Governments Are Coming for Your GPU, 3D Printer, and Radio Hardware
The right to own and use computing hardware is not guaranteed. It is not written into most constitutions. It is not protected by treaty. Governments are now debating whether it should exist at all.
Three categories of private hardware sit in the crosshairs at once: GPUs, 3D printers, and amateur radio or software-defined radio gear. The logic stays the same each time. First comes a safety argument. Then registration. Then a rental model where every job, print, or transmission is logged and tied to a person.
GPUs and the Control of AI Compute
In October 2023, President Biden signed Executive Order 14110 on AI. Section 4.2 required cloud providers to report when a foreign person used their infrastructure to train a model above a threshold, initially 1026 floating-point operations. That rule targets large clusters, not consumer GPUs. Still, it set the key principle. AI training runs can trigger government reporting. The threshold is policy. It can move.
The EU AI Act, adopted in August 2024, builds a tiered oversight regime for AI systems. General-purpose models trained with more than 1025 FLOPs are treated as having systemic risk and face reporting, incident notification, and red-team testing duties. This also targets frontier labs for now, but the regulatory structure is already in place. The AI Office can revise thresholds later.
Export controls show where this is heading. The US Bureau of Industry and Security barred NVIDIA A100 and H100 exports to China, Iran, and Russia in October 2022, then expanded the rules in October 2023 to cover more advanced chips and more countries. The message is clear. GPUs now count as strategic dual-use assets. The same reasoning used for export controls can be turned inward. Public filings from US policy groups already talk about knowing who owns serious compute.
The rental model already dominates. AWS, Google Cloud, Azure, RunPod, and Lambda Labs rent GPU time by the hour. Jobs on rented infrastructure are logged: who ran them, for how long, and which account paid. Renting compute is not private computing. It is outsourced computation on a monitored service.
Several US think tanks and EU technical bodies now argue that high-end consumer GPUs should be registered in a database linking serial numbers to buyers, much like vehicle registration. The stated goal is to help law enforcement identify who runs compute-heavy AI locally. No law does this yet. Multiple white papers from 2024 and 2025 recommend it.
3D Printers and the Ghost Gun Panic
Pressure on 3D printers is further along and has already produced law in several places.
In the United States, the ATF's "Frame or Receiver" rule (ATF 2021R-05F), which took effect in August 2022, required serialisation of home-made firearm components, including 3D-printed lower receivers. It also required federally licensed dealers to serialize unserialized frames or receivers brought in for service. The rule was later challenged and partially vacated by the Supreme Court in Garland v. VanDerStok (2024), but it showed how willing the ATF is to push home manufacturing into dealer oversight.
In Australia, several states have enacted or proposed 3D printer registration after high-profile seizures of 3D-printed PAK-9 submachine guns and "Glock switches". Victoria's Law Reform Commission recommended in 2023 that buyers of capable printers, defined by material capability such as PETG, nylon, or metals, should register with police. Queensland and New South Wales have both explored the same model.
In the United Kingdom, Operation Signature, a Metropolitan Police and NCA effort, carried out raids from 2021 onward against people using 3D printers to make firearm parts. The Economic Crime and Corporate Transparency Act 2023 and amendments to the Firearms Act 1968 expanded liability for possessing 3D-printed firearm components even without a complete weapon. Under section 57A of the Firearms Act, possessing a digital design file for a prohibited component can now be criminal. UK law crossed the line from object to file.
Several EU member states, including Germany, France, and the Netherlands, have circulated proposals inside the European Commission for mandatory registration of "capable" 3D printers, defined by material thresholds. No EU-wide rule exists yet. The proposals remain under review.
The chilling effect is already visible. Medical prosthetics makers, enclosure designers, replacement-parts shops, and artists all use the same machines as the tiny set of cases that drive regulation. Policy discussions keep pointing toward licensed print services instead: KYCKnow Your Customer rules require users to submit identity information such as passports, selfies, addresses, or phone numbers before accessing a service.Glossary → accounts, logged jobs, design-file screening, and approval workflows.
| Jurisdiction | Hardware | Status | Detail |
|---|---|---|---|
| United States | GPUs / AI Compute | Reporting (cloud) | EO 14110 (Oct 2023): cloud providers report large foreign training runs. Consumer GPUs: no current requirement. |
| United States | Advanced GPUs | Export controlled | BIS Chip Rule (Oct 2023): A100/H100 banned to CN/IR/RU. Expanded Oct 2023 to AMD/Intel equivalents. |
| European Union | AI Compute | Mandatory reporting | EU AI Act (Aug 2024): models trained >10²⁵ FLOPs report to EU AI Office, systemic risk obligations. |
| United States | 3D Printers | Serialisation (challenged) | ATF 2021R-05F: required serialisation of home-manufactured frames/receivers. Partially vacated SCOTUS 2024. |
| Australia | 3D Printers | Registration proposed | Victoria LRC 2023: registration for capable printers (PETG/nylon/metal). Not yet enacted. |
| United Kingdom | 3D Printers | Enacted. File possession | Firearms Act s.57A: criminal liability for possessing prohibited weapon component CAD files. |
| United States | Amateur Radio | Licensed (long-standing) | FCC Part 97: transmission requires registered callsign. SDR receive-only: unregulated. |
| United States | ADS-B Receivers | Proposed restrictions | FAA reauthorization proposals 2024: restrict non-commercial ADS-B receiver use. Not enacted. |
| Multiple | SDR Hardware | Receive: unregulated | HackRF, RTL-SDR, LimeSDR: legal to own. Transmission requires licensing per local spectrum rules. |
Software-Defined Radio, SDRs, and the Surveillance of Spectrum
Software-defined radio gear like the RTL-SDR, HackRF One, and LimeSDR lets anyone with a computer receive, and on some models transmit, across wide frequency ranges. In most places, owning SDR hardware is legal. Transmission above certain power levels needs a licence. Reception usually does not.
SDRs can receive a lot: ADS-B aircraft positions, AIS ship positions, ACARS airline communications, some trunked police and emergency radio where it is not encrypted, weather satellite imagery, and amateur radio traffic. This is public spectrum. The signals are broadcast in the clear. Listening to them is a long-standing radio hobby.
Governments are growing less comfortable with civilians watching this spectrum. During FAA reauthorization talks in 2024, lawmakers floated restrictions on ADS-B receivers for non-commercial users. The argument was that aircraft position data could aid surveillance or attack planning. The proposal failed, and aviation safety advocates pushed back hard.
Amateur radio has required licensing for a long time. The FCC, Ofcom, and ACMA all require registered callsigns for transmission above certain thresholds. That part is established. The concern is mission creep: rules moving from transmission to reception, and from ham radio to SDR hardware in general.
DARPA and DoD research documents from 2023 and 2024 raise concerns about phased-array radar kits, meaning commercial SDR setups that can handle basic radar work. No regulation has followed yet, but the concern is on the record. The pattern from GPUs and 3D printers suggests proposals will come.
The rental alternative is spectrum as a service. Instead of owning radio hardware, you pay a managed provider for access to licensed spectrum. Every transmission is logged, tied to an account, and revocable. Cellular and satellite IoT networks already work this way. The policy question is whether that model will become mandatory for general-purpose radio gear.
The Pattern Is Consistent
This pattern has precedent. Consider the close analogues:
- Automobiles: safety and environmental justifications produced mandatory registration, insurance, emissions testing, and eventually the infrastructure to track vehicle movements through ANPR and toll databases.
- Drones: the FAA introduced mandatory drone registration in 2015 for aircraft above 250g. Remote ID, a broadcast requirement that identifies the drone and operator, became mandatory for US drones in September 2023. A drone that does not broadcast Remote ID is illegal in controlled airspace.
- Encryption: the 1990s Clipper Chip proposal attempted to mandate government-accessible backdoors in encryption hardware. It failed. The same argument still shows up today through "lawful access" proposals in the UK, EU, and Australia.
In each case, the sequence is the same: safety claim, mandatory registration, logged use, managed-service normalization, then private ownership turned into a legal or practical burden.
What to Do Now
The practical response is simple. Build the habit and the hardware base before registration closes the door.
Document hardware ownership now
Keep receipts, serial numbers, firmware versions, and purchase dates for hardware that may end up regulated. Store that record offline. Grandfather clauses usually depend on proof of prior ownership.
Use open-source firmware
Proprietary firmware can be updated to add monitoring, reporting, or kill switches. Open-source firmware you can inspect is harder to turn against you. Examples:
- 3D printers: Klipper or Marlin. Fully open, runs on widely available hardware
- Routers: OpenWRT. Replaces manufacturer firmware and removes telemetry
- SDR: GNU Radio, SDR++. Open-source signal processing stacks
- AI inference: llama.cpp, Ollama, LM Studio. Run models locally with no query logging
Build local AI inference now
Ollama, LM Studio, and llama.cpp run useful language models entirely on local hardware. A modern RTX 4090, RX 7900 XTX, or Apple Silicon M-series chip can handle strong local inference. That means no query logs, no account, and no terms of service. Build the habit before it gets regulated.
Join organisations working on hardware rights
- EFF (Electronic Frontier Foundation). US digital rights, including hardware and right to repair: eff.org
- Open Rights Group. UK civil liberties, including hardware and encryption: openrightsgroup.org
- Digital Rights Watch. Australian digital rights: digitalrightswatch.org.au
- iFixit. Right to repair advocacy in the US and abroad: ifixit.com
- Free Software Foundation. Software and hardware freedom: fsf.org
Encrypt your hardware's outputs
Treat design files, model weights, training data, and recorded radio captures as private data. Encrypt them at rest. Use VeraCrypt containers for sensitive files. Do not leave them in plain cloud storage tied to your identity. If registration rules pass, unencrypted files on named accounts will be early targets.
Follow the Money
Safety arguments for hardware registration do a second job. They push private compute, fabrication, and spectrum into subscription services where every use is logged and billed to an identity.