At 5:21pm Eastern Time on Friday 12 June, the US Commerce Department told Anthropic to disable Claude Fable 5 and Claude Mythos 5 immediately, and to bar access by any foreign national, whether inside or outside the United States.
Some context on those two names. Mythos 5 is the full-strength model, so capable that Anthropic considered it too powerful for public release. Access was restricted to a growing network of vetted cyberdefence and critical infrastructure partners working with the US government under a programme called Project Glasswing. Fable 5 is the public version, built on the same underlying architecture but wrapped in safety guardrails. Classifiers, separate AI systems that monitor for misuse, watch every query across three areas: offensive cybersecurity, sensitive biology and chemistry, and attempts to extract the model’s own workings. If a query trips one of those classifiers, Fable 5 quietly hands the response to an older, less capable model instead. More than 95% of conversations never trigger a fallback. But the guardrails are there, and they are the reason it carries a different name.
Both models had been live for three days. Three days. Fable 5 launched on 9 June as the most capable AI Anthropic had ever released to the public. By the following Friday, it was gone. Existing sessions ended with an error. New requests fell back to older models. Anthropic began processing refunds for a product that had simply vanished.
This is the first time in history that a government has removed an AI model from the market through a direct order.
The stated reason was national security. The US government said it had discovered a jailbreak, a technique for tricking Fable 5 into ignoring its safety guardrails. Anthropic disputes the severity. Its position is that the vulnerabilities exposed are minor, already known, and reproducible on other public models. Its argument is that discovering a narrow jailbreak does not justify removing a tool used by hundreds of millions of people.
But the directive was not really about a jailbreak. Export controls are about capability, not a single exploit. The Commerce Department, under Secretary Howard Lutnick, drafted the order through the Bureau of Industry and Security. The mechanism is the same one used to restrict semiconductor exports to China. The message is clear: frontier AI models are now treated as strategic assets, and the US government reserves the right to pull the plug on who can use them.
Here is where it gets uncomfortable. The directive said “any foreign national, whether inside or outside the United States.” That includes Anthropic’s own employees. The company has engineers, researchers and operational staff who are not US citizens. It also has paying customers in the UK, Europe, Asia and everywhere else. Anthropic could not build a filter that reliably separates foreign nationals from US users in real time, so it did the only thing it could: it shut both models down for everyone, worldwide.
Think about that for a moment. You are a UK-based professional paying for a product. One Friday afternoon, a government department in Washington decides your access is a national security risk, and your tool stops working. No vote. No consultation. No notice. The UK’s Minister for AI and Online Safety, Kanishka Narayan, pointed to the incident as a case for technological sovereignty. In France, Jordan Bardella called it a reminder that artificial intelligence is “a major issue of national sovereignty” and called for accelerated support for Mistral AI.
They are right. Sovereignty in AI is no longer a think-tank abstraction. If your business depends on a US-headquartered AI provider, and most businesses increasingly do, then you are dependent on a jurisdiction that has just demonstrated it will prioritise its own security interests over your operational continuity. That is rational behaviour from the US government’s perspective. But it should concentrate minds elsewhere.
Now hold that thought, because something else happened within days that changes the equation.
On 1 June, Jensen Huang unveiled the Nvidia RTX Spark at Computex in Taipei. It is a superchip that combines a 20-core Arm CPU, a Blackwell GPU with 6,144 CUDA cores, and 128 gigabytes of unified memory. It delivers one petaflop of AI performance and can run a 120 billion parameter large language model locally, on a laptop, with a one million token context window.
That number is worth dwelling on. GPT-3, the model that triggered the current wave of AI attention in late 2022, had 175 billion parameters. A machine that sits on your desk and runs 120 billion parameters locally, without any connection to a cloud server, without any API call to a company in San Francisco, is a meaningful shift. Dell, HP, Lenovo, Asus, Microsoft Surface and others are all building machines on the platform. They ship in the autumn.
The timing is almost poetic. Within days of a government demonstrating it can switch off your cloud-hosted AI with a phone call, a chip manufacturer showed that you could soon run comparable capability on hardware you own, in a room you control, answerable to nobody except yourself.
I am not suggesting the RTX Spark solves the sovereignty problem overnight. A 120 billion parameter model running locally is impressive, but frontier models like Fable 5 are substantially larger and more capable. The cloud will remain essential for the heaviest workloads for years. But the direction is clear. The gap between what you can do locally and what you need the cloud for is narrowing, and it is narrowing fast.
For anyone running a business that depends on AI, or planning to, the Fable 5 incident raises questions you cannot ignore. Where does your AI run? Who controls access to it? What happens if that access is withdrawn, not because of anything you did, but because of a geopolitical decision made on a Friday afternoon in Washington? And if local AI becomes viable for your core workloads within the next twelve to eighteen months, should you be planning for that now rather than later?
The mortgage industry is not immune to any of this. Every lender, network and broker exploring AI-powered advice tools, compliance automation, or customer journey platforms is building on infrastructure that ultimately runs through a small number of US-headquartered cloud providers and model developers. The Fable 5 incident should be treated as a fire drill. The building did not burn down this time, but we now know the fire alarm is connected to someone else’s control panel.
There is a broader point here about the relationship between AI capability and political power. For three days, Anthropic offered the most capable publicly available AI model in the world to anyone with a subscription. Then a single government directive turned it off globally because it could not guarantee that only the right passport holders were using it. The question of who gets access to the most powerful AI tools, and who decides, is going to be one of the defining questions of the next decade.
The RTX Spark does not answer that question. But it does suggest that the question might become less relevant over time. If the most capable models can run on hardware you own, the hold that any single government or company has over your access to AI weakens. And when the infrastructure sits on your desk rather than in someone else’s data centre, the politics of AI access start to look very different.
I will be watching both developments closely. If you want to talk through what the sovereignty question means for your own AI plans, get in touch.