Ruling Keeps Claude Models Out of Defense Systems Amid Legal Struggles
On April 9, 2026, a federal appeals court in Washington delivered a significant ruling concerning Anthropic, an artificial intelligence (AI) company, which has been effectively excluded from Department of Defense (DoD) operations. This decision, which upheld the Pentagon’s decision to blacklist Anthropic, has created a complex legal environment as the company becomes ensnared in an ongoing legal battle over its AI models, known as Claude. The ruling underscores the escalating tensions between technology companies and government authorities, especially in the defense sector.
The D.C. Circuit Court of Appeals denied Anthropic’s appeal to halt the Pentagon’s blacklist, allowing the DoD to continue barring the use of Claude models in military systems and preventing defense contractors from using this AI technology in their operations. This ruling follows a contrasting decision made by a federal judge in California just weeks prior, who granted Anthropic temporary relief in a separate but related case, which restricts the administration from implementing its “supply-chain risk” designation too broadly.
The current state of affairs means that Anthropic remains excluded from Pentagon contracts, further complicating the ongoing discussions regarding governmental authority to regulate technologies deemed crucial for national security. A pivotal moment came when Secretary of Defense Pete Hegseth labeled Anthropic as a national security threat. This declaration was made after the company opted not to grant the military unrestricted access to its AI models. The knee-jerk response resulted in the cancellation of numerous contracts within the defense industrial sector and a sweeping prohibition on the utilization of its technology throughout related supply chains.
In evaluating the case, the federal appeals court appeared to prioritize the balance of potential harms rather than the legality of the government’s decision. The court concluded that the risks associated with restricting a private company, such as Anthropic, were minimal compared to the broader implications of how the Department of Defense secures its AI technology during critical military operations. This perspective indicates a permissive stance toward government authority in the context of national security.
Legal experts have remarked on the implications of this ruling, suggesting it conveys a more skeptical view of Anthropic’s position compared to the previous district court ruling in California. Nevertheless, the appeals court’s decision does not extinguish Anthropic’s ongoing challenges to the supply-chain risk designation. The panel granted expedited review, acknowledging the substantial challenges put forth by the company and the potential for irreparable harm as the legal proceedings continue.
Prominent legal scholar Harold Koh, who serves as a professor at Yale Law School and previously held the role of legal adviser at the Department of State, filed an amicus brief supporting Anthropic. He characterized the ruling as a mixed outcome for the tech company. Koh asserted that the court’s ruling not only conveys skepticism regarding the government’s actions but could also lead to a broader examination of how national security regulations are being leveraged against technology companies.
The supply-chain risk designation, while notably affecting DoD procurement practices, has consequences that ripple throughout contractors and subcontractors engaged in military operations. Under the current interpretation, these contractors are prohibited from employing Anthropic’s technology for defense-related work, although they may continue to utilize it in commercial and other governmental contexts. This distinction was highlighted in the court’s ruling, emphasizing that the government is not imposing an all-encompassing ban on the use of Claude—only those applications directly linked to defense contracts.
In its court filings, Anthropic has indicated that several federal contractors have either paused or completely halted operations, particularly those involving Claude. Additionally, uncertainty surrounding the regulations has led private sector partners to withdraw from potential collaborations. Anthropic’s chief financial officer expressed grave concerns, noting that the company stands to lose hundreds of millions in projected revenue connected to the Pentagon, with potential losses extending into the billions if these restrictions have a broader impact on the commercial market.
The crux of the argument against the Pentagon’s designation rests on claims from Anthropic, asserting that the government’s actions are not only unlawful but also retaliatory in response to its refusal to allow the military unrestricted usage of its models, particularly in contexts involving mass surveillance or autonomy in weaponry. While the court refrained from directly addressing these claims, it acknowledged the unresolved legal issues related to how expansively the government can define supply-chain risk.
As the legal battle progresses, these questions will unfold alongside a parallel case in San Francisco, wherein Anthropic is challenging additional authorities that fall outside the procurement review process examined in the appeals court. Legal analysts have noted that while the D.C. Circuit case concentrates on adherence to procurement regulations surrounding the designation of Anthropic as a supply-chain risk, the case in San Francisco allows a broader constitutional challenge regarding the government’s approach.
In summary, Anthropic’s struggle illustrates the increasing friction between technological innovation and governmental oversight amidst national security concerns. While the legal framework surrounding AI technologies in defense is still evolving, the outcomes of these cases could have far-reaching implications for both the sectors involved and the broader regulatory landscape governing AI applications in sensitive areas.