In response to the White House’s Request for Information on an AI Action Plan, US Cyber Response has submitted recommendations to the Office of Science and Technology Policy (OSTP). Our recommendations are designed to better prepare America to capture the economic benefits and national security implications of powerful AI systems.

Policy Recommendations on Implementing a Tiered Security Clearance Process for Frontier AI Workers

Introduction & Rationale

In alignment with Executive Order 14179—designed to remove barriers to American AI leadership and promote human flourishing, economic competitiveness, and national security—this recommendation addresses a critical and increasingly urgent risk in frontier AI: the insider threat. U.S. companies are at the forefront of AI innovation, and the most significant risks can originate from within.

For the purposes of this recommendation, “Frontier AI workers” refers to individuals with direct access to the development, deployment, and security of advanced AI systems with national security, economic, and geopolitical implications.

This includes, but is not limited to: model developers and architects, data scientists working on sensitive datasets, cybersecurity professionals specializing in AI systems, and individuals with privileged access to AI infrastructure.

Insider access to sensitive AI technologies, particularly by non-U.S. citizens with ties to adversarial nations (defined as nations actively seeking to undermine U.S. interests), poses a unique and escalating vulnerability that must be mitigated through rigorous, risk-based vetting.

Recommended Framework

Adopt a tiered security clearance system—mirroring national security protocols—to ensure that access to sensitive AI work is limited to individuals meeting escalating levels of scrutiny:

  • Tier 1 – Baseline Clearance (Controlled for Official Use Only)

    • Scope: Personnel engaged in non-sensitive or public AI research.
    • Requirements: Standard background checks, employment verification, and basic cybersecurity awareness training.

  • Tier 2 – Intermediate Clearance (Confidential/Secret Level)

    • Scope: Individuals working on proprietary models, advanced algorithms, or sensitive datasets critical to national competitiveness.
    • Requirements: Enhanced background investigations, including financial background checks, social media analysis, and conflict-of-interest screenings. Periodic re-assessments are required.

  • Tier 3 – High-Level Clearance (TS or TS/SCI with Special Compartments)

    • Scope: Personnel involved in projects with significant national security implications or dual-use applications.
    • Requirements: Comprehensive vetting, including in-depth financial and personal history checks, psychological evaluations (where appropriate), continuous monitoring of online activity, financial transactions, and foreign contacts. Strict compartmentalization and regular debriefings with security personnel are mandatory. Special attention should be given to non-U.S. citizens with ties to adversarial nations, including disclosure of foreign funding or affiliations and restrictions on travel.

Implementation Strategy

  • Standardized Vetting Protocols:

    • Develop uniform federal guidelines detailing specific criteria for each clearance tier, including explicit mandates for the rigorous vetting of non-U.S. citizens.
    • Establish industry-wide standards concerning background checks and security protocols.
    • Provide clear definitions of adversarial nations.

  • Oversight & Governance:

    • Establish a multi-agency task force (comprising OSTP, national security agencies, industry experts, and academic leaders) to oversee implementation, enforce compliance, and update clearance procedures as needed.
    • Clearly define roles and responsibilities of all participating agencies.
    • Establish clear lines of communication and reporting.

  • Risk-Based Project Classification:

    • Enable companies to classify AI projects by sensitivity, ensuring that clearance requirements are proportionate to the risk, while lower-risk innovation remains unencumbered.
    • Develop a clear taxonomy of “sensitive AI” projects, categorizing them based on potential national security and economic risks.
    • Provide tools and resources to assist companies in implementing the clearance process.

  • International Collaboration Safeguards:

    • Create clear and granular guidelines for international partnerships, including data sharing agreements, joint research protocols, and security audits of partner organizations.
    • Implement protocols for assessing and mitigating foreign influence.

  • Streamlining and Regular Reviews:

    • Explore ways to streamline the clearance process to minimize delays and burdens on companies, considering leveraging technology for automation.
    • Mandate regular reviews of security protocols to adapt to the rapidly evolving AI landscape.

Precedents & References

This approach draws on established U.S. policies that restrict sensitive technology from foreign manipulation:

  • Export Controls: Measures like ITAR and EAR restrict access to sensitive defense and dual-use technologies¹.
  • Foreign Investment Screening: CFIUS reviews and limits foreign influence in critical technology sectors².
  • Defense Contractor Clearances: Rigorous security clearances ensure that only vetted personnel access classified projects³.

Conclusion

Executive Order 14179 sets the stage for a revitalized U.S. AI policy framework—one that prizes innovation while securing national interests. A tiered security clearance process directly addresses the insider threat by ensuring that only rigorously vetted individuals have access to the nation’s most sensitive AI projects. Implementing this framework will protect critical intellectual property, fortify national security, and sustain U.S. leadership in AI.