Proposed KYC Rules Could Burden Cloud Providers, Erode Customer Trust, BIS Hears
Some technology companies and industry groups were supportive of an ongoing effort by the Bureau of Industry’s Security to stop advanced artificial intelligence models from being used by dangerous end-users, but many also said the agency’s proposed know-your-customer regulations for U.S. cloud service providers should be tweaked or rewritten. Others said the new KYC rules could place too heavy a burden on cloud service providers and could undermine trust in American providers.
BIS received nearly 500 comments on its January proposal, which could require U.S. cloud service providers to verify and report certain foreign customer information to the Commerce Department and take other steps to prevent their cloud services from being used to aid cyberattacks and to train AI models that threaten U.S. national security (see 2401290015). The rule comes as BIS officials search for potential avenues to restrict China from using cloud computing services to access export-controlled technology (see 2401260051 and 2312080048).
The Information Technology Industry Council said its members “take seriously their responsibility to protect against malicious actors’ use” of their services, but the group said the BIS rule isn’t framed correctly. ITIC said it has “significant ongoing concerns” with parts of the rule, saying the proposed customer identification and verification requirements “will put unnecessary burden on all” cloud service providers, many of which already have systems in place to detect and deter “malicious activity.”
“The proposed requirements are unlikely to deter malicious actors but will instead undermine customer trust and jeopardize the legitimate business interests of” American "infrastructure as a service" (IaaS) providers, the council said.
Amazon Web Services made similar points, saying the rules would push foreign customers to turn to non-U.S. foreign cloud infrastructure providers, especially if the proposed BIS requirements aren’t imposed alongside U.S. allies. “Already, many foreign customers and governments are concerned that the [U.S. government] may be able to access workloads they run on U.S. Providers’ services,” AWS said. This proposed rule could “heighten customer fears about the privacy and reliability of U.S. Providers and erode customer trust.”
Microsoft said it believes “targeted” KYC requirements for AI infrastructure providers “can play an important role in ensuring the benefits of highly capable AI models are realized in a safe, secure, and trustworthy manner,” but the tech company also said it’s concerned these new rules could drive away foreign customers. Microsoft said the rule could lead to an “increased perception” by those customers that they can’t rely on American IaaS products, because the Commerce Department “could use its special measures authority to prohibit use of the products in a region at any time.”
Those special measures, outlined in the proposed rule, would allow Commerce to place restrictions on the “opening or maintaining of an account” with any U.S. cloud service provider, including for certain foreign people located in a foreign country that has a “significant number of foreign persons” using cloud service providers for malicious cyber activities.
“This uncertainty harms the economic competitiveness of US IaaS products,” Microsoft said.
The Technology Trade Regulation Alliance also criticized parts of the rule, saying the proposed Customer Identification Program (CIP) requirements for cloud providers won’t be a “sufficient or an effective means to deter, prevent or otherwise identify malicious foreign cyber criminals." Many cyber criminals and other “malicious” customers are “quite savvy” at masking their intended end-use, the TTRA said. The ITIC also said “threat actors” can “easily circumvent any identity verification processes,” including by providing fake or stolen information.
TTRA said the “most efficient and effective way to deter these actors” is to require U.S. cloud service providers to have “robust cybersecurity policies and controls that are routinely vetted and updated.” Service providers that have those controls should be exempt from establishing a CIP program, the alliance said, “particularly where companies are already, in the ordinary course of business, screening parties and locations of their transactions.”
The group also said the rule’s estimated “person-hours and costs” for companies that may need to learn about and implement the proposed rule “are significantly low.” BIS said “operations managers,” on the low-end, would need to dedicate two hours to learning about the requirements.
“Our membership consists of experienced export compliance professionals and operations managers who have spent far more than 2 hours reading and trying to understand the implications of this rule,” TTRA said. The group also said the “person-hours and hourly wage estimates for lawyers, consultants, and due diligence service providers to consult with companies and foreign resellers are not indicative of current business realities.”
Onni Aarne, a consultant with the Institute for AI Policy and Strategy, said the rule can be “improved to better meet U.S. policy goals,” including by tweaking various definitions. Aarne specifically said BIS should expand its definition of “IaaS products” to include any services that would “allow access to an AI capable cluster, even if the service does not otherwise meet the proposed definition of an IaaS product.” BIS should also consider applying a “separate customer identification and oversight program requirement” for customers that want to access these AI capable clusters.
This should require IaaS providers to report “how much AI capable cluster capacity the provider has provided to different jurisdictions,” Aarne wrote. “This would improve visibility into concerning patterns and possible enforcement issues.”