Encryption, Spyware, and Now Mythos: History Shows Why Cyber ​​Export Control Doesn’t Work

Last Friday, citing unspecified national security concerns, the White House Anthropic order To restrict the export of powerful AI models Fable and Mythos to anyone outside the United States, as well as foreign nationals within the country. Soon after, the AI ​​giant hastily pulled the plug on both models, which have now been unavailable to anyone for a week.

This incident represents the first real test of the extent to which the US government can use export controls to contain borderline AI the way it has tried, with very mixed results, to contain encryption and spyware before it. As exciting as it may seem, how this standoff is resolved could shape not only Anthropic’s access to foreign markets, but also the rulebook on which other AI labs will have to build.

Some context first. Since I launched Anthropic Mythos in AprilThe company marketed it as… A kind of internet doomsday machine Which can wreak havoc on the internet if spread too widely – which is why, before the ban, Only about 150 companies and government organizations were examined It was absolutely accessible. The goal was to help the Defenders secure their software and services before bad guys could access Mythos-like capabilities.

So what led to the ban? Reportedly two subsequent events occurred. The first: Anthropic gave a South Korean telecommunications company access to Mythos through its limited partner program, and US officials became concerned after identifying the company as one they suspected of having ties to China. (company, It has been widely reported Being SK Communications, it has to reject Any connection to China.) Amazon CEO Andy Jassy also reportedly said Management has been alerted He said after Amazon researchers found a way around Fable 5’s safeguards. Anthropic disputes the “jailbreak” label, calling it a narrow issue that has already been rectified and not a blanket defeat of the model’s safety measures.

The result was the same: The Commerce Department issued an export control directive, and Anthropic had to rush to immediately restrict access to its products within about 90 minutes of being notified, by some accounts.

But none of this is new. Governments have tried to use export controls to limit the spread of what they consider dangerous cyber technology for decades, but their record has been average at best.

The US government was behind what may be the most dramatic failure in history of this approach in the early to mid-1990s. At the time, computer scientists were developing encryption techniques to secure data as it traveled over the Internet. One such encryption product was called Pretty Good Privacy, or PGP, a popular piece of software that can encrypt data and make it practically impossible to decrypt even if it is intercepted in transit to the intended recipient over the Internet.

The US government initially viewed PGP as a dangerous weapon, fearing it would prevent its intelligence agencies from snooping on emails as they crossed their wires. To stop distribution of PGP, US Customs Service Open a criminal investigation against PGP creator Phil Zimmerman for allegedly violating arms export controls. He fought back by publishing the PGP source code As a printed bookWhich ignited what is known today as the “cryptocurrency wars.”

Zimmerman later won a key battle when the investigation was closed, paving the way for end-to-end encryption algorithms like those used by billions of Signal and WhatsApp users.

Later during the early 2010s, researchers began to discover Western-made spyware being used against dissidents in the Middle East. In response, several governments agreed to the expansion Wassenaar packagean international treaty that limits the export of dual-use software and technologies used in civilian and military applications.

The idea was to classify surveillance and hacking software as dual-use, thus forcing spyware makers to obtain export licenses to sell their products abroad.

But Wassenaar has always had two inherent weaknesses. There are several countries that do not adhere to the agreement, including Israel, which is home to some of the world’s most active spyware makers.

The agreement also depends on which countries apply it to companies within their borders at their own discretion. For some time, the Italian government has allowed one of the country’s largest spyware makers, Hacking Team, a license to export its tools worldwide, despite the company’s record of selling spyware to businesses. Oppressive Governments Which Use it To hack journalists and human rights activists.

since then, last countries In Europe, Italy has been lenient with spyware makers. Despite numerous scandals, Europe is home to Many makers of spyware and hacking toolshe has It has consistently failed to limit the export of spyware for authoritarian regimes. Critics say recently renewed efforts across the 27-member bloc to address its growing problem of spyware exports to authoritarian states “go no further.”

Many spyware makers, such as Intellexa, a sanctioned consortium of spyware companies, have simply moved their operations to countries with lax export controls. Other spyware makers have sought to move their operations to Saudi Arabia for similar reasons.

There have been some victories. Germany-based spyware maker FinFisher It will close in 2022 After a several-year investigation conducted by German prosecutors into the company Allegedly selling spyware To Türkiye without an export license. Investigators previously found that FinFisher spyware existed spread on phones A critic of the Turkish government.

At the time of writing, the impasse between the Anthropic administration and Trump remains. There is a reasonable possibility that the administration will commit and lift restrictions in the interest of keeping American AI companies competitive around the world — a move that would amount to a tacit admission that AI labs elsewhere, including China, are likely to reach similar capabilities regardless of what the United States restricts. Or American AI companies could end up needing government approval before offering service to foreign clients at all, a compliance burden that would invariably affect their bottom line.

Given the world’s governments’ past experience trying to control the reach of software, government-imposed export controls are unlikely to be the right approach to preventing malicious actors from abusing powerful dual-use cyber technologies.