News
OpenAI and Google Sell AI Access to Pentagon-Blacklisted Chinese Tech Giants

A Financial Times investigation found that OpenAI and Google grant access to their AI models to Singapore-based subsidiaries of Alibaba, Baidu and Tencent, despite those firms appearing on a Pentagon list tied to China's military. The deals are legal because US export restrictions target specific entities and locations rather than the technology itself.
Contents
OpenAI and Google are providing access to their latest artificial intelligence models to Singapore-based subsidiaries of Alibaba, Baidu and Tencent, even though the parent companies appear on a Pentagon list of entities linked to the Chinese military. A Financial Times investigation shows the transactions are fully legal, because US export restrictions target specific entities and locations, not the technology itself.
How the loophole works
The mechanism rests on the difference between where the server sits and where the user sits. OpenAI's and Google's models physically run on infrastructure in the United States, so formally they never leave the country. But the export restrictions imposed on Chinese companies do not cover Singapore, where Alibaba, Baidu and Tencent have registered subsidiaries with full access to the same services available to customers in other countries.
In practice, this means that as long as a request originates from a Singapore address and an account tied to a legally registered company, the provider has no legal obligation to block it. Experts call this the 'cloud loophole' - as long as a model resides on a server in Iowa or Oregon, the US government has limited tools to control who sends it requests from the other side of the Pacific.
Company responses
Google defends its policy, stressing that it does not operate data centers in mainland China, and that strict acceptable-use rules also apply in Hong Kong and Singapore. The company also noted that restricting sales to specific geographic regions alone does not solve the problem of illegal model distillation, since sophisticated attackers can get around such barriers through other methods.
OpenAI took a similar stance, arguing that a user's nationality alone should not automatically determine access to a service. At the same time, the company acknowledged that last month it suspended API access for users linked to Alibaba after detecting activity suggesting suspected model distillation, meaning training its own system on outputs generated by another company's model.
Restricting sales to certain geographies alone cannot prevent sophisticated attackers from bypassing them - Google, statement to media
Anthropic goes further
Anthropic stands out against OpenAI and Google, having adopted the most restrictive approach among the major AI labs. The company has banned access to its models, including Mythos and Fable, for both Chinese companies and their foreign subsidiaries, regardless of where they are registered. Even so, Anthropic acknowledged last week that it had to add further safeguards to close additional loopholes Chinese companies were trying to use to get around the bans.
The debate over technology exports
The case is reviving a debate in Washington about extending export controls from semiconductors to AI models themselves. Until now, the administration has focused mainly on restricting sales of Nvidia's advanced chips to China, treating access to finished language models as a secondary issue. The revelation of the scale of model access sales through Singapore intermediaries shows that this regulatory gap matters just as much as hardware controls.
The Trump administration has for months raised national security concerns about foreign military and intelligence services using advanced AI, concerns that also delayed the US launch of GPT-5.6. Now the same concerns are resurfacing in the context of exporting finished services, not just the hardware those services run on.
What this means for companies in Poland
For Polish companies using OpenAI, Google or Anthropic models, the case has indirect but real relevance. It shows that even large providers do not fully control who actually uses their infrastructure through intermediaries and subsidiaries registered in third countries. Companies planning to integrate large language model APIs into their products should expect access policies and geographic restrictions to tighten further if Congress decides to extend export controls to the models themselves.
Sources: Archyde (archyde.com), The National (thenationalnews.com), Benzinga (benzinga.com), The News (thenews.com.pk)

