ARTICLE
20 September 2024

BIS Proposes New Reporting Requirements For Advanced AI Models And Computing Clusters

SJ
Steptoe LLP

Contributor

In more than 100 years of practice, Steptoe has earned an international reputation for vigorous representation of clients before governmental agencies, successful advocacy in litigation and arbitration, and creative and practical advice in structuring business transactions. Steptoe has more than 500 lawyers and professional staff across the US, Europe and Asia.
On September 11, 2024, the U.S. Department of Commerce's Bureau of Industry and Security (BIS) published a Notice of Proposed Rulemaking (NPRM)...
United States Technology

Overview

On September 11, 2024, the U.S. Department of Commerce's Bureau of Industry and Security (BIS) published a Notice of Proposed Rulemaking (NPRM) that would impose new reporting requirements on entities developing advanced artificial intelligence (AI) models and acquiring or possessing large-scale computing clusters. The NPRM, issued principally pursuant to Executive Order 14110 on "Safe, Secure, and Trustworthy Artificial Intelligence" and the Defense Production Act (DPA), aims to protect U.S. national security by collecting data on dual-use foundation AI models and computing resources that may have national security implications. The proposed rule would require "covered U.S. persons" to provide quarterly reports to BIS, and respond to questions from BIS, regarding "applicable activities" related to AI models and computing clusters meeting specific technical thresholds. BIS is seeking public comments on the rule, which are due by October 11, 2024.

The NPRM will amend BIS's existing regulations pertaining to Industrial Base Surveys–Data Collections (15 C.F.R. Part 702). Under these regulations, BIS regularly conducts surveys of key industries, such as the recent survey of the semiconductor industry, to collect crucial information to benchmark industry performance and raise awareness of diminishing manufacturing capabilities in the United States. In this instance, BIS is imposing reporting requirements under 15 C.F.R. Part 702 because it assesses that "AI models are quickly becoming integral to numerous U.S. industries that are essential to the national defense." BIS further contends that these advances require BIS to have ongoing assessments of the AI industry to ensure the U.S. government has the most accurate, up-to-date information on the industry's activities and the development of dual-use foundation AI models. This information will allow the U.S. government to evaluate the international competitiveness of the industrial base and "determine whether action is necessary to stimulate development of dual-use foundation models or to support the development of specific types of models."

Who Will Be Affected?

The proposed rule would apply to "covered U.S. persons" engaged or planning to engage in (within the next six months) certain activities involving dual-use foundation AI models or large-scale computing clusters that exceed specific technical thresholds. The term "covered U.S. persons" includes U.S. citizens, lawful permanent residents, companies organized under U.S. law, and entities located within the United States. It also applies to foreign branches of U.S. companies. Interestingly, the proposed rule makes no mention of subsidiaries of U.S. entities, suggesting that such entities are not considered "covered U.S. persons" under the proposed rules.

With respect to dual-use foundation models, the requirements would apply to a covered U.S. person that conducts "any AI model training run using more than 1026 computational operations." With respect to large-scale computing clusters, the requirements would apply to a covered U.S. person that is "[a]cquiring, developing, or coming into possession of a computing cluster that has a set of machines transitively connected by data center networking of greater than 300 Gbit/s and having a theoretical maximum greater than 1020 computational operations ... per second (OP/s) for AI training, without sparsity." BIS notes that it expects to update the technical parameters over time, as necessary and appropriate, based on technological advancements.

Reporting Requirements and Follow-Up Requests

Under the proposed rule, covered U.S. persons engaging or planning to engage in the above activities would need to file quarterly notifications with BIS. A covered U.S. person must notify BIS of all "applicable activities" that took place during the reporting quarter and "applicable activities" that the entity plans to undertake within the six months following the notification date. After the first report is made, a covered U.S. person must continue to file reports on a quarterly basis sharing additions, updates, or changes to the information in its last report.

The proposed rule suggests that the notification itself can be fairly general and does not need to follow a standard format or respond to a standard set of questions. Instead, after receiving a company's initial quarterly notification regarding its "applicable activities," BIS will issue follow-up requests for additional information. These requests are intended to gather more detailed data on specific activities and risks associated with the development, possession, or use of advanced AI models and computing clusters. Entities receiving such requests are required to respond within 30 calendar days.

The additional questions may include topics such as:

  • Ongoing or Planned AI Development Activities: Any ongoing or planned activities related to training, developing, or producing dual-use foundation models, including the physical and cybersecurity protections taken to assure the integrity of that training process against sophisticated threats;
  • Ownership and Protection of Model Weights: The ownership and possession of the model weights of any dual-use foundation models, and the physical and cybersecurity measures taken to protect those model weights;
  • Results of Red-Team Testing: The results of any developed dual-use foundation model's performance in relevant AI red-team testing, including a description of any associated measures the company has taken to meet safety objectives, such as mitigations to improve performance on these red-team tests and strengthen overall model security; and
  • Safety and Reliability of AI Models: Other information pertaining to the safety and reliability of dual-use foundation models, or activities or risks that present concerns to U.S. national security.

BIS will evaluate these responses to assess potential national security threats. BIS would be authorized to follow up with additional clarifying questions after receipt of the entity's initial responses. Responses to BIS's clarifying questions must be provided within seven calendar days.

Notably, the proposed rule would not empower BIS to require a covered U.S. person to undertake specific measures with respect to the above topics. It would solely empower BIS to collect data regarding those topics. Nonetheless, as a practical matter, covered U.S. persons receiving inquiries from BIS may elect to assess their existing procedures and operations to address any perceived concerns stemming from BIS's questions, as future policy decisions could be impacted by the U.S. government's analysis of the data.

Exemptions and Affirmations

If a covered U.S. person that previously submitted a notification does not engage in any of the defined "applicable activities" during a given quarter, they may submit an "affirmation of no applicable activities." If such an affirmation is submitted for seven consecutive quarters, the entity would be exempt from filing further affirmations unless they resume "applicable activities" in the future.

Next Steps for Affected Entities

BIS has requested comments on the proposed rule, particularly regarding the appropriateness of the technical thresholds for reporting. BIS is also interested in feedback on the quarterly notification schedule, including the frequency of the proposed notification schedule and alternatives for achieving timely reporting of the required information. Public comments on the proposed rule are due by October 11, 2024.

For entities that may be subject to reporting requirements under a final rule, it may be prudent to begin assessing whether a notification is likely to be required and, if so, the implications of gathering and providing the relevant information to be included in the notification and responding to any follow-up questions from BIS. It may also be prudent for such entities to review their current practices with respect to physical security, cybersecurity, red teaming, and other safety and reliability testing to determine whether any enhancements may be warranted in conjunction with the issuance of the final rule.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More