Legion LegalTech Corp didn’t set out to battle the federal government. The San Jose-based startup simply wanted to keep building its AI-powered tools for lawyers. Yet a sudden directive from the Commerce Department’s Bureau of Industry and Security changed that. On June 12, officials ordered Anthropic to cut off access to its newest models, Fable 5 and Mythos 5, for any foreign national. The company complied the same day. And now Legion is fighting back in court.
The lawsuit, filed June 23 in Washington, D.C. federal court, calls the move unlawful. It claims the order inflicted “immediate, irreparable, and existential” harm. Competitive ground lost in frontier AI cannot be regained, the complaint states. Legion depends on these models for its drafting and case-management platform. Its Canada-based developers lost access overnight. The restriction, the suit argues, overreached existing export control rules that don’t clearly cover cloud-hosted AI.
Project Glasswing stands at the center of this dispute. Anthropic launched the initiative on April 7 to harden critical software against emerging threats. The effort unites Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Microsoft, NVIDIA, Palo Alto Networks, the Linux Foundation and dozens more. Participants gain private access to Claude Mythos Preview, a powerful unreleased model skilled at spotting vulnerabilities.
Early results impressed. The model uncovered thousands of high-severity flaws, including zero-days in every major operating system and web browser. It found a 27-year-old bug in OpenBSD and issues in the Linux kernel. Partners patched them before attackers could strike. “Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes,” Anthropic declared in its announcement (Anthropic).
The company expanded the program quickly. It added over 40 organizations and committed up to $100 million in usage credits. Ongoing talks with U.S. officials focused on both offensive and defensive cyber applications. “We are ready to work with local, state, and federal representatives to assist in these tasks,” the firm said. Securing infrastructure ranked as a top national security priority.
Yet tension grew. President Donald Trump signed an executive order on June 2 promoting advanced AI innovation and security. It encouraged early government access to frontier models and pushed agencies toward stronger defenses. Weeks later the Commerce directive landed. Officials cited national security risks tied to potential jailbreaks that could let users prompt the models to scan code for weaknesses. The Bureau gave Anthropic roughly 90 minutes to comply or face penalties. The order applied worldwide, even to foreign employees inside the U.S. or at Anthropic itself.
Anthropic pushed back in public statements while following the rules. It noted the identified jailbreak was narrow and already possible in competing models such as GPT-5.5. The firm called the response disproportionate. “We are complying with the government’s legal directive and are removing access to Fable 5 and Mythos 5 for all users,” the company said on June 12. It provided no specific details on the exact threat, Anthropic complained.
Legion’s suit builds on that skepticism. The startup had contractual rights to Fable 5 before the order. Anthropic took no independent steps to restrict access. It acted only under government threat. The complaint seeks to vacate the directive and requests a preliminary injunction blocking enforcement. “The pace of frontier AI advancement is blistering, and competitive ground lost during a suspension cannot be regained after the fact,” it warns (Reuters).
This conflict highlights deeper fractures in how Washington balances AI speed with security controls.
Observers question the approach. Similar capabilities exist across leading models, yet only Anthropic faced this immediate blanket cutoff. Independent reviewers described the action as “way out of line.” Broader context includes Anthropic’s separate litigation against the administration. The company challenged its placement on a supply-chain risk blacklist after refusing certain military uses for its technology. That case continues in California federal court.
Recent coverage adds layers. A June 17 CNBC report examined how Anthropic once sought regulation but now faces stricter measures than expected. It noted the suspension of new models wasn’t directly tied to the June 2 order but reflected ongoing friction (CNBC). CyberScoop detailed the government’s national security letter and Anthropic’s decision to disable access globally while leaving older models untouched (CyberScoop).
TechRadar first highlighted the lawsuit’s sharp tone. The article quoted experts who viewed the directive as disproportionate given that code-analysis risks appear in many frontier systems (TechRadar).
Project Glasswing itself continues. Partners keep scanning codebases and sharing findings. Over 10,000 critical vulnerabilities surfaced in initial phases. The effort aims to give defenders an edge before attackers gain the same tools. Yet the lawsuit raises fresh questions about who controls access when national security meets commercial contracts.
Legion isn’t alone in feeling the pinch. Developers, researchers and companies with international teams now face uncertainty. A Canadian engineer at a U.S. firm could lose model access simply by nationality. Such rules risk slowing innovation at the very moment the technology races forward.
The Trump administration defends its stance. Early access for government hardening of systems makes sense, supporters say. The June 2 order and related directives seek to protect critical infrastructure from AI-augmented attacks. But without detailed public justification, critics see overreach. Export controls traditionally target hardware or specific technologies. Applying them to cloud APIs for large language models tests new legal ground.
Courts will decide the immediate outcome. If Legion wins an injunction, access could resume for foreign users under safeguards. A loss might encourage stricter rules across the industry. Either way, the case spotlights the awkward intersection of AI capability, global talent and security policy.
Anthropic walks a tight line. It praises government partnership on cybersecurity while complying with orders it appears to question. Its Glasswing partners include many of the largest U.S. technology names. They continue defensive work. The public benefits from patched vulnerabilities. The private cost falls on smaller firms like Legion that integrated the models into products.
So the lawsuit is more than one startup’s grievance. It tests the limits of executive power over emerging technology. It questions whether broad nationality-based bans fit the cloud era. And it forces a conversation about how America leads in AI without crippling the ecosystem that produces it. The answer will shape policy for years.


WebProNews is an iEntry Publication