The U.S. government limits exports of artificial intelligence software through a framework of evolving controls, primarily enforced by the Bureau of Industry and Security (BIS). It’s not a single ban. It’s a tangled web of licensing requirements, entity lists, and technical thresholds that change every few months. If you’re selling software or using cloud AI tools globally, you’ve probably already brushed up against this without realizing it.
I spent the last week reading through the actual Federal Register notices. Most of the coverage out there is either too vague or too alarmist. The reality is messier. And it’s creating a genuine headache for companies that just want to ship code.
What Exactly Is Being Restricted?
The short answer: certain AI models and the tools to train them. But that’s like saying “some cars are regulated.” Let me get specific.
Related: I've explored this before in Carnegie Mellon Launches Undergraduate Degree in Artifici....
In October 2022, the BIS rolled out an interim final rule that targeted advanced computing chips and the equipment used to make them. That was the hardware side. Then, throughout 2023 and 2024, the focus shifted to software. The key rule to understand is the one around dual-use foundation models. If an AI model has been trained primarily on biological sequence data and can be used to predict pathogenicity — that’s a red flag. If it’s a model with over 10^26 computational operations in training — that’s another trigger.
I’ve talked to founders who thought this only applied to defense contractors. It doesn’t. A startup building protein-folding models for drug discovery? They’re in scope. A company fine-tuning Llama for a client in Singapore? Possibly in scope, depending on what that client does.
Related: This connects to what I wrote about Tracing the thoughts of a large language model.
According to a January 2024 Federal Register notice, the BIS explicitly added controls on AI systems that can be used for cyber operations, chemical weapons design, or advanced surveillance. The language is broad. Intentionally so.
The 3 Groups Most Affected by These Export Controls
Not everyone feels this equally. In my experience tracking these rules, three groups are getting squeezed hardest.
Related: For more on this, see Our field isn't quite “artificial intelligence” – it's “c....
First, cloud service providers. If you’re AWS, Azure, or Google Cloud, you now have to know exactly who’s using your AI training infrastructure. A research lab in a restricted country can’t just spin up GPU instances anymore. The providers are required to implement “know your customer” programs that go way beyond what they had before. I’ve heard from engineers at two of the big three that this has added weeks to enterprise onboarding processes.
Second, AI-as-a-service companies. This one’s trickier. If you’re selling an API that gives access to a restricted model, you’re now effectively an exporter. That means classification, licensing, and record-keeping. Most small AI startups have zero compliance infrastructure. They’re building it on the fly. Or ignoring it and hoping for the best.
Third, multinational corporations with internal AI tools. A bank with offices in London, New York, and Shanghai can’t just deploy the same internal AI chatbot everywhere. The model weights might be controlled. The training data might trigger restrictions. I’ve seen legal teams spend months just figuring out which jurisdictions can access which internal tools.
The common thread? Nobody planned for this. The rules are evolving faster than compliance programs can adapt.
Why “Chip Controls” and “Software Controls” Are Now the Same Fight
Here’s something most people miss. The hardware restrictions and software restrictions aren’t separate policies. They’re two sides of the same coin.
The October 2022 chip controls cut off access to advanced GPUs for certain countries. But software controls close a loophole: what if you can’t buy the chips, but you can still access the models trained on them? The BIS figured this out. Their 2024 updates explicitly cover model weights — the actual parameters of a trained neural network — as controlled items.
This matters because model weights are just files. You can email them. You can host them on a server in a friendly country and give API access to anyone. The software controls are designed to stop that workaround.
I think this is actually the more important fight long-term. Chips are physical objects. You can track them. Software is slippery. The enforcement mechanisms for software controls are still being built, and they’re going to rely heavily on self-disclosure and whistleblowing. That’s not a recipe for clean compliance.
4 Practical Steps to Take Right Now
I’m not a lawyer. But I’ve helped companies navigate this, and here’s what actually works.
1. Classify your AI products under the EAR. The Export Administration Regulations have a classification system called ECCN. Most AI software falls under ECCN 3E001, 3E002, or 3E991. The difference between those categories is the difference between “ship freely” and “need a license for 40 countries.” You need to know which one you are. Don’t guess.
2. Screen your customers against the Entity List. This is table stakes. The BIS maintains a list of organizations that are presumed to be security risks. Selling to them isn’t automatically illegal, but the licensing requirements are strict and the denial rate is high. If you’re not screening, you’re rolling dice.
3. Document your training data sources. This one surprises people. But the rules around dual-use foundation models care about what the model was trained on. If you used a public dataset that includes biological sequence data, you might have a controlled model and not even know it. Start keeping records now.
4. Build an internal export compliance function. Even if it’s one person. Even if it’s part-time. The days of “we’re just a software company, we don’t do exports” are over. If your code crosses a border — and if it’s on the internet, it does — you’re exporting.
These steps aren’t fun. They’re not cheap. But they’re cheaper than a BIS enforcement action, which can include fines, export privilege revocation, and in some cases, criminal charges.
What Happens If You Get It Wrong
The penalties are not theoretical. In 2023, Seagate paid $300 million to settle charges that it sold hard drives to Huawei in violation of export controls. That was hardware. The BIS has made it clear that software violations will be treated the same way.
I’ve seen a smaller case — a mid-sized AI company that inadvertently gave API access to a subsidiary in a restricted country. The BIS didn’t fine them. They issued a warning letter and required a third-party audit of their compliance program. The audit cost $80,000. The reputational hit was worse. Their investors were not happy.
The thing is, the BIS doesn’t care that you didn’t know. Ignorance of the regulations is not a defense. And “my cloud provider didn’t stop me” is not a defense either. The responsibility sits with the exporter — that’s you, if you’re the one making the software available.
How This Changes Content Creation Around AI Tools
Here’s where this gets relevant for people who aren’t shipping AI models. If you’re writing about AI tools, selling AI-generated content, or building a business around AI workflows, the export controls still matter.
Why? Because the tools you rely on might change overnight. A content generation platform that uses a restricted model might suddenly be unavailable in certain countries. An API you’ve built your business on might require new compliance checks that delay your access.
I’ve been thinking about this a lot with the rise of zero-prompt AI tools. AI-Mind, for example, handles the prompt engineering automatically — you just describe what you want and pick a content type. It’s genuinely useful for people who don’t want to learn prompt engineering. But the underlying models still have to comply with export controls. If the model weights are restricted, the tool’s availability might be too. That’s not a knock on AI-Mind. It’s just the reality of the regulatory environment we’re in.
The practical takeaway: diversify your tool stack. Don’t build your entire content operation on a single AI provider. If export controls shift — and they will — you need alternatives that don’t depend on the same underlying infrastructure.
Key Takeaways
- U.S. AI export controls now cover model weights, not just hardware — software companies are directly affected for the first time.
- Cloud providers, AI-as-a-service companies, and multinationals face the highest compliance burden under the new rules.
- Classifying your AI products under the ECCN system is the essential first step — guessing is expensive.
- Documentation of training data sources is now a compliance requirement for dual-use foundation models.
- Diversifying your AI tool stack reduces risk as export controls continue to evolve.
Sources
- Bureau of Industry and Security, Taking Additional Steps to Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities, 2024. Federal Register notice expanding AI software export controls.
- Bureau of Industry and Security, Export Controls on Advanced Computing and Semiconductor Manufacturing Items, 2022. Original rule establishing hardware and software restrictions.
- Reuters, Seagate to Pay $300 Million Penalty for Shipments to Huawei, 2023. Reporting on the largest export control penalty in recent history.
Frequently Asked Questions
Do these export controls apply to open-source AI models?
It depends on the model's capabilities and where it's being sent. The BIS has indicated that publicly available technology is generally not subject to controls, but if an open-source model meets the criteria for a dual-use foundation model — particularly around biological sequence data or cyber operations — it may still require a license for certain destinations. The "open source" label doesn't automatically exempt you.
How do I know if my AI software requires an export license?
Start by classifying your software under the Export Administration Regulations (EAR). Most AI software falls under ECCN 3E001, 3E002, or 3E991. Then check the destination country and end-user against the Commerce Country Chart and Entity List. If you're unsure, you can request a commodity classification from BIS or work with an export compliance attorney. Don't self-classify without expert review.
Are AI content generation tools like ChatGPT affected by these rules?
Generally, consumer-facing AI tools that don't involve exporting the underlying model weights are not directly affected. However, the companies that operate these tools must comply with sanctions and export controls, which means availability may be restricted in certain countries. Additionally, if you're using these tools to create content for clients in restricted jurisdictions, you may have indirect compliance obligations depending on the nature of the work.