The Commerce Department invoked an obscure export directive to ban non-Americans from accessing Anthropic's Fable 5 and Mythos 5, prompting the company to shut both models down entirely — and raising alarms about government control over AI software.
The U.S. Commerce Department sent Anthropic a letter invoking an obscure export control directive that banned non-Americans, including the company’s own employees, from accessing its two flagship models, Fable 5 and Mythos 5, citing an unspecified national security concern. [1] In response, Anthropic shut down both models for all customers to ensure compliance with the directive. [1]
The letter has not been made public, and Anthropic said it believes the action is related to a bypass of the models’ guardrails — safety filters designed to prevent harmful outputs — but said it cannot be certain because the letter does not provide specific details. [1] The U.S. government did not appear to require court approval before issuing the directive. [1]
Reporting by Axios, citing sources, described a tense dynamic between Anthropic and the Trump administration over the weekend, attributing the export directive to “personality differences” between the two parties rather than a technical problem with the AI products themselves. [1]
Katie Moussouris, a cybersecurity researcher and founder of Luta Security, said in a blog post that Anthropic shared with her a private copy of a paper by security researchers describing an alleged guardrail bypass in Fable 5. [1] The Wall Street Journal reported that the paper’s authors are security researchers at Amazon. [1] Moussouris said the bypass involved the difference between asking a model to “review code for security issues” versus asking it to “fix this code,” with the end result being largely the same regardless of how the question is framed. [1]
Moussouris concluded that the bypass “should never have triggered an export control” and stated that “the behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense.” [1] She criticized the directive as hasty, heavy-handed, and misguided. [1]
Moussouris and dozens of other security researchers and experts have since called on the Trump administration to revoke the export control order, arguing that pulling advanced cybersecurity capabilities from network defenders in the United States is “dangerous.” [1]
Justin Hendrix, editor of Tech Policy Press, said the move is “likely to raise alarms in foreign capitals about the reliability of American AI for critical applications,” and described the broader climate as “one of a cloud of suspicion that senior officials are picking favorites based on personal and political factors.” [1]
The Trump administration has not confirmed its specific rationale for invoking the directive. [1] The episode sets a precedent in which the U.S. government demonstrated the ability to force a technology company to take its products offline through a swift, unilateral administrative action. [1]
The source article notes a historical parallel: export control language crafted by the U.S. government during the 2010s to cover cybersecurity tools that could also be used for cyberattacks was written so broadly that it inadvertently came close to outlawing legitimate security and vulnerability research. [1]
Sources
This article was drafted with AI from the cited sources and checked against them before publication. Spot an error? Let us know.
