Ben Okonkwo: Anthropic released its most powerful AI models on Tuesday. By Friday, the Trump administration ordered them shut down worldwide. Anthropic complied by disabling them for everyone — not just foreign users — everyone.
Jonathan Ingles: And here's the thing nobody wants to say out loud — that's not a technical limitation. You can geo-fence a model. They know how to do that. Anthropic chose to pull the whole thing.
Ben Okonkwo: Okay, so — and this is the part I want to be careful about — we know they pulled it globally, we don't yet know why, and those are two very different claims carrying very different weight.
Jonathan Ingles: Sure, but the options on the table are: technical necessity, legal risk aversion, or a company that has built its entire brand around safety just... found it easier to agree with the government. Frankly, only one of those reflects well on them.
Ben Okonkwo: Right, and — hm — what's load-bearing here is that word 'compliance.' Because complying with an order to restrict foreign access and complying by going further than the order required — those are not the same act, and the gap between them is where the interesting question lives.
Jonathan Ingles: That gap is the whole episode.
Jonathan Ingles: Fable 5 and Mythos 5 launched on a Tuesday. By Friday afternoon — 5:21 p.m. Eastern on June 13th — BIS had issued an order and both models were gone. Not geo-filtered. Not restricted. Gone. For everyone.
Ben Okonkwo: And that's the first thing I want to slow down on, because the mechanism matters. The BIS order — Howard Lutnick's letter to Dario Amodei — said restrict access for foreign nationals. It did not say disable globally. Anthropic made that choice.
Jonathan Ingles: Right. And Anthropic said publicly they disagreed with the government's handling of it. Then did the most expansive thing possible. That's not compliance under protest — that's a message.
Ben Okonkwo: Okay, but here's where I want to be careful. Nationality-based access filtering on a frontier model API — we don't actually know how feasible that is. IP geolocation is notoriously porous. API keys don't carry passports. So some of the compliance choice might reflect a genuine engineering constraint, not just politics.
Jonathan Ingles: Anthropic gave no technical explanation for why partial restriction was infeasible. None. They just said global shutdown was the 'net effect.' That's not an engineering explanation. That's a cover story.
Ben Okonkwo: I hear you, but that still doesn't settle whether it was technically possible. The absence of an explanation isn't proof they could have done it. That's the gap in the evidence chain.
Jonathan Ingles: Fine. Let's set the technical question aside. Here's what we do know: Anthropic depends on Project Glasswing. Mythos 5 — the unrestricted version, guardrails already lifted by design — was being used in that government collaboration. So the government told Anthropic to disable the model it was already partnering with Anthropic to run. And Anthropic said yes immediately. That's leverage. That's not security.
Ben Okonkwo: That's the thing that actually breaks the stated rationale for me. The security trigger was a jailbreak of Fable 5 — the public model with guardrails. But the remedy was applied to Mythos 5 as well, which already had those guardrails removed intentionally for trusted government partners. So the logic is: your public model's safety features were bypassed, therefore we also shut down the model we designed together without safety features. That doesn't follow.
Jonathan Ingles: No one's saying that out loud because it collapses the national security framing instantly.
Ben Okonkwo: And look — this is the first time export controls have ever been applied to a specific commercial AI model rather than hardware. The Biden-era AI Diffusion Rule, the October 2022 semiconductor controls — those targeted chips. BIS just jumped to software. To a named product.
Jonathan Ingles: And BIS reportedly framed this as an operating template. Not a one-off. A template for a model-level export control regime to be extended across the industry. So Commerce now has effective veto power over which AI products can exist commercially. That's the actual policy.
Ben Okonkwo: Which is exactly what CSIS flagged — that export controls occupy this unresolved dual role as both security instruments and competitive market interventions. The concern isn't hypothetical anymore.
Jonathan Ingles: Here's what I keep coming back to. June 2nd — Trump signs an executive order. Anti-regulatory, pro-innovation, voluntary government-industry collaboration. Eleven days later, BIS orders a commercial vendor to pull its flagship products from the global market. Frankly, if a Democratic administration did this, we'd be calling it industrial policy. Because that's what it is.
Ben Okonkwo: I want to be precise about that. The tension is real — but whether it's flatly contradictory or represents a genuinely unresolved policy question about whether targeted model-level controls are compatible with domestic AI leadership, that's empirically open. I don't think we can call it settled hypocrisy yet.
Jonathan Ingles: Oh, NSPM-11 settles it. Same day as the directive — Trump signs a memo that explicitly bars commercial vendors from disabling AI systems that warfighters depend on without prior government approval. The government wrote a rule against doing what it then immediately did. To a model inside an active government program.
Ben Okonkwo: Oh, that's interesting.
Jonathan Ingles: Right? Nobody's touching that one.
Ben Okonkwo: No, wait — the same memo that's supposed to accelerate military AI adoption also prohibits disabling models warfighters use, and then the order disables a model in an active government collaboration. That's not a tension. That's the government contradicting itself in the same document set.
Jonathan Ingles: And the GAO ruling from May 12th is sitting underneath all of this. The Trump administration's non-enforcement of the AI Diffusion Rule was itself ruled a rule subject to the Congressional Review Act. So the prior export control framework is legally still in effect — and now they've layered model-level controls on top of it with no public security assessment, no appeal process.
Ben Okonkwo: If a suspected jailbreak — not a proven exploit chain, not a demonstrated attack — is sufficient to take a commercial AI product offline globally, what does frontier AI development actually mean inside the United States? And will allied countries — who lost access right alongside adversaries — accept a world where one regulator controls the on-switch?
Ben Okonkwo: And here's what I keep coming back to — the assumption underneath all of this is that the U.S. government can hold the line on frontier capability indefinitely. That if they say a model is offline, it's offline, everywhere, for everyone who matters. That assumption has never actually been tested at this level.
Jonathan Ingles: Right. And the moment it gets tested — the moment an allied country or a well-resourced competitor demonstrates they don't need Anthropic's permission — the whole framework collapses. Not gradually. All at once. And everyone who complied quietly will have gotten nothing for it.
Ben Okonkwo: So the actual question — and I don't think anyone has an honest answer to this yet — is whether Anthropic made a calculated bet that the framework holds, or whether they already know it doesn't and they're just managing the relationship until it doesn't matter. Those are very different companies. We'll be back.