Anthropic’s newest AI models were supposed to be a major step forward. Instead, they became the center of one of the biggest AI policy fights yet.
The company says the U.S. government ordered it to block all foreign nationals from using Fable 5 and Mythos 5, two of its most advanced AI systems. That includes people outside the United States, foreign citizens living in the United States, and even foreign-national employees working inside Anthropic. Faced with that order, Anthropic says it had no practical choice but to switch the models off for everyone, at least for now.
That may sound technical, but it is a very big deal. This is not just about one AI company losing access to two products. It is about a much bigger question: when does an AI model stop being normal software and start being treated like a national security asset?
Fable 5 had only just launched. It was presented as a public version of Anthropic’s more powerful Mythos technology – a kind of advanced model designed to handle difficult software, reasoning, and knowledge-work tasks. Mythos 5 was even more restricted and had been discussed mostly in the context of cybersecurity. These models are powerful because they can help people find weaknesses in software and complex systems. In the right hands, that could help protect banks, hospitals, power grids, and government networks. In the wrong hands, it could help attackers find targets faster.
That is the core problem with advanced AI: the same capability can be defensive or offensive depending on who uses it.
Anthropic says the government appears to be worried about a possible “jailbreak” of Fable 5. In AI, a jailbreak is a trick that gets a model to ignore or bypass its safety rules. If a model is supposed to refuse dangerous cyber requests, a jailbreak might make it answer anyway. The company says the government did not provide detailed public evidence and that the example it saw involved only a narrow technique used to find a small number of already-known, minor software vulnerabilities.
Anthropic’s response was basically: yes, safety matters – but this is not enough reason to pull a model used by large numbers of people.
The U.S. government seems to see it differently. Officials appear worried that even a limited weakness could matter if the model is powerful enough. A small crack in the guardrails of an ordinary chatbot might be annoying. A small crack in the guardrails of a top-tier cyber-capable AI system could be treated as a strategic risk.
That is why this moment matters. Until now, most U.S. AI export controls focused on the physical side of AI: advanced chips, chipmaking tools, and infrastructure. This order goes after access to the model itself. In plain English, Washington is saying that some AI capabilities may be too sensitive to make globally available without government permission.
There is also a strange timing issue. Just days before the Anthropic order, the White House issued an executive order about advanced AI innovation and security. That order called for cooperation with AI companies and a voluntary framework for testing powerful models before deployment. It also said it was not creating a mandatory licensing system for AI releases. Yet the Anthropic directive looks much more forceful than voluntary cooperation.
That tension is now at the center of the debate.
Anthropic says it supports government action when a model is truly unsafe. But it wants that process to be transparent, technically grounded, and fair. The company argues that if every narrow jailbreak concern can trigger a full shutdown, then almost no frontier AI model will be safe to launch. No AI company can honestly promise that its model will never be tricked.
On the other side, national security officials may argue that waiting for perfect evidence is too risky. If a model can help discover software vulnerabilities quickly, and if foreign adversaries can use it at scale, then the government may feel pressure to act before something goes wrong.
The order also creates a practical headache. How does an AI company prove every user’s citizenship before allowing access? What about international employees? What about a foreign researcher working at an American university? What about a multinational company with teams in ten countries? The internet was built for global access. Export controls are built around borders, licenses, and national security categories. Frontier AI now sits awkwardly in the middle.
For ordinary users, the immediate result is simple: Fable 5 and Mythos 5 are offline. Other Anthropic models remain available, according to the company. But for the wider tech world, the message is much bigger.
AI companies are no longer just launching products. They are releasing capabilities that governments may view as strategically important. The more powerful these systems become, the more they will be pulled into debates about cyberwar, economic competition, national security, and global access.
This could be the beginning of a new era. In that era, the most advanced AI models may not be available to everyone at the same time. Some users may need licenses. Some countries may be blocked. Companies may have to build systems that check not just whether a customer can pay, but whether that customer is legally allowed to use a particular model.
That future will be messy. Too little control could create real security risks. Too much control could slow innovation, hurt researchers, and concentrate AI power in the hands of a few approved actors.
The Anthropic case is important because it forces the question into the open. If frontier AI can help defend the world’s most important systems, society needs access to it. If frontier AI can also help attack those same systems, governments will try to control it.
The hard part is building rules that can tell the difference.