Leading House Republicans on Wednesday announced an investigation into Airbnb due to its use of Chinese artificial intelligence models.
House Select Committee on China Chairman John Moolenaar (R-MI) and House Committee on Homeland Security Chairman Andrew Garbarino (R-NY) cited national security and cybersecurity risks posed by reliance on Chinese models as a reason for the joint inquiry. They pointed to Airbnb CEO Brian Chesky’s comments last October that his company is “relying a lot” on Alibaba’s Qwen model as the prime cause for concern, as Alibaba is headquartered in China.
“Through adversarial model distillation and the rapid global distribution of PRC-developed models, China is working to undercut U.S. leadership, weaken trusted American alternatives, and embed CCP-aligned technology across the software supply chains our economy and national security depend on,” Garbarino said in a statement.
In a letter to Chesky, the two chairmen referenced Chesky’s interview with Bloomberg last fall, when he told the outlet he was relying on Alibaba because “it’s very good … fast and cheap.” At the time, Chesky revealed that Airbnb’s new AI customer service agent is built on 13 AI models, including one from Alibaba.
The lawmakers are asking Airbnb to provide Congress with several disclosures, including what Chinese AI models it is using, testing, or evaluating, whether Airbnb conducted any independent security evaluation of the model weights prior to deployment, and documentation of the “total volume” of Airbnb customer data that has been transmitted to or processed by Chinese-origin AI models since Airbnb first began using such models.
“American companies cannot afford to treat Chinese AI as a cheap and convenient tool when the consequences may include exposed data, compromised systems, and long-term dependence on adversary-controlled technology,” Garbarino warned. “I am proud to partner with Chairman Moolenaar on this investigation to better understand how these models are being adopted in the United States and what steps are needed to secure American innovation and protect our national security.”
In the letter, the lawmakers issued three arguments for why they are concerned that Airbnb is relying on Chinese AI systems.
They said that the models “manipulate what they say and suppress what they do not,” pointing to the select committee’s report on China’s Deepseek last year that found Beijing-backed systems “covertly censor and manipulate information pursuant to Chinese law” and “align with CCP propaganda.” The lawmakers also argued reliance on PRC technology could put “sensitive prompts, metadata, and other associated inputs” at risk of being “transmitted to and processed on third-party systems outside the company’s direct control.”
The GOP leaders additionally wrote that Chinese-linked models are “unsafe,” pointing to data it said found Chinese systems “complied with 94 percent of overtly malicious prompts using common jailbreaking techniques” while comparable U.S. models failed on only 8%.
“[U.S. cybersecurity firm] CrowdStrike found something more unsettling: exposure to politically sensitive terms associated with CCP censorship made these models significantly more likely to produce insecure code, suggesting that ideological conditioning degrades technical performance in ways users would never anticipate,” the letter reads.
Moolenaar and Garbarino also sent a letter to Anysphere CEO Michael Truell on Wednesday regarding similar concerns that the massive company is using Chinese AI models. Anysphere is the parent company of Cursor. The lawmakers expressed concern that Cursor’s new model, called Composer 2, holds ties to Chinese-linked companies, including Moonshot AI and Alibaba. The two chairmen cited a “growing risk that software systems used across the American economy, government, and defense industrial base will come to depend on models developed by PRC-linked laboratories and shaped by PRC strategic objectives.
THE AGE OF AI IS HERE — HOW SHOULD IT BE REGULATED?
“As you know, Cursor is one of the most widely adopted AI-powered software development environments in the United States, with more than one million daily active users, more than 50,000 business customers, and adoption by more than half of the Fortune 500,” the chairmen wrote. “When a developer uses Cursor, the tool may ingest the code being written, surrounding project files, conversation history, and indexed portions of a broader codebase. Depending on the use case, that information may include security architectures, cryptographic implementations, authentication and access-control logic, vulnerability remediation code, trade secrets, and other proprietary business logic.
“PRC-origin AI is not a neutral commercial decision but a national security choice with consequences extending well beyond any single company’s bottom line,” they stated.