Claude’s Most Powerful Model Was Paused by the U.S. Government. Chinese Users Are Not Surprised.

The most interesting part of this story is not that Claude has another powerful model.

It is that the timeline looks almost too perfect.

On June 1, Anthropic announced that it had confidentially submitted a draft S-1 registration statement to the U.S. SEC, preparing for a potential IPO. On June 9, it released Fable 5 and Mythos 5, describing Fable 5 as its most powerful broadly available model and Mythos 5 as a more sensitive and restricted model. On June 12, it said the U.S. government had issued an export control directive requiring it to suspend access to Fable 5 and Mythos 5 by any foreign national, so it had to disable the two models for all customers.

If you say this is regulation, I believe it.

If you say this is Anthropic being caught by its own “our models are powerful and dangerous” narrative, I also believe it.

But if you say there is no IPO narrative value in this at all, I find that hard to believe.

Anthropic has built a very distinct image over the past few years: it is not just another AI company, but the AI company that cares most about safety, talks most openly about risk, and is most willing to push for regulation.

That image has benefits.

Capital markets like it. Governments like it. The media likes it too.

Because Anthropic is not just selling a chatbot. It is selling a higher-level story: our models are too powerful to release casually, too dangerous to ignore, and important enough to be discussed in national security terms.

Now comes the problem.

If you repeatedly say your models are powerful, dangerous, and in need of government oversight, can you really act completely surprised when the government one day says: fine, then foreign nationals cannot use this one for now?

Anthropic’s response this time is also interesting.

It did not say the U.S. government had no authority to regulate. It said the directive was abrupt, that the government had not provided specific national security details, and that the concern appeared to involve a narrow, non-general jailbreak. In plain language: regulation may be necessary, but you should not lock down the whole building just because a very specific door trick might exist.

That sounds reasonable.

But from the outside, it is hard not to wonder.

Anthropic filed for an IPO, released its strongest model, and then the U.S. government paused access. The story the market hears is: this model is so powerful that the government does not dare let foreign nationals use it.

That is a very strong story.

I cannot say Anthropic and the U.S. government staged this together. There is no evidence for that.

But I also cannot treat it as a simple technical safety incident. It looks more like three narratives colliding: Anthropic’s long-running safety narrative, the U.S. government’s national security narrative, and the IPO market’s love of scarce strategic assets.

For ordinary people, the first question is simple: how did an AI model become a national security issue?

To understand that, you need to know what Fable 5 and Mythos 5 are.

A normal chat model is like a very smart customer service agent. You ask, it answers.

A model like Fable 5 is different. Anthropic emphasizes long-horizon tasks, software engineering, knowledge work, visual reasoning, and scientific work. The stronger the task, the more distance it tries to put between itself and ordinary models. Anthropic also said Fable 5 and Mythos 5 can work more autonomously than previous Claude models, with pricing at $10 per million input tokens and $50 per million output tokens.

This is no longer just customer service.

It is closer to a senior employee who can take on complex work.

If you ask it to work on code, it may not only give suggestions; it may migrate, refactor, verify, and iterate across a large project. If you ask it to analyze, it may reason across many documents and charts. If you ask it to work on security, it may help find vulnerabilities, build exploit paths, and write validations.

Security is where things get sensitive.

Anthropic’s Project Glasswing claimed that Mythos Preview discovered many high-severity zero-day vulnerabilities across major operating systems and browsers. Cloudflare also wrote that when it ran Mythos Preview against more than 50 repositories, it saw a real leap, while also noting that practical use still required workflow design, validation, and human judgment.

So the concern is not science fiction.

The U.S. government is not worried about people using Claude to write essays.

It is worried that a sufficiently powerful model could make cyber operations, vulnerability discovery, and automated penetration cheaper, faster, and easier to replicate.

That is why frontier AI is starting to resemble chips, cloud services, satellite navigation, and payment rails.

It is no longer just a product.

It is becoming a capability.

And capabilities get regulated.

Why are Chinese users not surprised?

Because they have already experienced the door getting narrower, step by step.

First came the account layer.

Anthropic’s own transparency page says that from July to December 2025, it banned 1.45 million accounts, received 52,000 appeals, and reversed only 1,700 of them. This is not a number of Chinese accounts, and it should not be described that way. But in Chinese developer communities, Claude accounts being unstable, paid accounts being flagged, and appeals being opaque have long been part of the user experience.

Then came the region layer.

Mainland China has long been outside Claude’s supported regions. Many users simply got used to the idea that access might work today and vanish tomorrow.

Then came the ownership layer.

In September 2025, Anthropic updated its restrictions on unsupported regions. It explicitly named China and said companies from unsupported regions could continue accessing services through overseas subsidiaries, so it would restrict entities more than 50% directly or indirectly owned by unsupported-region entities, no matter where they were incorporated or operated.

In plain language:

First, if you are in China, you may not get access.

Then, if your company has Chinese ownership, even if it is registered overseas, you may still lose access.

Then, account risk controls can block you without much explanation.

Now, the most advanced models are being brought into export controls, and foreign nationals are told not to touch them.

Each step can be explained as compliance, safety, risk control, or national interest.

Taken together, the door is getting smaller.

That is why Chinese users do not see the Fable 5 and Mythos 5 suspension as a completely new story. The feeling is more like: finally, it is not just Chinese users anymore; foreign nationals as a whole have entered the rulebook.

To be clear, this directive is not only about China. Anthropic’s statement refers to any foreign national, including foreign nationals inside the United States and even Anthropic’s own foreign national employees. Reuters reported that U.S. officials confirmed the Commerce Department directive, and that AWS said Anthropic had asked it to revoke access to the two models for all users in all regions.

So this is not simply “the U.S. targeting China again.”

But Chinese users feel it most clearly, and that is also true.

We have been trained repeatedly: the account is not yours, the access right is not yours, and the model capability is not yours. Paying gives you temporary permission to use. If the platform, policy, risk control system, or national security layer changes, you line up again.

For technical people, the useful lesson is not the emotional one.

Complaining about Anthropic or the U.S. government may feel satisfying, but it does not help your project.

The real bill is elsewhere.

If you build an AI product and hard-code its core capability to Fable 5, what happens to your customers when the model is turned off?

If your AI agent is marketed as “powered by the strongest Claude,” what do you do when access changes tomorrow? Downgrade to another Claude model? Switch providers? Tell customers you are sorry?

If you are the technical lead in a small company and your boss asks why an AI feature suddenly stopped working, you cannot answer: because the U.S. government, Anthropic, AWS, export control, jailbreak concerns, and IPO narratives collided.

The boss will not understand.

Customers do not care.

They only ask one thing: does the function I paid for still work?

This is the cost AI products often ignore.

In the past, we calculated model costs mostly by token price.

Input price, output price, context length, speed.

Now we need to add more lines to the bill:

Account suspension cost.

Model shutdown cost.

Regional restriction cost.

Customer migration cost.

Data policy change cost.

Replacement model quality loss.

Emergency engineering cost.

Anthropic also said that for Mythos-class models, it would retain traffic data for 30 days for safety and jailbreak research. It says the data will not be used to train new models and that privacy protections will apply, but for some enterprise customers, that is already a compliance issue.

So you think you are buying an API.

In reality, you are buying a whole supply chain.

Model company, cloud provider, account system, payment system, regional policy, data policy, export control, government directive. They are all on the chain.

If any link gets stuck, your product breaks.

That is why I increasingly dislike the idea of simply using whichever model is strongest.

Capability matters, of course.

But if your product has no model routing, no fallback, no domestic or open-source substitute, no user expectation management, and no abstraction layer you control, then what you are integrating is not only capability. It is risk.

For ordinary users, this can remain a story to watch.

You can say Anthropic got what it asked for by constantly saying its models were dangerous.

You can say the U.S. government acted too bluntly and hurt customers and developers.

You can say this is great-power competition, and frontier AI is no longer an ordinary internet service but a strategic resource.

All of these are partly true.

But for technical people, the useful conclusion is not taking sides.

It is going back to your own system and asking:

Is any core function dependent on a single model?

Have you overpromised to any customer?

Would any workflow stop completely if Claude became unavailable?

Have you tested a minimum viable substitute using domestic, open-source, or local models?

Have you turned prompts, tool calls, context, evaluations, permissions, and logs into your own transferable assets, instead of tying everything to one model provider?

This incident is not only bad news for domestic teams.

The more frontier models have borders, the more valuable domestic models, open-source models, local deployment, multi-model routing, enterprise AI gateways, and migration tools become.

These were not always sexy.

When the best model was overseas and easy to call through an API, they looked boring.

Now the real value may not be “I integrated the strongest model first,” but “I can still serve users when the model is restricted, more expensive, degraded, banned, or replaced.”

That is not sexy.

But it is real business.

As a small-company technical lead, I used to ask three questions when choosing tools: is it useful, is it expensive, and is it hard to integrate?

Now I have to ask three more: who can turn it off, when might it be turned off, and what is my backup plan?

I do not know whether Anthropic deliberately amplified this story before its IPO.

But one thing seems clear:

The stronger AI becomes, the less it looks like utilities, and the more it looks like a supply chain with borders, licenses, and political risk.

Ordinary users can watch the show and complain.

Technical people should probably go back and audit their toolchains.

The model you depend on today — do you really control it?

I am Lao Hua. Follow me to understand more about AI, tools, and information gaps.