Addressing Gaps in U.S. Export Controls
Following the Biden administration’s October 2022 announcement of controls on exports of advanced semiconductor and associated manufacturing technology, several cases of Chinese artificial intelligence (AI) companies circumventing the rules by leveraging intermediaries to retain access to controlled technologies have come to light. This is not unusual. New regulations generally have both unexpected loopholes and collateral damage, and the government does its best to correct them as they are discovered. However, these cases nonetheless pose critical questions for the long-term efficacy of U.S. export control policy toward China.
Q1: What are the relevant rules on advanced technologies?
A1: On October 7, 2022, the Biden administration issued controls on the export of advanced U.S. AI and semiconductor technology to China. These were meant to prevent U.S. AI companies like Nvidia from exporting its semiconductor technology, including A100 chips, to China. The United States’ goal was to limit China’s ability to produce certain advanced chips. To do so, the controls targeted the production chokepoints of the Chinese AI industry, including chip designs, electronic design automation software, and related equipment.
Further, as part of these regulations, the Bureau of Investment and Security (BIS) extended license requirements on items with end uses for supercomputer and semiconductor manufacturing to 28 entities located in China, including iFlytek. All these entities had previously been added to the Entity List from 2015 to 2021 for their potential involvement with risks to U.S. national security.
Q2: How are Chinese AI companies circumventing these controls?
A2: iFlytek is a partially state-owned Chinese voice recognition company that was blacklisted by the United States in 2019 for its role in enabling the surveillance of Uyghur Muslims in Xinjiang. More recently, it has come under scrutiny as a case study of how Chinese AI companies have diluted the impact of the October 7 controls by leveraging intermediaries. According to the Financial Times, though iFlytek is banned from purchasing Nvidia’s A100 chips under the October 7 controls, it can still use cloud service providers (CSPs) and rent access to the chips through third parties. By renting these chips on a long-term basis, Chinese companies can effectively utilize them to train their datasets and develop advanced technologies.
Though iFlytek has recently received increased attention, it is not the only Chinese company that has circumvented the October 7 controls. Another Chinese company included in the 2019 Uyghur blacklist, facial recognition group SenseTime, has been accused of using intermediaries to purchase banned AI components from the United States. Because the October 7 controls are relatively new, the discovery of these cases raises questions regarding the potential impact of undiscovered cases.
Q3: What are the implications of these cases?
A3: These cases demonstrate the limitations of the October 7 controls in regulating semiconductors and raise the question of whether cloud computing services should be included in the rule. Currently, there is no license required for renting cloud services, and actively addressing this would entail either banning the activity entirely or defining which end uses and end users should be licensable. And while export control regulations inevitably contain loopholes, this one is particularly difficult to address given the indefinite manner in which BIS has approached cloud computing in the past. At this point, they are confronted with cases which directly challenge their decision to avoid classifying cloud computing as a good or a service.
Q4: How should the U.S. government respond to this development?
A4: The U.S. government does not currently ban access to chips through cloud service providers, but it has several options for addressing the problem. One, of course, is to do nothing, at least in the short term, and wait to see if this becomes a larger problem. This course is substantiated by the argument that it was likely the case that advanced chip technology already was present in China prior to the October controls. However, to directly address the loopholes of the October 7 controls, it is worth considering proactively implementing controls on CSPs.
The second option, therefore, would be to require cloud service providers to obtain an export license for their services to (1) all end users, (2) all Chinese end users, or (3) selected Chinese end users. CSPs tend to prefer this option for its relatively straightforward implementation. However, this approach would likely take the form of an extension of the preexisting entity lists, which would inherently become a game of catch up as companies continually change their name in order to avoid the consequences of being listed.
A third option would only ban Chinese access to cloud services within U.S. jurisdiction if the services being provided used semiconductors subject to the October 7 rules. Finally, a fourth option would establish a license requirement based on the proposed end use of the data being stored and processed. For example, use of rented cloud services by a company providing facial recognition services might require a license whereas other end uses would not. Though this option seems the narrowest, it is arguably the most difficult to operationalize, as it depends on the judgement of CSPs and the honesty of the end users in revealing their intentions.
At this point, it appears an end user approach is the most practical option to address the cloud services issue because it would use existing export control mechanisms. It is likely, however, that other gaps in the October 7 controls will be discovered and the United States will have to consider further revisions.
William Reinsch holds the Scholl Chair in International Business at the Center for Strategic and International Studies (CSIS) in Washington, D.C. Margot Putnam is an intern with the Scholl Chair in International Business at CSIS.