U.S. House passes bill to close rental loophole Chinese firms used to access restricted AI chips

The bipartisan 'remote access security act' tightens export controls to stop adversaries from renting restricted compute power.

In a decisive move to protect American technological supremacy, the U.S. House of Representatives has passed the Remote Access Security Act (H.R. 2683). The bipartisan bill, which passed on January 12, 2026, with a resounding 369–22 vote, specifically targets a major "rental loophole" that has allowed Chinese companies to bypass U.S. export controls by renting high-end AI chips via offshore cloud services.

The legislation tightens the Export Control Reform Act, ensuring that "remote access" to restricted technology is treated with the same legal weight as a physical shipment.

The problem: software-based smuggling

For years, despite strict bans on shipping physical Nvidia H100s or Blackwell chips to China, the "cloud loophole" remained open. Chinese entities could simply rent time on these chips hosted in third-country data centers (such as those in Indonesia or the Middle East).

By renting compute power, Chinese firms could train advanced military and surveillance AI models on American hardware without the chips ever crossing a border.

Lawmakers cited recent reports of Shanghai-based startups accessing Nvidia GB200 (Blackwell) systems through million-dollar deals routed through Indonesian telecommunications firms.

The new bill gives the Department of Commerce’s Bureau of Industry and Security (BIS) clear authority to require licenses for any remote access to controlled chips by "foreign persons" from countries of concern.

Laws for the digital age

The bill’s primary sponsor, Rep. Mike Lawler (R-NY), and Select Committee on the CCP Chairman John Moolenaar (R-MI) emphasized that national security must adapt to the era of virtualized hardware.

"This bill brings our laws into the digital age and makes it clear that cloud compute is subject to U.S. export control law, just like physical chips," said Chairman Moolenaar.

Key provisions of the bill:

• Expanded definition: Redefines export violations to include "provision of access" and "cloud-based exposure" of controlled items.

• Stricter compliance: Cloud providers and GPU rental intermediaries must now implement rigorous Know Your Customer (KYC) screenings to ensure their "tenants" are not affiliated with foreign adversaries.

• Civil and criminal penalties: Empowers the BIS to levy heavy fines and sanctions against providers that allow unauthorized remote access to banned technology.

What happens next?

While the bill received overwhelming support in the House, it must still clear the Senate before reaching the President's desk.

Industry analysts expect that if signed into law, this will trigger a massive shift in the GPU-as-a-Service (GaaS) market. Cloud giants like Alibaba, Tencent, and international secondary providers will likely face intense pressure to audit their hardware clusters and terminate contracts with entities on the U.S. Entity List.