A recent session held on Tuesday in the U.S. Court of Appeals for the D.C. Circuit has stirred debate over the Pentagon’s authority to exclude artificial intelligence (AI) company Anthropic from future military contracts. The court’s majority appears inclined to support Defense Secretary Pete Hegseth’s decision to restrict Anthropic’s involvement in military projects, citing national security concerns.

This recent hearing marks the latest development in Anthropic’s ongoing legal battle to overturn a designation that labels the company as a supply chain risk. The case raises critical questions about the extent of government authority in regulating frontier AI firms that resist unrestricted military applications of their technologies. The Pentagon’s classification has reportedly given military agencies a six-month timeframe to discontinue using Anthropic’s technology, while largely allowing non-defense governmental and commercial applications to proceed unabated.

During the oral arguments, Anthropic’s attorney Kelly Dunbar contended that the designation contravenes established congressional procedures, exceeds statutory boundaries, and violates constitutional principles. She argued that the Pentagon utilized a significant national security mechanism to exert pressure in a dispute over the use of their model, known as Claude. This model has been a focal point in discussions about national security risks, especially given its potential applications within military operations.

Judge Neomi Rao, appointed by former President Donald Trump, expressed concerns about the limitations of the court’s ability to review the Pentagon’s designation decisions, noting that this situation has precedent—no national security risk designation has ever been legally challenged. She suggested that while the court might not be able to revoke the designation itself, it could potentially prohibit the Pentagon from labeling Anthropic as a national security risk again.

The government, on the other hand, has framed the issue not as a matter of free speech but rather as one of operational trust in AI model providers. They argue that the limitations imposed by Anthropic on its model could interfere with military operations, raising questions about reliability in critical situations. Judge Karen Henderson, also a Bush appointee, expressed skepticism toward this argument, questioning whether the record supports characterizing Anthropic as a supply chain threat rather than merely a company engaged in contractual disagreements with the Department of Defense.

Henderson labeled the Pentagon’s actions as “a spectacular overreach by the [Defense] Department,” indicating her doubts about the validity of their concerns. Meanwhile, Judge Katsas focused on the need for transparency in AI models and the rapid evolution of AI technologies, both of which complicate the existing landscape of national security.

Anthropic has clarified that its restrictions pertain exclusively to two high-stakes areas: fully autonomous lethal weapons and mass surveillance operations. The company maintains that once Claude is deployed within classified military environments, it cannot implement alterations. They further argue that should the Pentagon find their technology unsuitable, the agency can simply cease contracting with them rather than inflicting a broad reputation-damaging label that affects their ability to operate.

In defense of the designation, Department of Justice attorney Sharon Swingle argued that a loss of confidence in Anthropic jeopardizes military efficacy. She emphasized that the failure of AI models in active military scenarios could result in disastrous consequences for national security and endanger service members’ lives. Swingle defended the Pentagon’s decision-making as necessary preemptive action to safeguard against potential vulnerabilities.

The convoluted legal proceedings have yielded divergent rulings, with the D.C. Circuit previously deciding against temporarily suspending the Pentagon’s designation while simultaneously expediting Anthropic’s appeal. In contrast, a federal judge in San Francisco has placed a hold on the designation under a related case, creating a legal quandary that has left Anthropic in a precarious position. The company remains barred from engaging in new contracts with the Pentagon, yet continues to serve commercial and non-defense governmental clients.

Adding to the complexities of the situation, the Pentagon has announced new agreements with multiple AI companies, including industry giants such as OpenAI, Google, and Microsoft, further challenging the assertion that the continued designation of Anthropic poses a threat to military readiness. Critics from national security backgrounds warn that labeling AI firms as supply chain risks can deter innovation, suggesting that the designation appears to serve as leverage against companies reluctant to relax internal safety protocols.

In their amicus briefs, former defense and intelligence officials cautioned that such designations risk eroding the trust essential for collaboration between the military and private sector, especially as dependence on emerging technologies grows. Conversely, Anthropic has expressed its willingness to contribute to national security applications, asserting that it has previously collaborated with the Pentagon on various critical projects, including intelligence analysis and cyber operations.