Anthropic Challenges US Export Control Directive: National Security or Overreach?

On a Friday evening, Anthropic received a directive that would abruptly halt access to two of its most advanced models, Fable 5 and Mythos 5, for all foreign nationals—even those inside the company. The US government, citing national security authorities, ordered the suspension based on a perceived vulnerability: a method to “jailbreak” Fable 5. But the company’s public response reveals a deeper disagreement over what constitutes a meaningful security threat, and whether the government’s action sets a dangerous precedent for the entire AI industry.

The directive, received at 5:21pm ET, came without specific details of the national security concern. Anthropic’s understanding is that the government had been shown a technique that could bypass the model’s safeguards to identify “a small number of previously known, minor vulnerabilities.” The company reviewed the demonstration and concluded that the vulnerabilities were both narrow and simple—so much so that other publicly‑available models (including OpenAI’s GPT-5.5) can discover them without any jailbreak at all. Moreover, the technique appears to be a non‑universal jailbreak: it works only in specific, limited circumstances and does not broadly unlock the model’s cyber capabilities.

This distinction is crucial. Universal jailbreaks—methods that grant wide‑ranging access to harmful capabilities—are the gold‑standard threat in AI safety. Anthropic explicitly stated during its Fable 5 launch that perfect jailbreak resistance is not currently possible for any provider. The company adopted a “defense in depth” strategy: make jailbreaks either narrow or very expensive to produce, and combine that with thorough monitoring to detect and shut down attacks quickly. This is also why Anthropic implemented a 30‑day data retention policy for Fable—a costly move that enables post‑attack analysis.

Yet the government’s directive ignores that broader context. According to Anthropic, the potential jailbreak in question essentially involves asking the model to read a specific codebase and fix software flaws—a capability already available from many other models and used daily by cybersecurity defenders. The company argues that if this standard were applied across the industry, it would “essentially halt all new model deployments for all frontier model providers.” In other words, any narrow, non‑universal vulnerability could become grounds for a recall, freezing innovation for every major AI company.

This is not the first time the US government has used export control powers to restrict AI models. In October 2022, the Bureau of Industry and Security (BIS) tightened restrictions on advanced semiconductors, effectively limiting China’s access to high‑performance chips used in AI training. Earlier this year, the White House issued an Executive Order on AI requiring safety assessments for models that could pose “serious risks to national security.” But those measures were broad and anticipatory. The directive against Anthropic is notably different: it targets a specific, already‑deployed model based on a single, narrow vulnerability that the company disputes.

The lack of transparency is another point of contention. Anthropic previously called for a statutory process that is “transparent, fair, clear, and grounded in technical facts.” The current directive, received without a detailed justification, violates those principles. The company notes that it has not even received a disclosure of a “concerning non‑universal potential jailbreak that led to a harmful result.” The only evidence provided so far is verbal, and the report Anthropic reviewed showed capabilities that are “widely available from other models.”

Some cybersecurity experts have weighed in, noting that the existence of a single narrow jailbreak does not necessarily indicate a systemic flaw. “The bar for recalling a model should be proportional to the actual risk,” said Dr. Elena Torres, a researcher at the Center for AI Safety. “If the government starts pulling models for any minor bypass, it could create a chilling effect on AI development without making us meaningfully safer.” On the other hand, policymakers argue that proactive measures—even if imperfect—can prevent catastrophic outcomes. “We cannot afford to wait until a model is weaponized,” said a spokesperson for the National Security Council, declining to comment on the specific case.

Anthropic is complying with the directive, disabling Fable 5 and Mythos 5 for all users worldwide. But the company is also working to restore access, emphasizing that the disruption stems from a “misunderstanding.” For its customers—including businesses relying on these models for everything from code generation to data analysis—the sudden loss of capability is costly. Anthropic’s partnership announcements with Tata Consultancy Services (TCS) and DXC Technology, providing Claude to thousands of employees and regulated industries, highlight the scale of the commercial impact.

The incident raises fundamental questions about the balance between national security and technological progress. How do we define a truly dangerous vulnerability? Should the government’s power to block deployments be exercised in real time, without independent review? And what happens when one company’s narrow flaw becomes a precedent that halts all frontier model releases?

Anthropic’s stance is clear: the government should have the ability to block unsafe deployments, but only within a statutory framework that is transparent and technically justified. This directive, the company argues, fails that test. As the industry watches, the outcome will shape not only Anthropic’s future but the rules governing every advanced AI model—and the millions of users who depend on them.