EULLM
Back to blog
The US Already Has AI Sovereignty. Europe Is Still Debating It.
Data SovereigntyAI PolicyInfrastructureEU AI Act

The US Already Has AI Sovereignty. Europe Is Still Debating It.

On June 12, 2026, the US government ordered Anthropic to cut off access to its most advanced AI models for every non-American on the planet. No notice. No appeal. No exceptions. If you needed a wake-up call about what digital sovereignty really means in practice, this is it.

EU
EULLM Team
13 June 20266 min read

On June 12, 2026, the US government issued an export control directive ordering Anthropic โ€” one of the world's most prominent AI labs โ€” to immediately suspend access to its flagship models, Fable 5 and Mythos 5, for every foreign national on Earth.

Not just in China. Not just in Russia. For everyone who isn't an American citizen โ€” regardless of where they live, regardless of whether they're a paying customer, regardless of whether they're an Anthropic employee.

Read that again.

A government decision, made in Washington, cut off AI access globally. No court order. No appeal process. No warning for the users affected. Just a directive, and then silence.

While Europe is still drafting its AI Act implementation guidelines, the United States just demonstrated that it already has its own version of AI sovereignty โ€” and it exercises it with an iron fist.

What Actually Happened

According to Anthropic's public statement, US national security authorities became aware of a method to "jailbreak" Fable 5 โ€” specifically, a technique involving asking the model to analyze a codebase and identify software vulnerabilities. Officials invoked national security authorities and required Anthropic to shut down access for all foreign nationals immediately.

Anthropic publicly disagreed with the decision. The company called the jailbreak "narrow" and argued that "equivalent capability" exists in competing models available to anyone. They emphasized their robust safeguards, monitoring systems, and data retention policies. It didn't matter. They complied.

Here's what makes this case so striking: the jailbreak wasn't some exotic, nation-state-grade exploit. It was, by Anthropic's own account, a fairly standard code analysis prompt. Yet that was enough for the US government to effectively nationalize access to a commercial AI product โ€” one that companies across Europe, Asia, South America, and everywhere else were relying on for real workflows.

This is not a warning shot. This is a demonstration of capability.

The Illusion of "Global" Cloud Services

For years, the pitch from US cloud and AI providers has been universal: we're global, we're reliable, we're everywhere. And in normal times, that's largely true. AWS, Azure, OpenAI, Anthropic โ€” they've built genuinely impressive infrastructure that serves customers worldwide.

But "global" has always had an asterisk written in invisible ink: until the US government decides otherwise.

This isn't new. The CLOUD Act has allowed US authorities to compel cloud providers to hand over data stored anywhere in the world since 2018. Export controls have long governed who can access certain technologies. What's changed is the speed and totality of execution. A model that millions of users relied on yesterday can be made inaccessible overnight โ€” not because the provider chose to do it, but because a government official signed a directive.

European organizations that built workflows around Fable 5 and Mythos 5 didn't lose access because they violated any terms of service. They lost access because they weren't born in the right country.

If that's not a data sovereignty problem, what is?

Europe Talks. The US Acts.

The European Union has produced a remarkable body of legislation in recent years: the GDPR, the AI Act, the Data Act, the Digital Markets Act. The ambition is real, and the direction is right. European regulators are genuinely trying to build a framework that protects citizens and keeps critical infrastructure under European control.

But there is a gap โ€” and it's a significant one โ€” between legislative intent and operational reality.

Today, if you ask a European enterprise where their AI models run, the honest answer is almost always: on American infrastructure, under American jurisdiction, subject to American law. The contracts say GDPR-compliant. The data centers might even be in Frankfurt. But the models, the inference infrastructure, the APIs โ€” they're American.

The Anthropic incident reveals exactly what that dependency costs you when the rules change.

Europe doesn't need to exercise sovereignty the way the US does โ€” with unilateral directives that cut off global access to critical technology. But Europe does need to achieve the practical equivalent: the ability to run its own AI, on its own infrastructure, under its own laws, without anyone else being able to flip a switch and turn it off.

What Real Sovereignty Looks Like

The good news is that the technical building blocks for European AI sovereignty exist today.

Open-source models โ€” Mistral from Paris, and a growing ecosystem of European and globally distributed research โ€” are production-grade. They match or exceed the capabilities of many closed US models for real-world enterprise tasks. They can be run locally, fine-tuned on proprietary data, and audited in ways that closed APIs never allow.

The inference infrastructure has matured too. Running these models at production scale โ€” with high throughput, low latency, multimodal capabilities, GPU efficiency โ€” is no longer the exclusive province of hyperscalers.

A sovereign AI stack for a European organization looks like this:

  • Models: Open-source, Apache-licensed, with no dependency on US API providers
  • Inference: On-premise or on EU-based cloud infrastructure (Hetzner, OVH, Scaleway)
  • Data: Never leaves the organization's control โ€” no training on your queries, no telemetry to foreign servers
  • Compliance: Auditable, documented, and aligned with GDPR and EU AI Act requirements
  • Continuity: No single foreign government can cut off access, because the model runs where you control

This isn't about protectionism or anti-Americanism. Many of the best AI researchers in the world work in the US, and the models they build are genuinely excellent. But excellence doesn't equal reliability under all political conditions โ€” and June 12, 2026 proved that political conditions can change overnight.

The Lesson from Washington

The Anthropic Fable/Mythos suspension is a gift, in a way. It's a live demonstration โ€” affecting real users, real businesses, real workflows โ€” of exactly the risk that European data sovereignty advocates have been warning about for years.

The risk isn't hypothetical. It happened. It happened fast. And it happened to one of the most responsible, most transparent AI companies in the world, acting under legal compulsion from its own government.

Imagine the same scenario with a less transparent company. Or with less justification. Or with no public statement at all.

The US has had digital sovereignty for decades. It exercises it quietly, through export controls, through FISA courts, through CLOUD Act compulsion, through national security directives. June 12 was just the day it became impossible to look away.

Europe has a choice. Continue building on foundations controlled by others โ€” or build its own.

EULLM Engine runs entirely on your infrastructure, under your control, with no dependency on foreign API providers. Start building sovereign AI today.

EU

EULLM Team

Building open-source AI infrastructure for European sovereignty.

github.com/eullm/eullm
All articlesStar on GitHub