The Delayed AI Security Order Shows the Model-Release Fight Is About Timing

The Clock Fight

The Trump administration was about to sign an executive order that would have required the world's most powerful AI labs to share their frontier models with the government fourteen to ninety days before public release. Then the phone calls started.

Mark Zuckerberg called. Elon Musk called. David Sacks called. By Thursday morning, Trump had postponed the signing. By Thursday afternoon, the order was dead. "I didn't like certain aspects of it," Trump told reporters. "We're leading China, we're leading everybody, and I don't want to do anything that's going to get in the way of that leading." (TechCrunch)

The official explanation was logistics: not enough tech CEOs could make it to Washington on short notice for the photo op. The unofficial explanation, per two sources who spoke to Axios, was that Trump hates regulation and that Sacks, his AI advisor, hated it too. "The whole thing was unnecessary," one source said, "and just something doomers wanted." (Axios)

The administration had been moving to pre-release AI evaluation for months. VP JD Vance said at a Wednesday press conference that a bad actor could use AI systems like Anthropic's Mythos to target cybersecurity vulnerabilities across the internet — the same Mythos that had found zero-day vulnerabilities across every major operating system and every major browser, and that achieved one hundred and eighty-one working exploits against Firefox in a benchmark where the previous best result was two. Non-expert engineers at Anthropic used it to find remote code execution vulnerabilities overnight and woke up to working exploits. Mythos achieved full control flow hijack on ten separate, fully patched targets in the OSS-Fuzz corpus. (NBC News, (Anthropic red team blog))

Trump killed it anyway.

The administrative machinery had already been rolling back before the calls. The Commerce Department's National Institute of Standards and Technology had announced an expanded pre-deployment testing program involving Microsoft, Google, and xAI. That announcement was removed from the NIST website several days before the postponement. Spy agencies and the Commerce Department were already fighting over who should handle model evaluation. Treasury's leading role in the proposed cybersecurity clearinghouse was being questioned by industry sources who noted, reasonably, that Treasury has no obvious substantive expertise in finding and fixing AI model vulnerabilities. (CNN Business)

None of that reached the public. What reached the public was the photo op that didn't happen and the lobbying calls that did.

The deeper story is about who controls the definition of safe enough. The administration was proposing a voluntary framework with a fourteen to ninety day pre-launch review window. Companies wanted fourteen. The government draft had ninety. Neither number is arbitrary: ninety days is enough time to find most shallow vulnerabilities; fourteen is enough to do a surface scan. The gap between those numbers is the space where security meets competitiveness, and it turns out that space is exactly where the regulatory fight is.

That fight isn't about whether to regulate AI. It never was. It's about who writes the security standard that everyone else has to justify departing from. Whoever defines what safe enough means gets to set the competitive terms for everyone else in the industry. The labs that shape NIST's voluntary testing program, that negotiate the boundaries of pre-release access, that establish their internal security benchmarks as industry defaults — they're not just influencing policy. They're writing the rulebook that determines which competitors can ship, when, and under what constraints. (Nextgov/FCW)

The NIST testing announcement was the first draft of that rulebook. It was removed from the internet before most people knew it existed.

What comes next is a standards race with no clear finish line. The labs have demonstrated that pre-release review is technically feasible and politically survivable — the Mythos results themselves are evidence that security evaluation produces actionable findings. They've also demonstrated that they can kill any mandatory framework by making a single phone call. The voluntary program through NIST's Center for AI Standards and Innovation is still technically active. There's no certainty about when or if a revised order materializes. What is certain is that whoever moves first to establish their security practices as the industry baseline will have more durable leverage than anyone who waits for the government to write the rules.

The administration's position, articulated by Vance, is that it wants to protect people through collaboration with tech companies rather than through binding requirements. That's a coherent philosophy. It also happens to be one where the companies decide what collaboration looks like.

The phone calls happened on a Wednesday night and Thursday morning. By Thursday afternoon, the executive order was postponed indefinitely. The NIST announcement had been offline for several days by then. Nobody outside a small group of officials and executives knows exactly what order things happened in, or whether the CEO calls were the trigger or the excuse.

What is clear is that the window for proactive governance closed faster than the technology that necessitated it. The question now is whether anyone will try to reopen it, or whether the industry's definition of safe enough will simply become the only definition that exists.