United States of America: Closed consultation on rule to implement the AI Executive Order including cybersecurity requirements for IaaS providers

On 29 April 2024, the Secretary of Commerce closed its consultation on the proposed rule to advance US National Security interests and implement the AI Executive Order and National Cybersecurity Strategy. The rule aims to prevent foreign malicious cyber actors from using national cloud infrastructure to undermine US security interests. The rule enhances cybersecurity by establishing new requirements for IaaS providers, such as procedures for the Secretary to grant exemptions to foreign entities using the Infrastructure, and authorisation procedures for special measures to deter foreign malicious cyber actors' use of U.S. IaaS products. The order additionally instructs the Secretary to suggest regulations mandating that providers of specific IaaS products must submit a report to the Secretary whenever a foreign individual engages with the provider or reseller to train a substantial Artificial Intelligence (AI) model with the potential for use in malicious cyber-enabled activities.