Focusing purely on the technical: When there is clean signal on refusal vs. acceptance behavior, it makes the model way more susceptible to adversarial attacks. Obfuscating that signal by making the two *appear* the same improves defense. This may become more common...

CAISI has reportedly been directed to stop publishing public model assessments as the new AI EO gets implemented. Natsec engagement on AI is essential. But pulling CAISI's evals from public view doesn't make the field more secure. It just means fewer eyes on the science when we need more. Openness and natsec don't have to be in tension here. We should be doing both.

National Security Presidential Memorandum on AI is out, rescinding the fomer NSM. Key components: 1. DOW's autonomous weapons directive gets updated within 90 days, and reviewed annually. 2. Nat sec agencies have to cancel contracts with companies that don't adhere to the USG's principles. Exemptions capped at 1 year. 3. Agencies to update procurement processes to allow more rapid AI adoption. 4. A roadmap to ensure sufficient compute for the national security community, including high security facilities. 5. New public-private partnerships to increase security, including addressing distillation, red-teaming exercises, personnel vetting, and data center security. 6. US intelligence community to prioritize collection against foreign AI threats. 7. AI talent through a National Security Strategic Reserve special hiring authorities 8. Prioritization of AI reliability, robustness, steerability, and controllability tech. 9. 120 days to build baseline AI security standards and test, evaluation, verification and validation methodologies

Most countries want to assert some level of sovereign control over AI development, but too many limits on the role of foreign technology providers could curtail their access to powerful capabilities. @vivekchil discusses why sovereign AI initiatives will depend on partnership with the U.S.

Left unaddressed, China's adversarial distillation represents a strategic vulnerability for the U.S. AI ecosystem. @danielremler and @BenHayum explore how China is threatening America's AI lead and isolate the adversarial distillation supply chain. x.com/CNASdc/status/20618409…

1/ China is systematically extracting the capabilities of U.S. frontier AI. With @danielremler, a comprehensive analysis of Adversarial Distillation: the evidence, the supply chain, and what to do about it. 🧵

This chilling @nytimes article from @julianbarnes is a reminder that export controls on advanced chips to China is not only about slowing its AI innovation generally, but slowing the advancement and diffusion of a new, AI-enabled authoritianism around the world.

AI labs want to coordinate on safety, but the looming threat of antitrust enforcement makes doing so legally risky It got worse in Dec 2024 when the FTC & DOJ pulled existing collaboration guidelines @WillRinehart's AI safety safe harbor proposal offers a smart, surgical fix

Even for AI companies, AI progress is faster than expected If they expected models to be this useful and in demand, they could have locked in contracts at lower prices. But most didn't, and are now getting burned by higher prices

.@RepBrianMast at @CNASdc: The MATCH Act, AI OVERWATCH Act, and Chip Security Act were introduced to prevent China from stealing our tech lead and winning the AI arms race. This is a dire national security issue, which is why it is vital to get these bills across the finish line.

The U.S. can’t keep pace with emerging cyber threats without robust public-private information sharing. That requires a law called CISA 2015, which expires again in September. New piece with @carriecordero on why Congress should consider long-term reauth of CISA 2015:👇

Was great speaking with @CatieEdmondson for her excellent piece on China's AI labor anxieties "[AI diffusion] aspirations have run headlong into a growing political problem: anxiety over the workers who could be displaced by the realization of Beijing's technological drive"

Following President Trump's visit to Beijing, we're hosting House Foreign Affairs Committee Chairman @RepBrianMast next Tuesday at 2pm ET for a discussion on the US-China AI competition. Tune in!

The term sovereign AI is everywhere now, but what does it mean in practice? My colleagues and I launched the Sovereign AI Index to find out (!) It tracks 130 sovereign AI projects with insights on hardware contracts, commonly used base models, spending trends & more

The AI buildout is bottlenecked by chip manufacturing capacity This means AI chips become even more valuable, exports are zero-sum, and America has greater leverage We lay out how we got here, tightest supply chain constraints, & policy implications in a paper w/ @janet_e_egan🧵

Two Chinese courts (in Beijing Hangzhou) recently ruled that companies cannot use AI as a pretext for layoffs This cuts against how most people in the US assume China is approaching AI, and points to a significant constraint on Beijing's AI diffusion ambitions

Today, the House Foreign Affairs Committee marks up the MATCH Act - the most consequential semiconductor export control legislation in years. @janet_e_egan and I wrote about why it matters in a new @CNASdc Insights piece. 🧵

🚨NEW: "Sovereign AI" is ubiquitous in today's policy debate, but what does it actually look like in practice? To answer that, we've just launched the CNAS Sovereign AI Index, which tracks 130 sovereign AI projects across 50 countries.

Chip export controls appear to be working. US AI models are ~9 months ahead of Chinese ones on the measure that matters most: how long AI can work autonomously.