controls will include obligations on cloud computing businesses to determine whether foreign entities are accessing US data centers to train AI models.

In an interview with Reuters, US secretary of commerce Gina Raimondo named Chinese competition as a particular focus for the regulation, referencing the US’ continued efforts to stop the export of Nvidia’s AI chips to the region.

“We can't have non-state actors or China or folks who we don’t want accessing our cloud to train their models … those chips are in American cloud data centers so we also have to think about closing down that avenue for potential malicious activity”, Raimondo explained.

In addition to restricting China’s access to the chips that underpin the computing power required for training AI models, the US also needs to ensure its own infrastructure is not being used to train Chinese AI models. 

“[The US is] trying as hard as we can to deny China the compute power that they want to train their own [AI] models, but what good is that if they go around that to use our cloud to train their models?”


On-premises, in cloud or hybrid — the risk of status quo whitepaper

(Image credit: AMD)

Build a data center that meets fluctuations in demand for computing resources 


China indicated its appetite to build and deploy AI models within the country through an announcement from the state regulators approving over 40 new AI models for public use.

Under the new proposal US cloud computing companies such as AWS, Google, and Microsoft will be required to verify the identity of foreign customers who have accounts that utilize cloud services in the US. It was released on Friday 26 January for public inspection and scheduled to be published on Monday 29 January.

“Parochial” approach to cloud platforms could hurt competitiveness

Jeff Watkins, chief product and technical officer at digital transformation consultancy XDesign told ITPro the proposal could have unintended effects such as the proliferation of US-based ‘umbrella companies’ used by China to circumvent the restrictions and access cloud computing services in the region.

“This move might inadvertently encourage the emergence of umbrella companies in the US, allowing countries like China to bypass these new regulations through virtual private networks (VPNs) or similar methods.”

Watkins also voiced concerns that this could drive customers away from US cloud computing services, which would hurt the domestic business and drive revenues for foreign competitors.

“I think it’s a very parochial kind of approach to using the US's cloud platforms, and it could just end up with people moving to non-US data centers - so it may be good news for alternative infrastructure providers,” Watkins explained.

“Additionally, this policy may reduce the global competitiveness of the US cloud services, particularly if such stringent measures aren't adopted globally. Providers are likely to face increased costs due to the need for enhanced monitoring and reporting systems, which will almost certainly translate to higher expenses for end-users.”

Solomon Klappholz
Staff Writer

Solomon Klappholz is a Staff Writer at ITPro. He has experience writing about the technologies that facilitate industrial manufacturing which led to him developing a particular interest in IT regulation, industrial infrastructure applications, and machine learning.