Tag: fundamental research exclusion

  • Deemed Export Rule and AI Research Compliance

    The deemed export rule treats the release of export-controlled technology or source code to a foreign national inside the United States as if it were an export to that person’s home country, even though nothing crosses a physical border. For AI research groups, this means that giving a foreign-national graduate student or postdoc access to certain model weights, training code, or restricted technical data can itself require a federal export licence.

    A deemed export is any release of “technology” or “technical data” — controlled under the Export Administration Regulations (EAR) or the International Traffic in Arms Regulations (ITAR) — to a foreign person physically present in the United States. The doctrine is old; its application to frontier AI systems is new, and it now collides with university research practice.

    What is the deemed export rule?

    Under 15 CFR 734.13(b) of the EAR, releasing controlled technology or source code to a foreign person in the United States is “deemed” to be an export to that person’s country of nationality. The Bureau of Industry and Security (BIS), the Commerce Department agency administering the EAR, names universities and high-technology research institutions as typical deemed-export-licence users, alongside biochemical, medical and computer-sector organisations.

    A “release” can occur through conversation, email, or lab access that lets a foreign national read or modify controlled source code — no shipment is required. Permanent residents, US citizens, and “protected individuals” under US immigration law are exempt; most international graduate students and postdocs on visas are not.

    How the fundamental research exclusion applies to AI research

    Most university AI research avoids deemed export licensing through the fundamental research exclusion at 15 CFR 734.8. Fundamental research is basic or applied research in science and engineering where the resulting information is ordinarily published and shared broadly, with no restrictions on foreign-national participation and no government-imposed access controls.

    The exclusion is conditional, not automatic. It fails where:

    • Results are restricted for proprietary or commercial reasons, such as a sponsorship agreement with a publication-delay clause.
    • The funding agreement imposes access or dissemination controls, which some defence-adjacent AI grants do.
    • The activity involves direct transfer of a controlled item — hardware, software, or source code — rather than an exchange of research information.

    Information already publicly available, including open-access papers and public code repositories, is separately exempt from EAR licensing.

    When AI models, weights and training infrastructure trigger a deemed export

    Using a publicly available AI chatbot or API is not, by itself, a release of controlled technology. Risk rises when a foreign national gains access to model architecture details, training methodologies, or model weights covered by an Export Control Classification Number (ECCN) on the Commerce Control List, or to advanced computing hardware BIS has specifically controlled.

    BIS tightened advanced-computing controls in its October 2022 Interim Final Rule, amended October 2023, then went further in January 2025 with a Framework for Artificial Intelligence Diffusion rule that, for the first time, extended export-control treatment to certain closed-weight AI model parameters, not only training hardware. Disclosing weights, architecture specifications, or training-cluster configuration for a covered model to a foreign-national researcher can itself be a release event.

    Much of this tightening is explicitly framed around china ai regulation concerns — restricting frontier compute and model know-how flowing to entities on the BIS Entity List. Nationality alone does not create liability; nationality plus access to a controlled item, combined with funding or sponsor restrictions, does.

    US deemed export rules vs the EU AI Act research exemption

    Institutions with EU partnerships increasingly ask how the US doctrine compares with the European approach. The EU AI Act — Regulation (EU) 2024/1689 — takes a structurally different route: rather than controlling technology transfer by nationality, it excludes AI systems and models developed and used exclusively for scientific research from most of the Act’s obligations, under Article 2(6) and Article 2(8).

    Aspect US deemed export rule EU AI Act research exemption
    Governing instrument EAR, 15 CFR 734.13(b) and 734.8 Regulation (EU) 2024/1689, Art. 2(6) & 2(8)
    What triggers the rule Release of controlled technology to a foreign person Placing an AI system on the market or into service
    Exclusion basis Fundamental research intended for open publication Research and development activity, prior to market placement
    Administering body Bureau of Industry and Security (Commerce Dept.) National market surveillance authorities / EU AI Office
    Nationality relevant? Yes — central to the rule No — exemption is activity-based, not person-based

    The distinction matters for compliance design: a US export control office manages deemed exports as a personnel and access-control question, while an EU research-exemption assessment is a product-lifecycle question. A model built for fundamental research at a US university may fall outside the AI Act exemption once deployed commercially — the two frameworks do not map onto each other cleanly.

    Compliance steps for universities with foreign national researchers

    Export control officers, research administrators, and AI lab principal investigators need a shared workflow before granting foreign nationals lab or system access:

    1. Screen every incoming foreign national against the BIS Entity List and the Treasury Denied Persons List before granting technical access.
    2. Classify the technology, dataset, or model against the Commerce Control List to determine whether an ECCN applies.
    3. Document the fundamental research exclusion in writing at project inception — funding terms, publication plans, and sponsor restrictions.
    4. Restrict access to controlled weights or training infrastructure until the export control office confirms licence status.
    5. Certify deemed export status accurately on Form I-129 for H-1B, H-1B1, L-1, and O-1A hires, as USCIS requires.
    6. Use the NIST AI Risk Management Framework to document AI system risk tiers internally — a defensible record, though not itself an export-control exemption.

    Treat this as distinct from state ai laws, such as Colorado’s and California’s AI transparency statutes, which govern AI deployment to end users, not technology transfer to foreign persons — a university can comply with one and still be exposed under the other. Guidance from the Center for AI Standards and Innovation (CAISI), the Commerce Department body that succeeded the original AI Security Institute at NIST, can inform risk-evaluation methodology, though it is not itself an export-control determination. See CASRAI’s research administration resources for broader governance context.

    Frequently asked questions

    What are the criteria for a deemed export?

    A deemed export occurs when controlled technology or source code is released to a foreign person inside the United States. The criteria: the item sits on the Commerce Control List or US Munitions List, the recipient is not a citizen, permanent resident, or protected individual, and no exclusion applies.

    How can a university determine whether an activity is a deemed export?

    A university’s export control office classifies the technology against its ECCN or USML category, checks whether the fundamental research exclusion applies, and confirms the researcher’s immigration status. If the technology is controlled, the researcher is a foreign person, and no exclusion fits, a licence is required before access.

    Who is exempt from the deemed export rule?

    US citizens, lawful permanent residents, and individuals granted protected individual status under US immigration law are exempt from deemed export licensing regardless of the technology involved. Most international students and postdocs on visas do not qualify for this exemption and depend instead on the fundamental research exclusion.

    Does using a publicly available AI model trigger a deemed export?

    No. Interacting with a publicly available AI model — a public API, chatbot, or open-weight release with no access restrictions — is not a controlled release under the EAR. Risk arises only when a foreign national gains access to restricted model weights, proprietary architecture details, or controlled training infrastructure not available to the public.

    Implications and outlook

    Export control offices built their playbooks around physical items and classified research; AI weights and training infrastructure do not fit that playbook cleanly. As BIS extends ECCN coverage into software and model parameters, universities running foreign-national-staffed AI labs face rising documentation burden even where no licence is ultimately required.

    Expect continued divergence between the deemed export regime, EU AI Act research-exemption practice, and state ai laws — three separate compliance tracks addressing different questions. Research administrators who map these tracks now, rather than after an incident, will be better placed as controls continue to tighten.

  • AI Chip Export Controls: How 2026 Rules Reshape Research Collaboration

    University research offices spent 2025 building compliance playbooks around chip-specific licensing regimes, and 2026 has already rewritten them. AI chip export controls research is no longer a niche trade-law question for a handful of national-security-adjacent labs — it now shapes which GPUs a computer science department can buy, which foreign postdoctoral researchers can touch a controlled cluster, and which international co-authors can be looped into a compute-heavy project. This article isolates the advanced-chip and compute-specific rules from the broader ITAR/EAR fundamental-research-exclusion debate, because the two interact in ways that catch research administrators off guard.

    What changed: the AI chip export control landscape in 2026

    The current regime traces back to the US Commerce Department’s October 2022 controls on advanced semiconductors and chip-making equipment destined for China. The Biden administration’s January 2025 “AI Diffusion Rule” extended this into a three-tier country framework, but the Trump administration rescinded it in May 2025 before it took full effect.

    Policy has moved quickly since. Key 2025-26 milestones for research offices to track:

    • September 2025 — Commerce guidance confirmed any use of Huawei’s Ascend AI chips violates existing export controls, per a Congressional Research Service report (Congress.gov, R48642).
    • December 2025 — the White House announced a policy reversal permitting conditional sales of advanced Nvidia and AMD accelerators to China.
    • 13 January 2026 — Commerce codified this in a new regulation setting revised performance thresholds (chips with a total processing performance below 21,000 or DRAM bandwidth below 6,500 GB/s), a 50% volume cap relative to US shipments, and mandatory end-use “know your customer” certification.
    • January 2026 — a 25% tariff was added to AI chip exports to China, layering trade policy on top of national-security licensing.

    Congress is running a parallel track: the Chip Security Act, still moving through committee, would require exporters to verify the physical location of controlled chips after sale — a location-tracking obligation with direct implications for any university that hosts hardware jointly funded or co-located with an overseas partner institution.

    Hardware controls vs the Fundamental Research Exclusion

    Most institutional export-control training focuses on the Fundamental Research Exclusion (FRE), which removes published, unrestricted university research from “technology” and “technical data” controls under the Export Administration Regulations (EAR) and the International Traffic in Arms Regulations (ITAR). That framing is necessary but insufficient for AI chips.

    The FRE exempts information — research results intended for open publication. It does not exempt the physical item. A controlled GPU cluster remains a controlled export item regardless of whether the resulting paper will be published openly. This distinction matters because:

    • Procuring, importing, or re-exporting a covered accelerator still requires a licence or licence exception, independent of publication intent.
    • The EAR’s “deemed export” rule treats the release of controlled technology to a foreign national inside the US as an export to that person’s home country — so granting a visiting researcher administrator-level access to a controlled cluster can trigger a licensing requirement even when the research itself is unclassified and destined for a journal.
    • Cloud and remote-access provisioning now falls inside scope for some controls, meaning offshore collaborators accessing a US-hosted cluster remotely can raise the same deemed-export question as physical hardware transfer.

    Research administrators who apply only the “will this be published?” test are missing this hardware layer entirely.

    Effects on international co-authorship and lab procurement

    Two operational pressures are converging on university AI labs. First, procurement: institutions outside the US increasingly cannot source the newest-generation accelerators at all, or face multi-month allocation queues even where licensing exists, forcing reliance on lower-tier chips or shared national compute facilities. Second, collaboration: compliance offices are becoming more cautious about admitting foreign graduate students and visiting scholars onto projects that touch controlled hardware, out of concern for inadvertent deemed-export violations — a dynamic some analysts describe as pushing labs toward “partitioned research spaces” accessible only to a security-cleared subset of a research group.

    The regulatory detail differs meaningfully by jurisdiction, which matters for any multi-country consortium:

    Jurisdiction Controlling authority Core mechanism Relevance to university labs
    United States Bureau of Industry and Security (Commerce) Item-specific chip thresholds, deemed-export rule, end-use certification Direct licensing burden on procurement and on foreign-national lab access
    United Kingdom Export Control Joint Unit (Department for Business and Trade) UK Strategic Export Control Lists, aligned to the Wassenaar Arrangement dual-use list Universities UK / NPSA “Trusted Research” guidance shapes due diligence on overseas partnerships
    European Union EU Dual-Use Regulation + AI Act Dual-use export licensing plus AI Act compute thresholds for general-purpose models AI Act Article 51 sets a 10^25 FLOPs systemic-risk trigger, indirectly linking model compute scale to regulatory scrutiny
    Wassenaar Arrangement 42-member multilateral forum Voluntary dual-use control list Has not reached consensus on binding AI-chip-specific controls, leaving the US to act largely unilaterally

    The absence of Wassenaar consensus on AI-chip-specific controls is a genuinely underreported detail: it means the US regime is not a multilaterally harmonised standard but a unilateral extension that allied nations’ universities must interpret alongside their own domestic dual-use rules — a compliance gap that a single-jurisdiction FRE briefing will not surface.

    Common questions on AI chip export controls and research

    What is the US export control on AI chips?

    The US controls advanced AI accelerators and related manufacturing equipment under the Export Administration Regulations. The January 2026 rule sets performance thresholds, a 50% volume cap on chips sold to China relative to US shipments, and mandatory end-use certification — replacing the rescinded 2025 AI Diffusion Rule’s country-tier system.

    Are Nvidia chips export controlled?

    Yes. Nvidia’s most advanced accelerators require licensing for restricted destinations. The 2026 regulation specifically loosened restrictions on Nvidia H200 and AMD MI325X chips for conditional sale to China, subject to volume caps, security certification, and a 25% tariff — a partial reversal of the prior blanket restriction.

    Who supplies China with AI chips?

    Nvidia and AMD remain the dominant US suppliers under licensed, conditional export terms, while Chinese firms such as Huawei supply domestic alternatives like the Ascend series. Analysts estimate licensed exports could raise China’s installed AI compute substantially in 2026, even under capped volumes.

    Implications and outlook for research administrators

    Three practical steps follow from the current landscape. Research offices should map which grants, clusters, and cloud contracts touch controlled-threshold hardware — not just which projects have publication restrictions, since the FRE does not cover the physical item. Export-control and international-office teams should coordinate deemed-export screening for any foreign national granted administrator or remote access to a covered cluster, ahead of, not after, onboarding. And procurement teams should build multi-quarter contingency planning into capital requests, given that thresholds, tariffs, and country-tier rules have each changed at least twice since late 2024.

    Coordinating across research administration, export-control compliance, and IT procurement functions — rather than treating this as a single office’s problem — is the structural response institutions are converging on. For programmes that document international contributor roles and co-authorship arrangements, this regulatory volatility is now a standing input into partnership risk assessment, not a one-off legal review.

    The direction of travel for 2026 remains policy volatility rather than settled rules. With the Chip Security Act still pending, no Wassenaar consensus in sight, and the EU AI Act’s compute thresholds only recently operative, institutions with substantial research administration functions should expect this to remain a live compliance area rather than a rule set they can finalise once and file away.