The Government's Case, Laid Bare: Commerce Cites China Risk as Anthropic Heads to D.C.

The standoff that began Friday evening with an emergency 90-minute shutdown order is moving into a new phase. On Monday, June 15, Commerce Secretary Howard Lutnick's letter to Anthropic CEO Dario Amodei was made public, a group of more than 80 cybersecurity industry leaders formally demanded the restrictions be lifted, Anthropic's technical staff met with Commerce officials in Washington, and a separate federal class-action lawsuit landed accusing Anthropic of overselling its priciest Claude subscriptions. Four distinct pressure points in a single day.

Until Monday, the government had not put its rationale for the June 12 export control directive on the record. Reuters obtained a copy of Commerce Secretary Howard Lutnick's letter to Amodei and reported its contents.1 The letter states that Commerce acted under the Export Control Reform Act of 2018 to bar the export of — and transfer to any foreign national inside the U.S. of — Fable 5 and Mythos 5, citing fear that the models could be deployed by military intelligence users in China, Russia, or other countries of concern.

It marks the first time Commerce has used those ECRA authorities in this way, according to an export-control expert cited by Reuters. That legal novelty matters: export control attorneys note that AI models are not physically exported — they are accessed remotely — raising open questions about whether the ECRA authorities the department invoked actually reach cloud-delivered AI inference. Neither Commerce nor Anthropic responded to Reuters' requests for comment on those legal questions.1

The Monday meeting between senior Anthropic technical staff and Commerce officials confirmed by Reuters and the Wall Street Journal is the first known in-person engagement since Anthropic co-founder and chief compute officer Tom Brown and head of public policy Sarah Heck participated in calls with Commerce Secretary Lutnick and National Cyber Director Sean Cairncross over the weekend.2 Anthropic's technical staff have been in virtual contact with officials every day since the Friday directive, a source close to the company told Reuters.

Fortune and the Wall Street Journal's reporting now gives the clearest timeline of how the shutdown was triggered.3 Amazon CEO Andy Jassy first raised the alarm with senior administration officials on Thursday, June 12, after Amazon researchers used a series of prompts to get a Mythos-class response from Fable 5 in areas that were supposed to be restricted by cybersecurity guardrails. Fox Business adds that Amazon was joined by five other companies testing the release; all found what the government characterizes as a workaround into Fable 5's full Mythos capabilities.4

What followed were calls between Amodei and senior administration officials, including a direct call with Treasury Secretary Scott Bessent who told Amodei he was "making a bad decision," according to Politico.3 White House AI adviser David Sacks posted that a "highly credible, trusted partner" demonstrated the jailbreak and that the administration asked Amodei to fix the issue or withdraw the model — and that Amodei refused.3

Anthropic disputes the framing entirely. A source close to the company told Fortune the initial call gave it 90 minutes to pull the model with no specific technical details. Amodei and other senior staff were reachable from the start, the source says, directly contradicting an administration account claiming Amodei was at a "wellness retreat." There was no refusal to fix an issue, only a dispute over what, exactly, had been demonstrated and whether it warranted a global shutdown.4

The industry counter-signal came Sunday in the form of an open letter published at freefable.org.5 By the time TechCrunch covered it Monday morning, it had 76 signatories from companies including Nvidia and Adobe.6 Notable names include:

The letter's core argument: the models were not uniquely capable of finding and weaponizing exploits, and Chinese open-source models including Kimi 2.7 already offer comparable capabilities. Pulling Fable and Mythos from defenders without justification — while adversaries retain access to equivalent tools — "is dangerous."5

Moussouris separately published a technical blog post arguing the Amazon paper does not demonstrate a real jailbreak. She described the method as asking Fable to fix open-source code with known, public vulnerabilities alongside "deliberately planted" ones — after the model initially refused a direct request to "review code for security issues." Her conclusion: "The behavior described in the paper cannot meaningfully be fixed, and any attempt would only weaken the model for defense."6 The open letter explicitly states that the same capability can be replicated using Claude Opus 4.8, Sonnet, GPT-5.5, and Kimi 2.7 — none of which are currently restricted.

Alex Stamos told Reuters: "This is an overreaction by the government," adding that he believed there was a "dispute between Anthropic and the third party that flagged the issue over how serious the findings were."5

The full letter is available at freefable.org, addressed to Commerce Secretary Lutnick and National Cyber Director Cairncross.

Separate from the export control battle, a federal court in Washington, D.C. received a new class-action complaint Monday morning. Plaintiff Karl Kahn accuses Anthropic of misleading subscribers to its Max 5x (roughly $100/month) and Max 20x ($200/month) Claude subscription tiers about the actual usage limits they would receive.7 The suit seeks class-action status on behalf of purchasers going back to April 2025.

The complaint alleges that Anthropic "oversold" the usage multipliers — that the "5x" and "20x" descriptions created a reasonable expectation about how much more compute access a user would receive compared to a standard plan, and that actual experience fell materially short. The lawsuit's success will turn on how Anthropic's marketing language was reasonably interpreted by consumers — a fact-intensive inquiry that will likely survive initial pleading-stage scrutiny.

Timing is notable: Anthropic filed its confidential S-1 with the SEC on June 1, is targeting a fall IPO, and reported its first profitable quarter. A consumer class action alleging misrepresentation in its core subscription product is a disclosure item that will need to appear in its final S-1.

Three questions with no public answer as of Monday evening:

Will the export controls be lifted, narrowed, or made permanent? The Monday Commerce meeting produced no public outcome. Anthropic has said it would share additional technical details about the jailbreak within 24 hours of the June 12 directive — as of June 15, that disclosure has not appeared. An administration official told Axios that any future model reaching Mythos-class capability would need government review before release, which would establish a de facto pre-clearance regime for frontier AI in the U.S.3

What happens to Anthropic's IPO? The confidential S-1 filed June 1 is now under active review by the SEC. With its two flagship models offline indefinitely, no restoration timeline announced, a government characterization of the company's conduct as "reckless," a separate Pentagon blacklist lawsuit pending at the D.C. Circuit, and now a consumer class action, the disclosure landscape heading into an IPO roadshow has materially changed since the filing date.

Does the ECRA authority hold? Export control lawyers are publicly flagging that cloud-delivered AI inference is not a traditional "export" under the statute. If Anthropic contests the legal basis — rather than negotiating a technical fix — it could force the Commerce Department to either defend novel regulatory theory in court or withdraw the directive.1