America Just Made the Case for Quantum Sovereignty

Summary: On Friday evening, the US government ordered Anthropic to shut off its two most capable AI models for every customer worldwide, within hours, with no warning. For the Americans who keep asking me why anyone would hesitate to buy US quantum technology, this is the answer in one event. The same export-control machinery applies to quantum computing, and the dependency will be heavier: buying the hardware from a US monolithic vendor does not escape it, because the vendor still controls the firmware, the software stack, and the maintenance, and still answers to Washington before it answers to you. The industries that will need quantum compute most urgently (pharma, chemicals, materials) are also the ones most central to national security. The mechanism for revoking access is demonstrated. The countries building their own quantum stacks are not being paranoid. They are doing risk management.

At 5:21 p.m. Eastern on Friday, June 12, Anthropic received a letter from the US Department of Commerce. By that evening, Fable 5 and Mythos 5, two of the most capable AI models anyone can buy, were dark for every customer on the planet. Not throttled. Not geofenced. Off.

Anthropic did not choose to pull them. Its own government ordered it to, citing national security, through an export-control directive barring “any foreign national, whether inside or outside the United States, including foreign national Anthropic employees” from using the two models. Since no provider can separate foreign nationals from everyone else in real time, the only way to comply was to switch both models off for the entire customer base, Americans included. The company’s other models, including Claude Opus 4.8, stayed online. (Anthropic’s statement; the directive’s origin was reported by NBC News and others.)

I am going to set the AI-policy fight aside, because that is being discussed by many other better equipped people. Where this lands for me, and lands hard, is on quantum sovereignty. On Thursday morning, over coffee, a US diplomat whose portfolio covers emerging technology asked me a version of the question I have been hearing from American quantum founders and CEOs, investors, and government officials for the past year: why are so many of your clients asking about independence from US quantum technology? It is the best in the world. What is the worry? I never had an example clean enough to make the answer land. By Friday evening, Washington gave me one.

So here is the sentence I would forward to anyone still puzzled by the question: the United States just demonstrated, on its own soil and against its own industry, that access to frontier American technology can be revoked for the entire world within hours, by government order, with no warning and a contested justification. That is the risk every serious non-US buyer of American quantum computing, whether rented as a service or purchased as hardware, is now writing into its plans.

What Washington Did on Friday

The letter came from Commerce Secretary Howard Lutnick, drafted with the department’s Bureau of Industry and Security, the same office that administers export controls on advanced chips. It ordered Anthropic to suspend access to Fable 5 and Mythos 5 for any foreign national, framed as an export-control action under national-security authority. Anthropic says the directive arrived with no specifics about the concern behind it. The company’s understanding, assembled after the fact, is that the government believes someone discovered a way to jailbreak Fable 5.

Anthropic’s account of that jailbreak is where the gap between claim and evidence opens. The company says the technique surfaced a few previously known, minor software vulnerabilities, the kind reproducible on other public models, OpenAI’s GPT-5.5 among them. No red team, internal or external, has found a universal jailbreak in Fable 5.

None of this is a verdict on whether the order was justified, and for the argument I care about, that question doesn’t matter. Suppose the government saw something real that Anthropic did not. The sovereignty lesson is identical. A buyer in Frankfurt or São Paulo or Seoul cannot audit a classified determination made in Washington. What that buyer can observe is the shape of the action: how fast it moved, how far it reached, and how little the vendor could do to stop it. On all three, the answer holds whether the underlying call was sound or mistaken.

How Fast, How Far, How Little Recourse

Start with speed. The directive arrived at 5:21 in the evening and the models were gone the same night. No phase-out, no 30-day transition, no grace period to move workloads.

Then reach. The order does not turn on where you sit. It turns on who you are. A French engineer working in an Anthropic office in San Francisco falls under it. So does a German pharmaceutical firm, a Brazilian bank, and a Japanese manufacturer, whatever data center they connect to. Nationality-based export control is ordinary in defense and semiconductors, but seeing it applied to a mass-market compute service is new.

Then the vendor’s position. Anthropic did not want to do this and said so plainly, calling the action a misunderstanding. None of that changed the outcome. The company complied within hours, because a commercial provider’s obligations to its own government sit above its contracts with its customers. When the two collide, the customer loses.

Why This Lands Differently for Quantum

Everything above concerns a large language model. The reason I am writing about it on a quantum blog and newsletter is that the same export-control machinery applies to quantum computing, and the dependency underneath will be heavier. Whether a foreign buyer rents quantum compute through a US cloud or purchases a full-stack machine from a US vendor, the technology sits under US jurisdiction and the vendor’s obligations to Washington override its contracts with its customers.

For most of its history, quantum computing coverage has fixated on the threat to encryption, the cryptographically relevant quantum computer that breaks RSA on some future Q-Day. That threat is real, but it is not the dependency at stake here. The nearer story is utility: using quantum computers to simulate molecules, catalysts, and materials that classical machines handle poorly or not at all. I spent months mapping where that utility is genuine and where it is marketing, and published the result as my Quantum Utility Map. The honest map is narrow: quantum computing will deliver real advantage to a handful of industries built on quantum-mechanical behavior, pharmaceuticals, chemicals, batteries, advanced materials, and similar.

For those industries, the trajectory matters more than any single milestone. The first genuine advantages, narrow and specific, the simulation of a strongly correlated molecule that an existing supercomputer chokes on, are plausibly two to three years out. At that stage, access to a capable quantum computer buys a competitive edge. It is valuable, but a firm that lacks it can still compete; it just works harder and moves slower. By the early 2030s, on the evidence I gathered for Quantum Computing by 2033, fault-tolerant machines on the order of 2,000 logical qubits begin to create real competitive separation in precisely those sectors.

Extend the curve and the character of the dependency changes. As capability grows and more fault-tolerant algorithms mature, access stops being an advantage and becomes a precondition. If a competitor can compute a catalyst, a battery chemistry, or a drug candidate that you cannot, you are not a step behind in the same race. You are shut out of discoveries you have no way to reach. At that point a quantum computer stops being the thing that makes a good chemist better and becomes the difference between having a product and not having one. A large share of today’s sovereignty anxiety is about that moment, even when the people voicing it have not put a date on it.

Now set Friday’s lesson back on top of that curve. The firms likely to supply frontier quantum computing over the next decade, whether rented as a cloud service or sold as installed hardware, are concentrated in a small number of companies and an even smaller number of countries, with the United States prominent among them. I called this the utility trap: the industries where quantum delivers the most value are also the ones most central to national security, and the hardware serving them sits in very few hands. A European chemical maker or a Korean battery firm running its hardest simulations on a US quantum cloud, or on a US-built quantum computer installed in its own lab, is, by the early 2030s, dependent on that American technology the way it depends on the power grid. Friday showed, in public and in real time, that access to an American technology platform can be cut by a government the customer never elected, on grounds the customer cannot inspect, in the time it takes to read a letter.

The obvious objection is that a serious buyer would never rent something this important. It would buy the machine and run it at home. The goal is right. Buying the machine, at least from a full-stack vendor, does not deliver it. A quantum computer bought today from an integrated vendor is, in most respects, still that vendor’s machine. The compute-sovereignty pattern is familiar: a government acquires a quantum computer, installs it in a national laboratory, announces that it has reached sovereignty, and has in fact taken delivery of a black box. The processor was fabricated abroad. The control electronics, the cryogenics, and the closed-source software stack came from abroad. Calibration and firmware updates are performed by the vendor’s own engineers under the service contract, which makes the vendor’s firmware-update policy a form of remote control over the system. IBM, which dominates the integrated model today much as it dominated the mainframe era the personal computer eventually broke open, sells and installs systems that still run on its stack and its support. The buyer had a quantum computer. It did not have control of one.

Work down the list a sovereignty-minded buyer is meant to clear before signing. Can our engineers see inside the system? Can we refuse a firmware update? Can we export our data and circuits in open formats? What happens if the vendor’s home government imposes export restrictions? Friday answered the last question in public.

None of this counsels autarky; a nation does not need to fabricate every layer itself. What it needs is architectural freedom. The quantum stack can be sourced in layers, a QPU from one supplier, cryogenics from another, control electronics from a third, then integrated in-house or by a neutral systems integrator, the same shift from sealed mainframe to open, modular machine that handed sovereignty from the producer to the user in classical computing. The approach is called quantum open architecture, and it is the difference between owning a box and owning a capability. My forthcoming book Quantum Systems Integration is the engineering guide for how to do it: how to source each layer, how to manage the multi-vendor integration, and what it costs at three different tiers.

A disclosure. My company, Applied Quantum, is a quantum systems integrator. We assemble quantum computers from modular components for clients who want architectural control over their systems. Most come to us because of sovereignty concerns. On Saturday morning, less than eighteen hours after the directive, a prospective client called to ask me to put together a proposal. Friday did not create the demand. It removed the last hesitation. I have a commercial interest in this argument, and I am being direct about it, because the analysis should be evaluated on its evidence, not on whether the person making it also happens to build the alternative.

I want to be careful here, because this is exactly the argument the quantum-panic industry loves to inflate. I am not claiming a quantum computer will crack your encryption next year, or that every company needs quantum access today, or that US quantum technology is a trap to be avoided. The claim is narrower: the dependency is coming for specific industries on a knowable path, and the mechanism for revoking it already exists and was just used. You only need to believe that some industries will come to need quantum compute, and that the supplier’s government can turn it off. Both halves of that sentence are now demonstrated.

The Same Act, Read Two Ways

The conversations I keep having, with Americans on one side and nearly everyone else on the other, come down to the same facts read through two frames. Both readings are correct.

From Washington, Friday’s order is security. The logic is defensible on its own terms: the most capable tools should not be freely available to rival powers, and a government that identifies a national-security risk in a deployed system should be able to act. Keeping a strategic technology under national control is not a strange impulse. Every serious power has it, including the ones now anxious about depending on America.

From outside the United States, the same order reads as a demonstration. It shows that critical-infrastructure access from a US provider is contingent: it can be withdrawn at the speed of a directive, the threshold for withdrawal can be low and the reasoning opaque, and even the provider’s open objection buys the customer no reprieve. What makes Friday more unsettling to allied capitals than a China-focused control would have been is exactly that it was not aimed at an adversary. It swept up allies, ordinary commercial users, and Americans themselves, over a finding the vendor calls minor. If that is the trigger threshold, an allied buyer cannot model its own exposure. Risk managers do not live with risk they cannot model. They cut the dependency that creates it.

There is a line in Anthropic’s statement that both sides should sit with. The company argued that the state should hold export-control power, exercised through a process that is transparent, predictable, and grounded in technical fact. That is also, almost word for word, what the foreign buyer wants. Non-US buyers are not reacting to the existence of American export controls. They are reacting to unpredictability, and unpredictable control of a critical input is precisely what pushes buyers to build their own.

Why Paris Could Not Stop Talking About Sovereignty

This is the conversation that ran underneath the Q-Day Summit in Paris last week, where I spoke on June 9. The agenda was billed around post-quantum cryptography and critical-infrastructure resilience, and those topics had their hours. Sovereignty kept pulling the room back. Almost every non-American I spoke with, in an audience that skewed heavily European and carried a strong defense and government presence, circled the same question I have been describing, usually before I brought it up.

It is the impulse behind a set of European moves that can look, from across the Atlantic, like expensive duplication. The EU is building EuroQCI, a quantum-secured communication network spanning all 27 member states, which Brussels describes in plain language as a contribution to European digital sovereignty. On the compute side, OVHcloud, the largest European cloud provider, has put a French-built photonic quantum processor on its platform as a pay-as-you-go service, with Quandela’s chief executive calling it “sovereign infrastructure” in as many words. That particular machine is small, 12 qubits, an experimental capability rather than a frontier system, and I will not pretend otherwise. France, separately, is spending €500 million through its PROQCIMA program to build fault-tolerant quantum computers of explicitly French design, so the systems its strategic industries will lean on later are not someone else’s black box. The intent is the point. Europe is paying to own the stack at an early and uneconomical stage, specifically so the switch is not in someone else’s hands later. Friday is the argument for that spending, delivered free of charge.

I have spent a long stretch of my working life on this dynamic, how critical industries come to depend on concentrated quantum supply chains and what it costs to climb back out, and it is the subject of my book Quantum Sovereignty, out in a few days. I did not expect the cleanest illustration of the thesis to arrive from Washington the week before it published.

What I Tell the Americans in the Room

When an American founder or diplomat asks me why the world has become so preoccupied with quantum sovereignty, here is the substance of what I say, and none of it is a grievance against the United States. I work in America. I admire what its quantum and AI companies have built. The technology is, for now, the best available, and it may stay that way for years.

What I try to get across is that the global perception has already shifted, and Friday shifted it further in an afternoon. “Trust us, we will not turn it off” stopped being a sufficient answer the moment the world watched the United States turn it off, on its own flagship company, its own customers, and its allies, over a jailbreak the vendor calls minor. For a buyer whose industry will one day run on quantum compute, that is no longer a reassurance to take on faith. It is a risk with a worked example.

The commercial consequence is concrete, and it is the part US vendors and policymakers should actually weigh. Every serious non-US buyer now has a defensible reason to dual-source, to demand contractual portability, open interfaces, the right to refuse firmware updates, and clean data-egress terms, to read the fine print for nationality-based access clauses, and to look hard at sovereign or regional quantum options on a real timeline rather than a someday one. The security world has spent years preaching crypto-agility for the migration to post-quantum standards. Quantum compute will need the analog: supply agility, the ability to move workloads off any single provider or jurisdiction without rebuilding from scratch. Buyers who design that flexibility in now will be glad of it.

To the American policymakers in particular: unpredictable controls are not a neutral act. Each surprise sharpens the case your competitors are already making to your own customers. A US quantum industry that wants the world’s hardest simulation workloads has a commercial interest in a control regime that is transparent and rule-bound, because the alternative quietly hands both the argument and the market to Europe, and to anyone else willing to promise a switch that stays in the buyer’s hands. This is not an argument for deregulation. Predictable, rule-bound controls would settle most of it, the kind a customer can model in advance, which is exactly what Anthropic asked for on Friday.

The next time someone asks me why the rest of the world wants its own quantum stack, I will not reach for a hypothetical about a distant Q-Day. I will point to a Friday evening in June, a letter that took effect by dinner, and two of the most advanced AI models on the planet going dark for everyone at once because a government decided they should. The quantum version of that letter has not been written yet. The countries and companies building their own machines are making sure that, when it is, they are not the ones waiting by the inbox.