LegisTrack
Back to all bills
HR 3434119th CongressIn Committee

Protecting AI and Cloud Competition in Defense Act of 2025

Introduced: May 15, 2025
Defense & National SecurityTechnology & Innovation
View on Congress.gov
Standard Summary
Comprehensive overview in 1-2 paragraphs

The Protecting AI and Cloud Competition in Defense Act of 2025 would reshape how the Department of Defense procures cloud, data infrastructure, and foundation models. It creates a framework to promote competition, maintain government control of its data, and encourage interoperability and open systems. The bill defines key terms (including what counts as a foundation model and a “covered provider”) and sets a threshold for which providers are subject to its requirements. It requires competitive procurement processes for relevant contracts, guarantees exclusive government access to government data, and emphasizes multi-cloud architectures when feasible. It also directs updates to defense acquisition rules to protect government data used in AI development, imposes penalties for improper data use, and requires annual reporting to Congress on market dynamics, with public disclosure of the reports. Overall, the bill aims to reduce vendor lock-in, increase transparency and competition in defense AI and cloud purchases, and ensure that data handling and IP rights are aligned with national security and interoperability goals. It also creates a formal reporting regime to monitor competition and to identify exemptions granted for national security reasons.

Key Points

  • 1Defining scope and players: Establishes terms for artificial intelligence, cloud computing, cloud providers, data infrastructure providers, foundation models, and a “covered provider” (cloud/data/foundation model providers with at least $50 million in DoD contracts in the prior five years).
  • 2Competitive procurement mandate: Requires a competitive award process for each procurement of cloud, data infrastructure, or foundation model solutions, with emphasis on interoperability, auditability, and appropriate allocation of IP and data rights, while prioritizing multi-cloud approaches when feasible.
  • 3Data rights and protection: Requires government access rights to government data, protects data from improper use (including training or improving commercial products without DoD authorization), and ensures data stored on vendor systems is properly isolated and protected; includes penalties for violations and allows exemptions for national security by designated acquisition executives with transparency to the Chief Digital and Artificial Intelligence Officer.
  • 4Open systems and entry barriers: Promotes modular open systems, clear work allocation boundaries, and actions to reduce barriers to entry for small businesses and nontraditional contractors.
  • 5Reporting and transparency: Mandates annual reports (beginning January 15, 2027, for four years) assessing competition, innovation, barriers, and market concentration in AI space, plus a list of exemptions granted and their purposes; requires public release of a releasable version of each report.

Impact Areas

Primary group/area affected: DoD cloud providers, data infrastructure providers, and foundation model providers that have DoD contracts totaling $50 million or more in the prior five fiscal years; DoD acquisition and cyber/AI policy offices; military end users relying on cloud/AI tools.Secondary group/area affected: Small and nontraditional defense contractors (due to barriers-to-entry provisions and modular/open-systems approach); the broader technology ecosystem involved in cloud, AI, and data infrastructure; other government agencies engaged in similar procurement practices.Additional impacts: Potential effects on competition and pricing in defense AI/cloud markets; changes to data governance, IP rights, and security requirements; increased regulatory burden and compliance costs for providers; greater public accountability through annual, publicly accessible reports.Foundation model: An AI model with at least 1 billion parameters, typically trained with self-supervised methods, capable of broad applicability; or one that performs high-risk tasks in ways that could impact national security, economic security, health, or safety.Multi-cloud technology: Strategies that enable portability and interoperability across multiple cloud providers and hybrid environments, with an emphasis on security and operational consistency.Government data: Data furnished or used by the DoD for AI development and operations; the bill emphasizes safeguarding and restricted use unless authorized by DoD.
Generated by gpt-5-nano on Oct 7, 2025