BIS Proposes Rulemaking on Infrastructure as a Service, Artificial Intelligence

January 31, 2024

The U.S. Department of Commerce’s Bureau of Industry and Security (BIS) this week issued a notice of proposed rulemaking soliciting comments on proposed regulations that would establish new requirements for U.S. Infrastructure as a Service providers (IaaS or cloud infrastructure providers) and their resellers.

Implementing Executive Order (E.O.) 13984 of January 19, 2021, “Taking Additional Steps to Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities,” and E.O. 14110 of October 30, 2023, “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence,” these proposed regulations seek to address the risk of foreign malicious actors using U.S. cloud services that could be used in cyber-enabled activity to harm U.S. critical infrastructure or national security, including to train large artificial intelligence (AI) models.

The deadline for comments on the proposed rules is April 29, 2024. A brief overview of the proposed regulations is provided below.

Customer Identification Program Regulations and Relevant Exemptions

Under the proposed rule, U.S. IaaS providers and their foreign resellers would be required to maintain Customer Identification Programs (CIPs), perform effective customer verification, and maintain identifying information about their foreign customers. U.S. IaaS providers would be required to implement their own CIPs, require CIPs of their foreign resellers, and provide CIP reports to the Department.

Certain of the key requirements under the proposed regulations regarding CIPs include the following:

  • Minimum data collection requirements, including the customer’s name, address, the means and source of payment for each customer’s Account, email addresses and telephone numbers, and internet protocol (IP) addresses used for access or administration of the Account.
  • CIPs should account for the collection of identifying information about the actual Account owner and all beneficial owners of the Account, which the proposed regulations define as individuals who either: (1) exercise substantial control over a customer, or (2) own or control at least 25 percent of the ownership interests of a customer.
  • U.S. IaaS providers and their foreign resellers would not be required to verify the identity of customers with Accounts opened by or on behalf of a U.S. person, unless a foreign beneficial owner is added to the Account or the Account or a portion of the Account is resold to a foreign person.
  • U.S. IaaS providers may craft their own procedures and methods to verify the identity of their prospective foreign customers and beneficial owners, provided that their CIPs include risk-based procedures that enable the provider to form a reasonable belief about the true identity of each customer and beneficial owner.
  • The CIP must establish how a provider will verify the identity of its customers when the customer is unable to produce requested documents, and must include steps a provider would take if it is unable to verify the identity of any customer, including refusing to open an Account and/or additional monitoring pending attempts at verification.
  • CIPs must include procedures to maintain, protect, and obtain access to records of relevant customer information accessed in the process of verifying customer identities, which must be retained for a period of two years after the date upon which an Account was last accessed or closed.
  • U.S. IaaS providers must only initiate or continue a reseller relationship with foreign resellers of U.S. IaaS products that maintain and implement a CIP that meets the requirements for CIPs of U.S. IaaS providers.
  • Upon receipt of evidence that indicates the failure of a foreign reseller to maintain or implement a CIP or that indicates malicious cyber-enabled activity, U.S. IaaS providers must report malicious cyber-enabled activity and close accounts associated with the activity and must terminate the reseller relationship within 30 calendar days.
  • U.S. IaaS providers must submit to the Department certain information about their CIPs and their foreign resellers’ CIPs, update their CIPs annually, and certify to the Department that such annual updates have occurred.
Special Measures Regulations

The Department proposes regulations to take certain special measures should the Secretary determine that reasonable grounds exist for concluding that a jurisdiction or person outside of the U.S. “has any significant number of foreign persons offering U.S. IaaS products that are used for malicious cyber-enabled activities or any significant number of foreign persons directly obtaining U.S. IaaS products for use in malicious cyber-enabled activities.”  Should the Secretary determine that the evidence warrants the imposition of a special measure, the Secretary would issue a determination in the Federal Register to take effect 30 days after publication that would set out the reasonable grounds for this determination and would indicate the special measure the Secretary would intend to use. The types of special measures that may be imposed include prohibitions or other conditions on the opening or maintaining of an IaaS product Account, including a Reseller Account, by specific foreign persons or on any foreign person located in a particular jurisdiction.

AI Training Reporting Requirements

The Department proposes regulations that would require U.S. IaaS providers to report instances of training runs by foreign persons for large AI models with potential capabilities that could be used in malicious cyber-enabled activity.

The proposed regulations define such “large AI models” as any AI model with the technical conditions of a dual-use foundation model, or that otherwise has technical parameters of concern, that has capabilities that could be used to aid or automate aspects of malicious cyber-enabled activity, including but not limited to social engineering attacks, vulnerability discovery, denial-of-service attacks, data poisoning, target selection and prioritization, disinformation or misinformation generation and/or propagation, and remote command-and-control, as necessary and appropriate of cyber operations. Based on this definition, the Secretary will issue binding interpretive rules in the Federal Register that determine the set of technical conditions that a large AI model must possess to have the potential capabilities that could be used in malicious cyber-enabled activity. The Secretary will update the technical conditions based on technological advancements, as necessary and appropriate.

Compliance and Enforcement

The Department proposes that any person who commits a violation of this proposed rule concerning IaaS-related provisions, if finalized, may be liable to the United States for civil or criminal penalties depending on the nature of the offense. Examples of violations include:

  • Failing to create a CIP.
  • Failing to file a CIP certification with the Department.
  • Failing to seek reauthorization for such CIPs on an annual basis.
  • Failing to inform the Department about a covered IaaS transaction that might result in a customer obtaining or using a large AI model with potential capabilities that could be used in malicious cyber-enabled activity when an IaaS provider knows or should know of such transaction.

*          *          *

Contact us if you have questions about these new proposed regulations, their potential impact on your business, or if you seek assistance in filing comments with the Department of Commerce.