Cloud Security Act
- Bill Number
- H.R. 9546
- Origin Chamber
- House
- Congress
- 119th Congress, Session 2
- Status
- Introduced
- Latest Action
- 2026-06-30: Referred to the House Committee on the Judiciary.
- Last Updated
- 2026-07-06T13:38:30Z
AI-Generated Summary
Purpose This legislation, titled the Cloud Security Act, amends the Stored Communications Act to create limited exceptions allowing electronic communication service providers to voluntarily disclose certain communications and customer records to the U.S. Department of Commerce. The goal is to facilitate compliance with export control regulations under the Export Control Reform Act of 2018, specifically regarding advanced computing technologies and artificial intelligence.
Key Provisions
- Amendments to Section 2702(b) of Title 18, U.S. Code: Adds a new exception permitting disclosure of communications to the Secretary of Commerce (or designated officers) if the provider believes in good faith that the content relates to use of a covered cloud product by a specified foreign entity, and the disclosure is limited to what is reasonably necessary for export control compliance.
- Amendments to Section 2702(c) of Title 18, U.S. Code: Adds a parallel exception for customer records, with similar conditions tied to the Export Control Reform Act or the Act itself.
- New Definitions in Section 2711: Introduces terms including:
- "AI model" (a large-scale artificial intelligence model with at least 1 billion parameters).
- "Covered cloud product" (infrastructure as a service, or equivalent platform/software as a service, used to develop or deploy advanced AI models with covered integrated circuits).
- "Covered integrated circuit" (specific high-performance chips meeting defined processing thresholds, such as those under Export Control Classification Numbers 3A090 or 4A090, with updates possible after 24 months).
- "Specified foreign entity" (as defined in the Internal Revenue Code).
- Disclosures must be made in good faith and limited in scope.
Significant Changes to Existing Law The bill modifies the Stored Communications Act by adding two new exceptions to the general prohibition on voluntary disclosures of electronic communications and records. These changes expand permissible sharing beyond current categories (such as emergencies or court orders) to include export control notifications involving AI-related cloud services. No other sections of Title 18 are altered.
Potential Impacts
- Government Agencies: Primarily affects the Department of Commerce by enabling direct notifications for export enforcement; may indirectly involve other agencies through interagency coordination on national security.
- Citizens and Businesses: Cloud service providers gain a safe harbor for disclosures but must limit sharing to necessary information; U.S. companies using or offering AI cloud services may face new compliance obligations.
- International Relations: Targets specified foreign entities (often adversaries), potentially strengthening U.S. export controls on advanced AI hardware and software, which could affect technology transfers and diplomatic relations with countries hosting such entities.
Main Stakeholders Affected
- Cloud computing providers offering infrastructure, platform, or software as a service for AI development.
- The U.S. Department of Commerce and designated federal officers.
- Entities developing or using advanced AI models with high-performance integrated circuits.
- Specified foreign entities and their affiliates.
- U.S. technology companies subject to export controls.
Notable Legal, Constitutional, or Political Implications The amendments create a targeted carve-out from privacy protections in the Stored Communications Act, balancing voluntary disclosure authority with good-faith and necessity requirements. This could raise questions about Fourth Amendment implications for data sharing, though the bill frames it as a compliance tool rather than compelled access. Politically, the legislation reflects bipartisan efforts to address AI and semiconductor export risks without broader surveillance expansions.
This summary was generated by AI and may contain inaccuracies. Refer to the official source document for the authoritative text.
Sponsor
Rep. Gottheimer, Josh [D-NJ-5]
Cosponsors (1)
Rep. Moolenaar, John R. [R-MI-2]
Recent Actions
- 2026-06-30: Referred to the House Committee on the Judiciary.
- 2026-06-30: Introduced in House
- 2026-06-30: Introduced in House
Bill Versions
- Cloud Security Act — issued 2026-06-30 — PDF (6 pages)