OpinionJul 8, 2026 · 9 min read
Washington’s Chinese AI panic needs an American answer, not just another blacklist
As lawmakers probe U.S. companies’ use of Chinese AI models, the real test is whether America can build trusted, affordable open alternatives instead of relying on bans alone.

Opinion: Washington’s Chinese AI panic needs an American answer, not just another blacklist
Opinion — July 8, 2026
The most revealing line in today’s debate over Chinese artificial intelligence did not come from Beijing. It came from Washington, where U.S. lawmakers are now asking why American companies would choose Chinese-built AI models in the first place.
According to CNBC’s July 8 report, two U.S. House committees are investigating the growing use of Chinese-developed AI models by American companies, with early letters sent to Cursor and Airbnb. The concern is not abstract. Chinese models have become more attractive to U.S. firms because they are closing the performance gap with American rivals while often costing less to use. That is the real policy emergency hiding underneath the national-security language: if the cheaper, good-enough tool is Chinese, businesses will reach for it.
Washington can call that risky. It can call it strategically unacceptable. It can pressure companies that serve the federal government. But it cannot lecture the market into buying a worse or more expensive product forever. If the United States wants American companies to avoid dependence on Chinese AI models, it has to make the American alternative easier, cheaper, more open, and more trusted.
That is the opinion page version of the story, and it matters because the usual Washington reflex — ban first, build later — is not enough for open-weight AI.
CNBC reports that the House Committee on Homeland Security and the House Select Committee on China said in April that they would jointly investigate the adoption of Chinese-developed AI models. The committees’ first step, according to that report, was to send letters to Cursor and Airbnb about their “use of or exposure to these risks” through AI developed in China. Andrew Garbarino, chairman of the House Committee on Homeland Security, told CNBC that the Chinese Communist Party is “racing to close the gap” in artificial intelligence capabilities that will shape the future of cybersecurity.
The companies’ responses point to the complexity. Cursor declined to comment to CNBC on the probe. Airbnb told CNBC that its AI activity runs “overwhelmingly on U.S.-origin models,” while acknowledging use of a “limited number of China-origin models” that it described as open-source and run through approved U.S.-based service providers, with data and operations kept separate and protected. In other words: this is not simply a spy-thriller story in which sensitive corporate data is casually handed to Beijing. It is a procurement, infrastructure, cost, and standards story.
That distinction matters. If policymakers flatten every China-origin model into the same category of danger, they will miss the more important question: what technical and contractual conditions make a model safe enough for which use case? A customer-service chatbot, a code-generation tool for internal systems, a cyber-defense model, and a government contractor’s workflow should not all be governed by the same panic button.
There are real risks here. The State Department told CNBC that Chinese AI models raise serious concerns because they are designed to advance Beijing’s narratives, censor dissent, and reflect Chinese Communist Party ideology and values. A spokesperson for China’s embassy in the United Kingdom rejected such allegations to CNBC as “baseless” and “malicious smears,” saying China’s AI sector is built on self-reliance and scientific strength. Readers do not have to choose between those statements to see the policy problem. AI systems carry training choices, safety rules, content restrictions, vulnerability profiles, and governance assumptions. Those are not neutral when the systems become infrastructure.
But there is also a credibility problem on the American side. If Washington says open Chinese models are dangerous because they may carry censorship, hidden vulnerabilities, or strategic dependence, then Washington should be able to say what a better open alternative looks like. Not merely: buy American. Not merely: trust us. A serious strategy would define auditability, provenance, evaluation standards, incident disclosure, data controls, and procurement rules that companies can actually follow.
CNBC’s reporting suggests some lawmakers understand this. A committee aide told CNBC that the investigation is also examining whether the United States has a sufficient open-weight AI strategy, so American companies and cyber defenders are not forced to choose between expensive or restricted U.S. models and cheaper, capable models developed in the People’s Republic of China. That is the sentence Washington should put on a whiteboard and stare at until the policy gets honest.
The issue is not just that China has built capable models. The issue is that American AI policy has often treated openness as a vibes category instead of a strategic category. U.S. frontier labs have strong reasons to keep powerful systems closed or tightly controlled. Safety advocates have strong reasons to worry about open-weight models that can be modified, fine-tuned, or stripped of safeguards. Startups, researchers, and smaller companies have equally strong reasons to want models they can inspect, adapt, and afford. China’s model ecosystem has exploited that tension by offering tools that are powerful enough and accessible enough to spread.
That is why a blanket ban is tempting but incomplete. Kyle Chan of the Brookings Institution told CNBC that the administration could consider federal procurement bans, including restrictions on government agencies and private companies that serve the government. But he also warned that it is “ultimately impossible” to ban China’s open-source AI models because their weights are freely available online, and that such an effort could raise First Amendment speech issues. Daniel Remler of the Center for a New American Security told CNBC that restrictions may be difficult because the administration could worry about harming startups that use those models or chilling support for open models generally.
Those caveats are not loopholes. They are the center of the story. Open-weight models are not like a telecom switch that can be barred from a government network with a procurement memo. They can be downloaded, mirrored, modified, embedded, and hidden behind layers of software. A ban may work for federal systems, regulated infrastructure, or contractors handling sensitive data. It will not work as a general strategy for the broader economy.
So the better policy mix should look less like theatrical decoupling and more like hardheaded substitution.
First, federal procurement rules should be precise. If a company wants to handle sensitive government work, Washington can require disclosure of the model families used, where inference runs, what data is logged, who can access model outputs, how updates are controlled, and whether model weights or dependencies originate in jurisdictions of concern. That is different from a broad political blacklist. It is closer to a supply-chain security regime for AI.
Second, the United States needs a real open-weight lane. If officials believe American companies are turning to Chinese models because U.S. options are expensive or too restricted, then the policy answer is not to shame the buyer. It is to fund, benchmark, and distribute trustworthy alternatives. That means public-private investment in open models that can be used by startups, universities, state governments, local newsrooms, hospitals, manufacturers, and civic organizations without requiring hyperscaler budgets. It also means evaluation infrastructure that is public enough to be trusted and technical enough to matter.
Third, Washington should separate censorship risk from data-security risk. A model’s political refusals, training biases, or alignment choices are one kind of concern. The question of where user data goes, whether prompts are logged, whether a service provider can access sensitive information, and whether a system can be updated in ways customers do not understand is another. Mixing them together may make for punchy hearings, but it makes for sloppy policy. Companies need checklists and enforceable standards, not just geopolitical mood lighting.
Fourth, policymakers should avoid turning “open source” into a suspect phrase. CNBC’s report notes that some government departments have banned use of Chinese AI models including DeepSeek, while private adoption is not broadly prohibited. That distinction should survive. Open models can create security risks, but openness can also enable inspection, competition, resilience, and local control. If American policy treats open models as inherently reckless, it will push more developers toward whichever ecosystem offers the most practical freedom. That may be exactly the outcome lawmakers say they fear.
Finally, the U.S. should be careful with moral overconfidence. Yes, Chinese state influence over information systems is a serious concern. Yes, censorship and national-security law matter. But American AI companies have their own opacity problems: closed model behavior, unclear training data, uneven content rules, consolidation around a handful of cloud providers, and pricing power that can squeeze smaller players. If Washington wants to argue that democratic AI infrastructure is better, it has to make that infrastructure visibly more accountable, not just more American.
The politics are moving fast because the market is moving faster. CNBC reports that tech leaders, including Coinbase CEO Brian Armstrong and Lindy founder Flo Crivello, have publicly touted the use of Chinese models to reduce costs. That is not a footnote. It is the pressure point. Entrepreneurs do not wake up wanting to be case studies in geopolitical risk. They use the tools that help them ship. If U.S. policy cannot understand that, it will keep losing the adoption argument while winning the press-release argument.
The national-security community is right to worry about dependence. It is plausible that model choice will shape cybersecurity, software development, search, enterprise automation, education, media, and government services. It is also plausible that model ecosystems will export values, defaults, and vulnerabilities. But dependence is not solved by scolding companies for behaving rationally in a cost-sensitive market.
The lesson from today’s House probe should be blunt: America does not get AI leadership by making foreign models illegal to notice. It gets leadership by making trusted models easy to choose.
That means Congress should ask hard questions of Cursor, Airbnb, and any company integrating China-origin models into sensitive workflows. It also means Congress should ask hard questions of U.S. labs, cloud providers, and federal agencies. Why are American open-weight options not more competitive? What technical standards would allow companies to distinguish safe, local, auditable use from risky dependence? Which sectors need strict procurement rules now, and which need guidance instead? How can smaller firms comply without hiring a national-security law department?
A strong AI policy would not pretend all Chinese models are harmless. That would be naive. It also would not pretend all American models are automatically trustworthy. That would be branding, not governance.
The better path is narrower and more demanding: classify the risks, require disclosure where public interests are at stake, build open American alternatives, and keep the innovation lane wide enough that startups are not forced into a false choice between strategic safety and survival.
Today’s story is not simply that lawmakers are probing Chinese AI models. It is that the probe has exposed the weakness of a U.S. strategy that knows how to fear Chinese AI but has not yet fully learned how to compete with it. The answer should not be panic dressed up as patriotism. The answer should be an American AI stack that is open where it can be, secure where it must be, and affordable enough that companies do not need a congressional subpoena to explain why they picked the cheaper tool.
The Shadowfetch Brief
Get The Shadowfetch Brief
Stories like this — every side, one short morning email. Free.