White House accuses China of industrial-scale AI technology theft targeting US frontier models

US Seeks to Halt US AI Model 'Exploitation' by Chinese Rivals

The Trump administration unveiled measures aimed at preventing Chinese developers from improperly using leading American AI models to build a rival generation of chatbots, marking the first major US response to Silicon Valley companies' complaints that China is piggybacking on their success. In a memo Thursday, the White House Office of Science and Technology Policy said it will promote wider information sharing by US-based developers and increase efforts to help the industry detect unauthorized extraction of their artificial intelligence models. The US government will also work with industry to determine how to rein in such abuses and hold bad actors accountable. "There is nothing innovative about systematically extracting and copying the innovations of American industry, and there is nothing open about supposedly open models that are derived from acts of malicious exploitation," White House Science and Technology Policy Director Michael Kratsios said in the memo. The planned measures represent the most significant US effort so far to rein in a practice known as distillation, where AI developers train systems using results from a parent AI model to create similar capabilities in a new one at a far lower cost. Models made in this way avoid expenses from both research and the costly AI processors needed for original model training. While tolerated for training smaller, less-advanced systems, distillation violates AI companies' terms of use when it's employed to replicate a cutting-edge AI model without permission. The White House clarified in its memo that the US supports a vibrant open-source ecosystem but added that distillation aimed at undermining US research and development investments is unacceptable. The broader effort to crack down on unauthorized distillation seeks to address a growing concern among US companies including OpenAI, Anthropic PBC and Alphabet Inc.'s Google that output from their models is being wrongfully used by Chinese rivals such as DeepSeek, Moonshot and MiniMax to develop products far more cheaply and with fewer safety guardrails. The Office of Science and Technology Policy defines wrongful "industrial-scale" distillation as when foreign entities, primarily based in China, deploy "tens of thousands" of proxy accounts to access leading models and bombard them with queries deliberately aimed at extracting proprietary information that can be used to clone some of the model's capabilities. Though using so-called jail-breaking techniques can result in a nearly-free open-weight Chinese model that mimics a closed-weight US version, the statement warns that unauthorized actors can strip safety protocols through this method, resulting in models that are neither neutral nor truthful. "Foreign entities who build their AI capabilities on such fragile foundations should have little confidence in the integrity and reliability of the models they produce," Kratsios warned in the memo. Accusing Chinese companies of harvesting AI results in an improper fashion represents a provocative move by the administration ahead of next month's highly anticipated summit in Beijing between President Donald Trump and his Chinese counterpart Xi Jinping. The US and China are locked in an all-out competition for global supremacy in artificial intelligence, with each country making the emerging technology a national priority. Top US developers are widely viewed as still being ahead of their Chinese rivals in terms of AI capabilities. Yet at least three US firms have begun to raise the alarm that adversarial distillation poses a risk to their businesses and started sharing information with each other on unauthorized extraction of their models' output. The US government will now join that effort, with a focus on informing companies about the tactics and actors involved. Many models made by Chinese labs are open source and largely free for customers to use. That poses an economic challenge for US AI firms that have kept their systems proprietary, betting that users will pay for access and help offset the hundreds of billions of dollars the firms have spent on data centers and other infrastructure. US officials estimate that illicit extraction of results is costing Silicon Valley labs billions of dollars in annual profit, according to a person familiar with the findings. Scrutiny from US developers over the threat posed by adversarial distillation began after Chinese startup DeepSeek rocked global markets more than a year ago with the release of its breakthrough model. Since then, OpenAI has been investigating whether DeepSeek improperly extracted results from leading American models to develop the R1 chatbot. Anthropic and Google DeepMind have voiced similar concerns, and earlier this year, all three labs posted publicly that they had detected their models had been improperly queried and copied through large-scale data requests on their platforms. Absent clearer disclosures from China, it's difficult to parse how much of China's AI model success is the result of its own innovation or simply copying US technology.

White House accuses China of 'industrial scale' theft of AI technology

The White House has accused China of undertaking industrial-scale theft of American artificial intelligence labs' intellectual property and warned that it would crack down on a practice that exploits US innovation. "The US government has information indicating that foreign entities, principally based in China, are engaged in deliberate, industrial-scale campaigns to distil US frontier AI systems," Michael Kratsios, director of the White House Office of Science and Technology Policy, wrote in a memo seen by the FT. The accusation marks the latest escalation in tensions around Chinese groups allegedly raiding advanced American AI research amid an arms race to lead in the technology. It comes just weeks before President Donald Trump will meet President Xi Jinping in Beijing. The issue gained attention after China's DeepSeek was accused of using distillation -- the process of training smaller AI models based on the output of larger ones -- to build a powerful product at a lower cost. Kratsios' memo to government departments said the administration would share information with American AI companies about "attempts by foreign actors to conduct unauthorised, industrial-scale distillation" and help them co-ordinate against attacks. He said Chinese campaigns were "leveraging tens of thousands of proxy accounts to evade detection and using jailbreaking techniques to expose proprietary information". The US would explore measures "to hold foreign actors accountable for industrial-scale distillation campaigns", Kratsios added. Chris McGuire, a technology security expert at the Council on Foreign Relations said: "Chinese AI firms are relying on distillation attacks to offset deficits in AI computing power and illicitly reproduce the core capabilities of US models." McGuire said the US should ban Chinese groups from accessing US models and sanction entities that conduct or enable distillation, as well as tighten export controls to prevent China from smuggling or remotely accessing US AI chips. The Chinese embassy did not respond to a request for comment. US AI firms, including Anthropic and OpenAI, have increasingly voiced concern about distillation by Chinese groups, which they argue enables foreign labs to close the competitive advantage that the US enjoys because of export controls on advanced American chips. Kratsios said distillation was a vital part of the AI ecosystem when used legitimately to make lighter-weight models but "industrial distillation" used to undermine American research and development was "unacceptable". He added that while models created by "surreptitious, unauthorised distillation campaigns" did not match the performance of the original models, they can benefit foreign groups because of the significantly lower cost. In February, Anthropic accused three leading Chinese AI companies -- DeepSeek, Moonshot and MiniMax -- of distillation attacks on its models. That came after OpenAI said in early 2025 that it had evidence that DeepSeek had used outputs from its GPT models to train its model in violation of its terms of service. American AI companies are concerned that distilled models pose national security risks because they lack the safeguards that, for example, prevent the development of bioweapons or malicious cyber attacks. The House Foreign Affairs Committee on Wednesday passed a slew of bills designed to make it harder for China to catch up with the US in the AI race. One bill tackles distillation by requiring the administration to consider adding groups that employ it to the "entity list" -- an export blacklist that would make it very hard for US companies to sell technology to the groups.

White House accuses China of 'industrial scale' theft of AI technology, FT reports

April 23 (Reuters) - The White House has accused China of undertaking industrial-scale theft of U.S. artificial intelligence labs' intellectual property and ⁠warned it would crack down on a practice that exploits U.S. innovation, the Financial Times reported on Thursday. The ⁠report cited a memo written by Michael Kratsios, director ⁠of the White House Office of Science ⁠and Technology Policy. Reuters could not ⁠immediately verify the report. Reporting by Ruchika Khanna in Bengaluru Our Standards: The Thomson Reuters Trust Principles., opens new tab

White House warns of 'industrial-scale' efforts in China to rip off U.S. AI tech

White House accuses China of 'industrial-scale' campaigns to 'distill U.S. frontier AI systems' The Trump administration on Thursday accused Chinese entities of waging "industrial-scale campaigns" to rip off U.S. artificial intelligence systems, and said it will explore ways to hold the foreign actors accountable. "There is nothing innovative about systematically extracting and copying the innovations of American industry," Michael Kratsios, the top science and technology advisor to President Donald Trump, said in a memo on alleged Chinese "distillation" operations to train smaller AI models off of larger ones. The U.S. government has previously accused China of targeting American AI technology and intellectual property. Kratsios warned that as it gets easier to detect and prevent large-scale "distillation" operations, the entities that "build their AI capabilities on such fragile foundations" should lose confidence in "the integrity and reliability of the models they produce." U.S. information indicates that the campaigns to "distill" U.S. frontier AI systems are coming from mostly China-based entities, he said. The efforts involve using tens of thousands of proxy accounts and jailbreaking techniques to secretly "expose proprietary information," Kratsios said. Attempts to copy U.S. models through "surreptitious, unauthorized distillation campaigns" won't result in AI systems with the same performance as the originals, the advisor noted. But they "enable foreign actors to release products that appear to perform comparably on select benchmarks at a fraction of the cost," he said.

White House: China using proxies to copy US frontier AI models

The White House on Thursday accused China-based actors of targeting U.S. artificial intelligence labs in coordinated campaigns to extract intellectual property. The warning comes just weeks before U.S. President Donald Trump is expected to meet Chinese President Xi Jinping in Beijing, raising concerns that the issue could overshadow upcoming talks. Michael Kratsios, director of the White House Office of Science and Technology Policy, detailed the allegations in a memo circulated to federal agencies.

U.S. accuses China of "industrial-scale" campaigns to steal AI secrets

Why it matters: The accusation pushes the U.S.-China AI rivalry into more confrontational territory -- and could complicate President Trump's upcoming visit to Beijing. Driving the news: Michael Kratsios, director of the White House Office of Science and Technology Policy, sent a memo Thursday to federal agency heads accusing mostly China-based actors of using proxy accounts to evade detection and jailbreak models to "expose proprietary information" and "extract capabilities from American AI models." * Distillation attacks involve querying proprietary models, like Claude or Gemini, millions of times via APIs to build datasets that replicate how the systems behave. * Kratsios said these campaigns enable foreign actors to release models that appear to match U.S. AI capabilities at a fraction of the cost. * He added that such tactics can also strip away guardrails meant to keep outputs "ideologically neutral and truth-seeking." State of play: The warning comes as Trump prepares for a highly anticipated trip next month to Beijing, where he's expected to push for economic concessions and reset parts of the U.S.-China relationship. * OpenAI and Anthropic both said earlier this year that China-based firms -- including DeepSeek, Moonshot AI and MiniMax -- were behind wide-scale distillation attacks on their models. The big picture: The U.S. has long accused China of stealing intellectual property from American companies as part of broader cyber espionage efforts. * In 2024, the Justice Department indicted a former Google software engineer for stealing AI trade secrets and sharing them with two Chinese companies. Yes, but: Kratsios argued the abilities of these distilled models may not hold up over time. * "As methods to detect and mitigate industrial-scale distillation grow more sophisticated, foreign entities who build their AI capabilities on such fragile foundations should have little confidence in their integrity and reliability of the models they produce," he wrote. What's next: Kratsios said the Trump administration plans to share intelligence with U.S. AI companies on these campaigns, including the tactics they used, and help the private sector develop defenses.

White House Accuses China of 'Industrial-Scale' Theft From American AI Models - Decrypt

The memo calls for federal agencies and private industry to develop defenses and hold foreign actors accountable. The White House warned Thursday that "foreign entities" are allegedly carrying out "industrial-scale" campaigns to copy the capabilities of American-based artificial intelligence models, using tactics including jailbreaking and networks of fake accounts to extract proprietary information and replicate their performance. In a memorandum titled "Adversarial Distillation of American AI Models," Assistant to the President for Science and Technology and Director of the Office of Science and Technology Policy Michael Kratsios said the U.S. government has information indicating coordinated efforts to distill U.S. frontier AI systems. "The U.S. has evidence that foreign entities, primarily in China, are running industrial-scale distillation campaigns to steal American AI," Kratsios wrote on X. "We will be taking action to protect American innovation." According to President Donald Trump's administration, the campaigns are using "tens of thousands of proxy accounts" to evade detection and exploit jailbreak techniques to systematically extract capabilities, in what is known as a distillation attack. A distillation attack is a method of training a smaller AI model to learn from the outputs of a larger one. The issue has become a growing concern among U.S. AI companies. In February, Anthropic accused Chinese AI labs DeepSeek, Moonshot, and MiniMax of extracting millions of Claude responses -- using roughly 24,000 fraudulent accounts -- to train competing systems. Models developed through unauthorized distillation campaigns may not match the full performance of the originals. Still, they can appear comparable on select benchmarks at a fraction of the cost. The administration warned that distillation attacks could also remove security safeguards and other controls designed to keep AI systems "ideologically neutral and truth-seeking." The Trump administration said federal agencies will work with U.S. AI companies to strengthen protections around frontier models, coordinate with private industry to develop defenses against large-scale distillation campaigns, and explore ways to hold foreign actors accountable. While the memo acknowledged that lawful distillation can help create smaller, more efficient open-source and open-weight models, it said unauthorized efforts to copy American AI systems cross the line. "There is nothing innovative about systematically extracting and copying the innovations of American industry," the memo said. The Office of Science and Technology did not immediately respond to a request for comment by Decrypt.

White House Accuses China of Far-Reaching Theft of AI Tech | PYMNTS.com

With that accusation comes the warning that the government will crack down on this practice, the Financial Times (FT) reported Thursday (April 23), citing a memo seen by the news outlet. "The US government has information indicating that foreign entities, principally based in China, are engaged in deliberate, industrial-scale campaigns to distill US frontier AI systems," wrote Michael Kratsios, director of the White House Office of Science and Technology Policy. As the FT noted, the accusation marks an escalation in tensions around Chinese companies allegedly using American AI research in the race to dominate the technology, and is happening ahead of a meeting between the countries' presidents. The issue came to attention when China's DeepSeek was accused of using distillation -- or training smaller AI models based on the output of larger ones -- to develop a powerful product at a lower cost. Kratsios' memo said the Trump administration would share information with American AI companies about "attempts by foreign actors to conduct unauthorized, industrial-scale distillation" and help them prevent attacks. He added that Chinese campaigns were "leveraging tens of thousands of proxy accounts to evade detection and using jailbreaking techniques to expose proprietary information." The White House's warning follows reports last week about proposed legislation that would crack down on Chinese companies that copy American-made AI models. Rep. Bill Huizenga's (R-MI) bill would sanction entities in China and Russia engaged in using improper "query-and-copy" techniques on American AI models. "Model extraction attacks are the latest frontier of Chinese economic coercion and theft of US intellectual property," Huizenga, who sits on the House Foreign Affairs Committee, said in a statement included in a Bloomberg News report on the issue. Several Chinese AI firms -- DeepSeek included -- have been accused by American AI startup Anthropic of illicitly using the company's output to train their models. The company said in February it had found a total of 24,000 fraudulent accounts that the three labs used to generate 16 million exchanges with its Claude model, violating Anthropic's terms of service and regional access restrictions. "These campaigns are growing in intensity and sophistication," Anthropic said in a blog post. "The window to act is narrow, and the threat extends beyond any single company or region. Addressing it will require rapid, coordinated action among industry players, policymakers and the global AI community."