European Regulators Sidelined as Anthropic Restricts Access to Powerful Mythos AI Model
Key Takeaways
- ▸Anthropic restricted Mythos access to 12 U.S. tech companies and 40 unnamed organizations, excluding most European regulators from testing and evaluation
- ▸European cyber agencies report minimal engagement, while the U.K. and U.S. government have had direct access and testing opportunities, creating a transatlantic divide
- ▸The lack of regulatory oversight over AI capability distribution raises concerns about the EU's authority and the need for global AI governance frameworks
Summary
Anthropic has severely limited access to its latest AI model, Mythos, which demonstrates exceptional capabilities in identifying and exploiting cybersecurity vulnerabilities—outperforming most humans in this domain. The company granted exclusive early access to 12 U.S.-headquartered tech giants including Apple, Microsoft, and Amazon, with an additional 40 unnamed organizations receiving access. However, European regulators have been largely excluded from this process, with only Germany's cybersecurity agency reporting meaningful engagement with Anthropic about the model.
The disparity in access has created a significant divide between the U.S. and Europe in addressing emerging AI risks. While the U.K.'s AI Security Institute was able to test Mythos and release findings, most continental European cyber agencies reported receiving only piecemeal information or no access at all. This exclusion underscores Europe's limited influence over American AI companies and raises critical questions about the EU's ability to enforce its AI Act and protect its citizens from emerging technological risks.
The situation has prompted alarm from prominent AI researchers and European officials, who argue that decisions about frontier AI capabilities should not rest solely with private companies. German cybersecurity official Claudia Plattner warned that the question of whether tools like Mythos will eventually reach the open market has "profound implications for national and European security and sovereignty." The episode highlights the absence of a global governance framework for managing AI risks.
- Leading AI researchers including Yoshua Bengio have called for government and third-party oversight rather than relying on companies to self-regulate high-risk AI technologies
Editorial Opinion
Anthropic's restricted release of Mythos reveals a troubling pattern where private companies, not governments, control access to transformative AI capabilities with significant security implications. While the company's caution about a cybersecurity-focused model is understandable, the stark exclusion of European regulators undermines the EU's regulatory authority and exposes the geopolitical stakes of AI development. This episode should serve as a wake-up call for establishing binding international protocols for frontier AI oversight, rather than allowing ad-hoc, company-driven access policies to determine which nations can assess and prepare for emerging risks.
