Chain Reaction: What the Pentagon-Anthropic Dispute Means for Civilian Agencies Across All Levels of Government

Chain Reaction: What the Pentagon-Anthropic Dispute Means for Civilian Agencies Across All Levels of Government Introduction While much attention has rightfully been paid to the defense- and surveillance-related impacts of the Pentagon’s dispute with Anthropic, the fallout from this battle also has significant impacts on civilian agencies throughout the federal government, and even state, local, and tribal governments. More fully examining the breadth of the dispute’s effects across government agencies is critical for understanding what this sudden and unprecedented action means for government adoption of AI more broadly. These dynamics have become even more complicated in the wake of Anthropic’s release of Mythos. The federal government’s growing interest in gaining access to the model to evaluate potential cybersecurity risks highlights how the Pentagon’s ill-conceived ban is preventing the federal government from accessing cutting edge technology, potentially hampering the government’s security posture. The dispute between the Pentagon and Anthropic was first brought on by their failure to agree to contract terms related to limitations on autonomous weapons and mass surveillance. Following this disagreement, Secretary Pete Hegseth designated Anthropic as a “supply chain risk,” and President Trump announced over Truth Social that he was directing all federal agencies to immediately cease use of Anthropic’s Claude. After these events, Anthropic sued the Pentagon in two federal courts, the Northern District of California and the D.C. Circuit Court of Appeals, challenging the company’s supply chain risk designation under two separate statutes. The Northern District of California granted a preliminary injunction preventing the Pentagon and other federal agencies from blocking the use of Claude, which the federal government subsequently appealed to the Ninth Circuit, but shortly thereafter the D.C. Circuit Court denied Anthropic’s motion for a stay. The Ninth Circuit Court of Appeals is now holding that case in abeyance pending the case in the D.C. Circuit Court. As these cases continue to make their way through the courts, federal agencies and the vendors that work with them continue to grapple with the ongoing fallout and shifting sands from this chaotic process. As this blog explores, this standoff will have critical impacts on government procurement, public service delivery, and the privacy of personal data, threatening the safe and responsible adoption of AI in government. Impact on Government Procurement In designating Anthropic as a supply chain risk, Hegseth and the Pentagon broke with longstanding norms and weaponized the processes of federal procurement, setting into motion a number of consequences impacting agencies across the federal government, state and local governments, and and other private companies, in addition to Anthropic itself. Federal government Contract negotiations between government agencies and vendors are not uncommon, particularly for contracts that do not use the standard Federal Acquisition Regulation (FAR) processes, but instead use another approach, such as Other Transaction Authority (OTA), which reporting suggests is the case for Anthropic’s contract. Of course, as with all contracts, negotiations may fail if the parties cannot agree to terms. Normally in these cases a contract is simply not signed or is terminated. In this case, however, the Pentagon labeled Anthropic as a supply chain risk, a move many have seen as retaliatory rather than security-minded. This action weaponizes federal procurement to influence the activities and development decisions of AI companies, undermining objectivity in the procurement process and potentially leading to fewer and worse options for federal agencies seeking to acquire AI tools. As federal agencies and vendors alike attempt to determine what the Pentagon’s dispute with Anthropic means for their operations and services, the General Services Administration (GSA) recently released draft AI Terms and Conditions for federal contracts that will only make matters worse. The draft AI Terms and Conditions, among other concerning requirements, would codify the “all lawful uses” provision at issue in the fight between the Pentagon and Anthropic, requiring all AI tools to provide outputs for any lawful purpose regardless of potential risks. As industry representatives have noted, these requirements could directly undermine company safety protocols and impair performance if government agencies use tools outside of their intended purposes. If these terms are finalized, federal agencies and AI vendors will be restricted to overly broad and unclear terms, resulting in systems with fewer safety protections and worse outcomes in federal programs, and a vendor community that is reluctant to push back when their products are used unsafely. What’s more, the draft terms, in combination with the weaponization of the supply chain risk designation, will make some vendors reluctant to do business with the federal government altogether, depriving the government of certain products and services. State, local, and tribal governments These impacts are not limited to the federal government. Immediately following the initial supply chain risk designation, GSA publicly committed to removing Anthropic from the Multiple Award Schedule (MAS), which provides federal, state, local, and tribal governments with access to commercial products at reduced prices. While GSA subsequently restored Anthropic to the MAS after the preliminary injunction issued by the Northern District of California, there is lingering uncertainty about whether or not Anthropic will remain on the MAS. If GSA removes Claude from the MAS again, state, local, and tribal governments would lose the ability to acquire Anthropic’s tools through the program’s cooperative purchasing agreements and discounted pricing opportunities. Moreover, the actions of the federal government could have a broader chilling effect that could lead some jurisdictions to preemptively discontinue their use of Claude, wasting resources and creating churn in their own systems. Some federal government contractors abandoning their own uses of Claude in order to continue providing services to the federal government are likely to stop using the tool in a state, local, or tribal context as well in order to avoid building separate processes or products for different government clients. At least partially in response to these actions, Governor Gavin Newsom of California issued an executive order setting up California to do its own assessments of technology providers, signally a lack of trust in federal assessments. Private companies Other companies who contract with the federal government are watching as well, as these actions raise concerns about the implications of using Claude as part of their operations and services and their work with the government more generally. The Pentagon’s ban doesn’t just apply to direct agency use of Claude, it also extends to the use of the tool by any contractor doing business with the government. This has already led a host of government contractors, who are increasingly using AI tools in the course of fulfilling their contract obligations, to remove Claude from their supply chains. While there is still uncertainty about the legality of the Pentagon’s actions, other government contractors are likely to follow suit — even if they already use Claude or anticipate that Claude would be useful — to avoid any potential conflicts with the current Administration. The Pentagon’s actions may also cause other companies to see government partnership as a fundamentally unstable endeavor, disincentivising them from working with government clients. Adapting products for government use is often a time-consuming and expensive undertaking that companies may not want to take on without a reasonable likelihood of return on their investment. Moreover, government contractors now face the threat that if they fail to meet the government’s demands, they may not only see their contracts canceled, but face punishment or reputational damage with profound negative implications, not just for their work with government but their overall operations. Impact on Public Service Delivery The abrupt designation of Anthropic as a supply chain risk and prohibition on its use has also disrupted public service delivery and wasted resources at both the federal and state level. There are likely to be continued ripple effects as agencies and private companies reckon with what this prohibition means. Wasted resources and service disruption Prior to President Trump’s directive for federal agencies to cease use of Claude, a number of large federal agencies had already deployed the tool. Across their 2025 AI use case inventories, a wide range of agencies documented using Claude in 25 separate instances. Since the start of the dispute, at least 9 federal agencies — GSA, the Department of State, the Department of Health and Human Services (HHS), the Department of Treasury, the Federal Housing Finance Agency, the Office of Personnel Management, NASA, International Trade Administration, and the Secret Service — publicly announced that they would stop their use of Claude. These measures have already created significant confusion and uncertainty within the federal government; agencies like HHS abruptly disabled employee access to Claude and the State Department off-loaded Claude from active agency-wide tools. All of these agencies will have to expend time and effort to scrub Anthropic tools from their systems, and potentially lose whatever functionality it was providing. In addition to wasting resources, there is significant technical complexity in unexpectedly off-boarding a tool — agencies may need to scramble to extract their data and find backup approaches for tasks performed by Anthropic tools. The abrupt removal threatens to disrupt the efficient provision of services and benefits for reasons that are totally irrelevant to complaints lodged by the Pentagon. This comes at a time when agencies are working with fewer personnel and constrained resources, making it even harder for agencies to responsibly procure and deploy AI tools. Future upheaval Additionally, it is not obvious how far a prohibition should extend or how long it will last. Federal agencies are reportedly investigating how to access Anthropic’s Mythos model, which has demonstrated unique capabilities in detecting cybersecurity vulnerabilities, indicating uncertainty within the government about the ban. Aside from its longevity, the scope of the ban is also unclear: are agencies prohibited from using vendors who employ Claude in any way (e.g., a database tool that uses Claude Code to enable easier customization for clients)? Such a limitation would inevitably reduce the quality of vendor provided tools and drive up costs as vendors expend more energy to produce potentially-less-effective government versions of their offerings. Privacy of Personal Data The stakes of this dispute are especially heightened given the Trump Administration’s historic actions to access, share, and consolidate personal data while dramatically expanding AI use across the federal government. One of the key points of contention was Anthropic’s refusal to allow its technology to be used for mass domestic surveillance. As CDT discussed in our amicus brief submitted in support of Anthropic’s challenge to its designation as a supply-chain risk, this sort of surveillance, using immense datasets containing sensitive information, can invade privacy, chill speech and behavior, and facilitate discriminatory profiling. These risks are not solely limited to the defense sector. Under the Trump Administration, a wide range of federal civilian agencies are seeking to consolidate administrative data which could subsequently be used in conjunction with a powerful AI tool to supercharge domestic mass surveillance. This leaves beneficiaries for and applicants to public benefits programs particularly vulnerable as these systems maintain exactly the sorts of sensitive data, such as unique personal identifiers and demographic information, that could be repurposed for surveillance activities. The Administration’s apparent position that government contractors must allow all lawful uses of their systems, including for mass surveillance, creates significant risks to personal privacy, especially given the country’s limited privacy laws and the Administration’s willingness to bend or break legal limits. At least 20 lawsuits allege the federal government has violated long-standing privacy protections, so the federal government refusal to accept a contract that places limitations on mass domestic surveillance raises further concerns about how they aspire to use Americans’ personal data. Conclusion Ultimately, this action will degrade service delivery across all levels of government, and disincentivise companies from working with the federal government in ways that will impede AI innovations in government, all in service of a dubious goal — punishing a private company for its opposition to the mass surveillance of Americans. The Administration should reverse course, lifting the prohibition on federal use and ensuring that agencies have access to the tools they need to serve the American people.