RSS

The Cloud Security Act Explained: What It Means for ASML and Europe

technewssss1 pts0 comments

The Cloud Security Act Explained: What It Means for ASML and Europe - MRKT3.0

Skip to content

America, EU AI Regulation & Compliance, Global AI Technology & Politics

The Cloud Security Act Explained: What It Means for ASML and Europe

Grace Sharp

June 29, 2026

Takeaways

US export controls stop China from buying advanced AI chips, but say almost nothing about renting them. The Cloud Security Act, introduced on 26 June 2026, is Washington’s attempt to close that gap.

The bill gives American cloud providers legal cover to report suspicious foreign customers, removing a barrier that currently leaves them exposed if they flag bad actors voluntarily.

For European firms, ASML most of all, it is one more turn of the screw. The lesson is getting hard to miss: the AI race won’t be won only by whoever builds the chips, but by whoever controls access to the compute.

Here is the loophole in plain terms. American rules block China from buying the most advanced AI chips outright. They have far less to say about a Chinese company simply renting time on those same chips through a US cloud provider, with the hardware sitting safely in a data centre somewhere outside China. Same computing power, no physical chip ever changing hands, and until now, very little stopping it.<br>On 26 June 2026, Reps. Josh Gottheimer (D-NJ) and John Moolenaar (R-MI), who chairs the House Select Committee on China, introduced the Cloud Security Act to deal with exactly this.<br>Gottheimer explained that:<br>“We can’t let our adversaries – especially China – dodge our export controls by simply renting what they can’t buy.”<br>What Is the Cloud Security Act?<br>The Cloud Security Act is a bipartisan US bill that targets a specific weakness in existing chip rules: the gap between buying a chip and using one.<br>Current export controls focus on the sale of advanced semiconductors. They were written for a world where getting your hands on computing power meant taking physical delivery of hardware. That world is gone. Today you can train a large AI model on chips you never see, never own, and never import, by renting capacity from a cloud provider.<br>The bill is short and pointed. It doesn’t ban anything new or add fresh licensing paperwork. Instead, it changes what cloud providers are allowed to do when they spot something suspicious.<br>How Does the Cloud Security Act Work?<br>When a US cloud provider like Amazon Web Services , Microsoft Azure or Google Cloud suspects a foreign customer is misusing advanced AI compute, it currently has a strong reason to stay quiet. The Stored Communications Act generally bars companies from voluntarily handing customer records over to the government, which means a provider that reports suspicious activity could be exposing itself to legal risk.<br>So, there is a perverse situation today. A cloud company might strongly suspect that a shell entity is renting compute to train models for a sanctioned customer, and yet reporting that suspicion could land the provider in legal trouble. Therefore, the safe move is silence.<br>The Cloud Security Act removes that disincentive. It gives providers a legal safe harbour to flag suspected foreign misuse to the Department of Commerce , without fear of liability. Crucially, it does not force them to report. It simply makes it safe to do so when they choose to. The bet is that, given cover, most major US providers would rather cooperate than look the other way.<br>Why Does the Cloud Loophole Matter?<br>Because renting is nearly as good as owning when what you actually want is the computation, not the silicon.<br>An advanced AI model is trained by running enormous calculations across thousands of high-end chips for weeks or months. Whether those chips sit in your own building or in a rented data centre on another continent, the model that comes out the other end is the same. For a country shut out of buying the hardware, cloud access is not a workaround at the margins. It is a complete substitute for the thing the export controls were meant to deny.<br>That is why Washington has started treating cloud access as a national-security question in its own right, rather than an afterthought to the hardware rules.<br>How Does the Cloud Security Act Fit With the MATCH Act?<br>This is the part worth slowing down on, because the bill makes far more sense once you see what it sits next to.<br>Washington has been quietly assembling a stack of measures, each covering a different layer of the AI supply chain. The MATCH Act goes after the tools that make chips, which is why it landed so hard on ASML’s DUV equipment business. The Remote Access Security Act , which has already passed the House, treats remote or cloud access to controlled chips as a regulated export in its own right. The Cloud Security Act fills the space between them by focusing on who gets to use the compute once it exists.<br>Stacked together, the direction is very clear.<br>Washington is moving away from reactive entity-list sanctions and towards proactive, ecosystem-wide control...

cloud security chips renting asml export

Related Articles

(no title)

Risse50 ptstitle

Is AI ruining our skills? Early results are in – and they're not good

Michelangelo1124 ptstools skills during physicians colonoscopies tool

The Anatomy of an AI-Native Org

kiyanwang22 ptstranslated managers business translation language engineering

Apertus – Open Foundation Model for Sovereign AI

T-A16 ptsopen model apertus foundation sovereign fully

Italy's Meloni says Trump 'made up' story that she 'begged' him for photo at G7

root-parent13 ptsmeloni trump italy said italian begged
terms · privacy · disclaimer · contact · policy
© 2026 NewsHub. All rights reserved.
This site is for informational purposes only. Content is aggregated from publicly available sources. We may earn commissions through affiliate links. Not affiliated with Y Combinator or Hacker News.