The Department of Commerce’s Bureau of Industry and Security’s (“BIS”) newly proposed rule on advanced artificial intelligence (“AI”) models and computing clusters will require developers and owners of powerful AI models and computing clusters to provide detailed reporting to the federal government. This includes reporting about developmental activities, cybersecurity measures, and outcomes from red-teaming efforts involving those models and clusters. A copy of the proposed rule published by BIS can be found by clicking here.
The proposed rule was issued pursuant to Executive Order 14110 – Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” – issued in October 2023. Executive Order 14110 required the Commerce Department to collect information on the development, use and ownership of dual-use foundation models or large-scale computing clusters in accordance with the Defense Production Act. This proposed rule follows-up on a pilot survey of AI development and use conducted by BIS in January of this year.
Under the proposed rule, “covered U.S. persons” will be required to submit an email notification to BIS quarterly if they engage in, or plan, within six months, to engage in “applicable activities” involving certain AI systems.
“Covered U.S. persons” will include any individual U.S. citizen, lawful permanent resident of the U.S, entity – including organizations, companies, and corporations – organized under the laws of the U.S. (including foreign branches), or any individual located in the U.S.
“Applicable activities” that will trigger the reporting are defined as:
(i) Conducting any AI model training run using more than 10^26 computational operations (e.g., integer or floating-point operations); or
(ii) Acquiring, developing, or coming into possession of a computing cluster that has a set of machines transitively connected by data center networking of greater than 300 Gbit/s and having a theoretical maximum greater than 10^20 computational operations (e.g., integer or floating-point operations) per second (OP/s) for AI training, without sparsity.
After a notification has been filed, the covered U.S. person will need to continue to file quarterly notifications of new or updated applicable activity, or for the next seven consecutive quarters, report that they will not be engaging in any new applicable activities.
Once the quarterly notification has been received, BIS will send follow-up questions to the notifying person which will address, but may not be limited to, the following topics:
(i) Any ongoing or planned activities related to training, developing, or producing dual-use foundation models, including the physical and cybersecurity protections taken to assure the integrity of that training process against threats;
(ii) The ownership and possession of the model weights of any dual-use foundation models, and the physical and cybersecurity measures taken to protect those model weights;
(iii) The results of any developed dual-use foundation model's performance in relevant AI red-team testing, including a description of any associated measures the company has taken to meet safety objectives, such as mitigations to improve performance on these red-team tests and strengthen overall model security; and
(iv) Other information pertaining to the safety and reliability of dual-use foundation models, or activities or risks that present concerns to U.S. national security.
The notifying person will need to respond to all questions within 30 days of receiving the request from BIS.
BIS has requested comments from interested parties on the proposed rule, particularly on the quarterly notification schedule; the collection and storage of respondents’ data; and the technical parameters that would trigger reporting. Comments on the proposed rule will be accepted through October 11, 2024. BIS will consider the submitted comments when issuing its final rule on reporting of advanced AI models and computing clusters.