US Government Orders Anthropic to Restrict AI Model Exports; History Shows Export Controls Fail

Last Friday, the White House ordered AI company Anthropic to restrict exports of its powerful AI models Fable and Mythos to anyone outside the United States and foreign nationals within the country, citing unspecified national security concerns. Shortly after, Anthropic hastily pulled access to both models, which have been unavailable for a week.

This marks the first time the U.S. government has attempted to use export controls to contain frontier AI, similar to past efforts with encryption and spyware. The resolution of this standoff could shape not only Anthropic's access to foreign markets but also the regulatory framework for other AI labs.

Triggering Events

Since launching Mythos in April, Anthropic marketed it as a "Doomsday cyber machine" capable of causing havoc if released too widely. Before the ban, only about 150 vetted companies and government organizations had access, aiming to help defenders secure their software before adversaries gained similar capabilities.

Two events triggered the ban. First, Anthropic granted a South Korean telecom company, widely reported to be SK Telecom, access to Mythos through its limited partner program. U.S. officials grew alarmed after identifying the company as one suspected of ties to China; SK Telecom has denied any connection. Second, Amazon CEO Andy Jassy alerted the administration that Amazon researchers found a way around Fable 5's safeguards. Anthropic disputes the "jailbreak" label, calling it a narrow, already-patched issue.

The Commerce Department issued an export control directive, and Anthropic had to limit access within roughly 90 minutes of notification, according to some accounts.

Historical Lessons

Governments have tried export controls to limit dangerous cyber technologies for decades with middling success. In the early 1990s, the U.S. government launched a criminal investigation against Phil Zimmermann, creator of the encryption software PGP, for alleged arms export violations. Zimmermann fought back by publishing PGP's source code as a printed book, sparking the "Crypto Wars." The investigation was dropped, paving the way for end-to-end encryption used by billions on Signal and WhatsApp.

In the early 2010s, researchers discovered Western-made spyware used against dissidents in the Middle East. Several governments expanded the Wassenaar Arrangement to classify surveillance and hacking software as dual-use items requiring export licenses. However, the agreement has weaknesses: key spyware-producing countries like Israel are not signatories, and enforcement is left to individual nations. Italy allowed Hacking Team export licenses despite its sales to oppressive governments. Europe has been generally lax. Some spyware makers, like Intellexa, moved operations to countries with weak controls; others moved to Saudi Arabia.

There have been some successes. Germany-based FinFisher shut down in 2022 after a multi-year investigation into selling spyware to Turkey without an export license.

Outlook

Currently, an impasse exists between Anthropic and the Trump administration. The administration might lift restrictions to keep U.S. AI companies competitive, tacitly acknowledging that AI labs elsewhere, including in China, will achieve similar capabilities regardless. Alternatively, U.S. AI companies may require government approval to serve foreign customers, a compliance burden that would hurt profits. Given past experience, the article concludes that government-mandated export controls are unlikely to be effective in preventing malicious actors from abusing powerful dual-use technologies.