Commerce Department Proposes "Know Your Customer" Requirements

On January 29, 2024, the Department of Commerce issued a proposed rule requiring U.S. cloud companies to determine whether foreign entities are accessing U.S. data centers to train AI models. Although tied to the AI EO, the proposed rule also implements the provisions of the 2021 executive order on “Taking Additional Steps To Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities.” The Proposed Rule broadly applies to “Infrastructure as a Services (“IaaS”) products” and “U.S. IaaS Providers.” The Proposed Rule would require U.S. IaaS Providers, including cloud computing companies, to verify the identity of foreign persons who sign up for or maintain accounts for “IaaS Products“ through a “Customer Identification Program“ (CIP). The proposed rule would also set minimum standards for identifying foreign users and require IaaS providers and resellers to certify compliance annually. Comments are open until April 29, 2024. Akin’s full analysis of the proposed rule is available here.

• Artificial Intelligence & Machine Learning
• Technology

• https://www.federalregister.gov/
• https://www.federalregister.gov/
• https://www.federalregister.gov/
• https://www.federalregister.gov/
• https://www.akingump.com/