For generations, technology export controls referred to the transfer of source code to other countries. But that no longer works, as the latest Anthropic fight with the US Commerce Department makes clear. On Friday, Anthropic announced that it had received instructions from Commerce “to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Anthropic models will not be affected.” Technically, the Commerce letter doesn’t explicitly say that, but lawyers and consultants argue that, when combined with an earlier executive order declaring Anthropic a supply chain risk, that very well might be what it means. What the Commerce letter says is that Anthropic needs a license to export Fable 5 and Mythos 5 (a “deemed export“), listing four circumstances in which that license would be required: “The sending or taking of the model out of the United States in any manner; The sending or taking of the model from one foreign country to another in any manner; Retransferring the model within a single foreign country; or the release of the model to a ‘foreign person’ in the United States or a foreign country.” Restricts capabilities not code Although moving a model has historically meant transferring the source code, most experts argue that the definition has changed for all SaaS deployments, and could now be interpreted as referring to any access to the models. “This is not just about data sovereignty anymore. It is about capability sovereignty, where governments want to control who has access to frontier AI capabilities, irrespective of who built it, where it is hosted, or who worked on it,” said Valence Howden, advisory fellow at Info-Tech Research Group. “The reference to deemed exports is important, because traditionally that would apply to source code, technology, or technical knowledge being transferred,” he said. “In this case, the thing crossing borders is not necessarily the model itself, but it is access to the capability. That is a significant shift, and signals the real intent behind the AI arms race. The focus is moving from controlling the technology to controlling access to the outcomes the technology can produce.” Mark Rasch, a former federal prosecutor who specializes in legal technology issues, agreed. “I don’t need to have the source code physically resident in order to take advantage of the capabilities of that code. Today, the location of the source code is irrelevant.” Practical challenges There are two practical issues involved. The first is that a large part of Anthropic’s workforce is not US citizens, and some of them have direct access to the source code for these models. But the potentially more daunting issue is that today it is difficult, if not impossible, to identify the citizenship of any AI user, which might force companies to assume that everyone might be unauthorized. In fact, said Yuri Goryunov, CIO of consulting firm Acceligence, “there is no way to check citizenship through an API call. Besides, three-quarters of Americans don’t have passports.” Consultant Brian Levine, executive director of FormerGov, added that the issue will make life difficult for CIOs even if the Commerce position is viewed as dubious. “Regardless of the strength of Commerce’s position, once it issues an ‘Is Informed’ letter, every unlicensed interaction with a foreign person becomes a potential violation, and the safest move is often to halt access until a licensing path exists,” he said. This means that enterprise CIOs need to approach AI contracts with the knowledge that any government can now declare the product legally unavailable, with no notice. Sovereignty has climbed the stack Howden said that this shift will force CIOs to strongly consider non-US AI models such as France’s Mistral or even China’s DeepSeek, “to reduce the concentration risk attached.” “There are hundreds out there that are very good. It is very easy to sit in the bubble of the four or five we know,” Howden said. “Enterprise CIOs think it’s a much more limited market than it really is.” Sanchit Vir Gogia, chief analyst at Greyhound Research, said that enterprise executives now need to take the significant import rule changes into account when selecting AI models. “The harder truth is that sovereignty has climbed the stack,” he said. “The wall no longer stands around the database, it now stands around the intelligence layer itself. Under the export-control frame, it covers the release of controlled technology or source code to a foreign person, including one standing inside the United States. The border follows the person, not the parcel. Source code is part of the doctrine, but it is not the whole of it.” He added, “the difficulty is that the cited rules speak of technology and source code, while the letter reaches for the model itself. A hosted model hands the user no weights and no code. It hands them inference, and inference is a capability, not a file.” Ultimately, Gogia said, Anthropic’s decision to cut off model access to everyone immediately “was a rational answer to an impossible instruction. A frontier model can now vanish for reasons unconnected to uptime, price or performance. The same models that help secure systems can be withdrawn at the moment defenders most need them.” This article originally appeared on CIO.com.