The Day the US cut the cord
Anthropic didn’t expect to wake up last Friday and find its most advanced cybersecurity models — Mythos 5 and Fable 5 — literally offline for anyone outside the United States. No warning, no notice, just an export control directive from a US government agency that effectively ordered the company to pull the plug on global access.
The problem, according to Anthropic’s own public statement, was a "potential narrow, non-universal jailbreak" in Fable 5. Someone had reportedly shown US officials how to bypass safety filters by asking the model to read a specific codebase and fix flaws — a technique Anthropic’s security team had been testing internally, not deployed anywhere publicly. The government didn’t ask for the jailbreak to be patched. It asked Anthropic to stop serving anyone outside US borders, effective immediately.
"There’s no way to tell if someone on the internet is a US citizen," an Anthropic spokesperson confirmed. So the safest path, in the government’s view, was to disable the models entirely for everyone.
This wasn’t a voluntary company decision. This wasn’t some internal compliance tweak. It was the US federal government shutting down a commercial AI product for the entire world over concerns no one — not even the company building it — could review in writing. And for Europe, watching that scene play out was like someone finally flipping on the warning lights around a gas leak they hadn’t noticed before.
That’s why Brussels didn’t just note the incident. It opened a file, drafted a statement, and quietly accelerated a €50 billion digital sovereignty push it’s been nursing since last winter.
A jailbreak they couldn’t show the world
Thomas Regnier, the European Commission’s spokesperson for digital policy, was careful with his words: "The Commission has taken note of Anthropic’s statement…" But there was no mistaking the subtext.
The US government issued its order after Amazon CEO Andy Jassy reportedly brought evidence of the jailbreak to Treasury Secretary Scott Bessent. The Wall Street Journal later confirmed that Anthropic executives were summoned to the White House for a closed-door briefing this week, presumably to hear more about what tipped Washington off and why the reaction was so severe.
Here’s what didn’t make it into the press release:
Anthropic had been open about its stance on "universal jailbreaks." From the launch of Fable 5, the company stated it believed perfect jailbreak resistance "does not appear to be possible today." Its defense-in-depth approach relied on layered safeguards, red-team testing, and continuous refinement — not a single unbreakable lock. And according to their own public disclosures, no one had demonstrated a universal jailbreak up to that point.
The government’s response, however, wasn’t about fixing the flaw. It was about cutting off access entirely.
And that’s where Europe sees a fundamental mismatch in values: the US treats frontier AI as a national security asset that can be frozen at will; Europe increasingly wants itsAI models to function like public infrastructure — reliable, transparent, and not subject to last-minute withdrawals.
Europe didn’t need a wake-up call. It needed confirmation.
Back in March, the EU unveiled its Technological Sovereignty Package — a suite of measures aimed at reducing dependency on US and Chinese AI infrastructure. It included updates to the AI Act, the Cyber Resilience Act, and NIS2 directives, all designed to keep sovereign actors in control of their own digital fate.
The Anthropic directive was the first real-world event that proved just how urgent those plans were — not as hypothetical risk, but as near-term policy hazard.
Aled Lloyd Owen, chief of staff at Responsible AI UK, laid it out bluntly: "This is another incident that just proves the rule and proves that [the EU] must move faster and deeper, and really establish that independence as soon as possible."
The EU has some capability: Mistral AI, a fast-moving open-source project out of France, offers a capable alternative for many use cases, even if it doesn’t quite match Anthropic’s frontier performance yet. But Owen made a critical point — the trade-off isn’t just technical, it’s psychological:
"So, the ability to shift is both technological, in terms of building effective models and building effective infrastructure, but will also involve weaning European companies from the high-capability overseas models that they’re already using."
In plain English: Even if European-built AI is slightly less powerful today, the political risk of depending on US-controlled models is becoming too high to ignore.
The hidden cost of dependency
Kate Hanaghan, chief research officer at TechMarketView, captured the mood perfectly with one line: "The cost of dependency stays invisible until it’s too late."
She was speaking to UK integrators who hadn’t factored in the possibility that Washington could cut off access without notice. That’s a hard lesson to unlearn — especially when your tools are already embedded in production workflows.
The same thing happened last year, in a quieter way: after a US sanctions push against certain Chinese semiconductor tools, European chipmakers found themselves scrambling to retool lines they assumed were compliant. AI models now present the same paradox: the better and more capable they get, the harder it becomes to know whether you own your access or just rent it.
And that uncertainty — that’s the real product tax on using frontier AI today.
Asha P., PhD, a cybersecurity researcher who used to lead red-team exercises at the US National Cybersecurity Center, puts it this way: "The day a foreign government starts pulling models out from under your defenders — not because the model itself was dangerous, but because a narrow bypass was found and someone panicked — that’s the day defenders lose. And not just in Europe.
"This isn’t about performance comparisons. It’s about who decides what your security team gets to use when everything’s on the line."
Whose models, whose rules?
The White House order also sparked pushback — not just from Europe, but from within the US.
A group of 54 AI and security experts signed an open letter demanding that the restrictions be lifted. Their complaint wasn’t that the jailbreak didn’t exist; it was how the government chose to respond:
- No written notice
- No shared details on the bypass
- No time for defenders to prepare or adapt
- A blanket restriction that removed top-tier tools from global security teams
The letter put it bluntly: "This action has taken the best models away from defenders, created market uncertainty, and risked America’s AI leadership without any real risk to justify it."
Kanishka Narayan, the UK minister for AI and online safety, captured the mood on X: "The main lesson: as we debate the future of national security and technological sovereignty, access to AI capabilities is crucial."
He followed up with a more direct warning: "We treat every other threat to our sovereignty with deadly seriousness, but we haven’t learned to treat this one in the same way. I care about sovereign AI because it now decides our security… it will reshape our economy faster than anything else we’ve seen in our lifetimes."
What happens next?
The US is unlikely to reverse the directive — not until the “technical” concerns are addressed internally. Anthropic, caught between its own risk assessments and federal orders, has made no public plans to reintroduce Mythos 5 or Fable 5 outside the US.
Meanwhile, Europe is fast-tracking its own alternatives. Mistral AI continues to grow — not just in capability but in adoption among EU governments and critical infrastructure providers. France’s recent investment in a €2 billion AI compute cluster signals intent: when your own models aren’t quite ready, you build the capacity to host them anyway.
The question now isn’t whether Europe will develop its own AI stack — that’s already happened. The real test is how quickly European companies and agencies will switch from frontier models they don’t control to ones they do.
The answer? Almost certainly faster than anyone expected before last Friday.