Trump administration moves export controls to the API

For a decade, the American export control regime ran through the fab. Entity listings targeted lithography tools, advanced-node wafer starts, and HBM allocations; the theory was that silicon was the chokepoint, and denying chips denied capability. On Thursday, the White House Office of Science and Technology Policy circulated a memo conceding that theory's failure. Chinese labs, OSTP director Michael Kratsios wrote, are "engaged in deliberate, industrial-scale campaigns to distill US frontier AI systems," running tens of thousands of proxy accounts against closed APIs, recording the outputs, and training cheaper derivative models that approximate frontier performance at a fraction of the cost.

The memo arrived a week after Representative Bill Huizenga, a Michigan Republican, introduced the Deterring American AI Model Theft Act, co-sponsored by John Moolenaar, who chairs the House Select Committee on China. H.R. 8283 directs the Commerce Department to identify entities engaged in "improper query-and-copy techniques" and impose sanctions through the entity list and the 1977 International Emergency Economic Powers Act. The targets are familiar to anyone who read Anthropic's February disclosure: DeepSeek, Moonshot AI, and MiniMax, which Anthropic said had generated more than 16 million exchanges with Claude across 24,000 fraudulent accounts. The House Foreign Affairs Committee marked up the bill on April 22 alongside fourteen other export-control measures, the largest such package in years.

Chips off the table

Put the two documents together and what emerges is a new category of export control, one that sanctions query-and-copy behavior rather than hardware transfer. The control surface is migrating from the fab to the API. Chips were a physical object crossing a physical border; a tokenized query from a Singapore proxy into an Azure-hosted Claude endpoint is neither. The enforcement architecture required is closer to financial sanctions than to Wassenaar: pattern detection on usage telemetry, attribution through behavioral fingerprinting, and a compliance burden that lands squarely on the American labs whose APIs are the border post.