Access to AI: Towards Enhanced Control via Passport?

Access to AI: Towards Enhanced Control by Passport?

TL;DR

The agreement between Anthropic and Washington opens a new chapter: the United States is beginning to intervene directly in the access conditions for the most advanced AI models.

• Cutting-edge models may soon be subject to authorizations, similar to KYC banking practices or the authorization levels used in defense.
• Hyperscalers are on the front lines: Microsoft, Amazon, and Google already have the identity and control infrastructures that could become gateways to these models.
• AI models are evolving towards the status of critical infrastructures, with governance akin to that of dual-use technologies.
• A new market could emerge around AI Identity & Access Management, at the intersection of cloud, cybersecurity, and compliance.
• Labs will need to design models "regulation by design," meeting regulatory requirements from the outset.
• The next battle in AI may focus less on the power of the models and more on controlling their distribution and access.

Artificial intelligence is typically analyzed through the lens of model power, the colossal investments they require, or competition among labs. However, another shift may be quietly taking place, one that is potentially more structural: the control of access to the models themselves.

The agreement recently reached between Anthropic and the Trump administration sets a precedent in this regard. After two weeks of tensions, during which Europe and Silicon Valley discovered a new sovereignty issue, the U.S. Department of Commerce authorized the gradual restoration of access to the Mythos 5 model for some of the company's clients. In return, Anthropic committed to strengthening the safeguards of its models and to working with Washington on protocols governing future generations of artificial intelligence.

While this episode can be seen as a simple compromise, it actually reveals a much more significant evolution: the governance of cutting-edge models is no longer solely a matter for labs and is gradually becoming an issue of industrial policy, national security, and de facto technological sovereignty.

The Anthropic Case Marks the End of an Era

Thus, this new agreement would allow Mythos 5 to be gradually reintroduced to a portion of authorized clients, while negotiations continue regarding Fable 5. In a letter addressed to Anthropic, Secretary of Commerce Howard Lutnick reportedly indicated that the company has committed to working with the U.S. government on protocols applicable to future models.

Until now, the release of a new model was almost exclusively the domain of internal lab teams: research, security, red teaming, alignment, and then commercialization. Now, the U.S. administration intends to participate upstream in this process.

This precedent goes far beyond Anthropic. OpenAI has announced that GPT-5.6 Sol will initially be reserved for a limited number of organizations approved by the U.S. government. Meta is invited to voluntarily submit its models for federal evaluations, while Google, Microsoft, xAI, and Anthropic are already participating in the work of the Center for AI Standards and Innovation, tasked with evaluating the most advanced models.

For several months, lab leaders, cloud managers, cybersecurity specialists, and representatives of the U.S. administration have been informally discussing the need to more strictly regulate access to cutting-edge models. These discussions, previously largely invisible, are now notable, with the Anthropic case providing the first concrete example, centering on the crucial question of who can access their models, particularly the most advanced ones.

Towards an AI "KYC"

The idea is not revolutionary and already exists in other industries. Banks apply Know Your Customer (KYC) procedures to identify their clients, cloud providers rely on sophisticated identity and access management systems, and the defense sector has long operated with levels of clearance.

Artificial intelligence could also adopt these mechanisms. Thus, access to the most powerful models would no longer be universal, and depending on the risk level associated with a model, the user might need to justify their identity, organization, country of origin, activity, and sometimes even the purpose of their project.

• A model specialized in offensive cybersecurity, computational biology, or autonomous agents might require more or less strict authorization depending on regulations.

The principle would not be to prohibit models but to create multiple levels of access, comparable to the clearance levels already used in administrations or critical infrastructures.

A practical aspect, but not the least, is that this evolution does not require any technological break; the infrastructures already exist. For example, Microsoft operates Azure Government, Azure Secret, and Microsoft Entra to manage identities and access in sensitive environments, Amazon has GovCloud, Secret Region, and its entire suite of IAM services, and Google offers Cloud Identity and Assured Workloads for regulated environments.

In other words, the technical building blocks necessary are already operational, and it would only be a matter of applying them directly to artificial intelligence models.

The distribution cycle of a model would gradually evolve from a "release first" model to a "clearance first" logic, a change that labs and AI stakeholders would need to adapt to.

A New Layer of Control is Emerging

This evolution would profoundly alter the power dynamics in the industry. While labs will remain masters of their models, hyperscalers could become the true gatekeepers of their distribution.

Microsoft, Amazon, and Google, which already control user identification, authorization management, audit logs, sovereign environments, and certified infrastructures for administrations or defense, could be called upon to perform this control.

This logic is gradually bringing cutting-edge models closer to the regime of dual-use technologies. They cease to be mere software and become critical infrastructures, akin to certain space, nuclear, or military capabilities.

Large companies will likely need to integrate a new governance structure for access to models, where IT departments will have to manage specific authorizations, log usage, audit interactions with certain models, and demonstrate compliance during inspections.

A new market could thus emerge around AI Identity Management and AI Access Management, at the intersection of cybersecurity, regulatory compliance, and cloud.

This evolution also illustrates American pragmatism in AI governance. Rather than concentrating regulatory efforts on model transparency or documentation obligations imposed on developers, Washington seems to favor a more operational lever: controlling the distribution and access conditions for the most advanced models.

Tomorrow, Models May Be Designed to Satisfy Regulators

One consequence is still largely absent from discussions, as if market access tomorrow depends on government validation, labs will need to integrate this constraint from the design phase of their models.

Safety and alignment teams will no longer work solely to reduce hallucinations, limit malicious uses, or improve system robustness, but will also need to meet regulatory requirements that could condition marketing authorization.

In other words, future models may be designed not only to maximize their performance but also to satisfy compliance criteria defined by authorities. Thus, cutting-edge models may no longer be merely "safety by design," but must be "regulation by design."

A change that could prove even more structural than the next technological advancements. For the past two years, global competition has been analyzed as a race for parameters, GPUs, and gigawatts. The Anthropic case suggests that another battle is beginning, that of controlling access to models, particularly the most advanced ones.