Key Points
- Industrial-Scale Extraction: Anthropic reports that Chinese firms used 24,000 fake accounts to generate over 16 million exchanges with their Claude models to steal reasoning and coding logic.
- Government Crackdown: A new White House memo by Michael Kratsios details a plan to share threat intelligence with U.S. tech companies to identify and block foreign “model mining” campaigns.
- Legislative Support: The House Foreign Affairs Committee has reached a bipartisan consensus on a bill to sanction foreign actors engaged in model extraction attacks.
- China’s Response: The Chinese Embassy in Washington has rejected the allegations, describing the U.S. measures as “unjustified suppression” of their technological progress.
Tensions between the United States and China regarding global dominance in the field of Artificial Intelligence (AI) have reached a new level. The Trump administration has decided to enhance cooperation with American AI companies to prevent “distillation” attacks, perpetrated by China, and to curb the leakage of confidential information. The U.S. alleges that, through these techniques, China is attempting to undermine American research and development efforts while narrowing the technological gap at a fraction of the cost.
Understanding the ‘Distillation’ Threat
In the context of AI, distillation is a technique wherein a large and complex model, known as the teacher, transfers its acquired knowledge and reasoning patterns to a smaller, faster model, known as the student. While this is a legitimate method for companies to optimize their own software, Michael Kratsios, the President’s Chief Science and Technology Adviser and Director of the OSTP, warns that foreign entities, particularly those in China, utilize American AI tools to “mine” capabilities they did not develop.
According to recent intelligence reports, these entities create thousands of fake accounts to bypass regional restrictions. Collectively, these accounts attempt to “jailbreak” AI models or extract chain-of-thought data that is not intended for public release. Subsequently, China uses this harvested information to train its own models, effectively “appropriating and repackaging American innovation,” as recently described in a memo by OpenAI.
Allegations and the ‘DeepSeek’ Catalyst
The urgency of the current situation follows the “Sputnik moment” of early 2025, when the Chinese startup DeepSeek released its R1 model. The model demonstrated reasoning capabilities comparable to top-tier U.S. systems but was developed for a reported $6 million, leading to widespread suspicion of massive distillation from American models.
In February 2026, the American AI company Anthropic leveled serious allegations directly against three Chinese unicorn companies: DeepSeek, MiniMax, and Moonshot AI. Anthropic claims that MiniMax alone ran an operation generating over 13 million exchanges to target agentic coding and tool orchestration. In response, the Chinese Embassy in Washington has categorically rejected these allegations, asserting that their technological advancements are the result of their own hard work and independent innovation.
The Trump Administration’s ‘Defense Plan’
To counter these activities, the White House has now decided to share more granular information with American companies. This initiative includes sharing technical indicators regarding attack methods, as well as the digital identities of the researchers involved. Kratsios believes that as methods to prevent these distillation attacks improve, the credibility of foreign models built upon such “weak foundations” will be questioned.
Furthermore, the administration is pushing for a national framework that includes “behavioral fingerprinting” to detect automated distillation patterns in real-time. This policy is supported by a $293 million “Genesis Mission” led by the Department of Energy, which aims to ensure the U.S. maintains a structural lead in AI-enabled scientific discovery while penalizing those who seek to bypass the heavy R&D costs of original model development.
