Hegseth Wants to Use a Korean War Law to Make AI Less Safe

GriftMatrix Intelligence Operations

Hegseth threatens a Cold War nuclear option over two safety guardrails

The Defense Production Act was written in 1950 so Harry Truman could make sure America had enough aluminum to build fighter jets during Korea. This week, Pete Hegseth wants to use it to force an AI company to let the Pentagon spy on Americans without guardrails. Le sigh.

Anthropic – the company that makes Claude, currently the only AI model running inside the military’s classified systems – has two rules it won’t bend on. Two. No fully autonomous weapons. No mass surveillance of American citizens. That’s it. The Pentagon can use Claude for everything else. Intelligence analysis, satellite imagery, document processing, battlefield logistics. All of it. Anthropic just drew a line at killer robots and Big Brother.

And Pete Hegseth looked at those two lines and said: Unacceptable.

So now the Defense Secretary is threatening to invoke the Defense Production Act – a Korean War-era law designed to make sure factories could crank out enough tanks and ammunition during wartime – to compel an American tech company to strip its safety features.

Not because Claude doesn’t work. Pentagon officials have admitted Claude is the best model they’ve got. A defense official literally told Axios: “The only reason we’re still talking to these people is we need them and we need them now. The problem for these guys is they are that good.”

They want to punish Anthropic for being too good and too ethical at the same time. That’s the play.

Here’s what the Defense Production Act actually does, since apparently we’re pulling Cold War legislation off the shelf for this: Title I gives the president the power to force companies to prioritize government contracts over other customers. Title III lets the government fund production expansion. Title VII lets them review foreign acquisitions for national security risks.

The law was designed to keep the industrial base humming during emergencies. It’s been used to ration copper during Korea, to force gas companies to keep supplying California during the 2000 energy crisis, to make GM build ventilators during COVID, and to compel telecom companies to report foreign hardware in their networks.

Notice what all those examples have in common? Physical goods. Raw materials. Medical equipment. Energy supply. Things you manufacture or distribute.

The DPA has never been used to force a software company to rewrite its product to remove safety features. That would be a first. And legal scholars are already raising flags about it.

Lawfare published an analysis this week noting the closest parallel is the FBI’s fight with Apple back in 2015 and 2016 – when the feds tried to force Apple to write custom software to unlock the San Bernardino shooter’s iPhone. That battle used a different law, the All Writs Act, and a federal judge in Brooklyn ultimately rejected it, writing that the government was asking for authority “so far-reaching” as to produce “impermissibly absurd results.” The FBI eventually backed down after a third party cracked the phone.

But here’s the critical difference: the DPA is explicitly a compulsion statute. It’s designed to force companies to do things. The legal footing for Hegseth is stronger than the FBI’s was against Apple. Which should terrify everyone.

The Lawfare piece also flagged the “major questions doctrine” – a principle the Supreme Court has been using lately to smack down agencies that claim huge powers from vague laws. The DPA was written to get factories to prioritize orders. Stretching it to mean “you must rewrite your software to remove the parts we don’t like” is exactly the kind of overreach courts have been skeptical of.

The implementing regulation even says companies can reject government orders for items they don’t normally supply or services they don’t normally perform. Anthropic could argue in court that a version of Claude with no safety guardrails isn’t a product they make – it’s a fundamentally different thing the government is demanding they create from scratch.

But let’s be honest about the timeline. Going to court takes months. Hegseth gave Amodei until 5:01 PM on a Friday. That’s not how you negotiate in good faith. That’s how you stage a power play.

And the supply chain risk designation? That’s the other threat on the table. It’s the one the Pentagon already started executing – reaching out to Boeing and Lockheed Martin on Wednesday to ask about their exposure to Anthropic.

A supply chain risk designation is typically reserved for foreign adversaries. Huawei. ZTE. Companies the U.S. government has determined are effectively arms of the Chinese military. Hegseth wants to slap that label on an American company headquartered in San Francisco because its CEO thinks AI shouldn’t autonomously decide who to kill.

The supply chain gambit is arguably even more vicious than the DPA threat. If the Pentagon labels Anthropic a supply chain risk, every defense contractor in America has to certify they don’t use Claude. Anthropic recently said eight of the ten largest U.S. companies use its products. A supply chain risk designation would ripple through the entire enterprise AI market. It would punish not just Anthropic, but every American business that chose the best available AI tool.

Now here’s the part that really reveals what this is about. The Pentagon isn’t just mad about the two guardrails. They’re mad that Anthropic asked questions after the Maduro raid.

According to multiple reports, after the U.S. military used Claude during the operation to capture Venezuelan President Nicolas Maduro in January, an Anthropic employee had a routine conversation with Palantir about how the technology was being used. Palantir flagged it to the Pentagon. A senior defense official described Anthropic’s inquiry as “jeopardizing the operational success of our warfighters.”

Asking a question. About how your own product is being used. That’s what jeopardizes operations now.

Anthropic has denied raising concerns about the Maduro raid specifically. They say their conversations with Palantir were routine technical discussions. It doesn’t matter. The Pentagon smelled hesitation and decided to make an example.

And the timing is telling. Hegseth has been pushing all four major AI companies – Anthropic, OpenAI, Google, and Elon Musk’s xAI – to accept an “all lawful purposes” standard for military use. The other three have already agreed to remove their guardrails for unclassified systems. Musk’s xAI just got cleared for classified networks this week. Only Anthropic is holding the line.

As a Brennan Center attorney wrote on Bluesky: “The law is not keeping up with how quickly the technology is evolving. But that doesn’t mean DoD has a blank check.”

The irony is almost physically painful. The same Republican Party that called Biden’s use of the DPA for reporting requirements “government overreach” is now cheering for the DPA to be used in its most coercive form – not to build ventilators, not to secure minerals, but to force a private company to make its AI less safe.

The same people who spent years screaming about government telling businesses what to do want the government to tell a business what to build. Specifically, they want it to build surveillance tools with no limits.

Here’s what Dario Amodei wrote last month, and it’s worth sitting with: “A powerful AI looking across billions of conversations from millions of people could gauge public sentiment, detect pockets of disloyalty forming, and stamp them out before they grow.”

That’s not some hypothetical from a sci-fi novel. That’s a capability that exists right now. And the only thing standing between that capability and the Pentagon having unfettered access to it is the CEO of one company in San Francisco saying “no.”

The government has a long and creative history of bending private companies to its will. The DPA for raw materials and manufacturing. The All Writs Act for unlocking phones. FISA courts for surveillance. National Security Letters for data without warrants. Executive orders under IEEPA to force TikTok’s divestiture. The CFIUS process to block foreign acquisitions. Section 702 for sweeping up communications. The Patriot Act’s business records provision. Each one expanded the government’s ability to compel private companies to hand over access, build tools, or restructure their businesses in the name of national security.

The pattern is always the same. A real threat gets identified. Legitimate authority gets invoked. The scope creeps. And twenty years later we find out the NSA was recording every American’s phone calls and nobody remembers who signed off on it.

Hegseth’s deadline is Friday. As of this writing, Anthropic hasn’t budged. The Pentagon has already started contacting defense contractors about their Claude exposure. The DPA threat is loaded and the safety is off.

The question isn’t whether the government has the power to do this. It probably does, or at least it has enough ambiguity in the law to try. The question is whether we’ve decided that “national security” means a tech company isn’t allowed to say “we’d rather our product not be used for mass surveillance of American citizens.”

Because if that’s where the line is now, we should probably stop pretending we still have one.

Sources