ARTICLE
19 January 2026

House Passes Remote Access Security Act To Limit Adversaries' Remote Access To Critical Technology

CM
Crowell & Moring LLP

Contributor

Crowell & Moring LLP logo
Our founders aspired to create a different kind of law firm when they launched Crowell & Moring in 1979. From those bold beginnings, our mission has been to provide our clients with the best services of any law firm in the world through a spirit of trust, respect, cooperation, collaboration, and a commitment to giving back to the communities around us.
Explore Firm Details
On January 12, 2026, the U.S. House of Representatives overwhelming passed (369-22) the Remote Access Security Act, modernizing U.S. export controls to address foreign adversaries' remote access to controlled technologies through cloud computing services.
United States International Law
Scott Wise,Jeremy Iloulian, and Dmitry Bergoltsev
Scott Wise’s articles from Crowell & Moring LLP are most popular:
  • with readers working within the Construction & Engineering industries
Crowell & Moring LLP are most popular:
  • within Law Department Performance and Coronavirus (COVID-19) topic(s)

On January 12, 2026, the U.S. House of Representatives overwhelming passed (369-22) the Remote Access Security Act, modernizing U.S. export controls to address foreign adversaries' remote access to controlled technologies through cloud computing services.

Currently, the U.S. Department of Commerce's Bureau of Industry and Security (BIS) does not consider the provision of cloud computing services to be exports. If passed into law, the bill (H.R. 2683) would modify the Export Control Reform Act of 2018 to authorize BIS to regulate the remote access of items, in addition to the export, reexport, and transfer of items, as well as issue licenses and impose penalties related to remote access of export controlled items.

The bill, sponsored by Rep. Michael Lawler (R-NY-17), directly responds to concerns that Chinese entities have exploited cloud services to evade U.S. export controls on advanced semiconductors and AI technologies by accessing computing power remotely through offshore data centers. It would apply U.S. export control restrictions to remote access and cloud-based exposure of controlled items—including advanced AI chips and semiconductors. In addition, the bill could significantly disrupt cloud computing companies' compliance operations, which have been based on the understanding that the provision of cloud computing power does not qualify as an export for nearly twenty years.

The Remote Access Security Act would not become law until passage in the Senate and signature by the President. Senators David McCormick (R-PA), Ron Wyden (D-OR), Tom Cotton (R-AR), and Chris Coons (D-DE) and the sponsors and cosponsors of the Senate version (S. 3519).

Key Takeaways

  • Companies should expect increased regulatory scrutiny of cloud service arrangements involving foreign users, particularly those with potential ties to China. Enhanced due diligence, customer verification, and transaction-level documentation procedures will be necessary for compliance.
  • The policy implications of this bill extend beyond traditional hardware manufacturers to cloud service providers, data center operators, and technology platforms offering remote computing capabilities.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Scott Wise
Scott Wise
Photo of Jeremy Iloulian
Jeremy Iloulian
Photo of Dmitry Bergoltsev
Dmitry Bergoltsev
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More