On January 12, 2026, the U.S. House of Representatives took a decisive step to tighten American export controls on advanced technology, passing the Remote Access Security Act (H.R. 2683) with a resounding bipartisan vote of 369 to 22. The bill, which still awaits Senate approval and the President’s signature, aims to close what lawmakers and regulators have dubbed the “cloud loophole”—a gap that has allowed foreign adversaries, particularly Chinese companies, to remotely access powerful U.S.-made AI chips and hardware through offshore cloud services, even when direct exports are prohibited.
This legislative move comes amid growing concern in Washington about the security of America’s technological edge, especially in artificial intelligence and semiconductor manufacturing. According to eeNews Europe, the Remote Access Security Act would expand the reach of existing export controls, making it clear that not only the physical shipment of advanced chips, but also their remote access via cloud computing, falls under U.S. export law. The bill empowers the Department of Commerce’s Bureau of Industry and Security (BIS) to require licenses and enforce penalties when remote access to controlled technology is provided to foreign persons, even if the hardware itself never leaves American soil—or, in this case, never leaves a foreign data center operated by a U.S. company.
Representative Mike Lawler (R-NY), who sponsored the bill, underscored the urgency of the measure. “Our export controls are only as strong as the weakest link, and right now, the CCP has a real tool to sidestep these prohibitions,” he said, as quoted by The Register. Lawler and other supporters argue that the ability for foreign entities to rent time on U.S. AI chips hosted in third countries—effectively exporting their capabilities without moving the hardware—poses a significant national security risk.
“This bill brings our laws into the digital age and makes it clear that cloud compute is subject to U.S. export control law, just like physical chips,” said House Select Committee on China chairman Representative John Moolenaar (R-MI), according to The Register. “Closing these loopholes will strengthen U.S. national security and protect American innovation.”
The practical implications of the bill are far-reaching. If enacted, cloud providers and GPU rental intermediaries will face tougher compliance obligations. They’ll need to screen customers more rigorously, secure licenses where required, and ensure that remote access to advanced accelerators and systems does not inadvertently hand over sensitive technology to foreign adversaries. For the Bureau of Industry and Security, the bill offers much-needed clarity and authority to enforce these controls in an era when computing power is as easily rented as it is shipped.
The House’s action follows a series of high-profile reports highlighting how Chinese firms have managed to sidestep existing export controls. One notable example, reported by eeNews Europe, involved Shanghai-based startup INF Tech, which allegedly accessed Nvidia GB200 systems via a deal routed through Indonesia—a transaction estimated to be worth around $100 million. Chinese cloud giants like Alibaba and Tencent have also been accused of enabling access to restricted GPUs for China-based customers through offshore hardware, as detailed by The Register.
Meanwhile, U.S. cloud behemoths like Amazon Web Services and Microsoft operate in China through local partners, offering services that, while nominally compliant with U.S. law, can be difficult to police when it comes to the use of export-controlled technology. The digital nature of cloud computing means that, as The Register put it, “the chips aren't going anywhere, after all. This being the internet age, location doesn't really matter.”
These developments have unfolded against a backdrop of shifting U.S. policy on technology exports to China. Since April 2025, the Trump administration has allowed Nvidia to sell its H200 chips in China, though these are not the company’s most advanced offerings. Beijing, for its part, has yet to approve imports, and is simultaneously pushing its own chipmakers to develop domestic alternatives—a process that, while not instantaneous, is gathering pace.
As the U.S. tightens its grip on technology exports, the broader business and regulatory landscape is rapidly evolving. On January 13, 2026, Beacon Global Strategies (BGS), a Washington-based advisory firm, announced the launch of a new Export Control and Industrial Strategy practice to help companies navigate the increasingly complex web of regulations. The practice, led by Managing Director Meghan Harris and Senior Advisor Kevin Kurland, is designed to guide firms in critical technology sectors—including AI, semiconductors, biotechnology, robotics, critical minerals, and energy—through the maze of compliance, risk, and opportunity that comes with expanded production and global supply chain integration.
“We arm companies with decision advantage, the agility to adapt strategies in a fluid environment, and engagement strategies to optimize companies' strategic positioning and national security bona fides,” said Harris, as reported by Beacon Global Strategies. Kurland, who spent nearly three decades at BIS, added, “Today's business leaders need strategic advisors who understand how Washington thinks about the intersection of national security and technology competition, and can help them anticipate regulatory shifts and inform policy decisions before they happen.”
The focus on regulatory and geopolitical “future-proofing” reflects a new reality for global technology firms: the rules are changing fast, and the stakes are high. Harris and Kurland bring deep experience from both government and industry, with Harris having served as National Security Policy Advisor at BIS and Kurland holding senior enforcement roles at the Department of Commerce. Their expertise, according to BGS Managing Director Eric Sayers, “brings unparalleled insight into how export controls are developed and enforced.”
Across the Atlantic, the regulatory landscape is also in flux. On January 13, 2026, Crowell & Moring, a major international law firm, announced the addition of Liesbeth Truyens as a partner in its International Trade Group in Brussels. The move is aimed at deepening the firm’s capabilities in European Union sanctions and export control matters, responding to what Crowell & Moring described as “growing client demand for guidance on cross-border regulatory and compliance challenges within the EU.”
The convergence of American and European regulatory efforts signals a new era of scrutiny for technology exports and cross-border data flows. With export controls now extending to the cloud, and with advisory firms and law practices racing to keep pace, companies operating in critical technology sectors face a delicate balancing act: how to innovate and compete globally while remaining on the right side of fast-evolving national security laws.
As the Remote Access Security Act heads to the Senate, its fate remains uncertain. The White House’s position on the bill is not yet clear, and there are open questions about how the upper chamber will respond to the House’s overwhelming support. But one thing is certain: the era when location didn’t matter in the digital age is coming to a close. For companies, policymakers, and international partners alike, the message is unmistakable—cloud computing and remote access are now front and center in the global contest for technological supremacy.
The intersection of national security, technology, and international regulation has never been more complex—or more consequential. The coming months will reveal whether Congress’s efforts to modernize export controls can keep pace with the rapid evolution of the digital economy and the relentless drive for innovation.
