WeVote

Bill

Bill

HR 8283

Deterring American AI Model Theft Act of 2026

119th Congress Introduced by Ben Cline and 15 co-sponsors

The bill creates formal US government coordination, reporting, and sanctions to deter, detect, and punish unauthorized extraction of closed-source AI models.

Committee Consideration and Mark-up Session Held
0
WeVote Research Nonpartisan
Bill Summary · HR 8283

Summary of Bill: Deterring American AI Model Theft Act of 2026 (H.R. 8283)

Session: 119th Congress | Introduced: April 15, 2026 | Jurisdiction: United States

Sponsors: Rep. Bill Huizenga (primary) and Rep. John Moolenaar (co-sponsor)

Committee: Foreign Affairs

Purpose (Section 2: Sense of Congress)
- The bill expresses the sense of Congress that:
- US private-sector AI models are vital to economic and national security.
- Many advanced models are closed-source, with sensitive technical details not publicly shared.
- Unauthorized extraction of model capabilities (weights, architectures, and other technical features) by entities of concern threatens US security and IP/competitiveness.
- The US government should work with model owners to identify, deter, and punish model extraction attacks.
- Authorized model training that complies with terms of service or contractual restrictions is distinct from model extraction attacks.

Key Provisions and Changes (Definitions and Mechanisms)
- Definitions (Section 3):
- Closed-source AI model: A model with proprietary weights and key technical information not publicly available, access governed by terms of service or contracts, typically accessed via APIs or owner-controlled interfaces without permitting hosting or broad third-party use unless authorized.
- Country of concern: Primarily China (including Hong Kong/Macau), Russia, and other countries designated by Secretary of State per regulatory criteria.
- Entity of concern: Foreign persons/entities tied to a country of concern or under its direction/control, or attempting model extraction attacks outside authorized training contexts.
- Model extraction attack: Unauthorized attempts to replicate or improve a closed-source model by:
- Circumventing access controls or using unauthorized credentials,
- Conducting queries that aim to replicate or improve another model,
- Violating terms of service or restrictions.
- Fraudulent account network provider: Foreign entities creating or distributing accounts to give entities of concern access to closed-source models in violation of access restrictions; an exception covers some freedom-of-expression-related uses.
- Other terms: Export, reexport, item, in-country transfer, etc., aligned with the Export Control Reform Act of 2018.

  • Assessment and Reporting (Section 4):

    • Within 180 days, the Secretary of State, with the Export Policy Operating Committee agencies, must assess:
    • Which entities of concern have conducted or are conducting model extraction attacks.
    • Which entities are fraudulent account network providers.
    • Countries and agencies involved, methods used, and the role of fraudulent account network providers.
    • Economic and security consequences of past attacks (last two calendar years), and steps the US government is taking to assist model owners.
    • A diplomatic strategy to leverage allies in detecting and preventing attacks.
    • Public consultation: Industry, academics, and other stakeholders may voluntarily participate to identify attacker patterns, develop best practices, and address fraudulent networks.
    • Report: Unclassified report due within 210 days, with an annual updated report for three years. May include a classified annex.
    • Routine assessments: Ongoing monitoring of model extraction attacks and fraudulent networks, including changes post-assessment.
  • Information Sharing and Public Guidance (Sections 4, 6):

    • Establish an information-sharing mechanism for model owners to share attack indicators confidentially with the Department of Commerce.
    • Maintain an AI Model Extraction Attackers List (Secretary of State, in coordination with EOP agencies) of individuals/entities identified as attackers; publish on the State Department website for up to 5 years, with protection for confidential owner information.
  • Deterrence and Sanctions (Section 5):

    • By 210 days after enactment, the Under Secretary of Commerce for Industry and Security (in coordination with End-User Review Committee) must decide by majority vote whether entities identified in assessments (and their affiliates) should be added to the BIS Entity List under 15 CFR Part 744.
    • Sanctions: The President, via the Secretary of State and using the International Emergency Economic Powers Act (IEEPA), may block and prohibit all transactions in the property of such entities within the US or controlled by US persons.
    • Exceptions: Humanitarian exemptions (food, medicine, humanitarian assistance, and related financial transactions) and allowances for intelligence, law enforcement, and national security activities.
    • Penalties: Violations carry penalties similar to other IEEPA offenses (as set forth in IEEPA §206).

What Is Affected
- Entities of concern and their affiliates identified through assessments.
- Closed-source AI model owners (US-based) who could be targets of model extraction.
- Foreign entities and fraudulent account networks enabling access to closed-source models.
- US government agencies involved in export policy, trade controls, and national security (State Department, Department of Commerce, BIS, and associated committees).

Procedural and Timeline Aspects
- Assessment deadline: Within 180 days of enactment.
- Initial report due: Within 210 days, with annual updates for three years.
- AI Model Extraction Attacker List published publicly for up to 5 years.
- Entity List inclusion and sanctions: Determined by majority vote within 210 days after enactment; sanctions apply under IEEPA with typical exceptions.
- Ongoing routine assessments and industry coordination to maintain updated threat intelligence.

Overall Impact
- Elevates federal coordination to detect, deter, and punish model extraction of US closed-source AI models.
- Creates formal mechanisms for public reporting, industry collaboration, and international diplomacy to address threats from countries of concern.
- Expands possible sanctions on entities involved in model extraction or facilitating access to closed-source models through fraudulent networks, while preserving humanitarian and national security exceptions.

Compiled from official sources — confirm details with the bill’s official record.

Sign in to ask a question.