The recent actions of the US government mark a significant turn in how software export controls are applied, especially to AI technologies. On June 12, the Commerce Department implemented a directive requiring the commercial AI company, Anthropic, to pull its models offline. This included stopping access to its Fable 5 and Mythos 5 models for all foreign nationals, regardless of their employment status in the United States. In response, Anthropic chose to disable these models globally, as it could not ensure that the restrictions would be effective.
What prompted this extraordinary measure from the Commerce Department? Chiefly, a narrowly defined jailbreak vulnerability associated with Mythos 5 was identified, which raised concerns about Advanced Cybersecurity issues potentially linked to this AI model. Fable 5 had only been available for a brief time, and with its close connection to Mythos, it too fell victim to the directive. Other models produced by Anthropic remain available and are unaffected.
Anthropic disputed the claimed severity of the vulnerability, arguing that it was limited in scope and not universal. This point raises a significant consideration: similar vulnerabilities might exist in competing models, including those from other companies like OpenAI.
Insider insights suggest that the Commerce Secretary had reservations about issuing such controls, indicating that removing them is feasible once Anthropic successfully addresses the cited issues.
Why is this action so critical in the broader context of AI and international commerce? It represents the first instance where the US government has mandated a commercial AI provider to suspend model access based solely on user nationality. Earlier export controls related to AI primarily centered around hardware. Implementing software-level export controls introduces a different risk dynamic, giving the government the authority to essentially "flip a switch" and sever access to AI models overnight. This capability transforms the risk assessment for every developer and platform that incorporates these AI tools into their operations.
Furthermore, if these compliance requirements continue to escalate, companies operating at the intersection of crypto and AI, particularly decentralized AI platforms, may face significant challenges. Nationality-based access restrictions are inherently difficult to enforce on decentralized networks, complicating the operational environment for many.
At present, Anthropic continues discussions with federal authorities in hopes of mitigating this situation and restoring access to its models.