Commerce Order Forces Anthropic To Pull Top AI Models, Leaving Users And Defenders In The Dark

A sudden export restriction from the Commerce Department prompted Anthropic to remove two of its most advanced systems from service late last week, a move that immediately disrupted customers and cybersecurity teams and raised new questions about how far Washington will go to police American-made software. The directive barred access by non-U.S. persons — including some staff at the company — and Anthropic said it complied after receiving no public explanation for the measure.

According to people familiar with the matter, the notice cited a seldom-used export rule and did not lay out the specific national security concern. Anthropic told partners it believes the action stems from a private vulnerability report describing a way to bypass the models’ safety controls, but the company said the letter it received did not identify that research or supply technical details. To comply, Anthropic suspended public access to its flagship products, a step that regulators executed without seeking a court order and that highlights the speed with which officials can constrain U.S. cloud services.

Security researchers who examined the private analysis argue the issue is less about a novel cyberweapon than about how engineers phrase requests to a model. In one account shared privately with the company, testers demonstrated that prompting a system to change code could produce behavior that looked like an evasion of safeguards, even if the underlying technical risk was the same as asking the model to point out defects. “If we strip these tools away, defenders lose one of the few practical ways to test and harden networks,” said Dana Ruiz, a veteran vulnerability analyst who reviewed the disputed paper. She and other defenders warn that limiting advanced model capabilities in the United States could hamper incident response and weaken overall cyber resilience.

The latest episode echoes earlier fights over export rules for security technologies. In the mid-2010s, government language intended to prevent misuse of offensive tools swept so broadly that legitimate security research was nearly constrained, prompting a lengthy policy fight. Critics say the current order feels similarly blunt. Several leading cybersecurity experts and incident response teams have since urged the administration to reverse course, arguing that sidelining powerful analysis tools hands an advantage to attackers and to foreign actors who can still access equivalent technologies elsewhere.

Beyond the technical debate, the event has a political dimension. Media accounts and sources close to the discussions describe strained relations between Anthropic and some officials in the current administration, feeding speculation that personal or strategic frictions helped drive the decision. “When regulators act without transparency, foreign governments and commercial customers start to worry whether U.S. providers will be available when they’re needed,” said Mark Eldridge, a tech policy analyst. He added that allies could rethink procurement if they conclude American products are vulnerable to abrupt limits.

For users, the immediate consequence was practical: researchers, developers and security operations teams relying on the affected systems saw projects stall. For the industry, the incident signals a new operating reality in which Washington can, with a single letter, disable distribution of advanced software tools. Legal challenges and calls for clarification are likely to follow, but in the short term the episode has underlined a basic trade-off: tighter government control may address perceived risks, yet it can also strip defenders of capabilities that help protect networks.