A recent trend has been the requirement that U.S. persons access specific AI tools. This is a critical safeguard to protect sensitive AI systems and ensure these tools are not used by bad actors. Typically, there are groups paid to reverse-engineer or distill models and to use AI models to aid in nefarious activities such as hacking. It is important to verify each person accessing these systems, as a single person's access becomes much more powerful and can overwhelm standard AI systems and technologies. Typically, the requirement starts with being a U.S. citizen or other lawful permanent resident. Then, some restricted AI tools, like Anthropic's Mythos, are further gated behind enterprise contracts and other legal mechanisms that ensure responsible use of their models. These controls are much more important, as AI tools can be jailbroken and manipulated by professionals who know various closed techniques for public models.
Restricted, Air-Gapped, and Lab Models
Some restricted air-gapped and lab models exist that are more powerful than public ones; they offer greater security and capabilities and require further locking down. Additional safeguards can be implemented to keep the models under lock and key while still allowing room for advancements through additional development. These models, however, are limited in what they can train on and must be carefully released to the public as controlled experiments with a limited set of features. During these experiments, they can gather powerful intelligence, which allows them to continuously advance the learning of the main air-gapped model. Current public models are nowhere near what real restricted AI can do when leveraged by advanced operators. When operating restricted AI, it might also be tempting to use it for non-approved measures, which is another reason availability and permissions are restricted in increments and tiered by usage.
Meeting ITAR Requirements Through IAL3 Proofing
Trust Swiftly has been working with AI enterprises to secure these systems and ensure that the most advanced tools remain locked down for cleared individuals. One of the most useful ways to remain compliant with International Traffic in Arms Regulations (ITAR) identity requirements is through IAL3 proofing and citizenship verification. Identity Assurance Level 3 (IAL3) is a standard that requires in-person or supervised remote identity verification using strong, government-issued identification and includes rigorous validation of a person's claimed identity. Anything less than identity assurance level 3 (IAL3) is typically not secure enough for granting ITAR access. The regulations do not specify an exact assurance level, but following industry best practices, such as FedRAMP High, can be reasonable guidance. FedRAMP High is a security baseline for cloud service providers handling highly sensitive federal data, and it includes strict requirements for encryption, monitoring, and access controls. NASA published a list of identity documents, but the important factor is not just the proofing document presented, but the entire identity assurance process. As we detailed in the past, it is trivial to bypass these systems, as described by NASA. Trust Swiftly is capable of doing both securely through our on-site remote verification offerings. Attempting to verify employees and users of restricted AI models on your own is a dangerous endeavor, as it limits your overall insight into individuals to a single view. As we have detailed in other articles, having multiple angles is the clearest and quickest way to identify nation-state threat actors, and it aligns with identifying people who are not ready for restricted AI. One of the first important components of conducting ITAR identity verifications is ensuring the process and solution are built on a trustworthy and secure foundation. Using a non-battle-tested solution opens your AI model to immediate threats and possible theft. Trust Swiftly has been constantly enhancing our public and air-gapped solutions to ensure the most powerful tools are used with great care by the individuals they are entrusted to. A key to having access to restricted AI is to fortify it heavily, but also to continue pushing the boulder up the mountain, as we have seen models like Mythos and Fable become antiquated in the timeframe of AI model releases.
Be Proactive Before Access Is Regulated
Overall, any company seeking permission for ITAR-restricted AI models will need to ensure its employees are vetted and validated, as a weak or inadequate identity verification process could put the AI provider in a precarious position, requiring it to restrict access until compliance is achieved. Instead of waiting for a government to regulate your access, it's important to be proactive and already have security controls in place. Trust is extremely important when AI models are granted to users, and that access should be treated as something that requires constant relationship maintenance. Any company that loses access to a restricted AI model due to even minor misuse will understand the severity of the loss, as regaining permission can take years of work. In 2026, it is just the beginning of governments' attempts to restrict AI models, which is why it's important to have the groundwork already in place, as the winds can change suddenly, and you might find your company required to comply with ITAR identity verification.
Securing ITAR-restricted AI access for U.S. persons? Contact Trust Swiftly to vet your employees and users with IAL3 proofing and citizenship verification through our on-site and supervised remote identity verification.