Technology Governance

The Sovereignty Trap: AI Power, Military Demand, and the Governance Gap

The Anthropic-Pentagon crisis exposed a paradox at the centre of American AI strategy — a government that deregulated the industry to accelerate dominance, then punished the first company to exercise the freedom that deregulation was supposed to protect.

P J Laszkowicz

On February 27, 2026, the United States government designated Anthropic — the maker of the Claude family of AI models — a "supply chain risk" under the Federal Acquisition Supply Chain Security Act.1 Defense Secretary Pete Hegseth ordered all military contractors, suppliers, and partners to sever ties with the company. President Trump directed every federal agency to immediately cease using Anthropic's technology, with a six-month phase-out for agencies already embedded in its ecosystem.2

The trigger was not a security breach, a technical failure, or an act of espionage. It was a contractual dispute. Anthropic had refused to remove restrictions in its military AI contract that prohibited the use of Claude for mass domestic surveillance and fully autonomous weapons targeting.3 The company's CEO, Dario Amodei, stated publicly that Anthropic could not "in good conscience" accept the Pentagon's demand for unrestricted access.4

Within hours of the designation, OpenAI announced it had secured the same Pentagon contract for classified network deployment.5

This article is not about which company made the right decision. It is about what the crisis reveals: a structural contradiction at the heart of American AI strategy, and an institutional vacuum that no one — not Congress, not the courts, not the companies themselves — has moved to fill. When a government simultaneously deregulates an industry to maximise its competitive advantage and demands unconditional access to the products of that industry, the collision is not a matter of if but when. On February 27, the collision arrived.

A contract, a memo, a deadline

The original terms

In July 2025, Anthropic and the Pentagon signed a contract worth up to $200 million under which Claude became the first frontier AI model approved for deployment on classified military networks.6 The deal was significant not only for its scale but for its terms: the contract incorporated Anthropic's Acceptable Use Policy, which explicitly prohibited the use of Claude for mass surveillance of American citizens and for fully autonomous weapons targeting — meaning systems that select and engage targets without a human in the decision loop.7

The inclusion of vendor-imposed restrictions in a defense contract was unusual but not without precedent. Defense contractors have long imposed limitations on the use of their products: export restrictions, end-user certificates, technology transfer controls. What made Anthropic's restrictions novel was that they were ethical rather than technical or jurisdictional. The company was not saying that Claude could not perform these tasks. It was saying that Claude should not be used for them.

For seven months, the arrangement functioned without public friction.

The Hegseth doctrine

On January 9, 2026, Defense Secretary Hegseth released two memoranda that redrew the boundaries of the military's relationship with AI technology. The first, titled "Artificial Intelligence Strategy for the Department of War," articulated a vision of AI as a decisive advantage in great-power competition.8 The second directed the incorporation of standardised "any lawful use" language into all Department of Defense AI services contracts within 180 days.9

The implication was explicit: AI tools procured by the military should carry no vendor-imposed restrictions beyond what United States law requires. If a use is legal, the government expects the tool to perform it.

These memos did not emerge in isolation. They represented the culmination of more than a year of policy decisions that had systematically restructured the federal government's relationship with AI development:

  • On January 20, 2025, his first day in office, President Trump rescinded Executive Order 14110, which had established mandatory red-teaming requirements for high-risk AI models, cybersecurity protocols, and inter-agency safety collaboration.10
  • Three days later, Executive Order 14179 — "Removing Barriers to American Leadership in Artificial Intelligence" — replaced it, mandating an AI Action Plan focused on "sustaining and enhancing the United States' global AI dominance."11
  • In July 2025, the White House released "Winning the Race: America's AI Action Plan," identifying over 90 federal policy actions organised around accelerating innovation, building AI infrastructure, and leading international AI diplomacy.12
  • In December 2025, a further executive order directed the Attorney General to create a task force to challenge state-level AI legislation in court, conditioning federal grant funding on states' willingness to avoid "onerous" AI laws.13

The Hegseth memos were the natural extension of this trajectory: having cleared the regulatory landscape of constraints on AI development, the administration moved to clear constraints on AI deployment.

Twelve days

The public timeline of the crisis was brief and decisive.

On February 15, Axios reported exclusively that the Pentagon had threatened to terminate its contract with Anthropic unless the company agreed to remove all acceptable-use restrictions from its military deployment.14

On February 24, Hegseth delivered a formal ultimatum to Amodei: accept unrestricted use of Claude for all legal purposes by 5:01 PM on February 27, or lose the contract entirely.15

On February 26, Amodei responded publicly. Anthropic had engaged in weeks of negotiation, he said, but the proposed contract language "made virtually no progress on preventing Claude's use for mass surveillance of Americans or in fully autonomous weapons." New language framed as compromise, he added, "was paired with legalese that would allow those safeguards to be disregarded at will."16

At 5:14 PM on February 27, thirteen minutes after the deadline expired, Hegseth signed the FASCSA designation. The Federal Acquisition Supply Chain Security Act — a statute designed to protect the government from foreign-manufactured components containing backdoors or sabotage mechanisms — was invoked against a domestic AI company that had declined to modify its terms of service.17

That evening, OpenAI confirmed it had secured the Pentagon contract.

The sovereignty paradox

Deregulation as dominance strategy

The policy architecture that led to the Anthropic crisis rests on a coherent strategic logic: the United States leads the world in artificial intelligence because its private sector is innovative, well-capitalised, and lightly regulated. The role of government is to remove barriers — regulatory, legal, procedural — so that this innovation can accelerate. Executive Order 14179 made this logic explicit in its title: "Removing Barriers to American Leadership in Artificial Intelligence."18

The Stargate Project is the physical embodiment of this approach. Announced on January 21, 2025 — one day after the inauguration — the $500 billion joint venture between OpenAI, SoftBank, Oracle, and MGX was presented as the infrastructure backbone of American AI supremacy. SoftBank's Masayoshi Son serves as chairman. OpenAI holds operational responsibility. The venture projected 100,000 new jobs and an initial deployment of $100 billion.19 By September 2025, OpenAI had announced five additional data centre sites, bringing planned capacity to nearly 7 gigawatts and over $400 billion in committed investment.20

This is a strategy with historical precedent. The internet was born from DARPA. The GPS constellation was built by the Air Force. The semiconductor industry was catalysed by government procurement. In each case, the government created the conditions for private-sector innovation, then reaped the strategic benefits. The AI strategy follows the same playbook.

But the playbook contains an assumption: that private companies, having been empowered and enriched by government policy, will align with government objectives voluntarily. The Anthropic crisis is what happens when that assumption breaks down.

Access as sovereign prerogative

The Hegseth doctrine represents the other side of the strategic equation. If the government has built the conditions for AI dominance — deregulating the industry, investing hundreds of billions in infrastructure, clearing legal obstacles at the state and federal level — then it expects unrestricted access to the capabilities that dominance produces. From this perspective, vendor-imposed ethical restrictions on military use are not a reasonable exercise of corporate autonomy. They are an unacceptable constraint on sovereign authority.

The instrument chosen to enforce this position is revealing. The Federal Acquisition Supply Chain Security Act was enacted to protect the government from adversarial threats embedded in its procurement chain: foreign-manufactured chips with backdoors, communications equipment from companies with ties to hostile intelligence services, software components compromised at the source.21 Its application to Anthropic — a San Francisco-based AI company founded by former OpenAI researchers — represents a repurposing of national security authority for what is, at its core, a contractual disagreement about terms of service.

Legal analysts have noted the incongruity. Mayer Brown's assessment concluded that the designation was legally unprecedented: FASCSA was "designed for genuine supply-chain threats, not domestic companies exercising contractual discretion."22 Lawfare's analysis was more pointed, arguing that the designation "won't survive first contact with the legal system" because the statute's evidentiary requirements for supply chain risk were plainly not met.23

The paradox stated plainly

A government that deregulates to empower private AI companies simultaneously demands that those companies surrender the autonomy that deregulation was supposed to protect. The company that exercises its freedom is punished. The company that surrenders its autonomy is rewarded.

This contradiction is not unique to AI, and it is not unique to any political party. It is structural — inherent in any arrangement where a government depends on private entities for capabilities it deems essential to national security but does not wish to develop or control directly.

The tension has surfaced before. The Atomic Energy Act of 1946 nationalised nuclear technology precisely to avoid the situation the United States now faces with AI: a critical strategic capability held in private hands with ambiguous accountability.24 The crypto wars of the 1990s saw the Clinton administration attempt to restrict the export of strong encryption — a capability developed by private companies — on national security grounds, ultimately losing to a combination of technical reality and First Amendment challenges.25 In 2016, Apple refused an FBI demand to build a backdoor into the iPhone, setting off a public standoff between a technology company's product security commitments and a law enforcement agency's investigative needs.26

Each of these episodes involved the same fundamental question: when a private company develops a capability that the government considers strategically essential, who controls the terms of its use? In each case, the resolution was different — nationalisation, legislative compromise, quiet withdrawal. In no case was the resolution a unilateral designation of the company as a supply chain risk.

The speed and scale of AI development make the current standoff qualitatively different from its predecessors. Nuclear technology took decades to mature and was largely confined to state-sponsored programmes. Encryption was a mathematical discipline with clear technical boundaries. AI is a general-purpose technology being developed by a small number of private companies at a pace that outstrips the capacity of any government to monitor, evaluate, or replicate. The asymmetry between the government's need and its ability to provide for that need independently has never been greater.

The governance gap

Decisions made in corridors

The terms governing American military use of frontier AI were, until February 27, negotiated bilaterally between a Pentagon official and a corporate CEO. No legislation defined the boundaries. No regulatory body exercised jurisdiction. No public deliberation occurred. The restrictions that Anthropic imposed — and that the government found intolerable — were voluntary corporate policies, adopted at the discretion of a private board and enforceable only as long as that board chose to enforce them.

This is not how democracies typically govern the deployment of strategically consequential technology. Nuclear weapons are governed by legislation (the Atomic Energy Act), international treaties (the Non-Proliferation Treaty), and institutional oversight (the Nuclear Regulatory Commission, the International Atomic Energy Agency). Chemical and biological weapons are governed by the Chemical Weapons Convention and the Biological Weapons Convention. Even conventional arms exports are regulated by the Arms Export Control Act and overseen by the State Department's Directorate of Defense Trade Controls.

For military AI — a technology that may prove more consequential than any of these — the governance framework consists of executive orders (which can be rescinded at will), procurement contracts (which can be renegotiated or terminated), and corporate acceptable-use policies (which can be rewritten by any future CEO).

Georgetown University's Center for Security and Emerging Technology identified this vulnerability in its analysis of the "sovereignty gap" in American AI statecraft: critical decisions about AI governance are being made through "ad hoc executive action and bilateral negotiation, with no institutional durability across administrations."27 The rapid succession of executive orders — from Biden's EO 14110 to Trump's EO 14179 in the space of three days — demonstrated precisely this fragility.

The OpenAI question

On February 28, one day after securing the Pentagon contract, OpenAI CEO Sam Altman announced three "red lines" in the company's agreement: no mass domestic surveillance, no autonomous weapons, and no high-stakes fully automated decisions.28

These are substantively identical to the restrictions Anthropic was designated a supply chain risk for maintaining.

The difference is in the form, not the content. Anthropic's restrictions were embedded in the contract as binding terms, backed by the company's Acceptable Use Policy and enforceable through the contract's own provisions. OpenAI's restrictions were announced in a public statement made after the contract was signed. The full text of the contract was not released.29

The distinction matters. A contractual obligation creates a legal cause of action if breached. A public statement creates a public expectation that can be revised, reinterpreted, or quietly abandoned. The difference between a binding term and a press release is the difference between a lock and a suggestion.

In early March, Altman acknowledged that the deal "looked opportunistic and sloppy" and said OpenAI was making "some additions" to the contract language.30 Critics noted that the published excerpts of OpenAI's contract were purposefully vague and contained potential carve-outs that could allow intelligence agencies to conduct surveillance activities under different legal authorities.31

This episode is further complicated by OpenAI's corporate evolution. On October 28, 2025, the company completed its restructuring as a public benefit corporation. The original nonprofit retained a $130 billion stake. Microsoft held a $135 billion stake.32 OpenAI's fiduciary obligations now run — at least in part — to shareholders, not exclusively to a mission statement about beneficial AI.

What Congress has not done

Across the analytical spectrum, one conclusion is nearly unanimous: Congress should legislate.

The Electronic Frontier Foundation argued that "privacy protections shouldn't depend on the decisions of a few powerful people," calling for statutory constraints on military AI use and surveillance.33 Lawfare's analysis by Alan Rozenshtein made the case more specifically: Congress should define which AI systems the military may purchase and under what conditions, establish mandatory requirements that companies must build into government-sold systems, and impose transparency obligations on both buyers and sellers.34

The International AI Safety Report, published in January 2025 under the leadership of Yoshua Bengio with contributions from 96 experts across 30 countries, recommended that governments "develop independent regulatory bodies for frontier AI" rather than relying on industry self-governance or executive discretion.35 The United States has done neither.

The fragility of executive action as a governance mechanism was demonstrated with unusual clarity in January 2025, when a single presidential signature rescinded the most comprehensive AI safety framework the federal government had ever produced. Executive Order 14110 had been the product of months of inter-agency work, industry consultation, and public comment. It was eliminated in a sentence.36

Without legislation, the rules governing military AI in the United States are whatever the current Secretary of Defense and the current CEO of the winning bidder agree to in a given quarter. Those rules carry no force beyond the tenure of the individuals who negotiated them.

Concentration and entanglement

The Anthropic crisis did not occur in a competitive market. It occurred in an oligopoly.

The United States controls approximately 75 percent of global AI supercomputer capacity.37 Planned American investment in AI infrastructure for 2026 — dominated by the Stargate consortium — is projected at $650 billion, dwarfing Europe's $47 billion.38 The market for frontier general-purpose AI models is served by a handful of companies, of which Anthropic and OpenAI are two of the most prominent.

The Stargate Project deepens this concentration. A single $500 billion joint venture binds the government's now-preferred AI company (OpenAI), a major cloud infrastructure provider (Oracle), and a foreign capital partner (SoftBank, a Japanese conglomerate whose chairman also serves as the venture's chairman).39 This is not a competitive procurement landscape. It is a structural entanglement between the state and a small number of private actors, with dependencies that will be difficult to unwind.

The FASCSA designation against Anthropic demonstrated the practical consequences of this concentration. Within days, defense contractors — including Lockheed Martin — began removing Anthropic's AI from their systems.40 Not because of a technical deficiency or a performance failure. Because of an administrative designation. The government reshaped the commercial AI market through a single executive action, without legislation, judicial review, or public deliberation.

For other AI companies, the lesson is clear. Anthropic's safety restrictions were among the most well-defined and publicly documented in the industry. They were consistent with the recommendations of the International AI Safety Report and with the stated policies of every major Western AI company. The company was punished not for doing something unusual, but for being the first to enforce its stated commitments contractually against its most powerful customer.

The rational corporate response to this signal is to avoid binding restrictions that could trigger similar retaliation. Voluntary safety policies may persist — they are costless as long as they are not tested. But the Anthropic precedent establishes that the test, when it comes, carries consequences that extend far beyond the loss of a single contract.

Sovereignty beyond America

Three models

The Anthropic crisis is an American story, but its implications are global. The three major AI powers have each adopted a fundamentally different answer to the question of who holds sovereignty over artificial intelligence.

The United States pursues an industry-led model: private companies develop and control frontier AI, the government removes regulatory barriers and serves as a large customer, and governance is handled through bilateral negotiation and executive action. The Anthropic crisis exposed the internal tensions of this approach.

The European Union pursues a rights-based regulatory model. The EU AI Act, the most comprehensive AI governance framework in the world, uses a risk-tiered approach: certain AI practices are prohibited outright (social scoring, real-time biometric surveillance in public spaces), high-risk applications require conformity assessments, and general-purpose AI providers face transparency and safety obligations.41 The Act's provisions are being phased in between 2025 and 2026, overseen by the newly established EU AI Office. The framework is prescriptive and institutionally durable — it will not vanish with a change of government.

China pursues what Beijing calls "algorithmic sovereignty" — comprehensive state control over AI development, deployment, and the data infrastructure that underpins both. Rather than a single comprehensive law, China has released industry-specific AI regulations covering algorithmic recommendations, generative AI, and deep synthesis technology, each with registration, labelling, and security review requirements.42 The PLA has reportedly integrated domestically developed models, including DeepSeek, into military systems for non-combat duties, drone swarm decision-making, and battle simulation.43

These are not merely regulatory differences. They reflect fundamentally incompatible visions of the relationship between the state, private enterprise, and citizens in the age of AI.

The upstream dependency problem

For the rest of the world, the American crisis carries a more immediate lesson.

Georgetown's Center for Security and Emerging Technology published a detailed analysis of what it terms the "sovereignty gap" in American AI statecraft. Its central finding is that Washington offers allies "deployment-layer" sovereignty — operational control at the point of deployment, using American-built technology. But what partner nations increasingly seek is independence from upstream US-controlled dependencies: the chips that train models, the cloud infrastructure that hosts them, and the foundational models themselves.44

The reasons are practical, not ideological. The American AI Exports Program lacks non-disruption guarantees, exit rights, data residency commitments, and clarity on jurisdictional exposure under the CLOUD Act. European officials have privately referred to a technology "kill switch" — the theoretical ability of Washington to revoke access to AI infrastructure at will.45

The Anthropic-Pentagon crisis transformed this theoretical concern into an observable fact. A single administrative designation by the United States government removed one of the world's leading AI companies from the entire federal technology stack overnight. Any allied government that had built systems on Anthropic's technology — or that was considering building on any American AI provider — witnessed a demonstration of how quickly access can be revoked, and for what reasons.

By January 2026, nearly 130 government-backed sovereign AI projects existed across more than 50 countries.46 France had pledged 109 billion euros to sovereign AI infrastructure through 2030, positioning Mistral AI as Europe's alternative to American frontier models.47 India's IndiaAI Mission committed $1.25 billion, including the BharatGen project for linguistic sovereignty across 22 languages.48 The sovereign cloud market is projected to grow from $154 billion in 2025 to $823 billion by 2032.49

The European investment gap remains enormous — $47 billion against America's $650 billion. Independence from upstream American AI dependencies will be difficult in practice. But the strategic motivation has never been clearer, and the Anthropic precedent provides precisely the evidence that sovereign AI advocates in allied capitals needed to make their case.

What safety means now

Before February 2026, the discourse around AI safety was primarily technical and philosophical. Researchers debated alignment methodologies, interpretability techniques, evaluation frameworks, and responsible scaling policies. The question was how to make AI systems safe — what techniques, what standards, what benchmarks.

The Anthropic crisis added a dimension that the technical safety community had not fully reckoned with: the political economy of safety. It demonstrated that safety restrictions are not free. They carry commercial risk, and that risk is not hypothetical. It can materialise in a single afternoon.

Anthropic's restrictions were not radical. The prohibition on mass domestic surveillance and autonomous weapons targeting is consistent with the recommendations of the International AI Safety Report.50 It is consistent with the stated policies of every major Western AI company, including OpenAI.51 It is consistent with the principles endorsed by governments at the AI Safety Summits in Bletchley Park and Seoul. Anthropic did not attempt to prevent the military from using AI. It attempted to prevent specific uses that it judged to be incompatible with its safety commitments. The novelty was not the restrictions themselves. It was the willingness to enforce them contractually against the most powerful customer in the market, and to maintain that enforcement in the face of an explicit threat.

The chilling effect operates at two levels.

At the corporate level, AI companies will be reluctant to impose binding safety restrictions on government customers. Voluntary safety policies may persist in marketing materials and annual reports — they are costless as long as they are never tested against a powerful counterparty's interests. But the Anthropic precedent establishes that contractually enforceable restrictions, the only kind that matter when interests diverge, can trigger existential commercial consequences.

At the research level, safety researchers working inside AI companies now operate with a new piece of information: their work can become a commercial and political liability. The alignment team that identifies a risk, the red team that documents a vulnerability, the policy team that recommends a restriction — each of these functions now carries the knowledge that its outputs, if they lead to contractual limitations that a government customer finds inconvenient, can place the entire company at risk.

This does not mean that safety work will stop. The technical challenges of alignment, interpretability, and evaluation remain real, and the talent working on them is motivated by more than commercial incentive. But the institutional conditions in which that work occurs have changed. The question is no longer only "can we solve alignment?" It is also "will the companies that solve it be allowed to deploy their solutions?"

The question that remains

The Anthropic-Pentagon crisis is, as of this writing, one day old. Its legal, commercial, and geopolitical consequences will unfold over months and years. Lawfare has already argued that the FASCSA designation is unlikely to survive legal challenge.52 The Electronic Frontier Foundation has called for Congressional legislation to fill the governance vacuum.53 Defense contractors are rearchitecting systems built on Anthropic's technology. Allied governments are reassessing their dependence on American AI infrastructure. And the full text of OpenAI's Pentagon contract — the one that ostensibly contains the same restrictions Anthropic was punished for — remains unpublished.

But the structural question that the crisis illuminated precedes this specific dispute, and it will outlast it.

In a democratic society, who decides the limits of military AI? Not the limits of what AI can do — those are set by physics and engineering, and they will continue to expand. The limits of what AI should be permitted to do — which decisions it may make autonomously, which populations it may surveil, which processes of targeting and killing may be delegated to a system that no human being fully understands.

That question has no answer today. Not because it is unanswerable, but because no institution with democratic legitimacy has yet been asked to answer it. Congress has not legislated. The courts have not adjudicated. No regulatory body has been established. No international framework has been ratified.

Until one is, the answer will continue to be set by whoever is in the room when the contract is signed.

Footnotes

  1. Federal Acquisition Supply Chain Security Act designation order against Anthropic PBC, issued by Secretary of Defense Pete Hegseth, 27 February 2026.

  2. "Trump orders US government to cut ties with Anthropic AI," ABC News, 27 February 2026.

  3. "A Timeline of the Anthropic-Pentagon Dispute," TechPolicy.Press, 28 February 2026.

  4. Dario Amodei, public statement on the Pentagon contract, 26 February 2026.

  5. "OpenAI sweeps in to snag Pentagon contract after Trump bans Anthropic," Fortune, 28 February 2026.

  6. "Pentagon Designates Anthropic a Supply Chain Risk: What Government Contractors Need to Know," Mayer Brown, March 2026.

  7. Anthropic Acceptable Use Policy; incorporated by reference into the July 2025 Department of Defense contract. Terms as described in Amodei's February 26 public statement.

  8. Pete Hegseth, "Artificial Intelligence Strategy for the Department of War," Department of Defense memorandum, 9 January 2026.

  9. Pete Hegseth, "Transforming the Defense Innovation Ecosystem," Department of Defense memorandum, 9 January 2026. The memo directed "any lawful use" language in DoD AI services contracts.

  10. Executive Order 14110, "Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence," signed 30 October 2023, rescinded 20 January 2025.

  11. Executive Order 14179, "Removing Barriers to American Leadership in Artificial Intelligence," 23 January 2025.

  12. "Winning the Race: America's AI Action Plan," The White House, 23 July 2025. Accompanied by three executive orders addressing AI exports, data centre permitting, and federal AI procurement.

  13. "Ensuring a National Policy Framework for Artificial Intelligence," Executive Order, 11 December 2025.

  14. Ashley Gold, "Exclusive: Pentagon threatens to cut off Anthropic over AI safeguards," Axios, 15 February 2026.

  15. "Pentagon Releases Artificial Intelligence Strategy," Inside Government Contracts, February 2026; Pete Hegseth ultimatum to Dario Amodei, 24 February 2026.

  16. Dario Amodei, public statement, 26 February 2026.

  17. The Federal Acquisition Supply Chain Security Act (FASCSA) was enacted as part of the SECURE Technology Act of 2018 (P.L. 115-390). It authorises exclusion and removal orders for products or services that pose supply chain risks to the federal government.

  18. Executive Order 14179, preamble and Section 1.

  19. "What is Stargate, Trump's ambitious AI infrastructure venture?" CBS News, January 2025. See also: "What Just Happened: Trump's Announcement of the Stargate AI Infrastructure Project," Just Security, January 2025.

  20. "Trump-backed Stargate project unveils plans for 5 AI sites," E&E News, September 2025.

  21. FASCSA, P.L. 115-390, Title II. The first known FASCSA exclusion order was issued in October 2025 against Acronis AG, a Swiss cybersecurity firm, limited to intelligence community contracts.

  22. "Pentagon Designates Anthropic a Supply Chain Risk: What Government Contractors Need to Know," Mayer Brown, March 2026.

  23. "Pentagon's Anthropic Designation Won't Survive First Contact with the Legal System," Lawfare, February 2026.

  24. The Atomic Energy Act of 1946 (McMahon Act) established federal control over all aspects of nuclear energy, placing nuclear materials, facilities, and information under the authority of the Atomic Energy Commission.

  25. The "crypto wars" of the 1990s centred on the Clinton administration's Clipper Chip proposal and export controls on strong encryption. The restrictions were ultimately relaxed through a combination of legislative pressure, industry lobbying, and the court ruling in Bernstein v. United States (1996).

  26. The FBI's 2016 demand that Apple create a modified version of iOS to bypass the passcode on the San Bernardino shooter's iPhone. Apple refused publicly; the FBI ultimately accessed the device through a third-party tool, rendering the legal question moot.

  27. "The Sovereignty Gap in U.S. AI Statecraft," Center for Security and Emerging Technology, Georgetown University, 2026.

  28. Sam Altman, public statement on OpenAI's Pentagon contract, 28 February 2026. As reported by NPR: "OpenAI announces Pentagon deal after Trump bans Anthropic," 27 February 2026.

  29. As of 27 February 2026, neither the Anthropic nor the OpenAI Pentagon contract has been released in full. Analysis of contract terms relies on published excerpts, company statements, and legal commentary.

  30. Sam Altman, as reported by CNBC: "OpenAI's Altman admits defense deal 'looked opportunistic and sloppy,'" 3 March 2026.

  31. "How to Think About the Anthropic-Pentagon Dispute," TechPolicy.Press, March 2026. Critics noted that OpenAI's published excerpts contained language that could allow intelligence agencies to conduct surveillance under authorities separate from the DoD contract.

  32. "OpenAI completes its for-profit recapitalization," TechCrunch, 28 October 2025.

  33. "Anthropic-DOD Conflict: Privacy Protections Shouldn't Depend on Decisions of a Few Powerful People," Electronic Frontier Foundation, 3 March 2026.

  34. Alan Rozenshtein, "Congress — Not the Pentagon or Anthropic — Should Set Military AI Rules," Lawfare, March 2026.

  35. International AI Safety Report, led by Yoshua Bengio, with contributions from 96 experts across 30 countries, published January 2025.

  36. Executive Order 14110 was rescinded by presidential memorandum on 20 January 2025. The order had been signed on 30 October 2023.

  37. Estimate from the Council on Foreign Relations: "The AI Sovereignty Paradox at Home and Abroad," February 2026.

  38. Ibid. Investment figures include the Stargate Project's committed capital and announced government and private-sector spending for 2026.

  39. "What is Stargate, Trump's ambitious AI infrastructure venture?" CBS News, January 2025.

  40. "Lockheed, defense contractors removing Anthropic's AI after Trump ban," Reuters via The Daily Record, 4 March 2026.

  41. Regulation (EU) 2024/1689 (the AI Act). Prohibitions on unacceptable-risk practices took effect 2 February 2025; general-purpose AI obligations took effect 2 August 2025; remaining provisions apply from 2 August 2026.

  42. "Comparative Global AI Regulation: EU, China, and the US," arXiv:2410.21279, October 2024. China's regulatory approach includes the Algorithm Recommendation Regulation (2022), the Deep Synthesis Regulation (2023), and the Generative AI Measures (2023).

  43. "China Accelerates Military AI Drive With DeepSeek Model," The Defense Post, 29 October 2025. See also: "DeepSeek Use in PRC Military and Public Security Systems," Jamestown Foundation, 2026.

  44. "The Sovereignty Gap in U.S. AI Statecraft," Center for Security and Emerging Technology, Georgetown University, 2026.

  45. Ibid. The CLOUD Act (Clarifying Lawful Overseas Use of Data Act, 2018) allows US law enforcement to compel disclosure of data stored by US-headquartered companies regardless of where the data is physically located.

  46. "Sovereign AI in a Hybrid World: National Strategies and Policy Responses," Lawfare, 2026.

  47. "Sovereign AI: Building Ecosystems for Strategic Resilience and Impact," McKinsey, 2025.

  48. "Sovereign AI: Pathways to Strategic Autonomy," International Institute for Strategic Studies, August 2025.

  49. "Sovereign AI in a Hybrid World," Lawfare, 2026; sovereign cloud market projections from industry analysis cited therein.

  50. The International AI Safety Report (2025) recommended against the deployment of AI in fully autonomous weapons systems without meaningful human control, and called for restrictions on AI-enabled mass surveillance.

  51. OpenAI's own usage policies, as of February 2026, include prohibitions on surveillance and weapons applications substantially similar to Anthropic's AUP.

  52. "Pentagon's Anthropic Designation Won't Survive First Contact with the Legal System," Lawfare, February 2026.

  53. "Anthropic-DOD Conflict: Privacy Protections Shouldn't Depend on Decisions of a Few Powerful People," Electronic Frontier Foundation, 3 March 2026.