Anthropic's (first) day in court against Trump 2.0, and the Judge has some difficult questions for Secretary of War Pete Hegseth to answer...

As Anthropic and the US Government get into the courtroom today i (first of many?), the United States District Court of the Northern District of California has provided some insight into what the Department of War is going to have to do to justify its actions against the AI tech provider.

The story so far - Anthropic was the only provider of AI tech that was mandated to have good enough security to be used on the most sensitive systems in the Pentagon. But the firm aired two ethical objections - firstly, its tech should never be used for mass domestic surveillance of US citizens; secondly, AI shouldn’t be allowed to act by itself when it comes to making battlefield decisions and metaphorically pressing any big red buttons.

This was all in the contract signed by the US Government, but last month the Department of War decided this wasn’t good enough and demanded Anthropic let it do whatever it wanted with the tech, with no built-in ethical constraints, or else! 

The vendor stood its ground, although indicating publicly that it was ready to try to reach a workable compromise, but would not cast aside its ethical red lines. So on 27 February, Secretary for War Pete Hegseth posted on social media that:

Effective immediately, no contractor, supplier, or partner that does business with the United States military may conduct any commercial activity with Anthropic. This decision is final.

He would later, on 3 March, announce that Anthropic, until then the only AI provider trusted at the highest levels of the services, was now to be considered “a supply chain risk” to the nation.

Having eventually been served official notification rather than policy-by-X, Anthropic decided to legal up. Today’s court hearing centers on a request for a preliminary injunction to guarantee the firm can continue doing business with Federal Government contractors and agencies, without which, it says, it risks losing bilions of dollars of business.

Anthropic’s wider claim that while the Department is within its rights to cancel a direct contract with any supplier, it has not acted properly or legally in terms of the actions taken by Hegseth, and endorsed by President Donald Trump, which include giving the whole of the US Federal Government six months notice to kick Anthropic out as well as banning any government contractor from using its tech.

Questions incoming 

There are certainly some areas of considerable uncertainty unaddressed following Hegseth’s online pronouncements. For example, as a pre-hearing court filing from US District Judge Rita Lin noted yesterday:

Under the Hegseth Directive, a law firm that gave advice to the Department of War would have to stop using Claude in unrelated matters for other clients. That would not be required by the supply chain risk designation.

Hegseth’s actions are likely to come under close scrutiny by the Court, which has warned it wants answers to several questions:

Is the Hegseth Directive an accurate statement of the Department's immediate intended course of action? Do Defendants [US Government] agree that Secretary Hegseth lacked authority to enter a directive of this breadth under Section 3252 or any other statute? If Defendants concede that the Hegseth Directive has no legal effect, how does Anthropic still face irreparable harm from it? What, if any, legal authority supports that view?

The court filing goes on to note that US law does provide that Secretary Hegseth could designate Anthropic as a supply chain risk, but only after providing notice to various Congressional committee and would require the notice to contain "a discussion of less intrusive measures that were considered and why they were not reasonably available to reduce supply chain risk." Did this happen, asks the Court or: 

Do Defendants concede that Secretary Hegseth's letters to the congressional committees did not contain a discussion of those required topics?

The Department of War is also called upon to explain in more detail just how far ranging it thinks its ban on using Anthropic will extend:

Everyone agrees that the Department would be free to terminate any direct contract with Anthropic. However, Defendants contend that this would be insufficient to mitigate the risk, because the Department also needs to prohibit the use of Claude in its national security systems in situations where Anthropic is a sub-contractor.

Does designating Anthropic as a supply chain risk sweep more broadly than that, though? For example, if a contractor for the Department uses Claude Code as a tool to write software for the Department's national security systems, would that contractor face termination as a result?

The big ethics question

And, perhaps most pertinently to the wider debate around the ethics and use of AI tech in combat scenarios, the filing notes that the term "supply chain risk" means "the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert" the operation of the Department’of War’s national security systems.

That descriptor would usually be applied to terrorists or foreign hostiles, states the filing. That being so, what exactly is the US Government’s beef with Anthropic, which has merely aired its wishes around two general areas of usage - mass domestic surveillance and autonomous engagement with launching missiles and the like? The court document asks:

Do Defendants agree that usage restrictions that are publicly announced or directly communicated to the Department do not themselves constitute acts of "sabotag[ing], maliciously introduc[ing] unwanted function, or otherwise subvert[ing]" an IT system? What evidence in the record shows that Anthropic had ongoing access to or control over Claude after delivering it to the government, such that Anthropic could engage in such acts of sabotage or subversion?

It adds:

Presumably most IT vendors could, if they wanted to, update their systems or bury unwanted functions in their software without detection. Is it Defendants' view that Section 3252 allows the Department to designate an IT vendor a supply chain risk on the sole basis that the vendor acted stubbornly or refused to agree to contracting terms, causing the Department to question its trustworthiness?

My take

The first of what will inevitably be many, many days in court before this is cleared up - if it ever actually is. All rise for Judge Linn! 

Meanwhile the US Government is moving on regardless.

OpenAI’s Sam Altman was quick to move in to fill the ethics-shaped void left by his Anthropic counterpart by signing his firm up within hours of the crisis kicking off. Now it seems, according to a leaked 9 March memo from Deputy Secretary of Defense Steve Feinberg, Palantir’s Maven command-and-control AI platform will become an official program of record for the Pentagon.

It’s also being reported in the US that the Trump 2.0 Administration is overhauling procurment contract language to prevent future occurances of vendors airing their consciences, designating systems will be able to be used “for any lawful government purpose”.

But today, it’s time for court.

More to come...much, much more...