Artificial intelligence companies based in the United States are increasingly vocal in their accusations against their Chinese counterparts, alleging that these companies are engaging in illicit activities to distill large language models (LLMs) developed in America. This situation has prompted these domestic firms to petition the U.S. government for intervention and help, highlighting significant vulnerabilities in the existing legal frameworks.

The current landscape of protections for AI models owned by U.S. companies is notably inadequate. Many firms find themselves resorting to self-policing against these infringements, which allows bad actors to continue utilizing illicit techniques without repercussion. This self-policing not only strains resources but also underscores a broader concern regarding the integrity and protection of intellectual property in a rapidly evolving sector.

Two major players in the field, OpenAI and Anthropic, have raised alarms about this issue, noting that Chinese companies are leveraging American-made AI models to develop competitive products. Specifically, Anthropic has urged the U.S. government to impose export controls on these Chinese firms, advocating for stricter regulations around distillation practices to safeguard their intellectual creations from being misappropriated.

Recent reports suggest that on June 10, Anthropic sent a letter to influential members of the Senate Committee on Housing, Banking, and Urban Affairs—Senator Elizabeth Warren and Senator Tim Scott—detailing its concerns. The letter identified Alibaba, a prominent Chinese technology firm, as a key player allegedly involved in the unauthorized access of Anthropic’s models to train its Qwen model. This accusation aligns with a growing pattern of claims from various U.S.-based AI companies asserting that their technologies are being misused by Chinese entities.

The issue of model distillation is particularly intricate. This process allows companies to train their own models based on the outputs of existing, larger models, often without needing direct access to the vast datasets that larger models utilize. While distillation is generally accepted as a cost-effective method within the AI community, it is typically accompanied by an expectation of collaboration and transparency. Anthropic seeks to formalize these expectations, pressing for a legal structure that mandates consent from the original model providers before distillation can occur.

The U.S. government has made some attempts to address these challenges, as reflected in a National Security and Technology Memorandum issued on April 23, which recognized the issue of distillation in the broader context of national security and technology protection. However, entities such as the Institute for AI Policy and Strategy (IAPS) argue that the memo lacks the necessary enforcement mechanisms and fails to adequately address the nuances surrounding semiconductor exports and the consequences of distillation attacks. IAPS suggests that without robust policies, foreign firms like Alibaba will continue to exploit the legal gaps that remain unaddressed.

Much of the onus to combat these distillation attacks presently falls on the AI companies themselves. Many of these frontier labs voluntarily publish research on interactions with their models, as high volumes of usage may indicate attempts to create training data unlawfully. This self-regulation, however, poses its own risks, as sharing intelligence on suspicious activities could inadvertently expose these companies to accusations of collusion. Such complications highlight the need for clearer legal frameworks that allow for cooperative defense against these attacks without fear of regulatory backlash.

Both Anthropic and IAPS have called upon the government to enact legislation that not only provides a clear legal recourse against distillation attacks but also revises antitrust laws. Such updates would enable collaboration among AI developers, enhancing the industry’s collective ability to safeguard against illicit activities without compromising proprietary information.

Ultimately, Anthropic’s position underscores a growing concern: the absence of strict enforcement measures may empower companies like Alibaba to continue their distillation practices unchecked. The domestic firms best equipped to address these challenges often find themselves stymied by legal restrictions surrounding information sharing. Without meaningful penalties in place, the risk of continued exploitation looms large, threatening the integrity of U.S.-developed AI technologies.