GoKawiilLast Friday, citing unspecified national security concerns, the White House ordered Anthropic to restrict the export of its powerful AI models Fable and Mythos to anyone outside of the United States, as well as foreign nationals inside the country. Shortly after, the AI giant hastily pulled the plug on both models, which have now been unavailable to anyone for a week.
The episode is the first real test of whether the U.S. government can use export controls to contain frontier AI the way it has tried, with very uneven results, to contain encryption and spyware before it. And dramatic as it may sound, how this standoff gets resolved could shape not just Anthropic’s access to foreign markets but the rulebook that other AI labs will have to build around.
Some context first. Ever since Anthropic launched Mythos in April, the company has marketed it as some kind of Doomsday cyber machine that could wreak havoc on the internet if released too widely — which is why, before the ban, only around 150 vetted companies and government organizations had access to it at all. The goal was helping defenders secure their software and services before the bad guys could reach Mythos-like capabilities.
So what triggered the ban? Two subsequent events, reportedly. The first: Anthropic gave a South Korean telecom access to Mythos through its limited partner program, and U.S. officials grew alarmed after identifying the company as one they suspected had ties to China. (The company, widely reported to be SK Telecom, has denied any China connection.) Amazon CEO Andy Jassy also reportedly alerted the administration after Amazon’s own researchers, he said, found a way around Fable 5’s safeguards. Anthropic disputes the “jailbreak” label, calling it a narrow, already-patched issue rather than a wholesale defeat of the model’s safety measures.
The result was the same: the Commerce Department issued an export control directive, and Anthropic had to scramble to immediately limit access to its products within roughly 90 minutes of being notified, by some accounts.
None of this is new, though. Governments have tried to use export controls to limit the proliferation of what they see as dangerous cyber technology for decades, but their track record has been middling at best.
The U.S. government was behind what is perhaps history’s most spectacular failure of this approach in the early to mid-1990s. At the time, computer scientists were developing encryption technologies to secure data as it traveled over the internet. One of those encryption products was called Pretty Good Privacy, or PGP, a popular software that could encrypt data and make it virtually impossible to unscramble even if intercepted as it traveled to its intended recipient over the internet.
The U.S. government initially saw PGP as a dangerous weapon, fearing it would prevent its intelligence agencies from snooping on emails as they crossed their wires. To stop the distribution of PGP, the U.S. Customs Service opened a criminal investigation against PGP’s creator Phil Zimmermann for allegedly violating arms export controls. He fought back by publishing PGP’s source code as a printed book, igniting what is known today as the “Crypto Wars.”
Zimmermann later won a key battle when the investigation was closed, paving the way for crucial end-to-end encryption algorithms such as the one used by billions of Signal and WhatsApp users.
Later during the early 2010s, researchers began discovering Western-made spyware used against dissidents in the Middle East. In response, several governments agreed to expand the Wassenaar Arrangement, an international treaty that limits the export of dual-use software and technologies that are used in both civilian and military applications.
... continue reading