Chinese regulators recently held closed-door meetings with a number of technology companies to discuss the possibility of restricting overseas users’ access to China’s most advanced artificial intelligence models, including products that have not yet been officially released. According to people familiar with the matter, this move continues Beijing’s series of measures to “keep AI at home” and also highlights that China, like the United States, regards cutting-edge artificial intelligence as a key national asset that requires strict control.

According to three people familiar with the matter, companies participating in the meeting include Alibaba, ByteDance and start-up Z.ai, all of which occupy important positions in China's AI industry. Since DeepSeek launched the R1 model last year, Chinese AI models have rapidly expanded in the global market with lower costs and increasing capabilities, deeply penetrating various commercial applications. Once Beijing decides to restrict the opening up of these products, the global AI service cost structure may change significantly, and many companies that rely on Chinese products will face rising cost pressures.

The meeting, led by China's Ministry of Commerce, focused on imposing access restrictions on state-of-the-art closed-source and open models, according to two people familiar with the matter. One of the people revealed that officials have proposed to include the leakage or theft of proprietary AI technology within the scope of punishment under the National Security Law, which means that relevant violations in the future may face more severe criminal or administrative liability. The same source also said that regulatory authorities are also considering passing new regulations to set conditions and restrictions on entities that can provide funds to local AI start-ups to further tighten the safety boundary on the capital side.

The exact scope of these potential restrictions is still being discussed, and some scenarios may only apply to new models launched in the future. It is unclear when the relevant policy will be implemented, and there is also the possibility that it will not be introduced in the end. The Ministry of Commerce and the National Development and Reform Commission, which also sent personnel to attend the meeting, have not yet responded to media inquiries on relevant issues. Alibaba, ByteDance and Z.ai also did not respond to Reuters' requests for comment.

The above-mentioned companies have deployed a variety of different types of AI models, including completely closed-source commercial products and "open weight" models that allow users to download, run and customize the underlying system. Among them, Alibaba’s Qwen and ByteDance’s Doubao have become one of the most widely used general models in the Chinese market. Z.ai has attracted attention in Silicon Valley with its GLM-5.2 model. Its capabilities are close to those of leading products in the United States, but its cost of use is only a fraction of that. It is regarded as a highly competitive alternative.

The United States is also simultaneously strengthening its national security review of top AI models. The government led by U.S. President Donald Trump has been highly concerned about the potential risks of AI in the field of national security, and is particularly concerned about the misuse of U.S. AI products by the military and intelligence agencies of relevant countries, including China and Russia. In June this year, the United States requested that foreign users be prohibited from accessing Anthropic's most advanced Fable and Mythos models. Because the company was unable to accurately verify user identities in real-time application scenarios, it ultimately chose to close access to these two models to global users.

With additional security measures in place, export controls on the Fable model for the general public have been lifted, but Mythos for cybersecurity professionals still maintains strict restrictions and is only open to certain "trusted organizations" in the United States. At the same time, some American AI experts have also publicly called on the U.S. government to establish a more complete regulatory framework for the introduction and use of Chinese AI models.

Two people familiar with the matter said that Chinese regulators are particularly concerned about the potential capabilities of Mythos, believing that the model may have high-risk attack capabilities in discovering and exploiting software vulnerabilities, and that the United States may use it for operations against Chinese interests. This concern echoes the views previously publicly expressed by Chinese state media and cybersecurity industry figures, including Zhou Hongyi, founder of cybersecurity company 360, who once said that China must create its own version of the "Mythos" level model to take the initiative in cybersecurity offense and defense.

Since this year, China has introduced a number of measures to protect its local AI industry and key technology assets. In April this year, China's National Development and Reform Commission asked U.S. company Meta to withdraw its roughly $2 billion acquisition of Chinese-founded AI startup Manus, citing technical, safety and regulatory disputes. In early June, China issued new regulations to comprehensively tighten overseas investment and M&A projects involving Chinese investors, technology, data and national security factors, and further strengthen the control of cross-border flows of capital and technology.

In addition to transaction-side supervision, Chinese regulators have also launched investigations into Manus and other local AI startups that have moved overseas to assess whether they have violated export control laws and regulations. Manus has not responded publicly to these investigations so far. Reuters stated that it is not yet possible to learn China’s specific implementation paths and technical plans for overseas access to AI models in the future, but some clues can be gleaned from a roundtable discussion of legal experts on open source AI supervision in May this year.

According to a summary of the discussion published in the official journal of the Supreme People's Court, experts at the meeting suggested implementing a "tiered management" system for open source AI: basic-level open source tools only need to complete simple filings; higher-level advanced technologies are subject to security review; as for the most sensitive "cutting-edge models," it is recommended that they are not open to the public, or are only allowed to be used in the domestic environment. Between these suggestions and realistic regulatory measures, how China strikes a balance between security and openness has become the next step of great concern to the global AI industry.