Viewpoint: Who determines who is permitted to use a software application?

      The letter was delivered at 5:21 PM Eastern Time on a Friday, the moment when official Washington typically stops returning calls and the news cycle slows down for the weekend. It originated from the Commerce Department, contained a few paragraphs, and did something unprecedented for American documentation.

      By the time dinner was finished on the East Coast, two of the most advanced artificial intelligence models in existence had gone offline. They were not restricted, not modified, and not simply impaired. They were shut down. A researcher in Berlin, who was in the midst of using the system, found it unresponsive. The same happened to a financial analyst in Singapore, a software development team in Bangalore, and, ironically, some engineers at Anthropic themselves, who held the "wrong" nationality.

      The directive instructed Anthropic to prevent access to Fable 5 and Mythos 5 for any foreign national globally, including non-citizens working in California. There was no straightforward way to enforce such a rule on a live system, so the company opted for the only option available to them: they shut down both models for every user, regardless of nationality, and apologized for the disruption they did not choose.

      I want to distinguish between what is factual and what is my perspective since they can easily blur in this context. The facts are clear. Anthropic confirmed receipt of the directive, acknowledged its extent, and stated they disabled the models in response, while keeping their older Claude Opus 4.8 operational.

      According to reports by Fortune and Al Jazeera, this incident marks the first occasion the US has applied national-security export controls against a commercial AI model. The official reason cited was related to cybersecurity. Officials informed Anthropic that they had become aware of a method to circumvent Fable 5’s protective measures and access the underlying cyberattack capabilities of Mythos.

      Anthropic referred to it as a “narrow potential jailbreak” and characterized the entire incident as a “misunderstanding.” Al Jazeera mentioned, citing Semafor, that suspicions of access by a group linked to China contributed to the decision, although they were unable to independently verify this detail.

      So much for the facts, but here is my opinion. While the security rationale may have some validity, it is not the core aspect of this story that warrants attention. What truly demands scrutiny is the mechanism, as it is likely to be replicated: export controls are an established tool. They have been used to regulate missiles, centrifuges, encryption technologies, and the physical chips that power AI.

      What differs this time is the nature of the subject. A frontier model is not a piece of hardware that can be seized at a port. It is a service accessed via a web browser, now integrated into the daily operations of companies and institutions unrelated to US national security. Al Jazeera noted that clients of the ratings firm S&P utilize Claude to query their databases; research facilities depend on it; and foreign employees in US companies rely on it to perform their jobs. When the government can shut off such a resource for the entire world overnight, “export control” transforms from describing a border to becoming a kill switch.

      That sets a precedent, and precedents don’t remain contained. Once a government demonstrates it can compel a corporation to retract a commercial product from millions of users on such short notice, this power is available for any future administration and any forthcoming complaint. The criteria used this time, “foreign national,” is so broad as to be nearly meaningless.

      Kun Chen, a former engineer at Meta and Microsoft, pointed out that this could not be enforced practically and is trivial to circumvent for anyone with malicious intent while inadvertently affecting millions of ordinary users, including the staff of American firms. A measure that fails to accurately target its objective and instead impacts many others is not precision; it is a demonstration of reach.

      There is a valid counterargument that deserves to be heard rather than brushed off as a straw man. Governments have historically claimed the right to restrict the spread of dangerous technology, and if a model genuinely can be weaponized for cybercrimes, the government has a legitimate stake in that matter. Anthropic, after all, has publicly asserted for years that its most powerful systems are too hazardous to be released without restrictions.

      It labeled Mythos as too powerful for a broad launch and subsequently developed Fable with a framework of safeguards it emphasized publicly. If you create something and deem it dangerous, it is unsurprising when a regulator views it through that lens.

      Cybersecurity researcher Peter Girnus articulated it succinctly: “If you position your product as a weapon in every press release, eventually a government will take you at your word. They wrote the legal justification and branded it.”

      I find that argument to be candid yet incomplete. It is honest because the threat is not purely fictional, and Anthropic contributed to framing the narrative. However, it falls short because it addresses a question that is not being asked. The matter at hand is not whether the