“It is now time to move beyond transparency to more serious and binding regulation of AI,” wrote Dario Amodei (pictured), boss of leading AI lab Anthropique, on June 10. His firm recently released Fable, a limited edition of its world-leading Mythos Large Language Model (LLM), which could perform superhuman feats of hacking along with other dangerous tasks. That was not the meaning of what happened on June 12. For the second time in four months, the Trump administration dropped a bomb on Anthropic on Friday afternoon.
Citing national-security concerns, it ordered the firm to block any non-Americans, including its own employees, from accessing its latest Fable 5 and Mythos 5 models. In response Anthropic suspended their use entirely. This order, like the government’s clumsy attempt to designate Anthropic a supply-chain risk in late February, came out of the blue and with very little explanation. This shocked the AI world and America’s allies.
Both sides differ about the events leading up to the intervention. Reportedly, Amazon CEO Andy Jassy, an e-commerce giant that has a majority stake in Anthropic, alerted the Trump administration that it had found security flaws in the Fable 5 that would have enabled it to be “jailbroken” or override the guardrails that made the model less powerful than the Mythos. Posting on Twitter, David Sachs, a White House adviser, said the government had asked Mr Amodei to “fix the jailbreak or fix the de-deployment”, adding that “Dario refused”.
A source at Anthropic said the company was instructed to prevent “foreign nationals” from accessing the models due to an unspecified national-security threat. Anthropic discontinued them shortly afterwards, concluding that it was the only way to comply with the directive. The company made no mention of Mr. Amodei’s alleged refusal to fix the jailbreak.
It was not immediately clear on what legal basis the government had imposed the suspension. Anthropic said the models were affected by the export-control directive. Charlie Bullock of the Institute for Law and AI, a think-tank, estimates that the government has used the Commerce Department’s export administration regulations, which are also used to restrict the sale of AI chips in China.
But the government’s primary objective may not have been to control foreign access to marginal models. Instead, it appears to have used export controls as a convenient way to target Anthropic. If so, Aliens could suffer additional damage in a power struggle between the Trump administration and a leading model-maker that President Donald Trump once described as a “radical left AI company out of control.” On June 13, US Secretary of War Pete Hegseth said that three months earlier he had “kicked Anthropic out” of the Pentagon. “Each passing day proves why that was the right move.”
An open question is how serious the threat of prison escape actually was. Anthropic said the techniques used only identified “a small number of previously known vulnerabilities” that rival AI models could also uncover. The Anthropic source said the firm had worked with the government on pre-release testing and that officials had not previously raised any national-security concerns. Katie Moussouris, a leading authority on software vulnerabilities, who reviewed the Amazon paper that caused an uproar, argues that the techniques were primarily intended to help cyber-defenders. Fixing the vulnerabilities would make the model less useful for cyber-defense, he said.
The Cutoff is a geopolitical watershed. This echoes the US decision to ban public-key cryptography, a technology used to secure digital communications from the 1970s to the 1990s. At the time the government argued that cryptography was tantamount to a munition; One developer was investigated by the FBI for violations of International Arms Traffic Regulations. Ultimately, civil-liberties advocates won and the right to use, sell, and export most encryption systems was secured.
Encryption was a powerful technology, but narrow in its application. AI is far more powerful and versatile. On June 11, Senate Intelligence Committee Vice Chairman Mark Warner said that General Joshua Rood, who leads the National Security Agency and the Pentagon’s Cyber Command, had told him that Mythos “broke into almost all of our classified systems, not in weeks, but in hours”.
Advanced AI differs from encryption in another respect as well. While cryptography eventually became widely available abroad, the US enjoys a clear lead in AI today. China, troubled by US chip control, is probably about a year behind. This advantage could be irreplaceable if Anthropic or other US laboratories fail iterative self-improvement (RSI), whereby models write better versions of themselves and thus accelerate progress. Many insiders think this is entirely possible.
A better analogy, then again, might be nuclear technology, a comparison that has inspired, fascinated, and horrified AI researchers. Britain shared its early nuclear-weapons research with the US during the Second World War. But in 1946, after the war was over and the bomb’s amazing potential had been demonstrated in Japan, Congress passed the McMahon Act, ending cooperation with all foreign countries – even America’s closest allies. Full cooperation resumed much later, when Britain had already shown that it could develop its own bomb.
America’s allies are now faltering again. Many people had spent months gaining access to Mythos for government departments, banks and companies. Those permissions expired overnight. The cut-off exempts no one, not even America’s partners in the Five Eyes intelligence alliance: Australia, Britain, Canada and New Zealand. Those countries are already struggling with this Decline of key surveillance powers Which Congress recently failed to renew. Losing access to the mythos puts them in a position similar to Russia, China or Iran. UK AI Safety InstituteThe world’s leading organization for testing and jailbreaking new models has also been locked down.
Some foreign policy makers see this move as an alarm bell. Former British security minister Tom Tugendhat argues, “After this lesson it will be clear that every country will ask what it needs to achieve sovereignty.” But European and other middle powers are in a difficult position, writes Anton Leicht of the Carnegie Endowment, a think-tank. “Do you think the Trump administration that denied you access to Fable will let you buy enough Frontier chips to train an unrestricted Fable clone?”
A former British intelligence officer says spy agencies are likely to regain access to Mythos; Negotiations are already underway. Private companies may find this difficult. Nevertheless, some observers believe that the US government will eventually have to relent. “Allies can probably take some comfort from the fact that this is a completely unsustainable approach for long-term use because of the number of foreigners inside American AI companies,” says Helen Toner of Georgetown University’s Center for Security and Emerging Technology. “Preventing foreign nationals from accessing the models essentially amounts to preventing any affected company from conducting further AI R&D work.”
The administration’s policy may also prove ineffective. Cynthia Kaiser, a former official in the FBI’s cyber division, says that on the black market, hackers can buy American identities to gain access to AI models, as well as tools to jailbreak them. Anthropic has already restricted the use of its cloud model in China, yet Chinese users still access it relatively easily.
Mr Trump has taken a surprising approach to AI policy in recent months. He reversed most of the rules implemented by the previous administration, which he has repeatedly ridiculed. They later allowed the sale of advanced AI chips to China. Their pragmatic approach to AI security was called into question in April when Anthropic produced the Mythos Preview, a model that the firm considered such a threat to national security that it limited its release to a small group of approved customers. On June 2, Mr. Trump issued an executive order demanding a voluntary framework under which AI labs would provide the government access to their most advanced models shortly before release.
The sudden and capricious nature of the Administration’s restrictions on Fable 5 and Mythos 5 goes beyond that approach – and a far cry from the consistent and transparent oversight advocated by Mr. Amodei. Theoretically the Center for AI Standards and Innovation, a government body that scrutinizes Frontier models for dangerous capabilities, could serve as an independent arbiter in such disputes. But in recent days the administration directed it to stop publishing public reports. As access to advanced AI becomes a national security issue, America’s governance over it is also becoming opaque.
