Chip Security Act

This bill sets new rules to keep advanced computer chips safe when they are sent to other countries. It would require certain chips to have built-in tools that can confirm where they are and help prevent tampering, theft, or misuse. The goal is to protect U.S. technology and make it easier for trusted partners to get the hardware they need while stopping bad actors from diverting it. If the security tools work well, the government may later suggest more flexible export rules for countries that meet these standards.

Key points

• Who is affected: U.S. companies that export advanced chips and computing hardware, and the overseas users who receive them.
• What changes:
  • Within 180 days, covered chips must include location checks before they can be exported or transferred abroad.
  • Companies with export licenses must promptly report if the hardware is moved to a different place, ends up with a different user, or shows signs of tampering or spoofing.
  • The Commerce Department can verify where exported chips are, keep records of who has them, and require information to keep those records up to date.
  • An added focus on privacy applies when adding any new security tools.
• When:
  • By 1 year after enactment, the government will study extra security methods (like stronger anti-tamper steps or workload checks) and decide which to add.
  • Up to 2 years after that study ends, those extra tools, if chosen, would become required on exported chips.
  • Starting 2 years after enactment and for 3 years after, there will be yearly updates on new chip security options and whether export rules can be made more flexible when strong protections are in place.