Last Friday, citing unspecified national security concerns, the White House Anthropic ordered restrict the export of its powerful Fable and Mythos AI models to anyone outside the United States, and to foreign nationals in the country. Soon after, the AI giant hastily disabled both models, which had already been unavailable to everyone for a week.
The episode is the first real test of whether the U.S. government can use export controls to curb border AI in the way it has tried to curb encryption and spyware before, with wildly different results. And as dramatic as it sounds, how this standoff is resolved could affect not only Anthropic’s access to foreign markets, but also the set of rules on which other AI labs must build.
First, a bit of context. Since Anthropic launched Mythos in Aprilthe company sold it as some kind of cyber doomsday machine which could wreak havoc on the internet if shared too widely – that’s why the ban, only about 150 verified companies and government organizations generally had access to it. The goal was to help defenders protect their software and services before the bad guys could achieve the same capabilities as Mythos.
So what was the reason for the ban? The following two events are reported. The first: Anthropic gave a South Korean telecommunications company access to Mythos through its limited partner program, and U.S. officials became concerned after they determined the company had what they suspected were ties to China. (Company, was widely reported be SK Telecom, has refused any connection to China.) It is also reported that Amazon CEO Andy Jassy warned the administration after Amazon’s own researchers, he said, found a way to bypass Fable 5’s safeguards. Anthropic disputes the “jailbreak” label, calling it a narrow, already-fixed problem rather than a complete defeat of the model’s security measures.
The result was the same: The Commerce Department issued an export control directive, and Anthropic had to try to immediately restrict access to its products within about 90 minutes of receiving the notice, according to some reports.
However, none of this is new. For decades, governments have tried to use export controls to limit the spread of what they consider dangerous cyber technologies, but their track record has been mediocre at best.
The US government was behind perhaps the most spectacular failure of this approach in history in the early to mid-1990s. At the time, computer scientists were developing encryption technologies to protect data during its transmission over the Internet. One such encryption product was called Pretty Good Privacy, or PGP, a popular piece of software that could encrypt data and make it virtually impossible to decipher, even if it was intercepted in transit to its intended recipient over the Internet.
The US government initially viewed PGP as a dangerous weapon, fearing that it would prevent its intelligence agencies from monitoring emails as they crossed their wires. To stop the spread of PGP, the US Customs Service initiated a criminal case against PGP creator Phil Zimmerman for allegedly violating arms export controls. He fought back by publishing the PGP source code as a printed bookfueling what is known today as the “crypto wars”.
Zimmerman later won a key battle when the investigation was closed, paving the way for critical end-to-end encryption algorithms like the one used by billions of Signal and WhatsApp users.
Later, in the early 2010s, researchers began to identify Western-made spyware being used against dissidents in the Middle East. In response, several governments agreed to the expansion Wassenaar packagean international treaty that restricts the export of dual-use software and technology used in both civilian and military applications.
The idea was to classify surveillance and hacking software as dual use, forcing spyware makers to obtain export licenses to sell their products abroad.
Contact us
Got more info on the Mythos ban? From a non-working device and network, you can safely contact Lorenzo Franceschi-Bicchierai on Signal at +1 917 257 1382 or via Telegram and the @lorenzofb keybase, or email.
But Wassenaar always had two inherent weaknesses. There are several countries that do not adhere to the agreement, including Israel, home to some of the world’s most active spyware producers.
The agreement also depends on which countries apply it to companies within their borders at their own discretion. For some time, the Italian government has allowed one of the country’s biggest spyware makers, Hacking Team, a license to export its tools around the world, despite the company’s track record of selling spyware oppressive governments what used it to break journalists and human rights defenders.
Since that time another countries in Europe, spyware manufacturers such as Italy were not treated well. Despite many scandals, Europe, home to many manufacturers of spyware and hacking toolshas has consistently failed to curb the export of spyware to authoritarian regimes. Critics say the recently renewed effort in the 27-member bloc to tackle the growing problem of spy software exports to authoritarian states is “not enough”.
Several spyware manufacturers, such as Intellexa, a sanctioned consortium of spyware companies, have simply moved their operations to countries with lax export controls. Other spyware makers have sought to relocate to Saudi Arabia for similar reasons.
There were some victories. German manufacturer of FinFisher spyware closed in 2022 after a long-term investigation by the German prosecutor’s office regarding the company for allegedly selling spyware to Turkey without an export license. Earlier, investigators discovered the FinFisher spyware deployed on phones critics of the Turkish government.
At the time of writing, the impasse between Anthropic and the Trump administration remains. There is a reasonable chance that the administration will relent and lift the cap in the interest of keeping American AI companies competitive around the world — a move that would amount to a tacit admission that AI labs elsewhere, including China, are likely to achieve similar capabilities regardless of what the U.S. limits. Or American AI companies may need government approval before they even serve foreign customers, a compliance burden that will invariably hurt their bottom line.
Given the past experience of governments around the world in trying to control the availability of software, government-mandated export controls are unlikely to be the right approach to stop attackers from abusing powerful dual-use cyber technologies.
When you buy from links in our articles, we may earn a small commission. This does not affect our editorial independence.