The Pentagon designated Anthropic a national security threat — because the company refused to remove two ethical restrictions from Claude. The dispute produced contradictory court rulings, an industry revolt, and a precedent that every founder building on US AI infrastructure should understand.
On February 26, 2026, Anthropic published a quiet statement on its website. No product announcement, no earnings update — just a principle: the company would not allow Claude to be used for mass domestic surveillance of Americans without judicial oversight, or for fully autonomous weapons systems without human authorization. The next day at 5:01 p.m., Pete Hegseth's deadline expired.
Anthropic hadn't moved.
The Standoff
The conflict had been building for months. Emil Michael, the Defense Undersecretary for Research and Engineering, said he'd spent three months in negotiations with Anthropic walking through specific military scenarios — a Chinese hypersonic missile with a 90-second response window, an autonomous laser system defending sleeping soldiers. Anthropic would grant exceptions case by case. That wasn't enough for Michael. "I can't predict for the next 20 years what all the things we might use AI for," he said on the All-In podcast. The Pentagon's demand: "all lawful use," no contractor-imposed restrictions, no exceptions framework.
Klingt interessant?
The concrete stakes were the Golden Dome program — Trump's proposed missile defense shield designed to extend U.S. defensive weapons into space, with a significant degree of autonomous targeting. Anthropic's position wasn't a political stance. The company argued its models "are simply not reliable enough to power fully autonomous weapons" and that no mass domestic surveillance should occur regardless of stated justification.
The administration's response came immediately. Trump ordered all federal agencies to stop using Claude. The Pentagon — which the Trump administration has rebranded as the Department of War — invoked supply-chain security statutes designed to exclude foreign adversaries from national security systems. It was the first known use of those statutes against an American company.
What was at stake: a two-year prototype agreement worth up to $200 million, Anthropic's only clearance for classified military systems, running through Palantir and AWS FedRAMP. That wasn't a side business — Anthropic projects $14 billion in revenue for 2026, with more than 500 customers paying at least $1 million annually.
Into the Courts
Anthropic sued on March 9. Two simultaneous filings: one in the Northern District of California challenging Trump's executive order as an unconstitutional violation of First Amendment and due process rights, and another before the D.C. Circuit Court of Appeals contesting the supply-chain designation. "These actions are unprecedented and unlawful," the California complaint read. "The Constitution does not allow the government to wield its enormous power to punish a company for its protected speech."
The California case moved quickly. At a March 24 hearing in San Francisco, Judge Rita Lin called the Pentagon's actions "troubling" and questioned whether the supply-chain designation was actually "tailored" to any real security concern — or whether the Defense Department could simply stop using Claude if that was the worry. On March 26, she issued a 43-page preliminary injunction blocking enforcement of both the ban and the designation, finding the government had likely acted in bad faith out of frustration over Anthropic's public refusal.
The D.C. Circuit came down differently. On April 8, a three-judge panel declined to issue a stay, writing that it didn't want to "lightly override" military judgments on national security, particularly "in the middle of a significant ongoing military conflict" — a reference to the ongoing U.S. war against Iran, in which Claude has been deployed. Two courts, two contradictory rulings. Oral arguments in D.C. are scheduled for May 19, and a final resolution is months away.
Who Said What
The industry reaction was immediate. More than 30 senior AI researchers from Google and OpenAI — including Jeff Dean, Google's chief scientist and head of its AI research division — filed an amicus brief with the court in their personal capacity. "National security is not served by reckless designations of the military's American technology partners as a 'supply chain risk' or the suppression of public discourse on AI safety," the brief read. (AP News, March 9, 2026)
OpenAI CEO Sam Altman took the opposite path. Hours after the government sanctioned Anthropic, his company signed its own Pentagon deal. The timing drew immediate backlash. Altman later acknowledged the error: "We were genuinely trying to de-escalate things and avoid a much worse outcome, but I think it just looked opportunistic and sloppy." (CNBC, March 3, 2026) OpenAI's head of robotics, Caitlin Kalinowski, then resigned. "AI has an important role in national security," she wrote. "But surveillance of Americans without judicial oversight and lethal autonomy without human authorization are lines that deserved more deliberation than they got."
Consumers had opinions too. According to Sensor Tower data, one-star reviews for ChatGPT surged 775% on February 28, the same day ChatGPT uninstalls jumped 295% day-over-day. Claude hit the number-one spot on the U.S. App Store for the first time. (TechCrunch, March 2, 2026)
What's Actually Unprecedented
Comparisons to Apple vs. the FBI in 2016 and Google's Project Maven dispute in 2018 come up often, and both are instructive. Apple refused to build a backdoor into a shooter's iPhone; the FBI found its own workaround; Apple paid no real price. Google declined to renew a contract for AI-assisted drone targeting after internal employee pressure. In both cases, the company said no, and the government moved on.
The Anthropic case doesn't follow that pattern. Here, the executive branch reached not for a court order, but for a national security instrument designed to keep Chinese telecom vendors out of military infrastructure — and turned it against a domestic company because of a policy disagreement. Michael Pastor, a professor at New York Law School, told AP News: "I've never seen a case like this. It would never have struck our minds that, when we were having difficulty in a negotiation, we would threaten the company essentially with destruction."
The Trump administration has made a pattern of deploying contracting power as leverage — against law firms, universities, and now AI labs. What Anthropic is fighting isn't just a contract dispute. It's a test of whether the executive branch can effectively dictate the policy positions of private technology companies by threatening their access to government revenue.
The Infrastructure Question Every Founder Should Ask
If your product runs on Claude, GPT-4, Gemini, or any other proprietary US model — via API, AWS Bedrock, or Azure OpenAI — the Anthropic case exposes a blind spot. A single government decision, made in Washington, can terminate or restrict access to the AI layer your product depends on. No EU AI Act provision, no GDPR clause reaches into that decision. This isn't a theoretical risk. It's an active case with two contradictory preliminary rulings and no final outcome yet.
The risk isn't symmetrical. A US startup faces disruption. A German healthtech or an Austrian fintech routing sensitive patient or financial data through a US model faces something more fundamental: a structural dependency on infrastructure whose continued availability is subject to political conditions set in a foreign capital.
This is exactly why nopex exists — not because AI infrastructure sovereignty makes for a good pitch deck, but because this kind of dependency was always going to materialize eventually. We build the infrastructure for companies and institutions in Europe to run AI on open models, on-premises or in European data centers, with no US cloud dependency. No model that Washington can switch off. No terms of service that shift with the political weather. GDPR-compliant by design. And no foreign government ministry that can label your stack a supply-chain risk — regardless of what the next election cycle brings.
The Anthropic case asks a simple question for anyone deploying AI in critical processes: whose infrastructure is this, really?
