H.R. 8283: Deterring American AI Model Theft Act of 2026
Sponsor
Bill Huizenga
Republican · MI-4
Bill Progress
Latest Action · Apr 15, 2026
Referred to the House Committee on Foreign Affairs.
Name and blacklist foreign actors copying U.S. AI
Why it matters
A rival doesn't have to break into your servers to copy a cutting-edge AI model — it can rebuild the model's capabilities just by querying it the right way. H.R. 8283 would force the government to name the foreign actors doing it, add them to the export blacklist, and let the President freeze their U.S. property. The first names could be public within 210 days of enactment.
H.R. 8283, the Deterring American AI Model Theft Act of 2026, builds a federal process to spot, name, and punish foreign actors that try to clone American closed-source AI models.
First, the targets. A "closed-source AI model" is one whose core technical details — like the model weights needed to recreate it — stay private, where access runs through an API or app the owner controls, and where outsiders can't host or modify the model themselves unless the owner says so. Think of the systems behind the major commercial chatbots, not open-weight models anyone can download.
The bill defines the attack it's chasing as a "model extraction attack": querying one of these models to replicate or train a competing model while dodging the owner's access controls, using fake credentials, or breaking the terms of service. Because intent is hard to prove, the bill says the government can infer it from the totality of circumstances — the volume and timing of queries, how tightly they cluster on specific capabilities, the use of many coordinated accounts, and whether the querying lines up with a rival's model-development timeline. The bill is careful to carve out legitimate research that follows the owner's terms.
Then the machinery. The Secretary of State, the Secretary of Commerce, and the agencies on the Operating Committee for Export Policy get 180 days after enactment to finish an assessment: which foreign "entities of concern" are running these attacks, which are "fraudulent account network providers" selling them access, what methods they use, where their offices and data centers sit, and how many attacks hit in the prior two years. A report to Congress follows within 210 days, then annual updates for three years.
The State Department would also publish an "AI Model Extraction Attackers List" naming people and companies found to have run or directed attacks in the past year. Names could stay on a public State Department website for up to five years.
The enforcement is the sharp end. Within 210 days, the Commerce Department's Under Secretary for Industry and Security must decide, by majority vote of the End-User Review Committee, whether identified attackers — or affiliates owned 50 percent or more, directly or indirectly — go on the Bureau of Industry and Security's Entity List, the export blacklist. Separately, the President may block all transactions in U.S.-based property of entities of concern. There are carve-outs for the 1947 UN Headquarters Agreement, for humanitarian aid like food, medicine, and medical devices, and for authorized intelligence, law enforcement, and national security work. Violations carry the existing civil and criminal penalties under the International Emergency Economic Powers Act.
H.R. 8283 Bill Summary
What H.R. 8283 actually does.
Government must hunt for AI model theft within 180 days
The Secretary of State, the Secretary of Commerce, and the agencies on the Operating Committee for Export Policy must finish an assessment within 180 days of enactment. It must identify which foreign entities of concern are running model extraction attacks, which are selling fraudulent account access, the methods and physical locations involved, and how many attacks occurred in the previous two calendar years.
A public list names the accused — for up to 5 years
The State Department would maintain an "AI Model Extraction Attackers List" naming individuals and companies identified as having conducted or directed attacks in the past year. The list would be published on a public State Department website and names could remain posted for up to five years.
Attackers can land on the export blacklist within 210 days
Within 210 days of enactment, the Commerce Department's Under Secretary for Industry and Security must decide, by majority vote of the End-User Review Committee, whether identified attackers should be added to the Bureau of Industry and Security's Entity List. Affiliates owned 50 percent or more, directly or indirectly, can be pulled in too.
The President can freeze attackers' U.S. property
The President may block all transactions in property and interests in property of entities of concern that are in the United States or controlled by a U.S. person. Violations carry the existing penalties under the International Emergency Economic Powers Act. Carve-outs protect the 1947 UN Headquarters Agreement, humanitarian aid, and authorized national security activity.
Starts with China and Russia, but can grow
A "country of concern" automatically includes the People's Republic of China — including Hong Kong and Macau — and the Russian Federation. The Secretary of State can also designate other countries on the export-control Country Group D:5 list, plus any additional country flagged through the assessment process.
Sellers of fake accounts are squarely in the crosshairs
The bill targets "fraudulent account network providers" — foreign entities that knowingly create, sell, or broker accounts letting entities of concern slip past the location restrictions in a model's terms of service. There's a carve-out for services that transmit location data to help people access the internet for free expression.
Who benefits from H.R. 8283?
U.S. companies that own closed-source AI models
The handful of American firms whose private model weights are their crown jewels get a dedicated federal process aimed at the foreign actors trying to copy them — plus Commerce Department best-practice guidance within 210 days and a voluntary, confidential channel to flag attacks they spot.
U.S. export-control and national security agencies
The State Department, the Commerce Department, and the Operating Committee for Export Policy get a formal mandate to treat AI model theft as a trade and national security issue — tracking attacks, naming the foreign entities behind them, and coordinating a diplomatic strategy with allies.
AI developers who only expose their models through an API
Developers that let outsiders use a model through an API or app, but never host or modify it, are the bill's core protected group. It directly targets the multi-account, fake-credential, and geo-bypass schemes used to scrape those systems at scale.
Humanitarian and protected diplomatic activity
The bill explicitly preserves exceptions for humanitarian assistance — food, medicine, medical devices, and the financial transactions behind aid — and for U.S. obligations under the 1947 UN Headquarters Agreement, so those activities are shielded from the sanctions.
Who is affected by H.R. 8283?
Foreign AI firms in China, Russia, and other listed countries
Companies located or headquartered in the People's Republic of China — including Hong Kong and Macau — the Russian Federation, or other designated countries could face investigation, public naming, Entity List review, and blocked U.S. property transactions if found to be entities of concern.
Brokers selling access to restricted AI models
Foreign entities that knowingly create, sell, or broker accounts to help entities of concern bypass location restrictions are targeted as fraudulent account network providers. The narrow exception covers services transmitting location data purely to enable internet access for free expression.
Affiliates of accused attackers
A related company can be pulled in even if it didn't run the attack itself. If it's owned 50 percent or more, directly or indirectly, by an identified attacker, it can be considered for the Entity List through a majority vote of the End-User Review Committee.
U.S. persons holding property tied to sanctioned entities
If the President blocks transactions involving an entity of concern, U.S. persons controlling the affected property have to stop those transactions. Violations are handled under the International Emergency Economic Powers Act.
HR8283 Legislative Journey
House: Committee Action
Apr 15, 2026
Referred to the House Committee on Foreign Affairs.
About the Sponsor
Bill Huizenga
Republican, Michigan's 4th congressional district · 15 years in Congress
Committees: Financial Services, Foreign Affairs
View full profile →
Cosponsors (2)
All 2 cosponsors are Republicans. Cosponsors represent 2 states: Michigan, New York.
Committee Sponsors
27 Republicans across this committee haven't cosponsored yet. Mobilize their constituents
H.R. 8283 Quick Facts
- Committee
- Foreign Affairs
- Chamber
- House
- Policy
- International Affairs
- Introduced
- Apr 15, 2026
Referred to the House Committee on Foreign Affairs.
Apr 15, 2026
Official Sources
The official bill page with full text, sponsors, and status of the Deterring American AI Model Theft Act of 2026.
The export blacklist the bill would use to cut off identified AI model extraction attackers.
The interagency committee that decides Entity List additions by majority vote, the same body the bill directs to act within 210 days.
Defines Country Group D:5, the export-control list the Secretary of State can draw additional 'countries of concern' from.
The statute the President would use to block U.S. property of entities of concern, and whose penalties apply to violations.
Supplies the bill's definitions of export, reexport, in-country transfer, and item used throughout the enforcement provisions.
H.R. 8283 Common Questions
What is an AI model extraction attack under H.R. 8283?
It's querying a private American AI model to copy or train a competing one while dodging the owner's access controls, faking credentials, or breaking the terms of service. The bill says intent can be inferred from query volume, timing, coordination, and use of many accounts.
Which countries does the AI model theft bill target?
It automatically covers China — including Hong Kong and Macau — and Russia. The Secretary of State can add other export-controlled countries on the Country Group D:5 list, plus any country flagged through the bill's assessment.
How fast would the government have to act under H.R. 8283?
The first assessment of suspected attacks is due within 180 days of enactment. The report to Congress, the Commerce best-practices guidance, and the first export-blacklist decisions are all due within 210 days.
Would H.R. 8283 publicly name the companies accused of AI theft?
Yes. The State Department would publish an "AI Model Extraction Attackers List" naming people and companies found to have run or directed attacks in the past year. Names can stay on a public State Department website for up to 5 years.
Can accused AI thieves be added to the export blacklist?
Yes. Within 210 days of enactment, Commerce's Under Secretary for Industry and Security must decide, by majority vote of the End-User Review Committee, whether identified attackers go on the Bureau of Industry and Security's Entity List.
Can a parent or affiliate company get pulled in too?
Yes. An affiliate owned 50 percent or more — directly or indirectly — by an identified attacker can be considered for the export blacklist through the same End-User Review Committee vote, even if it didn't run the attack itself.
Could the President freeze an attacker's U.S. property?
Yes. The President may block all transactions in property of entities of concern that is in the U.S. or controlled by a U.S. person. Violations carry the existing civil and criminal penalties under the International Emergency Economic Powers Act.
Does H.R. 8283 exempt humanitarian aid from its sanctions?
Yes. The bill carves out the sale of food, medicine, and medical devices, the provision of humanitarian assistance, and the financial transactions behind that aid. It also preserves U.S. obligations under the 1947 UN Headquarters Agreement.
Based on H.R. 8283 bill text
H.R. 8283 Bill Text
“To prevent foreign adversaries from threatening the national security of the United States by extracting key technical features of closed-source, American-owned artificial intelligence models, and for other purposes.”
Source: U.S. Government Publishing Office
Get notified when H.R. 8283 moves
Committee votes, floor action, cosponsor changes — straight to your inbox.
Bill alerts + Legisletter's monthly briefing. Unsubscribe anytime.
International Affairs Bills
9 related bills we're tracking
Enhanced Iran Sanctions Act of 2025
Motion to place bill on Consensus Calendar filed by Mr. Lawler.
Jan 12, 2026
United States-Israel Defense Partnership Act of 2025
Referred to the Committee on Armed Services, and in addition to the Committee on Foreign Affairs, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Feb 12, 2025
West Bank Violence Prevention Act of 2025
Referred to the Committee on Foreign Affairs, and in addition to the Committee on the Judiciary, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Apr 28, 2025
Global Respect Act
Referred to the Committee on Foreign Affairs, and in addition to the Committee on the Judiciary, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Nov 19, 2025
Pakistan Freedom and Accountability Act
Referred to the Committee on Foreign Affairs, and in addition to the Committee on the Judiciary, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Sep 10, 2025
Baltic Security Assessment Act of 2025
Ordered to be Reported by the Yeas and Nays: 41 - 3.
Apr 22, 2026
United States-Israel FUTURES Act of 2026
Referred to the Committee on Armed Services, and in addition to the Committee on Foreign Affairs, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Feb 12, 2026
To abolish the United States Agency for International Development, and for other purposes.
Referred to the Committee on Foreign Affairs, and in addition to the Committee on Appropriations, for a period to be subsequently determined by the Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
Feb 7, 2025
Food for Palestinian Children and Families in Gaza Act of 2026
Referred to the House Committee on Foreign Affairs.
Feb 12, 2026
Trending Right Now
Bills gaining momentum across Congress
AADAPT Act
Ordered to be Reported by the Yeas and Nays: 48 - 0.
May 21, 2026
Buying American Cotton Act of 2026
Referred to the House Committee on Ways and Means.
Jan 22, 2026
Love Lives On Act of 2025
Subcommittee Hearings Held
Feb 3, 2026
Tracking International Affairs in Congress? Monitor bills, track cosponsor momentum, and launch advocacy campaigns — all from one advocacy platform.