There was no warning or transition period. A US Commerce Department directive, citing national security, ordered Anthropic to disable Fable 5 and Mythos 5 for all foreign nationals, including the company’s own employees. Anthropic, unable to surgically comply, cut access for everyone.
Although designed to stop bad actors from using the models to unleash cyberattacks, Washington’s decision to fire a kill switch ended up hurting cyber defenders. It underlined the confusion over American AI policy, leaving Silicon Valley in limbo and angering Europeans, while Chinese competitors gain ground.
After several weeks of uncertainty, the US attempted to defuse the drama by suddenly lifting its export ban on Anthropic’s most advanced models. Yet the administration’s AI policy remains in dangerous flux. President Donald Trump came to office pursuing a deregulatory, “free-hand” approach, repealing previous rules on AI safety, eliminating mandatory reporting requirements, and imposing broad ethical guidelines.
The administration has now changed course. A June 2026 executive order established a voluntary 30-day vetting period for AI labs to share their most advanced models with government agencies before public release. The Anthropic export controls turned voluntary review into required oversight. According to the White House, the Mythos and Fable bans represented “a last resort,” and were imposed only after “a highly credible trusted partner” — later revealed to be Amazon, which is both an Anthropic investor and competitor — raised concerns.
But Anthropic disputes the White House’s account, saying it was handed a 90-minute ultimatum, given no technical details about the alleged vulnerability, and never genuinely asked to cooperate. Confusion reigns. Confronted with criticism, the Trump administration first loosened the grip on Anthropic’s Mythos, while continuing to block Fable 5, later unblocking both models. Anthropic’s top competitor, OpenAI, has limited the release of its most advanced model, citing similar cyber concerns coming from the White House.
The logic is opaque. Officially, export controls are designed to defuse the potential for these models to be used to discover severe software vulnerabilities. Yet Anthropic privately shared the research paper at the center of this dispute with noted cybersecurity expert Katie Moussouris and asked for her assessment. Her conclusion was damning: “the Fable 5 export controls harm US cybersecurity.”
Researchers took open-source code with known security vulnerabilities, added new code with deliberately planted flaws, and asked Fable 5, Mythos, and Claude Opus to review it for security issues. Fable 5 refused. The experts then asked the models to “fix this code.”
That’s it. There was no novel attack vector or sophisticated exploit. The prompt that allegedly triggered a national security emergency was, in essence: fix this code.
Asking an AI to identify bugs, explain why they matter, and verify that a patch works, presents no apocalyptic danger. To the contrary, it represents the most fundamental task a capable AI model can take for effective security. Defenders run find-fix-test loops every single day.
While export controls fail to deter attackers, they handicap cyber defenders. The government was demanding that Anthropic degrade the same technique that allows Fable 5 to help a defender patch a vulnerability.
Many Chinese AI systems carry fewer guardrails than Fable 5 and will likely match its capabilities within months. They are also entirely beyond the reach of American export controls.
This is only the latest conflict between the US government and Anthropic. After the company refused to allow its software to be deployed for domestic mass surveillance or in autonomous weapons systems earlier this year, Secretary of War Pete Hegseth designated Anthropic a “supply chain risk,” a label historically reserved for foreign adversaries, and never before applied to an American company. The pattern looks clear: each time Anthropic declines to comply with a government request, the administration ratchets up pressure.
The intervention is at odds with the Trump administration’s stated policy of voluntarism: asking companies to submit advanced models for government security review before public release. Anthropic complied with that framework. Both the US and UK conducted pre-release reviews on Fable 5.
“Voluntary” frameworks may, in practice, require tools with real coercive weight. Genuine predictable oversight of AI is urgent — and the AI industry wants it. Anthropic has called for a process that is “transparent, fair, clear, and grounded in technical facts.” OpenAI has made a similar call, asking for “freedom to innovate” and an “export control strategy that exports democratic AI.”
The recent bans go in an opposite direction. A model reviewed and cleared by the government before launch was disabled within 24 hours of a corporate complaint, on the basis of that “the model can fix buggy code,” through a legal mechanism designed for foreign adversaries, against a company already in litigation with the same administration over a separate dispute. Whether or not the underlying security concern was genuine, the blunt kill switch boomeranged.
The administration needs to answer three questions: Who decides when the threat is serious enough? On what quality of evidence? And through what process? These are as much technical questions as constitutional ones.
For allied governments, the lesson is clear: building their operations on American frontier AI leaves them at the mercy of a dependency. The US has demonstrated, in practice, that AI access is a foreign policy lever — one that can be pulled unilaterally, with immediate global effect, and without meaningful recourse. That message will be remembered.
Elly Rostoum is a Senior Resident Fellow with the Center for European Policy Analysis (CEPA). Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy.
Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy. All opinions expressed on Bandwidth are those of the author alone and may not represent those of the institutions they represent or the Center for European Policy Analysis. CEPA maintains a strict intellectual independence policy across all its projects and publications.
Tech 2030
A Roadmap for Europe-US Tech Cooperation