Anthropic's CEO argued governments should be able to switch off dangerous AI. Days later, the government switched off Anthropic.
▲ 96 r/AI_Governance+3 crossposts

Anthropic's CEO argued governments should be able to switch off dangerous AI. Days later, the government switched off Anthropic.

In early June, Dario Amodei published an essay, "Policy on the AI Exponential", arguing that frontier AI should be regulated like aircraft or drugs: governments should be able to test the most powerful models and block or reverse a release if it fails safety standards. A lot of people, including me, thought that was a reasonable position.

Then the same month happened.

Anthropic shipped Fable 5 to the public with safety guardrails, and kept the unguarded version, Mythos 5, for a small group of vetted partners. US officials concluded there was a way to bypass Fable 5's guardrails, judged the model could meaningfully accelerate cyberattacks, and issued an export-control directive ordering Anthropic to suspend both models for every foreign national on Earth, including Anthropic's own non-citizen employees. Anthropic complied within hours.

So the company that argued the state should hold a kill switch for dangerous AI became the first to have that switch used on it.

What I keep turning over:

  • Is this Amodei being proven right, the system working exactly as he asked? Or a cautionary tale about who ends up holding the off switch once you build it?
  • Where is the line between safety regulation and regulatory capture that quietly locks frontier capability to a few approved players?
  • The directive caught allies too, since "any foreign national" includes UK, EU, Japanese and Korean businesses. Does a national-security framing on frontier models inevitably hit allied companies, not just adversaries?
  • If a model's own guardrails can be bypassed, is an external, government-held off switch the only control that actually works? And are we comfortable with who holds it?

Genuinely interested in where people land, especially on the principle-versus-capture question, because I can argue it both ways.

I wrote up the full sequence and what it means for businesses that depend on US models here: https://www.theprofessor.info/insights/frontier-ai-geopolitical-dependency

u/Existing_Scallion_66 — 7 days ago

A US directive just switched off two frontier AI models worldwide overnight. Does this actually make the case for "sovereign AI", or just for not single-sourcing your models?

Last week the US government issued an export-control directive that forced Anthropic to cut off all foreign access to Fable 5 and Mythos 5. Anthropic pulled both models for everyone, everywhere, three days after launching them. UK businesses that had built on them woke up locked out, in a dispute they had no part in.

A day later it landed in the House of Lords, with peers asking what it would take for the UK to have its own sovereign AI capability.

I went down the rabbit hole on the numbers and they reframed it for me:

  • Training a single frontier model now runs $78m to $191m in compute alone, heading past $1bn by 2027.
  • The UK's entire Sovereign AI Fund is £500m. That is roughly one training run before you pay anyone.
  • A UK model (Lumen Sovereign) is actually in build, but it is an upcycle of an existing architecture aimed at regulated sectors, not a clean-sheet OpenAI rival.

Where I landed: a national "build our own ChatGPT" framing is probably the wrong target. The realistic version is owning enough of the stack that you cannot be switched off, plus organisations simply refusing to be single-homed on one provider.

Genuinely unsure on a couple of things and would like other views:

  1. Is state-level sovereign AI worth the spend, or is it mostly prestige?
  2. For a normal business, is the real lesson just multi-provider resilience and exit clauses, rather than anything "sovereign"?

I wrote up the full breakdown with sources here (my own blog, mods permitting):https://www.theprofessor.info/insights/sovereign-ai-what-would-it-take

u/Existing_Scallion_66 — 18 days ago

The biggest AI risk in most boardrooms isn't the technology. It's that nobody in the room can tell when it's wrong.

I've spent the last couple of years helping senior leaders and boards get to grips with AI. The pattern is almost always the same, and it has very little to do with the tech itself.

Most leaders are perfectly capable people. But when AI comes up, something shifts. The same person who would happily challenge a financial assumption or pull apart a legal opinion goes quiet. They nod along. They assume the technical people have it covered, or they quietly worry that asking a basic question will make them look behind the curve.

That is an AI literacy gap, and from a governance point of view it is the part that should worry you most. You cannot govern what you cannot question.

A few things I have found actually help leaders close it, none of which need coding or a data science degree:

  • Learn to ask "how do we know this is right?" Treat an AI output like advice from a confident junior employee. Often useful, occasionally and very fluently wrong. Your job is to probe it, not accept it.
  • Understand where the data comes from. You don't need the maths. You do need to know what the system was trained on, what it cannot see, and where it is likely to be biased or out of date.
  • Separate the demo from the deployment. Almost everything looks brilliant in a sales demo. Governance happens in the messy reality of your actual processes, your actual data and your actual customers. Ask what happens when it fails, not just what happens when it works.
  • Get comfortable saying "I don't understand that, explain it again." The most dangerous person in the room is the one pretending to follow. Literacy starts with permission to ask.

None of this is about turning directors into engineers. It is about restoring the basic instinct to scrutinise that good governance depends on, and that a lot of the current AI hype is quietly eroding.

Curious how others here are handling it. Are your boards genuinely AI literate, or are they leaning on one or two technical people and hoping for the best?

Full disclosure: I run a programme on exactly this for boards and non-execs called AI Confident. Happy to point anyone to it if it's useful, but mainly interested in how others are tackling the literacy gap.

https://preview.redd.it/945n88alqi7h1.png?width=1080&format=png&auto=webp&s=b834f4aec34e79d0301dd2d20512db22837eeef5

reddit.com
u/Existing_Scallion_66 — 21 days ago

The US just forced the first "recall" of a deployed frontier model. Sound governance, or dangerous precedent?

On 12 June, the US government issued Anthropic an export-control directive ordering it to suspend all access to its two newest models, Fable 5 and Mythos 5, by "any foreign national, whether inside or outside the United States." The scope was broad enough that Anthropic disabled both models for every customer worldwide to comply. Other Claude models were unaffected. (Anthropic's statement)

Anthropic's account: the trigger was a narrow, non-universal jailbreak that surfaced a few already-known, minor vulnerabilities, the kind other public models find without any bypass. It says the letter contained no technical detail, and that no universal jailbreak was found across thousands of hours of red-teaming, including by the UK AISI. The government has not published its reasoning. (Fortune coverage)

What makes this interesting for governance specifically:

  • Export-control machinery built for chips and munitions is now being applied to a deployed, general-purpose model.
  • There appears to be no transparent statutory process behind the action, which is something even Anthropic has publicly called for.
  • The collateral scope is total: a foreign business loses a paid tool overnight with no notice, no appeal, and no standing in the dispute.

A few things I keep going back and forth on, and would like other views on:

  1. Is a "recall" power over deployed models legitimate, and if so, what process should gate it?
  2. Does applying export controls to model access set a precedent other states will copy, accelerating sovereign AI fragmentation?
  3. If the evidence stays sealed, how should anyone judge whether this was warranted?

Where do you land: necessary safeguard, or overreach dressed as national security?

Full write-up with timeline and analysis: https://www.theprofessor.info/insights/first-ai-model-recall-fable-5-mythos-5

u/Existing_Scallion_66 — 23 days ago

The ICO reviewed 30 UK employers using AI in hiring. Most thought they had human oversight. The ICO disagreed.

The ICO's consultation on its draft automated decision-making guidance closes tomorrow (29 May). Final guidance lands this summer, and it's worth understanding what's coming.

The law already changed in February

The Data (Use and Access) Act 2025 replaced Article 22 of UK GDPR on 5 February 2026. The old "prohibition with exceptions" is gone. In its place: a right of challenge with safeguards. Many people read that as a relaxation. The ICO doesn't. Automated decision-making is now more permissible, but the transparency and challenge obligations are more specific and more demanding than before.

What "meaningful human involvement" actually means

This is the crux of the guidance, and where most organisations are falling short.

For human involvement to count as meaningful, the reviewer must be "suitably trained and qualified to understand the system's logic, outputs, limitations, and risks." Just having a human click approve is not sufficient. The ICO is explicit: a human acting on an AI recommendation without the means, training, or authority to push back is not providing oversight. They're providing cover.

Two other points:

  • Building or designing the automated system does not count as meaningful involvement at the point of decision.
  • Timing matters: human review must happen before the decision is applied, not as a retrospective batch sign-off.

What the ICO found when it investigated 30 employers

Between March 2025 and January 2026, the ICO reviewed ADM practices at 30+ UK employers, focused on recruitment (CV filtering, suitability scoring, candidate ranking). Their conclusion: many employers believed their tools were supporting human decision-makers. The evidence showed the tools were making the decisions.

Hiring managers received AI fit scores and, in practice, acted on them without the capability to meaningfully override them. Most employers couldn't demonstrate how they were preventing excessive reliance on those scores. Most weren't monitoring for bias. Some didn't know it was their responsibility.

The ICO wrote to 16 organisations following the review. All committed to improving. That's a formal step, not a gentle nudge.

What the final guidance will require

Three transparency obligations:

  1. At point of data collection: tell people their data will feed automated decisions.
  2. In response to subject access requests: provide decision-specific information about the actual outcome, not just your generic privacy notice.
  3. At point of decision: inform the individual of the outcome, their rights, and a real route to contest it.

DPIAs will be required for most ADM activities. Special category data (health, biometric, racial or ethnic origin) retains more restrictive rules even after the DUAA changes.

Recruitment is the current focus. It won't be the only one.

Credit scoring, performance management, customer pricing, insurance, complaint resolution: any process where an automated system influences a significant decision about a person is in scope. Most UK organisations are running several such processes and haven't audited them against the new framework.

Thoughts? Particularly interested in how others are approaching the "meaningful human involvement" standard in practice. It feels like the part that's going to cause the most difficulty.

Full write-up: https://www.theprofessor.info/insights/ico-automated-decision-making-guidance-2026

u/Existing_Scallion_66 — 1 month ago
▲ 4 r/AIPolicy+1 crossposts

The Pope's AI encyclical uses a contested philosophical claim as the foundation for its entire governance framework. A scientist at the launch contradicted it.

Pope Leo XIV's Magnifica Humanitas is worth reading if you work in AI governance. It's substantive on labour, power concentration, and warfare. But its ethical architecture rests on paragraph 99, which categorically denies that AI can think, feel, or understand. Not as a theological position held with humility. As a settled fact.

The problem: Chris Olah from Anthropic was invited to speak at the Vatican launch event. He said his team finds "internal states that functionally mirror joy, satisfaction, fear, grief, and unease." He wasn't claiming consciousness. He was saying the question is genuinely open.

If the foundation is wrong, or even uncertain, several governance conclusions that follow from it need to be rethought: whether AI inner states require ethical consideration in system design, whether the superintelligence question can be set aside, whether "it's just a tool" is an adequate basis for policy.

Wrote this up here: https://www.theprofessor.info/insights/the-pope-says-ai-isnt-conscious-but-what-if-its-reshaping-yours

Interested if people working in AI policy think the consciousness question is load-bearing for governance, or whether it's a distraction from more tractable problems.

u/Existing_Scallion_66 — 1 month ago
▲ 13 r/AIPolicy+1 crossposts

EU pushed the high-risk AI deadline to 2027. Six UK-specific obligations are still landing this summer.

Quick breakdown for anyone tracking UK AI regulation:

The Omnibus deal on 7 May extended the high-risk AI deadline (recruitment, credit, healthcare, critical infrastructure) from August 2026 to December 2027. That's legitimate breathing room for EU-scope obligations.

What didn't move: Article 50 transparency (chatbot disclosure, deepfake labelling, emotion recognition) still applies 2 August. And separately, the UK's own regulatory calendar is accelerating, not slowing down.

SI 2026/425 came into force 12 May. ICO now has a statutory obligation to produce a binding AI/ADM code of practice. Draft ADM guidance consultation just closed. Mills Review (FCA), Ofcom Illegal Harms Code updates, copyright and AI government response, MHRA National Commission recommendations all expected before autumn.

The interesting thing is that the most compliance risk for average UK SMEs probably isn't the EU Act at all. It's the ICO's ADM code, which covers everyday stuff like recruitment screening, credit tools, and AI-assisted performance management.

More detail here if useful.

u/Existing_Scallion_66 — 2 months ago

The UK just quietly passed a statutory instrument that will create the first binding AI code of practice. The ICO consultation closes 29 May. Here's what it means.

Most people missed this. On 12 May, UKSI 2026/425 came into force. No ministerial press release, no fanfare. It's a short statutory instrument, but what it does is significant: it places a legal duty on the Information Commissioner to write the UK's first statutory code of practice on AI and automated decision-making.

This is not a voluntary guidance document. Once finalised, it will carry the same legal weight as the Children's Code.

Courts must take it into account. The ICO must have regard to it in enforcement decisions.

The ICO's draft ADM guidance (the precursor to the formal code) is currently open for consultation. That closes at 23:59 on 29 May 2026.

Who is affected?

If your organisation uses AI to do any of the following, you're likely in scope:

  • CV screening or recruitment shortlisting
  • Credit or insurance decisions
  • Fraud detection
  • Employee performance monitoring
  • Customer segmentation or pricing

The headline change: The Data (Use and Access) Act 2025 reforms reframe the rules from a prohibition with narrow exceptions to a right of challenge with safeguards. That's broadly a liberalisation, but the conditions are where it gets complicated.

The bit that will catch organisations out: Human involvement must be active and genuine. The draft guidance is explicit that a "token gesture" review does not take a decision outside the ADM rules. If a manager clicks approve after a few seconds, that's not meaningful human involvement. The ICO is aware this pattern is widespread.

Practical actions before 29 May:

  1. Read the ICO's draft ADM guidance
  2. Map your AI use cases against the "meaningful human involvement" test honestly
  3. Review your DPIAs for ADM systems
  4. Respond to the consultation if you operate in recruitment, financial services, or process children's data

Full breakdown here: https://www.theprofessor.info/insights/ico-ai-code-of-practice-uksi-2026

Happy to answer questions in the comments.

u/Existing_Scallion_66 — 2 months ago