When the White House ordered Anthropic to restrict access to its Fable and Mythos AI models on June 12, the company complied within roughly 90 minutes. The trigger, US officials believed that SK Telecom, a South Korean partner with suspected ties to China, could funnel the models to Beijing, set off an escalation that has left Anthropic’s most powerful cybersecurity AI in regulatory limbo.
The impasse echoes a pattern that has repeated itself every decade for the past 30 years. From Pretty Good Privacy in the 1990s to commercial spyware in the 2010s, governments have tried to control the spread of dual-use software through export restrictions. The historical record suggests the approach rarely works as intended.
In 1991, programmer Phil Zimmermann published PGP, an encryption tool that made intercepted digital communications effectively unscrambleable. The US government considered encryption a munition under arms export controls, and US Customs opened a criminal investigation against Zimmermann.
His response was ingenious: he published the complete PGP source code as a printed book. Exporting a book was protected speech under the First Amendment; the code could be scanned and compiled anywhere in the world. The investigation was eventually dropped, and PGP’s architecture became the foundation for the end-to-end encryption now used by Signal, WhatsApp, and countless other services. The government’s attempt to suppress encryption did not prevent its global spread, it delayed it, at best, by a few years.
The spyware era
The Wassenaar Arrangement, a multilateral export control regime, tried a different approach in the 2010s by classifying surveillance and hacking software as dual-use items requiring export licenses. The results were mixed.
Two structural weaknesses undermined the regime. First, key spyware-producing nations such as Israel were not signatories, yet hosted major commercial spyware makers. Second, implementation was left to each member state’s discretion. Italy allowed Hacking Team to license exports to oppressive regimes. Bulgaria, Poland, and other European countries maintained lenient enforcement. When one country cracked down, makers simply relocated, Intellexa moved operations after EU sanctions, while other firms shifted to Saudi Arabia.
One notable success: German firm FinFisher shut down in 2022 after a multi-year investigation into selling spyware to Turkey without a license. But that case was the exception, not the rule.
What it means for AI
The current standoff over Anthropic’s models presents the same fundamental problem. Before the export restriction, roughly 150 vetted companies and government organizations had access to Mythos, which had been marketed as a “doomsday cyber machine.” The technology already exists; restricting access may slow proliferation but is unlikely to prevent determined state actors from developing equivalent capabilities.
TechCrunch’s Lorenzo Franceschi-Bicchierai, who traced the 30-year history, summarized the lesson: “Given the past experiences that world governments have had with trying to control the reach of software, government-mandated export controls are unlikely to be the right approach.”
Two possible outcomes remain: the administration could lift the restriction to keep US AI companies competitive, implicitly accepting that rivals will reach similar capabilities anyway, or impose a permanent compliance burden that may push development to jurisdictions with lighter regulation.
Sources: Encryption, spyware, and now Mythos: History shows why cyber export control doesn’t work (TechCrunch, June 19, 2026).