A key component of President Biden’s October 2023 Executive Order on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence is a directive to develop a mandatory industrial base survey for the development of advanced artificial intelligence (“AI”) models and computing clusters.  Leveraging authority under the Defense Production Act, President Biden charged the Department of Commerce, Bureau of Industry and Security (“BIS”) to implement this industrial base assessment.  On September 9, 2024, BIS proposed to amend its Industrial Base survey regulations by establishing reporting requirements for the development of advanced AI models and possession of large-scale computing clusters.

Section 4.2(a)(ii) of the October 2023 Executive Order directed BIS to “require companies, individuals, and other organizations or entities that acquire, develop, or possess a potential large-scale computing cluster to report any such acquisition, development, or possession,” as its authority for the proposed rule.  BIS had previously released a mandatory survey for companies it had identified as “developing or planning to develop potential dual-use foundation models.”  This proposed rule now sets forth further reporting requirements, as well additional details on the rationale for the survey – rationale that could have serious implications for government contractors.

BIS’s proposed rule would require quarterly reporting to BIS of (1) any AI model training run using more than 10^26 computation operations, or (2) acquiring, developing, or coming into possession of a computer cluster that has a set of machines transitively connected by data center networking of greater than 300 GBits/s and having a theoretical maximum greater than 10^20 computational operations.  Notably, the reporting requirement is triggered both by actual conduct and intent to engage in such conduct.  The requirement applies to “covered U.S. persons” (defined to include natural persons and legal entities). 

Any company that completed the initial BIS survey issued on January 26, 2024 would only be required to report any updates, changes, or additions to the survey, and any entity that has filed at least one report would be required to continue to file reports on a quarterly basis for as long as the entity continues to meet the reporting requirements.

Implications for Government Contractors

While the proposed rule would impact all industries utilizing dual-use foundation models, it contains key insights for government contractors and the defense industrial base in particular.  As rationale for requiring such a survey, BIS explains that “AI models are quickly becoming integral to numerous U.S. industries that are essential to national defense.”  It further notes that because other governments around the world are “actively working to integrate dual-use foundation models into their defense capabilities, the U.S. defense industrial base will [also] need to integrate the dual-use foundation models to remain internationally competitive.”  BIS maintains that part of the reason that the survey is necessary is to ensure that the defense industrial base has AI models that can compete internationally; if the survey reveals gaps, then “[s]uch information will allow the U.S. Government to determine whether action is necessary to stimulate the development of dual-use foundation models or to support the development of the specific types of models.”  Even more explicit, the proposed rule notes that the results of the survey would help “enable the U.S. Government to determine whether investments in the defense industrial base are needed to . . . counteract the dangerous capabilities identified or to ensure that adequate safeguards are in place to prevent the theft or misuse of dual-use foundations models by foreign adversaries or non-state actors.”

BIS’s express reference to national security considerations may have a practical basis; as noted above, the legal underpinning for BIS’s survey authority arises from the Defense Production Act.  But this rationale also highlights the U.S. government’s hyperfocus on rapidly procuring and deploying expanded AI capabilities, particularly for defense applications.  BIS’s industrial base survey may identify both existing capabilities that the government is eager to procure as well as capability gaps the government may be willing to assist in closing.  These capabilities (and gaps) include not just the dual-use models themselves, but also related capabilities, such as protecting such models from outside threat actors.  The government seems keen not just to acquire and use AI for its own purposes, but also to make sure that it can properly wield these tools without fear of AI itself or of external actors. 

Government contractors should note that the survey is focused on physical and cybersecurity measures that the developer has put in place around training and model weights, as well as the results of red-team tests that have a national security impact around weapon development or offensive cyber operations.  The U.S. government may utilize the survey results to identify the models that are secure enough to be integrated into national defense related applications.

We will continue to track and report on updates related to BIS’s survey.  Comments on the proposed rulemaking are due October 11, 2024.

Photo of Moushmi Patil Moushmi Patil

Moushmi Patil represents government contractors across a range of industries and in all stages of the public procurement process. Her experience includes high-stakes litigation and corporate matters, as well as navigating regulatory compliance issues.

Moushmi routinely advises clients on the most complex regulatory…

Moushmi Patil represents government contractors across a range of industries and in all stages of the public procurement process. Her experience includes high-stakes litigation and corporate matters, as well as navigating regulatory compliance issues.

Moushmi routinely advises clients on the most complex regulatory challenges relating to the public procurement process. Her experience include litigating bid protests before the Court of Federal Claims and the Government Accountability Office, coordinating regulatory due diligence processes for large scale M&A transactions, and negotiating with government actors on government intellectual property and data rights matters. Moushmi also represents clients in connection with criminal and civil investigations by the U.S. Department of Justice, with a focus on matters arising under the False Claims Act.

In addition, Moushmi maintains an active pro bono practice focusing on indigent criminal defense and Freedom of Information Act requests and disclosures.

Photo of Nooree Lee Nooree Lee

Nooree advises government contractors and financial investors regarding the regulatory aspects of corporate transactions and restructurings. His experience includes preparing businesses for sale, negotiating deal documents, coordinating large-scale diligence processes, and navigating pre- and post-closing regulatory approvals and integration. He has advised on…

Nooree advises government contractors and financial investors regarding the regulatory aspects of corporate transactions and restructurings. His experience includes preparing businesses for sale, negotiating deal documents, coordinating large-scale diligence processes, and navigating pre- and post-closing regulatory approvals and integration. He has advised on 35+ M&A deals involving government contractors totaling over $30 billion in combined value. This includes Veritas Capital’s acquisition of Cubic Corp. for $2.8 billion; the acquisition of Perspecta Inc. by Veritas Capital portfolio company Peraton for $7.1 billion; and Cameco Corporation’s strategic partnership with Brookfield Renewable Partners to acquire Westinghouse Electric Company for $7.8+ billion.

Nooree also counsels clients navigating the Foreign Military Sales (FMS) program and Foreign Military Financing (FMF) arrangements. Nooree has advised both U.S. and ex-U.S. companies in connection with defense sales to numerous foreign defense ministries, including those of Australia, Israel, Singapore, South Korea, and Taiwan.

Recently, Nooree’s practice has expanded to include advising on the intersection of government procurement and artificial intelligence. Nooree counsels clients on the negotiation of AI-focused procurement and non-procurement agreements with the U.S. government and the rollout of procurement regulations and policy stemming from the Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence.

Nooree maintains an active pro bono practice focusing on appeals of denied industrial security clearance applications and public housing and housing discrimination matters. In addition to his work within the firm, Nooree is an active member of the American Bar Association’s Section of Public Contract Law and has served on the Section Council and the Section’s Diversity Committee. He also served as the firm’s Fellow for the Leadership Council on Legal Diversity program in 2023.

Photo of Robert Huffman Robert Huffman

Bob Huffman counsels government contractors on emerging technology issues, including artificial intelligence (AI), cybersecurity, and software supply chain security, that are currently affecting federal and state procurement. His areas of expertise include the Department of Defense (DOD) and other agency acquisition regulations governing…

Bob Huffman counsels government contractors on emerging technology issues, including artificial intelligence (AI), cybersecurity, and software supply chain security, that are currently affecting federal and state procurement. His areas of expertise include the Department of Defense (DOD) and other agency acquisition regulations governing information security and the reporting of cyber incidents, the proposed Cybersecurity Maturity Model Certification (CMMC) program, the requirements for secure software development self-attestations and bills of materials (SBOMs) emanating from the May 2021 Executive Order on Cybersecurity, and the various requirements for responsible AI procurement, safety, and testing currently being implemented under the October 2023 AI Executive Order. 

Bob also represents contractors in False Claims Act (FCA) litigation and investigations involving cybersecurity and other technology compliance issues, as well more traditional government contracting costs, quality, and regulatory compliance issues. These investigations include significant parallel civil/criminal proceedings growing out of the Department of Justice’s Cyber Fraud Initiative. They also include investigations resulting from False Claims Act qui tam lawsuits and other enforcement proceedings. Bob has represented clients in over a dozen FCA qui tam suits.

Bob also regularly counsels clients on government contracting supply chain compliance issues, including those arising under the Buy American Act/Trade Agreements Act and Section 889 of the FY2019 National Defense Authorization Act. In addition, Bob advises government contractors on rules relating to IP, including government patent rights, technical data rights, rights in computer software, and the rules applicable to IP in the acquisition of commercial products, services, and software. He focuses this aspect of his practice on the overlap of these traditional government contracts IP rules with the IP issues associated with the acquisition of AI services and the data needed to train the large learning models on which those services are based. 

Bob writes extensively in the areas of procurement-related AI, cybersecurity, software security, and supply chain regulation. He also teaches a course at Georgetown Law School that focuses on the technology, supply chain, and national security issues associated with energy and climate change.