Last Friday, Anthropic disabled access to its two most capable models, Fable 5 and Mythos 5, following a US export-control directive restricting access for foreign nationals.
To be fair on the conduct, Anthropic has been open about what happened, has said it disagrees with the restriction, and is working to get access restored. The US Government acted within its legal authority. I'm not interested in arguing the politics of it, and for the point I want to make, the politics don't much matter.
What interests me is what the episode exposes.
This isn't an AI story. It's a dependency story.
For years, we've all become comfortable buying capability as a service. Cloud, software, models, infrastructure. It arrives faster and cheaper than building it yourself, and most of the time, that trade is a good one.
The part we tend to skip over is that someone else owns the off switch. Most of the time, that doesn't matter. Until the day it does.
The decision to pull those models wasn't taken by the customers relying on them. It wasn't taken by their leadership teams, or by the people using the systems for research, analysis or live operations.
It was taken somewhere else entirely. And within hours, the access was gone. That's the whole lesson, and it isn't new.
I've spent most of my career in operations, across security and defence, and I've watched versions of this play out many times. A supplier pulls support. A platform quietly changes its terms. An outage takes a service down. A geopolitical decision redraws who can buy what. The pattern is always the same.
Critical dependencies stay invisible while everything works, and become visible the moment something changes. The organisations that get hurt most are usually the ones that assumed continuity was a given.
When AI Becomes Operational Infrastructure
For many organisations, AI has moved well beyond the pilot stage.
It now sits inside real workflows: research, software development, intelligence processing, operational planning and decision support. Once a capability starts shaping decisions and outcomes, access stops being a technical detail and becomes an operational one. That forces some practical questions that are easy to ignore while the tap is still running.
What's the fallback? How quickly can we stand up an alternative? What exactly are we dependent on? Who actually controls access? These are resilience questions before they're technology questions.
Control Matters More Than Capability
Most of the AI conversation is about capability. Which model is smartest. Which benchmark is the highest? Which release is the newest? They're fair questions.
But in defence, government and other regulated sectors, there's usually a more important one: Who controls the system?
The most capable model in the world is small comfort if its availability can change overnight for reasons you have no influence over. None of this is an argument against working with international providers. Global competition is a big part of why these technologies have advanced so rapidly.
It is, however, an argument for building in optionality, flexibility and continuity rather than resting everything on a single point of failure.
This is part of why we've taken the approach we have at Whitespace.
We started from the assumption that organisations doing serious work need control, flexibility and genuine choice about where their systems run. That means deploying across cloud, edge, on-premise or fully disconnected environments, retaining control of data, and avoiding dependency on any single model provider. For a growing number of the organisations we work with, that is becoming an operational requirement rather than a technical preference.
Ultimately, sovereignty is not just about where technology is built. It's about maintaining operational control when circumstances change.
The events of last week are a useful reminder that capability and control are not the same thing.
Build For The Day The Tap Gets Turned Off
The takeaway from last week's events isn't that anyone should panic. And it certainly isn't that governments should isolate themselves from global technology ecosystems.
It's simpler than that.
Understand your critical dependencies before they become critical problems.
The more deeply AI becomes embedded in how organisations operate, the more important it becomes to ask difficult questions about access, continuity and control. Not when a restriction is announced. Not when a service becomes unavailable. Before.
Restrictions won't happen every day. But somewhere, to someone, they will. The organisations that have already thought it through will be in a very different position from those that assumed it would never be them.
Dependency is comfortable, right up until it isn't.
Written by Dan Astbury, Chief Operating Officer at Whitespace
Apply now for your limited 30-day free trial of Collective and experience the benefits today!
