CONTEXT
In July 2025, Anthropic signed a $200 million contract with the Pentagon to deploy its AI on classified military networks. The contract included usage restrictions in Anthropic's acceptable use policy: no fully autonomous weapons decisions, no mass domestic surveillance of Americans.
The Pentagon later demanded Anthropic remove those restrictions and agree to allow its models to be used for all lawful purposes. Anthropic refused. Negotiations collapsed in late February 2026.
President Trump ordered federal agencies to cease using Anthropic's products. Defense Secretary Hegseth directed the Pentagon to designate Anthropic a supply chain risk. Anthropic disputes the legal authority behind that designation.
Within hours, OpenAI announced its own Pentagon deal. Altman stated publicly that OpenAI shared the same red lines as Anthropic on autonomous weapons and surveillance. The difference: OpenAI accepted that existing law and policy were sufficient to enforce those limits rather than requiring explicit contract language.
Altman later acknowledged the deal looked rushed. OpenAI amended the agreement.
Both companies drew the same lines. One drew them in the contract. One drew them in trust. Neither outcome resolved the underlying question.
STRUCTURAL ANALYSIS
The coverage focused on which company handled it better. That is not the useful question.
The useful question is this: if two leading AI companies and the federal government cannot agree on what lawful use means, what does that tell you about the governance environment every business is operating in right now?
There is no federal AI governance law. Not for the military. Not for commercial use. Not for anyone.
What exists are laws written before AI existed, executive orders that change with administrations, and usage policies that companies and courts are interpreting without a unified legal standard.
That is not a future risk. It is the current condition.
THE ORDER CHECK
Before your business adds another AI tool or expands current usage, establish answers to four questions.
What data is your AI system touching, and do you have clear permission to use it that way?
Which decisions is AI influencing, and is a qualified human reviewing those decisions before they take effect?
If something goes wrong, who in your organization is accountable and what is the response protocol?
Where are you relying on a vendor's usage policy to define what is acceptable, and what happens if that policy changes?
If you cannot answer these questions with documented evidence, you are not operating cautiously inside a gap. You are operating without defined boundaries.
THE DECISION
Act now on internal AI policy. Do not wait for federal law to define your standard.
Federal governance may arrive. It may not arrive on a timeline that protects you. And when it does arrive, businesses with documented policies and clear accountability structures will adapt. Businesses without them will scramble.
The companies at the center of this story were large enough to negotiate. Your business is not. Which means your protection is not a contract with the government. It is the internal order you establish before a problem surfaces.
Governance without a law is still possible. It starts with the decisions you document before anyone asks.
Decide well,
- Chuck