White House Alleges China Steals U.S. AI Technology

The White House published a memo from Michael Kratsios, director of the Office of Science and Technology Policy, accusing foreign entities principally based in China of "deliberate, industrial-scale campaigns to distil US frontier AI systems." The memo details the use of tens of thousands of proxy accounts and jailbreaking to extract model behavior and train cheaper models. The Chinese Embassy in Washington called the claims "baseless," while the administration signaled it will share intelligence with U.S. firms and "explore a range of measures to hold foreign actors accountable." The timing precedes a high-stakes summit between President Donald Trump and President Xi Jinping and reignites debate over shipments of Nvidia chips to China.

The memo centers on distillation, the process that trains smaller models on the outputs of larger ones to replicate capabilities. The claimed toolkit includes:

• •leveraging tens of thousands of proxy accounts to amplify queries and evade rate limits
• •jailbreaking techniques to bypass API constraints and reveal hidden or safety-filtered model outputs
• •aggregating outputs for downstream training and capability extraction

These techniques combine operational scale, access-layer exploitation, and model-extraction training. For practitioners, the attack surface spans API rate limits, authentication, telemetry fidelity, and output-based fingerprinting. Defensive controls that matter now include robust authentication, anomaly detection for rapid account creation and query patterns, response watermarking, and output perturbation or randomized decoys to increase extraction cost.

• •coordinated intelligence sharing between government and U.S. AI firms
• •export-control reviews affecting AI accelerators and system components, with Nvidia chips already under scrutiny
• •legal and diplomatic measures to attribute and hold foreign actors accountable

This memo escalates a long-running tech competition into a formal national-security framing of model extraction. The U.S. has previously warned on state-linked cyber theft and industrial espionage; this pushes the debate from classic IP theft to capability transfer at model scale. If validated, systematic extraction accelerates adversaries' ability to field advanced models without equivalent R&D investment, compressing timelines for both commercial competition and potential misuse, including surveillance or cyber operations. The memo also complicates a recent detente and the limited approval of some hardware exports; if the U.S. tightens hardware flows, cloud and silicon supply chains for Chinese AI developers will be directly affected.

Security teams at companies providing model APIs must treat model-extraction as an operational threat on par with data exfiltration. Product teams should re-evaluate telemetry fidelity, account-creation friction, quota management, and model-response controls. Research teams should consider tradeoffs between open evaluation and protecting model capabilities. Legal and policy teams will need to coordinate incident disclosure and intelligence-sharing protocols with government partners.

The near-term signals to monitor are concrete policy actions: any Commerce Department or Treasury movement on export controls, clarifications from OSTP about technical indicators the government will share, and whether U.S. providers adopt standardized detection and attribution mechanisms. Also watch diplomatic statements out of the Trump-Xi summit for whether this public accusation changes the summit agenda or hardware-export outcomes.