What happened
On 9 June 2026 Anthropic made Claude Fable 5 generally available — the most powerful model it had ever released to the public — alongside the Claude Mythos 5 variant (restricted to a small set of approved organisations). Three days later, on Friday 12 June at 5:21 p.m. New York time, the company received a US government directive ordering it to suspend access to both models for any foreign national, inside and outside the United States — including its own non-US employees. Within hours Anthropic disabled both models for all customers worldwide.
According to NBC News, the directive traces back to the Department of Commerce and Secretary Howard Lutnick; Anthropic’s own statement refers more generally to “national security authorities” and frames the measure as an export-control action. Other Claude models stayed available. It is what appears to be the first global shutdown of a commercial AI model imposed by a government.
Why a “selective” order became a total stop
Formally, the order concerned only foreign nationals. But across a base of hundreds of millions of users there is no reliable way to tell, in real time, who is a US citizen and who is not — least of all on a few hours’ notice. Selective compliance would also have meant blocking Anthropic’s own foreign-born engineers. The practical consequence is the most instructive part of the whole episode: a generally available product went from “online” to “off” worldwide within hours, with no deprecation window.
Two versions of the same fact
The stated reason is the discovery of a method to bypass Fable 5’s guardrails — a jailbreak. According to Anthropic, the government provided only verbal evidence of a “narrow, non-universal” technique: in essence, asking the model to read a codebase and identify its software vulnerabilities.
Anthropic disputed the move: it would be a dual-use capability, present in other models too and used every day by the people who defend systems; the flaws it surfaces would be few, already known and low-severity; a narrow jailbreak would not justify recalling a model deployed to hundreds of millions of people. That remains the company’s position, not an established fact — just as the exact legal basis for the order, which the government has not made public, should be treated with caution.
The real issue isn’t the jailbreak — it’s sovereignty
For a European business or public body, the technical detail matters less than the precedent. A closed frontier model, reachable only through an API, can be switched off by a foreign government — not your own — overnight, for reasons you neither control nor are even told. That is precisely the point of digital sovereignty: owning the data or the infrastructure isn’t enough; what matters is who controls the intelligence running on top of it.
It’s worth clearing away a false reassurance. Anthropic’s API does provide an automatic fallback mechanism to another model, but it kicks in on safety-classifier refusals, not on model unavailability: in a case like this it would have prevented nothing, because the model was switched off upstream. Teams that had wired their application directly to Fable 5 found their requests with nowhere to go; teams that had interposed an abstraction layer — a model gateway — absorbed the hit with a simple routing change. That’s the difference between a crisis and a line of configuration.
It’s the thesis we’ve argued for some time under Open Intelligence, Secure Governance: the parts of the AI stack you can’t afford to see switched off should be owned. Open-weight models, run on-premise or on infrastructure you control, can’t be turned off by a letter. They don’t have to do everything: they have to guarantee the operational floor when the external provider goes away — the principle behind our on-premise AI workstations and products like Admina, for governed and sovereign AI, and IntelliPA for the public sector.
What organisations are doing now
- Abstract the provider. A model gateway with multi-vendor fallback turns a model withdrawal into a routing decision, not an emergency.
- Keep a sovereign backstop. At least one open-weight, self-hosted model able to carry critical workloads if the external API disappears.
- Map your “AI blast radius”. Know where AI dependencies actually live in your systems, and plan for each one to fail: outage, policy change, billing event, or “a letter from the government”.
- Review contracts and SLAs. Almost no enterprise agreement contemplated a unilateral government suspension. Treat model availability as a supply risk — alongside cybersecurity and the supply chain — not as a given.
All of this dovetails with the European regulatory picture we track closely: the AI Act and its update push toward governance, traceability and control, and our artificial-intelligence practice always starts from an architecture that does not depend on a single point of failure.
Where we are
The matter is open. As of this writing, 14 June, Anthropic says it considers the block a misunderstanding and is working to restore access; but no restoration has occurred and it is unclear whether or when it will. For anyone designing systems that have to stay up, the specific outcome is almost beside the point: the lesson holds regardless. Availability you don’t control is a risk you have to plan for — and design around.
Link: Anthropic — Statement on the US government directive · TechCrunch · Il Sole 24 Ore — Infodata · Snyk