Comment by kube-system
1 year ago
> Providers will supply anything the customer is willing to pay for.
I suppose every company and every service should be in scope for KYC then. /s
But the reality is that Wordpress hosts are not in the business of renting people dedicated servers the price of a nice house. And if they were asked to do so, it wouldn't be a simple automated request without scrutiny.
In 2010 it wouldn't have been an automated request. Now there is plenty of demand for it to do inference and some providers are likely to start offering it if they don't already. You're also assuming the providers are interested in preventing foreigners from using their systems for AI training, rather than being interested in making as much money as possible without violating the letter of the law.
The latter is one of the reasons rules like this are simultaneously so expensive and ineffective. Provider A decides to KYC everybody because they're big and risk averse, so the rules inconvenience millions of innocent people. Provider B wants to make money selling GPUs to foreigners, so they implicitly choose a structure that allows that to happen if the rules contain any loopholes whatsoever. (This ignoring that foreign customers could just switch to foreign hosts and cost US companies business for no reason.)
And if the premise is the level of resources being consumed rather than the type of service then why don't the rules exempt anyone spending less than e.g. $50,000/month? That would be almost everyone while still not being anyone buying enough compute to do major AI training. It still wouldn't work but at least it would have much less overhead.
I don't think anyone is under the presumption that these requirements are bulletproof. The point is to just target one big glaring loophole.
> $50,000/month? That would be almost everyone
It might be almost every individual developer. But that isn't really a huge cloud spend at all for an organization.
https://www.cloudzero.com/wp-content/uploads/2023/10/flexera...
But speaking of loopholes, what do you think bad actors would do if you told them that they weren't subject to KYC under a certain dollar amount? lol
> It might be almost every individual developer. But that isn't really a huge cloud spend at all for an organization.
That's kind of the point. It excludes all of the individuals and small businesses and makes it unambiguous that it doesn't apply to someone paying $10/month for a VPS to use as a VPN endpoint for privacy.
> But speaking of loopholes, what do you think bad actors would do if you told them that they weren't subject to KYC under a certain dollar amount?
In some hypothetical world where the rules were actually effective? Spend $49,000 and then create a new account, which would be highly suspicious and still cause them to get caught.
In practice? Use a cooperative provider (Wells Fargo as a hosting company), or one in another country, the same as they would do regardless.
The whole SUV category of vehicles was spawned as a workaround for the 1975 Energy Policy and Conservation Act of 1975. Demand blocked by laws leads to weird mutations.
I'm thinking that this will simply promote cloud providers that operate outside America, sort of like Binance and FTX were "forced to exit" the US market. Not a bad result.