Fable & Mythos, Export Control, and the Case for Openness
On 12 June 2026, Anthropic disabled its two most recent models, Fable 5 and Mythos 5, for its entire customer base worldwide. Not following an outage or a commercial trade-off, but under an export control directive from the US Department of Commerce.
This post looks back at a precedent that sheds light on the trajectory of export control law applied to AI models, and on what it reveals about openness as a factor of resilience.
The episode gives very concrete weight to the dynamics we described a few weeks ago in “Open and controlled: Open Source facing export control in 2026”. It deserves analysis for what it says about the possible generalisation of such a mechanism, and the place Open Source occupies within it.
1. A suspension squarely within export control
The US administration, invoking national security authorities, ordered Anthropic to suspend access to Fable 5 and Mythos 5 for any foreign national, inside or outside the United States (including the foreign-national members of Anthropic’s own teams).
The trigger reported by the press is the demonstration of a bypass (“jailbreak”) of Mythos by Amazon researchers, whose CEO is said to have alerted the administration; Anthropic, deeming the risk minor and common to other AI systems, reportedly declined to fix it before the government stepped in. Several outlets also mention concern about access by a China-linked group, which Anthropic disputes having seen raised in the exchanges (see Semafor).
Lacking the technical means to filter access by nationality, Anthropic had to cut off these models for all of its users, everywhere, and open a refund process (Anthropic). A commercial model deployed at very large scale thus ceased to exist overnight (after less than a week of existence).
Export control has become a discipline of extraterritorial law that no longer bears on the finished product alone, but on access, expertise and the software itself.
2. An individual decision today, a potentially general principle tomorrow
Legally, the measure remains for now individual: a targeted directive, addressed to a specific company, covering two specific models, following a particular incident. It is not a general rule binding on the whole sector. This is, indeed, Anthropic’s argument: it points out that equivalent capabilities exist in other deployed models and that such a standard, generalised, “would essentially halt all frontier model deployments.”
Everything is nonetheless in place to turn it into a principle applicable to any closed model. The legal basis exists: the EAR and the deemed-export doctrine need no new law to be invoked. The Framework for Artificial Intelligence Diffusion of January 2025, which targeted precisely all closed-weight models, was indeed rescinded in May 2025, but it can be reactivated by a simple policy statement. In the meantime, the administration acts case by case, by directive, following a discretionary and hardly predictable logic, reminiscent of the selective enforcement seen on the Chinese side. What targets one vendor today may target another tomorrow.
As a result:
- for any organisation whose activity relies on a closed model hosted under US jurisdiction, the risk is not theoretical: continuity of access depends on an administrative assessment that can flip without notice. This also concerns French and European companies likely to fall within the scope of these extraterritorial laws;
- for users: if it is not cost, it may well be politics that ends up shaping the choice of AI systems within French and European organisations.
3. Openness as an alternative model, and the hypothesis of a new equilibrium
This is precisely where Open Source changes the equation. The publicly available status enjoyed by openly distributed software and models is a structural protection: a model genuinely published — complete, freely accessible and without prior access control — is in principle outside the scope of the EAR. Where the proprietary model is exposed to the directive, the open model is, by construction, beyond the reach of the deemed-export logic.
Openness then ceases to be a mere ecosystem stance or a transparency choice and becomes a factor of resilience in the face of regulatory unpredictability.
The Fable/Mythos case also illustrates a growing misalignment between state policies and the strategies of the major providers: some refusing certain uses, others under administration pressure, competing defence contracts. This misalignment could, as with Chinese companies, favour Open Source as a route to deregulation: opening up to remain distributable, rather than staying closed and exposed to shutdown.
Thus, as export control regimes tighten and spread, openness could become the equilibrium that major AI providers wishing to export outside the United States will have to grapple with. Applying Open Source exceptions to AI models still raises significant definitional questions (documented in “Open Source and AI: what are we talking about?”), yet open models do seem set to remain a credible alternative.
What’s next
These questions are central to the masterclass “Quantum Technologies: Securing the Value Chain”, in which inno³ (with Benjamin Jean) takes part on 16 June 2026 as part of France Quantum, alongside Marion Faure (BCF Global) and Frédéric Saffroy (Alerion Avocats): securing your place in a value chain where export control no longer bears on the finished product, but on expertise, access, software, open source and cross-border research collaborations. The same logic is indeed reaching quantum, with post-quantum encryption and high-performance computing now appearing on control lists.
They will also feed the discussions at the next Commons AI Conference, which examines precisely the conditions for an open, shared and sustainable AI in the face of closure dynamics.
Image credit: “Rock doves in flight” by Laitche, CC BY-SA 4.0, via Wikimedia Commons.
