The letter also provides the White House with a list of items the administration intends to pursue in order to escalate government involvement with industry concerning AI security. The memo raises the level of existing tensions between the U.S. and China in the technology arena and highlights the fact that Artificial Intelligence is rapidly growing into one of the most relevant areas of strategic competition between China and the United States.
What is Distillation and How Does it Work?
The White House's primary concern with respect to the foreign technological theft of AI technology is the process of distillation. Stated differently, with distillation, one AI system is capable of mirroring or replicating the capabilities of another system through the use of data. Foreign IP organizations performing this operation use thousands of different AI accounts (on a platform or chatbot) to make themselves look like average users who are simply using the accounts to engage in the normal use of that AI platform or chatbot, in a manner consistent with the current users of said platform or chatbot.
These AI accounts then perform coordinated efforts to extract information about the core AI model that the AI companies operating them have developed. An example of this behavior would be jailbreaking—attempting to circumvent any safety protocols put into place; other methods will usually include penetration testing & reverse engineering proprietary systems (i.e., probing the system to discover how it works internally). The data collected from these activities can then be used by foreign companies for their modeling & training purposes, thereby allowing them to effectively reproduce complex & costly research at a very low cost.
Scope of the Problem
The memo describes the distillation campaigns as representing a systematic effort to attack/to undermine US R&D and gain access to proprietary information at scale. Kratsios stated that as detection/mitigation techniques become more mature, foreign entities building AI capabilities on these bases will have limited confidence in the integrity of the models they produce.
The memo does not name specific foreign companies, but leading US AI companies, such as OpenAI or Anthropic, have stated publicly that they have encountered this type of activity. For example, earlier this year, Anthropic described distillation attacks being conducted against them by three AI labs: DeepSeek, Moonshot, and MiniMax, all based in China. Anthropic claimed it found evidence of these companies attempting to copy its models through coordinated distillation campaigns. OpenAI accused DeepSeek of copying its technology as well.
DeepSeek is the Focus of Controversy.
Among the three Chinese labs mentioned by Anthropic, DeepSeek has generated the greatest amount of public interest and controversy. After the release of its AI tool last year, Deepseek was able to generate worldwide interest and usage of its product with virtually no competition. At the time, Deepseek claimed that it only took a couple of million dollars to develop its product, as compared to the hundreds of billions of dollars being spent by the American AI companies to build and train their systems.
Deepseek's claim of low-cost, sophisticated capabilities led many industry experts to question how they were able to produce such an advanced AI model for so little money. With a major outage of its chatbot earlier this month, Deepseek has indicated that it will be releasing a new version of its model shortly. Deepseek, Moonshot, and MiniMax did not respond to any requests to respond to the allegations made against them.
Chinese Response
The government of China rejected the characterization in the White House memo. The Chinese ambassador to the United States expressed concerns about what he viewed as the unjustified restrictions on Chinese businesses that were being imposed by the United States. Additionally, the ambassador also responded to the assertion that the development of Chinese AI is dependent on the theft of American technology. The U.S. government was urged to investigate the tangible theft and continued misappropriation of U.S.-created technologies by China, which has emerged as the world's leading manufacturer and as an increasingly innovative country.
In addition, according to the embassy, Chinese technological development has been the result of both the government's own investment and work effort, as well as collaborating internationally with other countries and businesses to create mutual benefits for all parties involved. As a result of this ongoing relationship over many years, the embassy also noted that Chinese government officials have consistently rebutted U.S. allegations regarding the theft of technology, asserting that such accusations are politically motivated attempts by the U.S. to slow the pace of legitimate competition and to protect the U.S. on the intellectual property side without exhibiting goodwill toward either China or any other country in respect to intellectual property rights.
The White House's Response to the Distillation Threat
The White House outlined actions it plans to take regarding the distillation threat in a memo authored by Kratsios. First, the administration stated it would provide more detailed information concerning tactics being used and people suspected of being behind distillation campaigns so that American AI companies can better understand the threats facing them. Second, the administration pledged to better coordinate with AI companies regarding how to actively address the threat at the time of occurrence.
Third, the administration is committed to developing a series of best practices that AI companies can use to identify, mitigate, and recover from any consequences resulting from this type of activity. Fourth, the administration plans to explore ways to hold foreign entities accountable for distilling U.S. AI technology through a series of diplomatic channels and other diplomatic methods. While this memo does not specify potential enforcement mechanisms nor offer clear details about how to take action against foreign entities identified as responsible, a White House spokesperson was unable to provide further clarification beyond what is stated in the memo itself.
A Broader Strategic Context
There are many important reasons for timing the release of this memo. The United States and China continue to engage in increasingly fierce competition across all aspects of the development of AI technology, including research, chip design and manufacture, and the use of AI technologies both by the military and in commercial businesses. US officials fear that, by "free-riding" off prior investment in R&D by US companies (which represents years of work and millions of dollars), China has the ability to condense years of work into a much shorter period of time.
The campaigns being pursued with regard to distillation (described in this memo) are one mechanism by which this compression is occurring. The administration's decision to formally address this issue through a policy memorandum indicates it believes that the issue warrants a coordinated response from the government as opposed to allowing individual corporations to address the problem on their own.
Timing and Diplomatic Factors
The timing of the memo's release coincides with President Donald Trump's imminent visit to China in May, which will take place in the context of ongoing trade tensions and growing technological competition between the United States and China. The timing raises questions about how the distillation issue will be incorporated into any diplomatic discussions between the U.S. and China during President Trump's trip and whether the White House's decision to publicly voice its concerns at this time is a part of a conscious wedge strategy to apply pressure on China prior to these discussions.
The Trump Administration has a difficult job balancing its desire to keep U.S. AI technology secure with maintaining a productive diplomatic and economic relationship with China—a balancing act that has proved difficult to accomplish consistently throughout the continuing tension between the U.S. and China. The manner in which the distillation issue is ultimately resolved, whether through domestic policy or through diplomacy with foreign governments, will likely have long-lasting ramifications for how artificial intelligence develops in both the U.S. and China.
