72 Hours, Triple Crisis: Anthropic's Soul Is Being Auctioned

Written by: Ada, Deep Tide TechFlow

Tuesday, February 24. Washington, Pentagon.

Anthropic CEO Dario Amodei sits across from Defense Secretary Pete Hegseth. According to multiple media outlets like NPR and CNN citing sources, the meeting was “polite,” but the content was anything but.

Hegseth delivered a final ultimatum: by 5:01 PM Friday, lift restrictions on Claude’s military use, allowing the Pentagon to deploy it for “all lawful purposes,” including autonomous weapon targeting and domestic mass surveillance.

Otherwise, cancel the $200 million contract. Invoke the Defense Production Act for compulsory requisition. List Anthropic as a “supply chain risk,” effectively placing it on a blacklist alongside hostile entities from Russia and China.

On the same day, Anthropic quietly released version 3.0 of its “Responsible Expansion Policy” (RSP 3.0), removing a core promise since the company’s founding: that they would not train more powerful models unless safety measures could be guaranteed.

Also on that day, Elon Musk posted on X: “Anthropic is mass stealing training data, that’s a fact.” Community notes on X added reports that Anthropic paid $1.5 billion in settlement for training Claude using pirated books.

Within 72 hours, this AI company, claiming to have a “soul,” played three roles simultaneously: safety martyr, intellectual property thief, and Pentagon traitor.

Which one is the real?

Maybe all of them.

Pentagon’s “Either Obey or Get Out”

The story’s first layer is simple.

Anthropic is the first AI company granted classified access by the U.S. Department of Defense. The contract was awarded last summer, with a cap of $200 million. Soon after, OpenAI, Google, and xAI also secured similar-sized contracts.

According to Al Jazeera, Claude was used in a U.S. military operation in January this year, reportedly involving the kidnapping of Venezuelan President Maduro.

But Anthropic drew two red lines: no support for fully autonomous weapon targeting, and no support for large-scale surveillance of U.S. citizens. They believe AI’s reliability is insufficient for weapon control, and currently, no laws or regulations govern AI in mass surveillance.

The Pentagon isn’t buying it.

White House AI advisor David Sacks publicly accused Anthropic last October on X of “weaponizing fear to capture regulation.”

Competitors have already bowed. OpenAI, Google, xAI all agreed to let the military use their AI for “all lawful scenarios.” Musk’s Grok just got approval to access classified systems this week.

Anthropic is the last standing.

As of this writing, Anthropic stated in a recent release that they have no intention to back down. But the Friday 5:01 deadline is looming.

An anonymous former DOJ and DOD liaison told CNN: “How can you simultaneously declare a company a ‘supply chain risk’ and force it to work for your military?”

Good question, but it’s not in the Pentagon’s consideration. They care only that if Anthropic doesn’t compromise, they will take coercive measures or discard it as Washington’s pariah.

“Distillation Attack”: A Face-Slapping Accusation

On February 23, Anthropic published a strongly worded blog accusing three Chinese AI companies of conducting an “industrial-scale distillation attack” on Claude.

The accused are DeepSeek, Moonshot AI, and MiniMax.

Anthropic claims these companies used over 24,000 fake accounts to initiate more than 16 million interactions with Claude, targeting its core reasoning, tool invocation, and programming capabilities.

They categorize this as a national security threat, asserting that distilled models “are unlikely to retain safety guardrails” and could be exploited by authoritarian governments for cyberattacks, disinformation, and mass surveillance.

The narrative is perfect, timing impeccable.

Just after the Trump administration eased export controls on Chinese chips, and as Anthropic sought ammunition for lobbying against chip export restrictions.

But Musk shot back: “Anthropic is mass stealing training data and paid billions in settlement. That’s a fact.”

Tory Green, co-founder of AI infrastructure firm IO.Net, said: “You train your model on the entire web’s data, then others learn from you via your public API—that’s called ‘distillation attack’?”

Anthropic calls it an “attack,” but in the AI industry, this is common practice. OpenAI used it to compress GPT-4, Google to optimize Gemini, and even Anthropic itself does it. The only difference now is, they’re being distilled themselves.

According to Erik Cambria, AI professor at Nanyang Technological University in Singapore, “The line between legitimate use and malicious exploitation is often blurry.”

Ironically, Anthropic paid $1.5 billion in settlement for training Claude on pirated books, yet now accuses others of using its public API to learn from it. This isn’t double standards; it’s triple standards.

Anthropic wanted to play the victim, but ended up as the accused.

The Dismantling of Safety Commitments: RSP 3.0

On the same day as its standoff with the Pentagon and public spat with Silicon Valley, Anthropic released version 3.0 of its Responsible Expansion Policy.

Anthropic Chief Scientist Jared Kaplan told media: “We believe stopping AI training doesn’t help anyone. In the face of rapid AI development, making unilateral commitments… while competitors push full speed ahead, is pointless.”

In other words, if others don’t play fair, neither will we.

Core to RSP 1.0 and 2.0 was a strict promise: if a model’s capabilities exceed safety measures, training would be paused. This promise earned Anthropic a unique reputation in AI safety circles.

But 3.0 drops that.

Instead, it introduces a more “flexible” framework, separating safety measures that Anthropic can implement from safety recommendations requiring industry-wide collaboration. They plan to release risk reports every 3-6 months, reviewed by external experts.

Sound responsible?

Chris Painter, an independent reviewer from nonprofit METR, said after reviewing early drafts: “This indicates that Anthropic believes it needs to enter a ‘triage mode’ because its methods for assessing and mitigating risks can’t keep pace with capability growth. This more likely reflects society’s unpreparedness for AI’s potentially catastrophic risks.”

According to TIME, Anthropic spent nearly a year internally debating this rewrite, with CEO Amodei and the board unanimously approving. Officially, the original policy aimed to foster industry consensus, but the industry never caught up. The Trump administration’s laissez-faire attitude and attempts to dismantle state regulations left federal AI legislation in limbo. Although a global governance framework seemed possible in 2023, three years on, that door is closed.

A long-time AI governance researcher anonymously said: “RSP is Anthropic’s most valuable brand asset. Removing the pause-to-train promise is like an organic food company secretly tearing off the ‘organic’ label from its packaging and claiming their testing is now more transparent.”

Valuation of $380 Billion and an Identity Crisis

In early February, Anthropic raised $300 million at a $380 billion valuation, with Amazon as a cornerstone investor. Since inception, it has achieved an annualized revenue of $14 billion. Over the past three years, that figure has grown more than tenfold annually.

Meanwhile, the Pentagon threatened to blacklist it. Musk publicly accused it of data theft. Its core safety commitments were removed. After CTO Mrinank Sharma resigned, he posted on X: “The world is in danger.”

Contradiction?

Perhaps contradiction is in Anthropic’s DNA.

Founded by ex-OpenAI executives worried about OpenAI’s rapid push on safety, they built a company to develop more powerful models faster, while telling the world how dangerous these models are.

Their business model: we fear AI more than anyone, so you should pay us to build it.

This narrative worked perfectly in 2023-2024. AI safety was a hot topic in Washington, and Anthropic was the top lobbying player.

By 2026, the tide turned.

“Woke AI” became a slur, state-level AI regulations faced resistance, and the California SB 53 bill supported by Anthropic was signed into law but met with little federal follow-up.

Anthropic’s safety brand is slipping from a “differentiation advantage” to a “political liability.”

It’s walking a tightrope: needing to appear “safe” enough to maintain its brand, yet “flexible” enough to avoid market and government abandonment. But both tolerances are shrinking.

How Much Is the Safety Narrative Worth?

Stacking these three points reveals the picture clearly.

Accusing Chinese companies of distilling Claude is to bolster the narrative for chip export controls. Dropping safety pause commitments to stay competitive. Refusing Pentagon’s autonomous weapon demands to preserve a moral high ground.

Each step makes sense individually, but they conflict with each other.

You can’t claim Chinese companies’ distillation endangers national security and simultaneously remove your own safety promises. If models are truly so dangerous, you should be more cautious, not more aggressive.

Unless you’re Anthropic.

In the AI industry, identity isn’t defined by your statements but by your balance sheet. Anthropic’s “safety” narrative is essentially a brand premium.

In the early AI arms race, that premium was valuable. Investors paid higher valuations for “responsible AI,” governments greenlit “trustworthy AI,” and customers paid for “safer AI.”

But by 2026, that premium is evaporating.

Anthropic now faces not a question of “whether to compromise,” but “who to compromise with first.” Compromise with the Pentagon damages its brand. Compromise with competitors nullifies safety promises. Compromise with investors means losing on both fronts.

By Friday at 5:01 PM, Anthropic will deliver its answer.

But one thing is certain: the Anthropic that once thrived on “we’re different from OpenAI” is becoming just like everyone else.

The end of an identity crisis is often the disappearance of identity itself.