Commerce Eased Its Block on Anthropic's Mythos, But Major Questions Remain

Late on Friday, Semafor reported that the United States government appears to have relaxed its restriction of Anthropic’s Mythos 5 model, allowing major US firms and government agencies access to its latest offering. In a letter to the company, Secretary of Commerce Howard Lutnick indicated he had “determined that appropriate safeguards are in place to permit certain trusted partners to access the Claude Mythos 5 Model,” and that “a license will no longer be required to export, reexport, or in-country transfer” the technology to a list of specific entities, their foreign national employees, and Anthropic’s own foreign national employees.

The news suggests this latest dispute between the Trump administration and the AI firm is at least partially resolved. But Lutnick’s letter does little to answer deeper questions about the blunt tool the government used to restrict Mythos in the first place: export controls.How we got here

Two weeks ago, the Department of Commerce sent a letter to Anthropic informing the artificial intelligence developer that it was imposing export controls on its latest models, Fable 5 and Mythos 5. This followed a frenzied process within the Trump administration that kicked off after officials received information from a researcher at Amazon, communicated via CEO Andy Jassey, that there was a jailbreak within Fable 5 that might allow bad actors to leverage the tool to conduct cyber attacks.

In response, Anthropic restricted access to its tools for all users, both outside and inside the US, while also noting that the disclosed jailbreak impacts models that have been on the market for months.

This controversy highlights a fundamental challenge confronting US technology policy. Export controls, in both the US and around the world, are designed to regulate the transfer of goods, software, and technical information across national borders. However, while frontier AI models, their weights, and training data, from the likes of OpenAI and Anthropic, remain within the US, their capabilities are made available globally through cloud-based services as well as secondary firms that leverage their APIs, building products on top of their core technology.

As a result, policymakers, regulators, and firms are increasingly struggling to answer a deceptively simple question: what exactly constitutes an export in the age of AI?

The answer matters because the stakes extend far beyond a single company or model. This most recent episode illustrates how existing export control frameworks are being stretched to accommodate technologies that do not fit comfortably within traditional regulatory categories. More importantly, it reveals the growing tension between two competing visions of AI governance: one that seeks to manage risks by controlling access to advanced capabilities, and another that emphasizes innovation, diffusion, and market competition.

Unsettled authority

At first glance, US export control authorities appear broad enough to cover AI systems. The Export Administration Regulations (EAR), promulgated under the Export Control Reform Act (2018) and administered by the Department of Commerce’s Bureau of Industry and Security (BIS), provide substantial flexibility for regulating dual-use technologies. Other authorities, including the International Traffic in Arms Regulations (ITAR) and the International Emergency Economic Powers Act (IEEPA), may also be relevant depending on how an administration engages with a particular technology. Over the past five years, Commerce has repeatedly signaled its view that advanced AI technologies fall within the scope of export control authorities—even as the actual export control regime emanating from the US (particularly toward China) has oscillated from one extreme to the other.

Indeed, the practical application of those authorities remains unsettled. Traditional export controls assume that a controlled item moves from one jurisdiction to another. AI deployment operates differently. As mentioned briefly above, frontier models from OpenAI and Anthropic are typically hosted on servers located within the United States and accessed through cloud-based APIs, enterprise licensing arrangements, and other service-based mechanisms. The model weights themselves never leave US territory. What crosses borders is access to capability rather than possession of technology. Perhaps ironically, open-weight models have hitherto avoided export restrictions via ECCN 4E091 licensing requirements (itself currently not enforced by BIS), given that global distribution cannot be practically contained after they are published.

This distinction has led to significant uncertainty regarding the allocation of regulatory responsibility. Many frontier model developers have argued that because the underlying technology remains hosted domestically, compliance obligations should focus primarily on users and downstream access rather than on the providers themselves. Policymakers and national security officials, meanwhile, have increasingly focused on the possibility that access to advanced AI capabilities may itself represent a strategically significant transfer of technology. The result is a regulatory gray zone in which neither firms nor governments possesses a clear understanding of where responsibility begins and ends.

Anthropic’s apparent position following the receipt of the June 12 letter illustrates the challenge (notwithstanding that shutting down model access may also serve a political purpose). If access to a frontier model by a foreign national constitutes a “deemed export,” then the relevant transfer may occur even when both the model and the user are physically located within the United States. Under this logic, providing access to an AI capability becomes analogous to providing controlled technical knowledge. Whether existing authorities clearly support such an interpretation remains subject to debate, but the fact that the debate exists underscores how far regulators (and regulated firms) have moved beyond the assumptions embedded in traditional export control frameworks. In today’s arrangement with Anthropic, the government appears to deal with this risk explicitly: “a license will no longer be required to export, reexport, or in-country transfer (including deemed exports and reexports) the Claude Mythos 5 Model to entities identified in Annex A to this letter and their foreign national employees, or to Anthropic’s foreign national employees.”

To be sure, export controls have long applied to software and digital technologies. Encryption controls, cyber capabilities, and technical data have all generated difficult regulatory questions. Yet frontier AI models present a distinct challenge. Unlike software that can be downloaded, copied, and transferred, many advanced models increasingly function as remotely accessed services. The technology remains centralized while the capability becomes globally available.

This distinction has important policy implications. Regulating physical goods is difficult. Regulating software is harder. Regulating access to a cloud-hosted capability may be harder still. The Internet has always been a leaky sieve, and attempts to impose perfect control over digital technologies have historically proven elusive. AI compounds these challenges because the capabilities involved may be far more scalable than many previously controlled technologies. A single model can simultaneously support scientific research, software development, intelligence analysis, cyber operations, and military planning across thousands or millions of users.

What the Mythos moment portends

The deeper significance of this episode lies in what it reveals about the future of AI governance. Increasingly, policymakers are shifting their focus away from AI artifacts—such as model weights, code, or hardware—and toward AI use. Rather than asking whether a model should exist, regulators are asking who should be permitted to access it, under what conditions, and for what purposes. This represents a profound evolution in governance philosophy.

Such a shift is understandable. The most strategically relevant risks associated with advanced AI emerge from use rather than possession (as much of the discussion surrounding “use cases” suggests). Yet regulating use creates its own challenges. Effective governance increasingly requires providers to monitor users, evaluate intent, identify suspicious activity, and intervene when they believe misuse may occur. Responsibility, like the technology development itself, migrates from governments toward firms, which become de facto gatekeepers for strategically important technologies.

This trend raises difficult questions regarding both effectiveness and legitimacy. Private companies may possess technical expertise that governments lack, particularly in rapidly evolving fields like AI. At the same time, firms face strong commercial incentives that do not necessarily align with public objectives. They are asked simultaneously to innovate, compete globally, protect national security, and enforce ambiguous policy goals.

The broader lesson is that the current (lack of) governance regime may be increasingly unsustainable. For years, policymakers have attempted to adapt existing legal authorities to technologies that differ fundamentally from those that the authorities were designed to regulate. The resulting framework often pushes responsibility downstream while leaving fundamental questions unresolved. Who bears responsibility for controlling access to frontier capabilities? What level of diligence is required? Which risks justify intervention? And what degree of imperfection is acceptable?

These questions become particularly important when considering technical safeguards. Some observers implicitly assume that frontier models should be engineered to be impossible to misuse or jailbreak. Yet such a standard is unattainable in practice (at least at the time of writing in June of 2026). Every security system is imperfect, and frontier AI is unlikely to prove an exception. Indeed, a governance regime that assumes perfect technical control may ultimately prove incompatible with the existence of useful frontier models at all.

A more realistic approach (undertaken by Anthropic, among other AI firms) may involve layered defenses that combine technical safeguards, monitoring systems, user vetting, transparency mechanisms, and government oversight. Such an approach acknowledges both the reality of risk and the inevitability of imperfection. The objective is not to eliminate misuse entirely but to raise the costs of harmful activity while preserving the innovative potential that makes these technologies valuable.

A canary in the code mine

The Mythos/Fable controversy should not be viewed primarily as a dispute about one firm's policies. It is better understood as an early warning signal. As AI capabilities become increasingly powerful and increasingly accessible through cloud-based services, the distinction between exporting technology and providing access to technology will continue to erode.

While policymakers can continue stretching existing frameworks to accommodate this reality, eventually, they may need to confront a more fundamental question: whether a governance architecture built around controlling things can effectively govern capabilities.