The Information reported today (December 10, 2025) that Chinese AI startup DeepSeek acquired approximately 2,000 banned Nvidia Blackwell chips through a sophisticated “phantom datacenter” smuggling scheme—allegations Nvidia firmly denies as “farfetched” with “no substantiation.” The timing is striking: just days after the DOJ shut down a $160 million chip smuggling operation, the allegations raise an uncomfortable question for policymakers: if advanced AI chips can be smuggled at this scale, are export controls effective policy or security theater?
Export controls shape global AI development—who gets access to cutting-edge hardware determines who can build frontier models. However, if controls are easily bypassed through smuggling, the entire policy framework is built on sand.
Phantom Datacenters: The Alleged Smuggling Scheme
According to The Information’s report, DeepSeek allegedly used a sophisticated workaround: shell companies purchase Nvidia servers in Southeast Asian countries where Blackwell chip sales remain legal. They set up complete datacenters that pass official inspections from Nvidia’s OEM partners. Once the contractors verify successful installation and export compliance, smugglers dismantle the entire operation rack-by-rack and ship GPU servers “in suitcases” across borders into mainland China.
Nvidia’s response is unequivocal: “We haven’t seen any substantiation or received tips of ‘phantom datacenters’ constructed to deceive us and our OEM partners, then deconstructed, smuggled, and reconstructed somewhere else. While such smuggling seems farfetched, we pursue any tip we receive.” The denial is firm, but the details are specific—approximately 2,000 Blackwell chips, sufficient for large-scale AI model training. Moreover, these aren’t trivial numbers: Blackwell’s B200 delivers 3x the training performance of the previous-generation H100, hitting 20 petaflops per GPU.
Whether this specific allegation proves true or not, it spotlights a fundamental tension: export controls assume physical goods can be contained. Nevertheless, creative smuggling shows technology is harder to restrict than policy assumes. The “phantom datacenter” technique—if real—reveals a workaround that exploits the inspection process itself.
Export Controls Are Leaking at Scale
Here’s the uncomfortable reality: regardless of whether DeepSeek used phantom datacenters, chip smuggling is demonstrably happening at massive scale. The DOJ just busted a $160 million smuggling ring through Operation Gatekeeper. Furthermore, experts at the Center for a New American Security estimate roughly 100,000 export-controlled GPUs were smuggled to China in 2024 alone. Singapore authorities arrested three suspects in a separate $390 million AI server diversion scheme.
The methods vary from creative to brazen: mislabeling high-value chips as “tea” or “toys,” routing through shell company networks spanning multiple countries, and third-party transshipment that obscures final destinations. Consequently, when smuggling happens at this scale—100,000+ chips annually—export controls become compliance theater. U.S. companies face burdens and restrictions while smugglers find creative workarounds.
Additionally, even Nvidia, while denying the DeepSeek allegations, is piloting location verification technology to combat what it calls “rising smuggling concerns.” If there’s no problem, why develop chip-tracking software? The contradiction is telling: policy creates friction without effectiveness.
The Uncomfortable Question: Do Export Controls Work?
Here’s where the evidence gets awkward for policymakers: despite export controls launched in October 2022 and tightened repeatedly through 2025, researchers at the Center for Strategic and International Studies conclude that “China’s AI ecosystem remains competitive with the United States.” DeepSeek itself demonstrated this by training a GPT-4-level model for just $5.6 million (claimed), using algorithmic efficiency to compensate for restricted hardware access.
The harder you ban, the more creative smuggling becomes—and the more incentivized adversaries are to innovate around restrictions. This isn’t theoretical: DeepSeek trained its R1 model for just $294,000 using only 512 H800 chips. As a result, export controls didn’t stop Chinese AI development; they changed the approach. China is now developing carbon nanotube chip technology that could potentially leapfrog silicon-based designs entirely. Therefore, restrictions may accelerate the very self-sufficiency they aim to prevent.
History offers a clear parallel: in the 1990s, the U.S. treated strong encryption as munitions and restricted exports. The policy failed completely—encryption spread globally anyway. You can’t stop information technology with physical export controls. In fact, chips are movable, knowledge is transferable, and algorithms can’t be contained. Export controls assume technology transfer works like arms sales, but that’s a 20th-century framework applied to 21st-century technology.
The question isn’t whether export controls have noble goals—slowing adversary AI capabilities is a legitimate security concern. Rather, the question is whether the current approach achieves those goals or simply creates compliance friction while smugglers operate at scale.
Location Tracking and the Cat-and-Mouse Game
Nvidia is fighting back with location verification technology—software that lets chip owners prove their hardware isn’t in restricted countries. Meanwhile, Congress is joining the effort with the bipartisan “Stop Stealing Our Chips Act” to strengthen enforcement. However, the skeptical view asks: is location tracking the solution, or just another layer in an endless cat-and-mouse game?
Consider the resource constraint: the Bureau of Industry and Security has only 600 employees and a $200 million annual budget to police global supply chains. That’s “simply inadequate” for effective enforcement, according to policy experts. Location verification sounds promising, but software can be spoofed, chips can be moved after verification, and shell companies can claim false locations. Consequently, this mirrors the history of DRM and encryption bypass—technical controls face technical workarounds.
Meanwhile, the Trump administration is already rolling back some controls, granting Nvidia permission to ship older H200 chips to China in December 2025. Even policymakers seem to recognize the tension between restriction and competitiveness.
For developers worldwide, export controls aren’t abstract policy—they determine who gets access to the best tools. For U.S. tech leadership, overly restrictive controls risk harming American competitiveness while failing to stop adversary AI development. Ultimately, the DeepSeek case illustrates the limits of export policy in the AI age, whether the specific allegations are true or not.
The Bottom Line
Export controls have a role in national security strategy. However, when 100,000+ chips are smuggled annually and China’s AI ecosystem “remains competitive” despite years of restrictions, the current approach looks more like security theater than effective policy. The phantom datacenter allegations—regardless of their accuracy—expose a deeper truth: you can’t stop technology transfer through physical export bans alone.
