From PGP to Mythos: a brief history of export controls that didn’t stop anyone
For the last 30 years, stopping the flow of cybersecurity-related software has proven to be ineffective. It's unclear why it would work now with Anthropic’s cybersecurity model Mythos.
The Unbroken Cycle of Crypto and AI Export Controls
The TechCrunch report on Anthropic’s cybersecurity model Mythos highlights a recurring pattern in technology governance: export controls on encryption and security software have historically failed to prevent determined actors from accessing the technology. The article draws a direct parallel between the 1990s PGP (Pretty Good Privacy) saga and today’s regulatory attempts to limit the spread of advanced AI models. Mythos, Anthropic’s tool designed to automate cyber defense, now sits at the center of a familiar debate—whether restricting its distribution will meaningfully hinder adversaries or merely burden legitimate researchers.
Why This Matters for the AI Industry
The historical record is unambiguous. The U.S. government’s 1990s export restrictions on strong cryptography, including PGP, were effectively nullified by the internet. Source code was published in books, posted on Usenet, and shared across borders faster than regulators could update lists. The same dynamic applies to AI models: once a model’s weights or architecture are released—or even partially described in a research paper—determined state actors or sophisticated cybercriminal groups can replicate or approximate the capability. Mythos, like its cryptographic predecessors, is software. And software, once digitized, is nearly impossible to contain.
The current regulatory push, including the Biden administration’s Executive Order on AI and proposed export controls on advanced AI systems, assumes that restricting model access will slow adversarial development. Yet the PGP precedent suggests otherwise. The cost of circumvention—downloading a leaked model, training a smaller variant, or reverse-engineering published research—is often far lower than the cost of compliance for legitimate domestic developers.
Implications for AI Practitioners
For AI developers and security researchers, the Mythos case reinforces three practical realities. First, export controls create a compliance burden that disproportionately affects startups and academic labs, not the well-resourced state actors they aim to restrict. Second, the open-source AI community will likely continue to publish model details, making unilateral U.S. controls less effective without global coordination that currently does not exist. Third, the focus should shift from attempting to block distribution to investing in defensive capabilities—such as robust red-teaming, model watermarking, and usage monitoring—that work regardless of where the model runs.
The lesson from PGP to Mythos is not that controls are useless, but that they are most effective when paired with technical and diplomatic strategies that acknowledge the porous nature of digital borders. AI practitioners should plan for a world where advanced models are globally available, and design their security postures accordingly.
Key Takeaways
- Export controls on cybersecurity software, from PGP to Mythos, have historically failed to prevent determined adversaries from accessing the technology.
- The internet’s architecture makes software distribution nearly impossible to fully restrict, a reality that applies equally to AI model weights.
- Compliance costs for export controls fall hardest on startups and researchers, not the state actors they target.
- AI practitioners should prioritize defensive measures and global coordination over reliance on unilateral distribution bans.