Anthropic pulled its frontier AI models within 90 minutes of a White House order last Friday. But the real question isn't whether Anthropic complied — it's whether export controls are the right tool at all, given a 30 year pattern of structural failure.
The model was already gone. On June 12, Anthropic pulled Mythos and Fable within roughly 90 minutes of a White House order TechCrunch, June 19, 2026. For the ~150 vetted hospitals, universities, and research organizations across 15 countries that had been using these systems, there was no grace period, no waiver process, no appeal. Just silence.
The question the White House order raises — and that neither side of this dispute has answered cleanly — is not whether Anthropic complied. It did. The question is whether export controls are the right instrument for this problem at all.
The official narrative holds that two events drove the Commerce Department directive. First, Anthropic gave a South Korean telecom access to Mythos through its limited partner program, and U.S. officials grew alarmed after identifying the company as one they suspected had ties to China. The company, widely reported to be SK Telecom, has publicly denied any China connection TechCrunch / Chosun.
Second, Amazon CEO Andy Jassy reportedly alerted the administration after Amazon's own researchers found a way around Fable 5's safeguards TechCrunch / WSJ. Anthropic disputes the "jailbreak" framing, calling it a narrow, already-patched issue — not a wholesale defeat of the model's safety measures.
Both triggers are contested. The factual foundation of the order rests, in part, on characterizations that its own primary actors are disputing.
Governments have tried to use export controls to limit the proliferation of dangerous cyber technology for decades. Their track record has been middling at best — and the structural reasons why are not hard to identify.
The encryption precedent (1990s). When the U.S. government opened a criminal investigation against PGP creator Phil Zimmermann for allegedly violating arms export laws by distributing cryptographic software, the response was not compliance. Zimmermann published PGP's source code as a printed book, which the First Amendment protected. The investigation was eventually dropped. The ultimate result: end-to-end encryption became a global standard, embedded in Signal, WhatsApp, and billions of other applications AccessNow / Citizen Lab.
The spyware precedent (2010s–2020s). When the Wassenaar Arrangement was expanded to cover dual-use surveillance and intrusion software, the goal was to prevent tools like FinFisher and Hacking Team's RCS from reaching oppressive governments. The structural failures were predictable and documented: non-participating states hosted major spyware makers (Israel became a primary hub); enforcement was discretionary and inconsistent (Italy licensed Hacking Team exports to governments later found to be repressive); vendors simply relocated when pressure mounted, forming consortia like Intellexa with bases in Greece, Ireland, and the UAE Netzpolitik / Balkan Insight. FinFisher eventually shut down in 2022 after a sustained German prosecution Human Rights Watch — a partial, years-late win that did not stop the broader industry.
The pattern is consistent: the technology is already in the wild, already forkable, or already relocatable before the control regime can close the gap.
Mythos and Fable are hosted models with API access — not open-source code. The mechanism of "leak" differs from PGP's printed book. But the underlying dynamic is similar: a capability that the market has already distributed to a defined set of users cannot be un-distributed by a compliance directive alone.
Anthropic's own risk model for Mythos — which it launched in April 2026 as a system designed to help defenders secure their software before malicious actors reached comparable capabilities — acknowledged this implicitly TechCrunch. The vetting process, the 150-organization cap, and the marketing of the system as a "doomsday cyber machine" were all measures designed to contain the technology within a trusted perimeter. Whether that perimeter was ever going to be sufficient is a separate question. What the export order demonstrates is that the government's definition of the perimeter and Anthropic's definition did not align.
The resolution, as the TechCrunch analysis frames it, appears binary: either the administration lifts the restriction to keep U.S. AI competitive — implicitly conceding that foreign labs will reach comparable capability regardless — or U.S. AI companies absorb a compliance burden for any foreign customer, denting revenue and giving allies a reason to invest in domestic alternatives.
Neither path resolves the underlying mechanism problem. If a foreign actor wants to replicate the capability that Mythos represented, the 90-minute shutdown does not make that harder in any structural sense. It makes it more urgent, and it removes the U.S. company from the table as a potential partner in setting terms of access.
The Crypto Wars ended because the technology was too distributed to contain and the cost of trying had begun to exceed the benefit. The spyware controls produced partial, slow, inconsistent results across a dozen jurisdictions over two decades. The Mythos restriction is the latest chapter in a pattern that export control advocates have not yet found a way to break — and that the technology itself keeps proving is already broken.
— Based on reporting by Lorenzo Franceschi-Bicchierai, TechCrunch, June 19, 2026