Anthropic urges U.S. to tighten chip export controls, calls to ban 'distillation'

Anthropic has tied two separate arguments together this month: who gets access to frontier AI capability, and what happens when that capability starts surfacing real cyber risk. In a May 14 research paper, the company said the United States and its allies should tighten export controls on advanced AI chips, close loopholes that let Chinese firms reach overseas compute, and move against what it calls “distillation attacks.” (anthropic.com) The company’s case is that compute remains the core bottleneck. (anthropic.com) Anthropic wrote that the most capable chips are designed by American companies and said China’s AI progress has been helped by loopholes in export controls and by large-scale extraction of model behavior from U.S. systems. (msn.com) ### What exactly is Anthropic asking Washington to do? Anthropic’s May 14 paper framed 2028 as the deadline by which “transformative AI systems” could arrive and said policymakers still have a limited window to shape the competition between the United States and China. The company said one scenario would leave democracies setting AI rules and norms, while another would allow “authoritarian regimes” to shape them if Washington does not act. (anthropic.com) Anthropic has also separately argued for stronger enforcement of the U.S. “Diffusion Rule” and for lower thresholds that would require export licenses for advanced chips. In its public materials, the company has said maintaining America’s “compute advantage” is essential to national security and economic strength. (anthropic.com) ### What does Anthropic mean by “distillation attacks”? Anthropic said in a Feb. 23 post that “distillation” is normally a legitimate way to train a smaller model on the outputs of a stronger one. Its complaint is about unauthorized use: competitors creating large numbers of fake accounts, querying frontier models at scale, and using the outputs to improve their own systems. (anthropic.com) The company named DeepSeek, Moonshot and MiniMax as labs involved in what it called industrial-scale campaigns. Anthropic said those campaigns generated more than 16 million exchanges with Claude through about 24,000 fraudulent accounts, in violation of its terms of service and regional restrictions. (anthropic.com) Anthropic’s argument is that illicit distillation weakens export controls because it lets foreign labs capture capabilities without independently building them at the same cost or speed. The company also said distilled systems may not preserve the safeguards U.S. labs use to block uses such as malicious cyber activity or bioweapons development. (anthropic.com) ### Why did the cyber issue flare up at the same time? Anthropic said on May 18 it was revising its earlier position on information-sharing for Mythos, its restricted cybersecurity model, to allow users to share cyber threat information with others exposed to similar vulnerabilities. Reuters reported the change on Monday. (anthropic.com) Cloudflare said on May 19 that Mythos Preview could do more than flag isolated bugs. In tests across more than 50 internal and open-source repositories, the company said the model could connect lower-severity flaws into attack chains and generate proof-of-concept code to test exploitability. (anthropic.com) Cloudflare also said Mythos still produced false positives and inconsistent refusals, leaving human reviewers to sort real vulnerabilities from noise. Its testing was conducted through Project Glasswing, Anthropic’s program for defensive security work. ### How do these two threads fit together? (msn.com) Anthropic’s public position is that frontier AI creates both strategic advantage and misuse risk. Its policy paper argues for restricting access to the highest-end inputs for model development, while its Mythos changes broaden the flow of defensive threat information once vulnerabilities are found. The next public markers are already on the calendar. (newsbytesapp.com) Anthropic’s May 14 paper remains posted on its research site, and Reuters reported on May 18 that the company is revising Mythos sharing rules as partners, governments and critical-infrastructure operators continue testing the model’s findings. (anthropic.com)