The Fiscal Year 2026 National Defense Authorization Act ran more than 3,000 pages and authorized $8 billion in critical defense spending when the Senate approved it on December 17. Most coverage focused on what the law funds. One provision is about what it forbids — and it quietly redraws the compliance map for the entire defense industrial base. It is called Section 1532, and it bans a category of artificial intelligence, "Covered AI," not just from the Pentagon but from every contractor performing defense work.
The gap between forbidding a tool and actually blocking it is where defense contractors are now exposed.
What Section 1532 Actually Prohibits
According to WilmerHale's analysis of the enacted law, Section 1532 prohibits the Pentagon from using or acquiring AI systems "domiciled in covered nations" — defined as the Democratic People's Republic of North Korea, the People's Republic of China, the Russian Federation, and the Islamic Republic of Iran — or otherwise subject to foreign influence or control. The statute names specific systems: DeepSeek and HighFlyer. And it does not stop at government walls. As WilmerHale summarizes the provision: "No contractor will be allowed to use these AI tools either."
The Secretary of Defense can grant a waiver on a case-by-case basis, but only for narrow purposes such as scientific research, training, evaluation, or military activities supporting national security functions like counterterrorism or counterintelligence. The intelligence community gets a parallel mandate: Section 6604 directs the Director of National Intelligence and IC heads to write guidelines requiring the removal of DeepSeek from national security systems.
Read plainly, that is a use-prohibition that flows down to the laptop of every cleared engineer, analyst, and contracts specialist in the DIB. If a Covered AI system touches your defense work, you are out of compliance.
The Ban Lands Exactly as the Pentagon Goes "AI-First"
The timing is the hard part. The same government banning Covered AI is simultaneously pushing AI adoption harder than it ever has.
On January 9, 2026, the Pentagon issued three coordinated memoranda — followed by Secretary Pete Hegseth's January 12 speech — that Holland & Knight describes as an "AI-first" wartime-speed agenda. The AI Strategy memo directs the department to "accelerate America's Military AI Dominance." One of its pace-setting projects, GenAI.mil, aims to put frontier generative AI in the hands of "approximately 3 million civilian and military personnel at multiple classification levels."
The strategy even leans toward models "free from usage policy constraints," an "any lawful use" posture that Holland & Knight notes creates "tension with common commercial safety guardrails, acceptable-use policies." Translation for contractors: adopt AI aggressively, integrate it into every workflow — but never let a banned tool, or a banned data flow, slip into the work. Speed and prohibition, demanded at the same time.
A Prohibition You Can't See Is a Prohibition You Can't Enforce
Here is the operational reality the statute does not address: Section 1532 governs tools and data at the exact layer where most defense contractors have the least visibility — the browser.
DeepSeek's consumer model is a free web app. An engineer under deadline pressure can open a tab, paste a block of source code or a CUI-marked requirements document, and get an answer in seconds. No procurement record. No software install for IT to catch. No DFARS clause invoked at the moment it happens. The prohibition was violated in a browser session that no traditional control observed.
CMMC and DFARS assessments are point-in-time. A C3PAO assessor validates your documented boundary; they do not watch what your workforce types into a chat box on a random Tuesday. Even the Pentagon concedes the continuous-monitoring problem. In a January request for information, the DoD's Zero Trust Portfolio Management Office asked vendors to help it "accelerate and scale" assessments precisely because it has "limited capacity to validate initial compliance and conduct continuous assessments" — against a fiscal-2027 target-level zero-trust deadline. If the department that wrote the rule struggles to continuously verify compliance, a 200-person subcontractor running on quarterly audits has no chance of catching a real-time paste.
What Enforcing Section 1532 Actually Requires
A ban is only real if something can see the moment it is about to be broken and stop it. That control does not live in a policy PDF or an annual training module. It lives at the data boundary — the point where a user's text leaves the endpoint and crosses into a large language model.
Enforcing Section 1532 in practice means three things, in real time:
- Visibility into which AI tools the workforce actually uses — including the unsanctioned consumer ones that never show up in a procurement system.
- Policy enforcement at the boundary — blocking sessions to Covered AI outright, and inspecting what data is about to cross into any AI tool before it leaves, so a CUI paste is stopped rather than discovered after the fact.
- Audit evidence — a defensible record that the prohibition is enforced, ready for the C3PAO assessor and the eventual DFARS clause that will codify all of this.
This is a complementary layer, not a replacement for the frameworks the Pentagon is building (Section 1512's AI cybersecurity and governance policy, Section 1513's CMMC-AI framework, Section 1533's cross-functional model-assessment team). Those govern which models the department procures and how they are assessed. The data boundary governs what crosses the line between your people and any model — sanctioned or not.
The Contractors Who Will Be Ready
The defense industrial base has seen this movie. CMMC took years to travel from an NDAA provision to enforced reality, and the contractors who waited spent that time in remediation. Section 1532 is already enacted law, and the AI-first push guarantees the underlying behavior — employees reaching for whatever AI tool is fastest — is accelerating right now.
The contractors who are ready when the DFARS clause lands will not be the ones who wrote a new acceptable-use policy. They will be the ones who can prove, in real time, that no banned tool and no sensitive data ever crossed their data boundary.
Containment.AI enforces AI governance policies at the browser and proxy layer in real time — surfacing shadow AI use, blocking sessions to prohibited tools, and generating the audit evidence defense contractors need as NDAA AI requirements take shape. See how it works →