On January 29, 2024, the Department of Commerce (“Department”) published a proposed rule (“Proposed Rule”) to require providers and foreign resellers of U.S. Infrastructure-as-a-Service (“IaaS”) products to (i) verify the identity of their foreign customers and (ii) notify the Department when a foreign person transacts with that provider or reseller to train a large artificial intelligence (“AI”) model with potential capabilities that could be used in malicious cyber-enabled activity. The proposed rule also contemplates that the Department may impose special measures to be undertaken by U.S. IaaS providers to deter foreign malicious cyber actors’ use of U.S. IaaS products. The accompanying request for comments has a deadline of April 29, 2024.Continue Reading Department of Commerce Issues Proposed Rule to Regulate Infrastructure-as-a-Service Providers and Resellers
Irina Danescu is an associate in the firm’s Washington, DC office and a member of the Data Privacy and Cybersecurity and the Committee on Foreign Investment in the United States (“CFIUS”) Practice Groups.
Irina advises clients on a broad range of cybersecurity, data privacy, and national security issues. She has assisted clients with understanding and complying with cybersecurity and privacy obligations, conducting internal investigations and due diligence, and preparing submissions to CFIUS and other regulatory agencies.