The U.S. Department of Defense has ended negotiations with Anthropic and finalized a classified AI deployment agreement with OpenAI, marking the first major rupture between a frontier AI lab and the Pentagon under its expanded AI integration policy.

The collapse — first detailed by The New York Times — followed weeks of tense negotiations over surveillance safeguards and autonomous weapons limits, with Anthropic seeking explicit contractual prohibitions and the Pentagon insisting that lawful use standards should govern AI deployment.

The agreement with OpenAI instead relies on a layered safety stack, cloud-only architecture, and references to existing U.S. law, while retaining OpenAI personnel in the loop for classified deployments.

The situation affects not only AI companies and defense agencies, but also enterprise buyers, policymakers, and citizens watching how powerful AI systems enter national security workflows.

Here’s what this shift reveals about who governs military AI — and what precedent it may set for future AI–government partnerships.

According to reporting from The New York Times, negotiations between the Department of Defense and Anthropic deteriorated in the final days before a Friday deadline imposed by Defense Secretary Pete Hegseth.

Anthropic reportedly sought legally binding language preventing its AI systems from being used for:

The Pentagon argued that no private contractor should dictate how government tools are used for lawful purposes.

The impasse centered on whether the Pentagon would agree to explicit contractual restrictions regarding surveillance of unclassified commercial data about Americans. Anthropic sought binding prohibitions; the Pentagon maintained that lawful use standards already governed such activities.

When the 5:01 p.m. deadline passed, the Pentagon announced Anthropic would be designated a “supply chain risk.” The label has traditionally been used against foreign entities considered national security threats and, according to the Times, has not previously been applied to a U.S. technology company.

Anthropic has said it intends to challenge the designation in court.

For prior AiNews coverage on this dispute, see:

OpenAI’s agreement with the Department of Defense emerged from months of ongoing discussions between the company and the Pentagon, which initially focused on non-classified AI work before expanding to classified deployment during the period when negotiations between the Pentagon and Anthropic were reaching their deadline.

The agreement was publicly announced shortly after the Pentagon ended negotiations with Anthropic and designated the company a supply chain risk.

In an online AskMeAnything (AMA) on X, OpenAI CEO Sam Altman wrote:

“For a long time, we were planning to non-classified work only. We thought the DoW clearly needed an AI partner, and doing classified work is clearly much more complex. We have said no to previous deals in classified settings that Anthropic took. We started talking with the DoW many months ago about our non-classified work. This week things shifted into high gear on the classified side. The reason for rushing is an attempt to de-escalate the situation.”

In its official statement, OpenAI outlined three “red lines” guiding its defense work:

OpenAI said the agreement reflects a layered safety model intended to maintain technical oversight over how its systems are deployed, relying on architecture controls, human involvement, and contractual safeguards to enforce limits on use. The company has argued that such technical and operational controls provide more enforceable guardrails in military AI deployments than strict usage prohibitions alone.

The agreement includes:

These mechanisms are intended to allow OpenAI to independently verify that its safety red lines are not crossed, maintaining ongoing technical oversight alongside legal and contractual protections.

After announcing the agreement, OpenAI CEO Sam Altman hosted an AMA on X amid public discussion of the deal, answering questions about military AI deployments and safety safeguards.

Q: What was the core difference between OpenAI’s agreement and Anthropic’s negotiations with the Pentagon?

A: Sam Altman suggested the breakdown may have reflected differing approaches to safeguards, saying that he could only speculate based on his understanding of the situation:
“We believe in a layered approach to safety—building a safety stack, deploying FDEs, and having our safety and alignment researchers involved, deploying via cloud, working directly with the Department of War (DoW). Anthropic seemed more focused on specific prohibitions in the contract, rather than citing applicable laws, which we felt comfortable with. We feel that it it's very important to build safe systems, and although documents are also important, I'd clearly rather rely on technical safeguards if I only had to pick one.”

Q: Should private AI companies have authority over how governments use AI systems?

A: Altman said OpenAI believes democratic governments — rather than private companies — should ultimately determine lawful military use:
“I do not believe unelected leaders of private companies should have as much power as our democratically elected government.”

Q: Why, as the main competitor to Anthropic, did OpenAI come out and say they do not think Anthropic should be labelled a Supply Chain Risk (SCR)? From the outside, it feels like some political chess given this was said AFTER your deal was confirmed with the DoW.

A: Altman strongly criticized the designation and said OpenAI opposed it both before and after its own agreement was finalized:
"Enforcing the SCR designation on Anthropic would be very bad for our industry and our country, and obviously their company. We said to the DoW before and after. We said that part of the reason we were willing to do this quickly was in the hopes of de-escalation. I feel competitive with Anthropic for sure, but successfully building safe superintelligence and widely sharing the benefits is way more important than any company competition. I believe they would do something to try to help us in the face of great injustice if we could. We should all care very much about the precedent. To say it very clearly: I think this is a very bad decision from the DoW and I hope they reverse it. If we take heat for strongly criticizing it, so be it."

Q: What would cause OpenAI to walk away from a government partnership? Is there a clearly defined boundary or red line you won’t cross?

A: Altman said the company would refuse requests that violate legal or constitutional boundaries: “If we were asked to do something unconstitutional or illegal, we will walk away.”

The dispute reveals a philosophical and structural difference between frontier AI labs over how military AI safeguards should be enforced.

Anthropic emphasized legally binding contractual prohibitions that would restrict certain surveillance uses directly within the agreement itself.

OpenAI emphasized a layered technical safety stack, cloud-only architecture, embedded alignment oversight, and reliance on existing law rather than adding new categorical bans in contract language.

At the center of the disagreement is not whether safeguards should exist — both companies publicly oppose mass surveillance and autonomous lethal decision-making — but how those safeguards should function in practice.

Under a contract-driven model, restrictions are explicitly written into agreements and enforced through compliance and potential legal action.

Under a technical architecture model, safeguards are embedded into system design and deployment infrastructure, with oversight mechanisms intended to allow continuous monitoring and verification.

The divide also reflects a broader AI governance question: Should AI companies retain veto power through contractual prohibitions?

Or should democratic governments determine lawful use, with technical controls serving as enforceable guardrails?

That governance tension remains unresolved.

OpenAI’s agreement with the Department of Defense arrives amid a broader and increasingly urgent debate over how advanced AI systems should be governed in military environments — particularly when systems influence intelligence analysis, surveillance capabilities, or decisions connected to the use of force.

U.S. defense policy already places limits on full autonomy in weapons systems. Department of Defense Directive 3000.09, which governs autonomous and semi-autonomous weapons, requires that AI-enabled systems be designed to allow appropriate human judgment and supervision, including the ability for operators to monitor and intervene during engagements. The directive reflects a long-standing Pentagon position that lethal decisions should not occur entirely outside meaningful human oversight.

Civil-liberties organizations, AI researchers, and governance scholars have argued that maintaining human involvement is essential not only for ethical reasons but also for operational reliability and accountability. Research examining AI-enabled military systems has warned that models optimized purely for strategic outcomes can produce unintended or escalatory behaviors if deployed without layered safeguards and human review.

These concerns intersect with another reality facing defense planners: rapid global adoption of AI technologies by adversarial nations. U.S. officials have increasingly argued that maintaining technological parity — or advantage — requires integrating advanced AI capabilities into national defense systems, even as governance structures struggle to keep pace with the rapid acceleration of AI capabilities.

The result is a policy tension now playing out in real time:

The Pentagon’s negotiations with Anthropic and subsequent agreement with OpenAI illustrate that this debate is no longer theoretical. It is shaping procurement decisions, industry partnerships, and the emerging rules that may govern military AI for decades.

Q: Does OpenAI’s agreement allow autonomous weapons?
A: According to OpenAI, no. The deployment is cloud-only and references DoD Directive 3000.09, which requires human control over lethal autonomous systems.

Q: Does it permit mass surveillance of Americans?
A: OpenAI states its contract references constitutional and statutory restrictions, including the Fourth Amendment and FISA, and prohibits unconstrained domestic monitoring.

Q: Why did OpenAI succeed where Anthropic did not?
A: Based on public reporting and Altman’s AMA, the difference appears rooted in governance structure — Anthropic sought stronger contractual prohibitions, while OpenAI prioritized technical safeguards layered on existing law.

Q: What happens if laws change?
A: OpenAI’s contract states use must remain aligned with standards reflected at the time of agreement, even if laws or policies change later.

The agreement between OpenAI and the Department of Defense does more than resolve a contract dispute — it establishes an early precedent for how frontier AI systems are likely to be integrated into national security operations.

This matters now because the governance framework chosen at this moment may establish a template for how advanced AI systems are integrated into military and national security operations going forward. Whether safeguards are enforced primarily through contractual prohibitions, embedded technical architecture, or reliance on existing law is no longer theoretical — it is being operationalized.

Military AI governance is still in its formative stage. Unlike nuclear weapons policy, which developed over decades of treaties, doctrines, and international oversight, AI deployment is advancing faster than the regulatory architecture intended to govern it.

Experts across industry, government, and civil society largely agree on desired outcomes — preventing misuse, preserving human accountability, and maintaining lawful oversight. What remains uncertain is whether technical safeguards, contractual limits, or existing legal frameworks will prove most durable once advanced AI systems operate inside classified environments, and whether those mechanisms can reliably hold under real-world political and operational pressures.

Once a deployment model is implemented in classified environments, it can shape procurement standards, oversight expectations, and regulatory assumptions that extend beyond a single contract. Other agencies, allied governments, and commercial actors often look to U.S. defense practices as reference points when designing their own AI governance approaches.

The Pentagon’s decision to designate a U.S. AI company as a “supply chain risk” also introduces a significant precedent. That designation — historically used against foreign entities — raises the possibility that disputes over AI governance could increasingly involve institutional leverage rather than purely technical negotiation.

The broader question now extends beyond a single contract:

How resilient are AI safeguards when political leadership, legal interpretations, or national security priorities shift?

The answer may shape not only this deployment, but the future balance of power between AI developers and governments in determining how advanced systems are used.

For AI labs, the immediate decision is structural: Whether to insist on explicit contractual prohibitions that preserve veto authority over government use, or to rely on technical architecture and legal frameworks while ceding final lawful authority to elected institutions. That choice shapes not only individual contracts, but each company’s long-term relationship with national governments.

For policymakers, the decision centers on enforceability and precedent:
Whether to embed safeguards directly into procurement contracts, depend on technical system design to constrain misuse, or rely primarily on existing law and executive oversight. The framework chosen now may influence how future AI systems — more capable and more autonomous — are integrated into defense operations.

For citizens and civil society organizations, the decision becomes one of oversight and accountability:
Whether existing legal protections, institutional checks, and technical controls are sufficient to govern increasingly powerful AI systems — and what mechanisms should exist to ensure safeguards remain durable across changing administrations and evolving interpretations of law.

These are not theoretical considerations. They will inform how advanced AI systems are deployed, supervised, and constrained in real-world security environments.

The OpenAI agreement may close one negotiation. It opens a far larger test: whether democratic institutions, technical safeguards, and private companies can align — and which model of AI governance ultimately proves durable — before AI capability outpaces the institutions meant to govern it.

Editor’s Note: This article was created by Alicia Shapiro, CMO of AiNews.com, with writing, image, and idea-generation support from ChatGPT, an AI assistant. However, the final perspective and editorial choices are solely Alicia Shapiro’s. Special thanks to ChatGPT for assistance with research and editorial support in crafting this article.