OpenAI and Google Sell Models to Blacklisted China Groups OpenAI and Google supplied advanced AI model access to Singapore subsidiaries of Alibaba, Baidu, and Tencent, whose Chinese parent companies are on the U.S. Section 1260H military-company list, according to a July 10, 2026 Financial Times report. The sales are legal under current rules, but OpenAI suspended some Alibaba-affiliated API users over distillation concerns, highlighting gaps in export controls for AI software. OpenAI and Google Sell Models to Blacklisted China Groups On July 10, 2026 , the Financial Times reported that OpenAI and Google supplied advanced AI model access to Singapore subsidiaries of Alibaba, Baidu, and Tencent, while those Chinese parent companies are on the U.S. Section 1260H military-company list. FT says the sales are legal under current rules, but OpenAI suspended some Alibaba-affiliated API users after distillation concerns and Google said geographic restrictions alone are not enough against sophisticated circumvention. For AI teams, the practical lesson is that model access control now depends on entity ownership checks, subsidiary mapping, account-behavior monitoring, and clear escalation paths when API use looks like model extraction rather than ordinary deployment. Model APIs are becoming export-control infrastructure, because the enforceable boundary is no longer just a chip shipment or a data-center location. The hard control point is the customer account: who owns it, where it operates, what it does with outputs, and whether usage looks like normal deployment or model extraction. That makes this a governance story for AI platform teams, not only a Washington-Beijing policy fight. What happened Financial Times reported on July 10, 2026 that OpenAI and Google supplied advanced AI model services to Singapore-based subsidiaries of Alibaba, Baidu, and Tencent. FT says the Chinese parent companies are on the U.S. Section 1260H military-company list, but that the sales are legal under current rules. The same report says OpenAI suspended some Alibaba-affiliated API users last month over suspected distillation, while Google said geographic sales restrictions alone can be bypassed by sophisticated attackers. Policy context The Federal Register notice for the current Section 1260H designations lists Alibaba, Baidu, and Tencent, but the FT report highlights that this designation has not become a blanket software-access ban for every overseas subsidiary. OpenAI and Google already publish region and terms-based access controls, and Google bars attempts to extract or replicate underlying models. The gap is that legal availability, regional eligibility, and parent-company risk are not the same control. For practitioners The operational takeaway is to treat compliance metadata as production model-risk data. Frontier-model vendors and enterprise AI platforms need beneficial-ownership screening, subsidiary and affiliate resolution, country and billing-region checks, anomaly detection for high-volume extraction patterns, and documented review flows when a legitimate customer starts behaving like a distillation pipeline. What to watch The next signal is whether U.S. agencies convert model access into a broader export-control category, or whether providers tighten private policies first. Also watch how Chinese-headquartered groups route AI procurement through overseas affiliates, because that will determine whether account-level controls become a practical safeguard or a paperwork exercise. Key Points - 1FT says OpenAI and Google supplied model access through Singapore subsidiaries tied to Alibaba, Baidu, and Tencent. - 2The policy gap is that Section 1260H status does not automatically block hosted AI software access. - 3Practitioners should treat entity ownership, region controls, and distillation detection as core operational model-governance controls. Scoring Rationale Kept at 7.2 because the direct sales claim is a single FT exclusive, but the policy implications are material: model access, distillation monitoring, and subsidiary screening are now governance controls for frontier-model vendors. The event is notable rather than major because current evidence points to a legal access gap, not a new binding U.S. rule or confirmed security breach. Sources Public references used for this report. Practice with real Ad Tech data 90 SQL & Python problems · 15 industry datasets Active Search Campaigns by BudgetEasy /problems/sql/active-search-campaigns-by-budget High CPC Clicks & Poor Landing PagesMedium /problems/sql/high-cpc-clicks-poor-landing-page Campaign ROAS by Attribution ModelHard /problems/sql/campaign-roas-by-attribution-model 250 free problems · No credit card See all Ad Tech problems /problems/datasets/adtech