On June 12, 2026, the US government proved something that most AI developers had assumed was theoretical: a government can pull a globally deployed frontier AI model offline in a matter of hours. The export control directive against Anthropic's Fable 5 — five days ago as of this writing — is the most dramatic demonstration yet of government power over commercial AI. But it is not the first.
Italy blocked DeepSeek within 30 days of its launch. Germany followed. China has never allowed ChatGPT. Brazil suspended Meta's AI data processing in 2024. The EU's AI Act prohibits entire categories of AI capability for any provider anywhere in the world that serves EU users.
Governments have more tools to ban AI models than most people in the industry fully appreciate — and they are actively using them. Here is the full legal landscape.
Five Legal Tools Governments Use to Ban AI
1. Export Control Law (The Fable 5 Approach)
The most powerful tool available to the US government — and the one used against Fable 5 — is export control law. The legal authority sits in the Export Administration Regulations (EAR), administered by the Commerce Department's Bureau of Industry and Security (BIS).
Export controls have historically applied to physical goods (weapons, chips) and software (encryption). The Fable 5 case extended this to a deployed commercial AI service — not the model weights themselves, but the act of serving the model to users.
The legal mechanism: national security authorities within the EAR allow the Commerce Department to restrict US companies from providing services to foreign nationals when national security is implicated. The directive ordered Anthropic to deny access to any foreign national — inside or outside the United States. Because Anthropic cannot verify nationality at user scale in real time, the only compliant path was to disable the models for everyone.
Speed: Hours. The directive was received at 5:21pm ET on June 12; both models were offline within hours.
Scope: Global, for any US-based company. Cannot easily reach non-US companies (Chinese AI labs, for example).
Challenge: Unprecedentedly applied to a commercial AI service. The legal basis is being contested by Anthropic in ongoing litigation.
2. Data Protection Orders (The Italy/GDPR Approach)
The EU's General Data Protection Regulation gives national data protection authorities — called Data Protection Authorities (DPAs) — the power to order companies to stop processing data in their jurisdictions if they cannot demonstrate GDPR compliance.
Italy's Garante (the national DPA) used this power twice with AI:
- ChatGPT, March 2023: Italy became the first Western country to block ChatGPT, citing the lack of a legal basis for mass data collection and the inability to verify users' ages. OpenAI implemented age verification and privacy transparency measures within three weeks and the block was lifted.
- DeepSeek, January 2025: The Garante blocked DeepSeek's chatbot and app store presence after the company refused to cooperate with a regulatory inquiry about its privacy practices — specifically where user data was stored (it was stored in China).
Germany followed with its own DeepSeek app store removal, as did a widening set of EU member states. France, the Netherlands, South Korea, and Taiwan all opened investigations.
Speed: Days to weeks for the order; enforcement depends on company cooperation and technical blocking.
Scope: Limited to the ordering jurisdiction, but can cascade across EU member states through GDPR's "one-stop shop" mechanism.
Challenge: Works mainly against companies that operate in the EU and have assets there. A company willing to exit a market cannot be compelled.
3. App Store Directives
Governments do not always go directly to the AI company. They go to Apple and Google.
Both companies operate global app stores that are effectively the distribution monopoly for mobile software. When a government orders removal of an app from its territory's app stores, that model becomes inaccessible to the overwhelming majority of mobile users — without any action required from the AI company itself.
DeepSeek was removed from Italian and German app stores through this mechanism. It is also how China controls what software its citizens can access: the Chinese version of the App Store (operated by a local Apple subsidiary) contains a different catalogue than the global version.
App store directives can be issued quickly, enforced reliably (Apple and Google comply with legally compliant domestic orders), and targeted geographically. They do not require the AI company to cooperate.
Speed: Days.
Scope: Mobile users in the relevant jurisdiction. Does not affect web access or API access.
Challenge: Users who already have the app installed can continue using it; the web version typically remains accessible. And API access for developers is unaffected.
4. National Security Firewalls (The China Approach)
China's approach to AI regulation is the most comprehensive: a national firewall that blocks access to foreign AI services at the ISP level, combined with mandatory licensing for domestic AI providers.
ChatGPT has never been available in China via any legitimate channel since its November 2022 launch. The same applies to virtually every major Western AI service — Claude, Gemini, Copilot, Perplexity. Access requires a VPN, which is technically illegal for most purposes in China.
The Chinese government justifies this on three grounds:
- Information control: Western AI models may surface information the government considers harmful or politically sensitive
- Digital sovereignty: Reliance on foreign AI creates a strategic dependency that national security requires avoiding
- Domestic industry protection: Chinese AI companies (Baidu Ernie, Zhipu GLM, DeepSeek, Moonshot Kimi) benefit from the absence of foreign competition
The firewall approach is blunt but effective in a jurisdiction with centralized internet infrastructure. Countries with more decentralized internet infrastructure cannot replicate it easily.
Speed: Can be implemented rapidly for jurisdictions with centralized ISP control.
Scope: Total for that jurisdiction's internet users, assuming no VPN access.
Challenge: VPN usage provides a workaround; enforcement against VPN use is imperfect. API access for developers may require different enforcement mechanisms.
5. EU AI Act Prohibited Practices
The EU AI Act — which entered force on August 1, 2024, with prohibited practices applying since February 2025 — takes a different approach from all of the above. It does not ban specific models; it bans specific uses of AI, regardless of what model performs them.
The "unacceptable risk" category of practices is now prohibited entirely across the EU, for any provider serving EU users:
- Social scoring systems: AI that evaluates citizens' social behavior to determine their access to services or opportunities (the primary target: Chinese-style social credit systems)
- Real-time biometric surveillance in public spaces: Live facial recognition by law enforcement, with narrow exceptions (terrorism, missing children)
- Subliminal manipulation: AI that influences behavior through techniques people are not aware of, exploiting psychological vulnerabilities
- Emotion recognition in workplaces and schools: Systematic inference of emotional states from biometric data
- AI systems that exploit vulnerabilities: Age, disability, social circumstances
A provider that cannot demonstrate their model does not perform these functions for EU users faces fines of up to €35 million or 7% of global annual revenue — whichever is higher. This is not a theoretical threat; enforcement is ramping up as High-Risk obligations come into effect in August 2026.
Speed: Years of legislative process; enforcement timelines variable.
Scope: Global reach for any company serving EU users, but enforcement requires presence in the EU.
Challenge: Applies to uses, not models — a clever model provider can argue their model does not perform prohibited uses, even if it is capable of them. The distinction between capability and use is legally contested.
The Fable 5 Case: A New Category
The Fable 5 ban fits none of the existing categories cleanly — which is why it is legally unprecedented.
It is not a data protection order (no GDPR basis was cited). It is not an app store directive (the directive targeted the underlying service, not app distribution). It is not a firewall (it targeted Anthropic, a US company, not a foreign one). It is not an EU AI Act prohibited practice (the US government is not the EU).
It is export control applied to a live commercial AI service — a category that has never existed before. The BIS has published rules on AI chip exports and model weight exports, but the Fable 5 directive targets something different: the act of serving a model to users via API.
Anthropic's own public statement frames what makes this unprecedented: if a narrow jailbreak — one present in all deployed frontier models — is sufficient grounds to recall a commercial AI service, then no frontier model can be legally deployed. The standard, if applied consistently, would effectively end the commercial AI industry.
That is why this is not just a story about Fable 5. It is about the legal framework that will govern every future frontier model release.
The Double Standard Problem
The hardest question in the Fable 5 story is also the most politically inconvenient one: if GPT-5.6 can perform the same task that the government cited as Fable 5's jailbreak, why is GPT-5.6 not also offline?
Anthropic stated explicitly in its public communications that the vulnerability cited by the government — asking the model to read a codebase and identify software vulnerabilities — is "widely available from other models (including OpenAI's GPT-5.5), and is used every day by the defenders who keep systems safe."
The US government has not publicly engaged with this argument. GPT-5.5 and GPT-5.6 remain available. OpenAI has a commercial contract with the Pentagon. Anthropic is in active litigation with the Pentagon over a collapsed contract.
The double standard is not a legal argument — courts will decide the merits on export control law, not competitive fairness. But it is the central political fact of the ban, and it is the reason analysts from across the political spectrum have questioned whether national security is the real driver.
What Happens to Open-Source Models?
One crucial dimension the Fable 5 case does not address: open-source AI models are effectively unbanned by default.
Once model weights are published openly — as Kimi K2.7-Code, GLM-5.2, and many other models have been in 2026 — they can be downloaded and run locally by anyone with sufficient hardware. No export control, data protection order, app store directive, or firewall can reach weights that are already distributed across thousands of servers globally.
This creates an asymmetric regulatory landscape:
- Closed commercial models (Claude, GPT, Gemini) are regulable because they are centrally served by identifiable companies
- Open-source models (LLaMA, Mistral, GLM, Kimi) are effectively unregulable once released, because the weights are already distributed
The Chinese AI response to the Fable 5 ban illustrates this dynamic perfectly. Within 24 hours of Fable 5 going offline, GLM-5.2 topped reasoning benchmarks and Kimi K2.7-Code was open-sourced under a permissive license. Developers who needed frontier capability had open-source alternatives that no government directive can reach.
This is not an accident. It is the structural reality of open-source AI — and it is why regulators who want meaningful control over frontier AI capability will eventually have to grapple with the open-source question directly.
The US Government and GPT-5.6: Should You Worry?
The question the Fable 5 ban raises for GPT-5.6's imminent launch is obvious: could the same thing happen to OpenAI?
The short answer: the risk is lower, for reasons that are partly technical and partly political.
Political factors: OpenAI has a commercial contract with the Pentagon. Anthropic refused military use of Claude for lethal autonomous warfare and mass surveillance; OpenAI did not impose these restrictions. The Trump administration has demonstrated institutional hostility toward Anthropic specifically — Defense Secretary Pete Hegseth publicly celebrated Anthropic's removal from DoD facilities. OpenAI occupies a different political position.
Technical factors: If the government's real concern is the specific jailbreak capability — reading codebases to identify exploitable vulnerabilities — the question is whether GPT-5.6 has this capability. Based on available evidence, it does. Anthropic has stated the capability is present in GPT-5.5. If the government applies the same standard consistently, GPT-5.6 should face the same concern. If it does not apply the same standard, the ban on Fable 5 is politically rather than technically motivated.
The precedent factor: The Fable 5 ban establishes that the US government can suspend a commercial AI service using export control authority. That legal precedent now exists regardless of which company it was used against first. A future administration with different political relationships could use the same authority against any AI provider, including OpenAI.
For GPT-5.6 specifically: the launch will likely proceed without government interference. OpenAI has managed its government relationships more carefully than Anthropic has, and the administration does not have the same adversarial history with OpenAI that it has with Anthropic. But every frontier AI company now knows this tool exists, was used, and worked.
The Global Regulatory Map in 2026
| Country/Region | Approach | Current Status |
|---|---|---|
| United States | Export controls + national security authority | Fable 5/Mythos 5 suspended; all other models available |
| European Union | GDPR (DPA orders) + EU AI Act | DeepSeek blocked in Italy, Germany; prohibited practices enforced from Feb 2025 |
| China | National firewall + domestic AI licensing | ChatGPT, Claude, Gemini, Copilot all blocked |
| United Kingdom | AI Safety Institute assessments + sector regulators | No bans; evaluation-focused approach |
| Italy | GDPR (Garante) | DeepSeek blocked; ChatGPT previously blocked (now restored) |
| Germany | GDPR + app store enforcement | DeepSeek app store removal |
| Russia | National security + content laws | ChatGPT, Claude banned |
| North Korea / Iran | Blanket technology sanctions | All Western AI blocked |
| Australia | Privacy Act reviews | DeepSeek under investigation; no formal ban |
| South Korea | Personal Information Protection Act | DeepSeek under investigation; public sector ban announced |
What This Means for Developers and Enterprises
If the Fable 5 ban revealed one structural vulnerability in how AI is deployed in production, it is this: hard-coding a single model creates concentration risk that governments can trigger overnight.
The practical implications:
Build model fallback logic. Any production pipeline that fails when a single model API returns errors is not resilient. The Fable 5 suspension should be a forcing function for building model-agnostic abstraction layers with configurable fallback chains.
Track political risk alongside technical performance. Model selection used to be a technical decision: capability, latency, cost. It is now also a political risk decision. A model with extraordinary capabilities but adversarial relationships with the government that has jurisdiction over its provider carries a tail risk that standard benchmarks do not capture.
Monitor open-source alternatives actively. The GLM-5.2 and Kimi K2.7-Code releases during the Fable 5 ban are a preview of how the market responds to access disruption. Open-source models are not as easy to integrate as commercial APIs, but they carry no government-suspension risk because there is no central server to turn off.
Understand which jurisdiction your provider sits in. A US-based company (Anthropic, OpenAI, Google) is reachable by US government authority. A Chinese-based company (Zhipu, Moonshot, DeepSeek) is reachable by Chinese government authority but not easily by US authority. An open-source model is not reachable by either — once released, it is out of reach.
The Harder Question: Should Governments Have This Power?
This is where the policy debate gets genuinely difficult.
The case for government authority to suspend AI models: if frontier models can generate biological weapon synthesis routes, enable mass cyberattacks, or otherwise cause catastrophic harm, the argument for some form of government veto power is serious. Anthropic's own Dario Amodei published an essay arguing for exactly this power — the ability of governments to block frontier model deployments that fail independent safety testing — one day before it was used against him.
The case against the specific way it was used here: the Fable 5 ban had no written technical disclosure, no formal process, no published threshold, and was applied asymmetrically against a company the government was already in litigation with. A narrow jailbreak that also exists in competing models was cited as grounds to recall a commercially deployed service affecting millions of users worldwide.
Even people who support the principle of government AI oversight have noted that this specific action was a poor implementation of it: opaque, rushed, technically unsupported, and applied without the process that makes regulatory authority legitimate.
Anthropic itself has called for oversight that is "transparent, fair, clear, and grounded in technical facts." This action was none of those four things.
The precedent that matters most is not whether governments can ban AI. Clearly they can, and in some circumstances they should. The precedent that matters is: what process governs when they do? Right now, the answer in the US is: whatever national security authority the Commerce Department decides to invoke, with no published standard, no technical review board, and no advance disclosure.
That is the question the Fable 5 ban has put on the table — and it will not be answered by the litigation or the negotiations alone. It will be answered by whether Congress, the courts, and the international community force the executive branch to define its standards publicly, before the next ban.
FAQ
Can the US government ban an AI model?
Yes. The Fable 5 ban proved it. The legal authority is national security powers under the Export Administration Regulations. Speed: hours.
Which countries have banned AI tools?
China has blocked all major Western AI since each launched. Italy and Germany have blocked DeepSeek under GDPR. Russia has banned ChatGPT and Claude. The US has now suspended Fable 5 under export controls.
Can governments ban open-source AI models?
Not effectively. Once weights are released, they can be downloaded and run locally. Governments can ban the companies that serve them, but not the weights themselves once distributed.
Will GPT-5.6 be banned?
There is no indication that the US government will take action against GPT-5.6. OpenAI's political positioning with the current administration is substantially better than Anthropic's, and the administration has not signaled concern about OpenAI's models.
Is the Fable 5 ban legal?
Anthropic is challenging it in litigation. The export control authority invoked is broad, but applying it to a deployed commercial AI service is novel. Courts will decide.
See also: Why Did the US Government Ban Fable 5? | When Will Fable 5 Be Available Again? | GPT-5.6 vs Claude Fable 5: Benchmark Comparison