The Security Mirror: How the US and China Converged on the Same AI Border Tactic
Both governments now block each other's AI on national security grounds — each condemning the other for using that same tactic, while commercial actors keep the border porous.
The parallel is precise enough to look deliberate, though neither government has said it is. In early July, China's National Vulnerability Database flagged Anthropic's Claude Code programming tool as a "security backdoor" transmitting user data without consent — a claim Anthropic disputes, saying the code was an anti-abuse experiment [1]. Alibaba immediately banned employees from using it. Six weeks earlier, the Trump administration designated Anthropic's most advanced AI models as national security risks and banned their export to foreign users [2]. Same lever, opposite directions: each government is blocking the other's AI products on security grounds. China has been building this toolkit since spring. In April, regulators blocked Meta's $2 billion acquisition of AI startup Manus on national security grounds, ordered the deal unwound, and placed Manus executives under exit bans — using security review as the mechanism, not a fine or regulatory penalty [3]. Days later, Beijing required AI firms including ByteDance, Moonshot AI, and StepFun to obtain government approval before accepting US capital, framed as safeguarding technologies linked to national security [4]. On June 1, the State Council formalized the logic into law: trade secret protections for algorithms, code, and data, with a ban on tech transfer overseas without prior approval [5]. In May, China certified nine domestic AI chips under its national security framework, the first time chips appeared as a standalone category in the country's import-substitution initiative [6]. The US has been assembling matching machinery. In April, the House Foreign Affairs Committee advanced over 20 export control bills, including legislation requiring Japan and the Netherlands to align chip equipment restrictions with US rules within 150 days and a bill sanctioning Chinese firms for misusing US models [7]. The White House formally accused Chinese AI firms — DeepSeek, Moonshot AI, MiniMax — of industrial-scale model theft through distillation [8]. Trump signed an executive order on June 4 requiring AI companies to give the government access to frontier models up to 30 days before public release [9]. In June, the administration imposed an export ban on Anthropic's most advanced models, requiring suspension of access for all foreign nationals [2]. Weeks later, it restricted OpenAI's GPT-5.6 rollout to roughly 20 trusted partners, with federal officials approving access customer by customer [10]. OpenAI pushed back [10].
We don't believe this kind of government access process should become the long-term default. It keeps the best tools from users, developers, enterprises, cyber defenders and global partners who need them. — OpenAI
The irony is bilateral. China's Ministry of Commerce has accused the US of overstating national security to justify export restrictions [7].
Beijing consistently opposes any generalization of national security or abuse of export controls. — Ministry of Commerce
Beijing is criticizing the very mechanism it is deploying against US tools, acquisitions, and investment. Washington frames Chinese model distillation as a national security threat while restricting its own model exports on the same security grounds. White House science chief Michael Kratsios has accused China of deliberate, industrial-scale campaigns to distill US frontier AI systems [3], and US officials now describe AI competition as a moral and national security race against China [11]. The older toolkit each is leaving behind — regulatory fines, privacy reviews, antitrust proceedings — is slower and more reversible than a security block, as the EU's TikTok case shows. The Irish High Court upheld a 530 million euro fine against TikTok for transferring EU user data to China, but paused the actual data-transfer suspension order, requiring the regulator to reconsider [12]. The EU's approach produces a fine, a court proceeding, and a pause. The US and Chinese approaches produce a block. Within the US, domestic AI regulation still runs through conventional channels: the Fed, OCC, and FTC are mapping AI usage in banks and examining AI partnerships for market power, not through national security mechanisms [13]. The security framing is applied at the border, aimed outward. But the border is not sealed. Microsoft sells OpenAI models to Chinese firms — ByteDance, Tencent, Ant Group, Meituan — through Azure data centers in Singapore [14]. ByteDance alone spends over $1 billion annually on Azure AI, and Azure AI revenue in China has tripled. Microsoft is also evaluating China's DeepSeek-V4 open-source model to power a lower-cost tier of its Copilot product [15] — model flow running in both directions through a single US company. Chinese open-source models like Alibaba's Qwen and Moonshot AI's Kimi now top global leaderboards, with Qwen capturing over half of worldwide open-source downloads and 600 million users [16]. Open-source distribution crosses borders without acquisition, export control, or investment restriction to stop it. At least seven Chinese military-linked universities are seeking Nvidia H200 chips through remote compute leases, through a gap in export control rules [17]. And China is hosting the World Intelligence Expo in Tianjin with UAE, Kazakhstan, and European corporate participation [18] — blocking US tools and capital while courting everyone else. Both security apparatuses are now formal enough to persist beyond any single administration. China has its legal framework, investment restrictions, chip certification regime, and a planned $295 billion domestic AI infrastructure program mandating at least 80% domestic technology [19]. The US has executive orders, export bans, rollout restrictions, and legislation advancing through Congress. The open question is whether the commercial bridges — Microsoft's Azure routing, open-source model distribution, remote compute leasing — will draw each government to widen its security net to cover them, or whether the gap between what security framing mandates and what commerce can circumvent becomes the permanent shape of this rivalry.
- 1. China Flags Security Backdoor in Anthropic's Claude Code Tool
- 2. Trump Administration Imposes Export Ban on Anthropic AI Models
- 3. China Blocks Meta's $2 Billion Acquisition of AI Startup Manus
- 4. China Restricts U.S. Investment in Tech and AI Firms
- 5. China Implements New Digital Asset Trade Secret Protections
- 6. China Certifies Nine Domestic AI Chips Under National Security Framework
- 7. US House Committee Advances Export Controls Targeting Chinese Chips
- 8. U.S. Accuses Chinese AI Firms of Industrial-Scale Model Theft
- 9. Trump Orders AI Vetting as New Zealand Gains Mythos Access
- 10. Trump Administration Restricts OpenAI GPT-5.6 Model Rollout
- 11. U.S. Officials Frame AI Leadership as Moral Race Against China
- 12. Irish High Court Upholds 530 Million Euro TikTok Fine
- 13. U.S. Regulators Intensify Scrutiny of AI in Finance and Tech
- 14. Microsoft Sells OpenAI Models to Chinese Firms via Azure
- 15. Microsoft Eyes Chinese DeepSeek Model to Cut Copilot Costs
- 16. Chinese AI Ecosystem Surges with Open-Source Model Dominance
- 17. Chinese Military-Linked Universities Seek Nvidia H200 AI Chips
- 18. China Hosts World Intelligence Expo 2026 in Tianjin
- 19. China Plans $295 Billion AI Data Center Network