Last Friday, citing unspecified national security concerns, the White House ordered Anthropic to limit exports of its powerful AI models Fable and Mythos to anyone outside the United States as well as foreign nationals inside the country. Shortly after, the AI giant hastily pulled the plug on both models, which are no longer available to anyone for a week.
This episode is the first real test of whether the US government can use export controls to control Frontier AI, just as it has tried to prevent encryption and spyware, with very uneven results. And as dramatic as it may sound, how this impasse is resolved will shape not only Anthropic’s access to foreign markets, but also the rule book other AI labs must build upon.
First some context. Since Anthropic launched Mythos in April, the company has marketed it as some kind of doomsday cyber machine that could wreak havoc on the Internet if released too widely — which is why, before the ban, only about 150 verified companies and government organizations had access to it. The goal was to help defenders secure their software and services before the bad guys could access capabilities like Mythos.
So what caused the ban? Reportedly the latter two incidents. First: Anthropic provided South Korean telecom access to Mythos through its limited partner program, and US officials became concerned after identifying the company because they suspected it had ties to China. (The company, widely known as SK Telecom, has denied any China connections.) Amazon CEO Andy Jassy also reportedly alerted the administration after Amazon’s own researchers found a way around the Fable 5’s security measures. Anthropic disputes the “jailbreak” label, calling it a narrow, already-patched issue rather than a wholesale defeat of the model’s security measures.
The result was the same: The Commerce Department issued an export control directive, and Anthropic scrambled to limit access to its products immediately — within about 90 minutes of being notified by some accounts.
However, none of this is new. Governments have tried to use export controls to limit the spread of dangerous cybertechnology for decades, but their track record has been patchy at best.
The US government was behind perhaps the most spectacular failure of this approach in history in the early to mid 1990s. At the time, computer scientists were developing encryption techniques to secure data as it traveled over the Internet. One of those encryption products was called Pretty Good Privacy, or PGP, which was a popular software that could encrypt data and make it nearly impossible to decipher even if it was intercepted while traveling over the Internet to its intended recipient.
The US government initially viewed PGP as a dangerous weapon, fearing that it would prevent its intelligence agencies from spying on emails as they crossed their wires. To prevent distribution of the PGP, the U.S. Customs Service initiated a criminal investigation against Phil Zimmerman, the PGP’s creator, for allegedly violating weapons export controls. They fought back by publishing PGP’s source code as a printed book, starting what is known today as the “Crypto Wars”.
Zimmerman later won a key battle when the investigation was closed, paving the way for critical end-to-end encryption algorithms used by billions of Signal and WhatsApp users.
Later in the early 2010s, researchers began discovering Western-made spyware being used against dissidents in the Middle East. In response, several governments agreed to extend the Wassenaar Arrangement, an international treaty that limits the export of dual-use software and technologies used in both civilian and military applications.
The idea was to classify surveillance and hacking software as dual-use, thus forcing spyware manufacturers to obtain export licenses to sell their products abroad.
contact us
Do you have more information about the Mythos ban? From a non-working device and network, you can safely contact Lorenzo Franceschi-Bicchierai on Signal at +1 917 257 1382, or on Telegram and Keybase @lorenzofb, or via email.
But Wassenaar has always had two inherent weaknesses. There are many countries that do not adhere to this agreement, including Israel, which is home to some of the most active spyware manufacturers in the world.
The agreement also depends on countries applying it at their own discretion to companies within their borders. For a time, the Italian government gave Hacking Team, one of the country’s then-top spyware makers, a license to export its tools around the world, despite the company’s track record of selling spyware to repressive governments that used it to hack journalists and human rights activists.
Since then, other countries in Europe have been lax on spyware makers, such as Italy. Despite several scandals, Europe, which is home to many spyware and hacking tool manufacturers, has consistently failed to curb the export of spyware to authoritarian regimes. Critics say a recently renewed effort within the Group of 27 member states to tackle the growing problem of spyware exports to authoritarian states is “not going far enough.”
Many spyware manufacturers, such as Intelexa, a recognized consortium of spyware companies, have relocated their operations to countries with loose export controls. Other spyware manufacturers sought to relocate their operations to Saudi Arabia for similar reasons.
There have been some victories also. Germany-based spyware maker FinFisher shut down in 2022 following a multi-year investigation of the company by German prosecutors on charges of selling spyware to Turkey without an export license. Investigators had previously found that Finfisher spyware was deployed on the phones of critics of the Turkish government.
As of the time of writing, Anthropic and the Trump administration remain at an impasse. There is a reasonable chance that the administration will lift restrictions in the interest of keeping US AI companies competitive around the world – a move that would amount to tacit acknowledgment that AI labs elsewhere, including China, will reach similar capabilities no matter what restrictions the US imposes. Or, American AI companies may need government approval before serving foreign customers, a compliance burden that will forever impact their bottom line.
Given past experiences of world governments in trying to control access to software, government-mandated export controls are unlikely to be the right approach to prevent malicious actors from abusing powerful dual-use cyber technologies.
When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.
<a href