Last week, a U.S. congressman announced a plan to introduce a bill that would mandate producers of high-performance AI processors to track them geographically in a bid to limit their usage by unauthorized foreign actors, such as China. Senator Tom Cotton of Arkansas then introduced a legislative measure later in the week. The bill covers hardware that goes way beyond just AI processors, and would give the Commerce Secretary power to verify the location of hardware, and put mandatory location controls on commercial companies. To make matters even more complicated, geo-tracking features would be required for high-performance graphics cards as well.
The bill covers a wide range of products classified as 3A090, 4A090, 4A003.z, and 3A001.z export control classification numbers (ECCNs), so advanced processors for AI, AI servers (including rack-scale solutions), HPC servers, and general-purpose electronics of strategic concern due to potential military utility or dual-use risk. It should be noted that many high-end graphics cards (such as Nvidia's GeForce RTX 4090 and RTX 5090) are also classified as a 3A090 product, so it looks like such add-in-boards will also have to add geo-tracking capabilities.
The first and central provision of the bill is the requirement for tracking technology to be embedded in any high-end processor module or device that falls under the U.S. export restrictions. This condition would take effect six months after the legislation is enacted, which will make the lives of companies like AMD, Intel, and Nvidia harder, as adding a feature to already developed products is a tough task. The mechanism must allow verification of a chip's or device's physical location, enabling the U.S. government to confirm whether it remains at the approved endpoint. Yet, exporters would be obliged to keep track of their products.
The bill authorizes the Secretary of Commerce to verify the ownership and location of regulated processors and systems after export and maintain a centralized registry of current locations and end-users. Nvidia, as well as other exporters, would also be obligated to inform the Bureau of Industry and Security if there is evidence that a component has been redirected from its authorized destination. Additionally, any indications of tampering or manipulation must be reported.
The bill, if supported by lawmakers, will mandate a one-year study to be conducted jointly by the Department of Commerce and the Department of Defense, which will identify additional protective measures that could be introduced in the future. Beyond the initial study, the same two departments are required to conduct yearly assessments for three consecutive years following the bill's enactment. These reviews must evaluate the most current advancements in security technologies applicable to products under export control. Based on these assessments, the departments may determine whether new requirements should be imposed.
If the assessment concludes that additional mechanisms are appropriate, the Commerce Department must finalize rules within two years requiring covered chips and systems to incorporate these secondary features. A detailed implementation roadmap must also be submitted to the relevant congressional committees. All development and deployment of these mechanisms must preserve the confidentiality of sensitive commercial technologies.
Finally, the legislation emphasizes confidentiality in all stages of developing and applying these new technical requirements. Any proposed safeguards or tracking features must be designed and implemented in a way that protects the proprietary information and trade secrets of American developers, such as AMD, Intel, and Nvidia. This condition ensures that while national security is strengthened, industrial competitiveness is not undermined.
Also, the senator takes into account the lengthy development cycle of AI and HPC processors. While the goal is to tighten security (which is why chip developers will be obliged to add location tracking to their products six months after the bill's enactment), the structure of the bill deliberately stretches out decision-making and compliance timelines to accommodate industry realities. The call for gradual adoption of future safeguards acknowledges the slow pace of chip development cycles, meaning that full compliance could take years depending on what mechanisms are eventually required. Meanwhile, annual export control reform recommendations may introduce further changes or exceptions over time, adding to the complexity.
Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
