Last Friday, citing unspecified national security concerns, the White House anthropic order restrict the export of its powerful Fable and Mythos AI models to anyone outside the United States, as well as foreign nationals within the country. Shortly after, the AI giant hastily pulled the plug on both models, which are no longer available to anyone for a week.
The episode is the first real test of whether the US government can use export controls to contain border AI in the same way it has tried, with very mixed results, to contain encryption and spyware before. And as dramatic as it may seem, how this standoff is resolved could shape not only Anthropic’s access to foreign markets, but also the rulebook on which other AI labs will have to build.
Some context first. Since Anthropic launched Mythos in AprilThe company has marketed it as a kind of cybernetic doomsday machine which could wreak havoc on the Internet if it spread too widely, which is why, before the ban, only about 150 companies and government organizations examined had access to it at all. The goal was to help defenders protect their software and services before bad actors could achieve Mythos-like capabilities.
So what caused the ban? Reportedly, two subsequent events. The first: Anthropic gave a South Korean telecommunications company access to Mythos through its limited partner program, and US officials became alarmed after identifying the company as one they suspected had ties to China. (The company, widely reported be SK Telecom, has denied any connection with China). Amazon CEO Andy Jassy also allegedly alerted the administration after Amazon’s own researchers, he said, found a way to bypass Fable 5’s safeguards. Anthropic disputes the “jailbreak” label, calling it a limited and already patched issue rather than a complete defeat of the model’s security measures.
The result was the same: The Commerce Department issued an export control directive, and Anthropic had to scramble to immediately limit access to its products, about 90 minutes after being notified, according to some accounts.
However, none of this is new. Governments have attempted to use export controls to limit the proliferation of what they consider dangerous cyber technology for decades, but their record has been mediocre at best.
The US government was behind perhaps the most spectacular failure in history in this approach in the early and mid-1990s. At the time, computer scientists were developing encryption technologies to protect data as it traveled over the Internet. One such encryption product was called Pretty Good Privacy, or PGP, a popular software that could encrypt data and make it virtually impossible to decrypt, even if it was intercepted while traveling to its recipient over the Internet.
Initially, the US government viewed PGP as a dangerous weapon, fearing that it would prevent its intelligence agencies from spying on emails as they crossed their cables. To stop the distribution of PGP, the US Customs Service opened a criminal investigation against PGP creator Phil Zimmermann for allegedly violating arms export controls. He defended himself by publishing the PGP source code. like a printed booktriggering what is now known as the “Crypto Wars”.
Zimmermann subsequently won a key battle when the investigation was closed, paving the way for crucial end-to-end encryption algorithms like the one used by billions of Signal and WhatsApp users.
Later, in the early 2010s, researchers began uncovering Western-made spyware used against dissidents in the Middle East. In response, several governments agreed to expand the Wassenaar Arrangementan international treaty that limits the export of dual-use software and technologies that are used in both civilian and military applications.
The idea was to classify surveillance and hacking software as dual-use, thus forcing spyware makers to obtain export licenses to sell their products abroad.
Contact us
Do you have more information about the Mythos ban? From a non-work device and network, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email.
But Wassenaar has always had two inherent weaknesses. There are several countries that do not adhere to the agreement, including Israel, which is home to some of the most active spyware makers in the world.
The agreement also depends on countries applying it to companies within their borders at their own discretion. For a time, the Italian government allowed one of the country’s leading spyware makers, Hacking Team, a license to export its tools around the world, despite the company’s history of selling spyware to oppressive governments that I used it hacking journalists and human rights activists.
Since then, other countries In Europe they have been lax with spyware manufacturers like Italy. Despite numerous scandals, Europe, home of many manufacturers of spyware and hacking toolshas they continually failed to stop the export of spyware to authoritarian regimes. Critics say a recently renewed effort across the bloc of 27 member states to address the growing problem of spyware exports to authoritarian states “does not go far enough.”
Several spyware makers, such as Intellexa, a sanctioned consortium of spyware companies, have simply moved their operations to countries with lax export controls. Other spyware makers attempted to move their operations to Saudi Arabia for similar reasons.
There have been some victories. Germany-based spyware maker FinFisher close in 2022 after a multi-year investigation by German prosecutors into the company for allegedly selling spyware to Türkiye without export license. Researchers previously discovered that FinFisher spyware had been implemented on phones of critics of the Turkish government.
As of this writing, the impasse between Anthropic and the Trump administration persists. There is a reasonable chance that the administration will relent and lift the restriction in the interest of keeping US AI companies competitive around the world, a move that would amount to a tacit recognition that AI labs elsewhere, including China, will likely achieve similar capabilities regardless of US restrictions. Or, American AI companies could end up needing government approval before serving foreign clients, a compliance burden that would invariably hurt their bottom lines.
Given the past experiences that governments around the world have had in trying to control the scope of software, government-mandated export controls are unlikely to be the right approach to preventing malicious actors from abusing powerful dual-use cyber technologies.
When you purchase through links in our articles, we may earn a small commission. This does not affect our editorial independence.