For years we bought AI models like cloud services. You checked quality, price, latency, security, compliance, vendor stability. You picked a provider and built your products, workflows and operations on top. Underneath sat the assumption: a model available today would be available tomorrow.
That assumption died on a Friday afternoon.
On 13 June, a US national-security directive forced a Anthrophic to cut off two of its frontier models for every foreign national on earth — overnight, including its own engineers on visas. Hundreds of millions of users dropped on the strength of a friday afternoon 5:21 PM letter. You can argue about the pretext. The precedent is the part that matters. Access to frontier AI is no longer decided only by the companies building it. Governments now have a hand on the switch.
Most AI governance debate has been about safety: should a model ship, should it be open, should it be regulated. That is no longer the live question. The live question is who controls access. Once intelligence becomes infrastructure, it becomes political — we watched it happen with energy, with semiconductors, with cloud. Now it is happening with intelligence itself.
So a new line appears on the procurement checklist. Next to security, privacy, lock-in and compliance, you now weigh geopolitical risk. Questions that sounded academic a year ago are Monday-morning questions. Can a capability be withdrawn after we have built on it? Restricted by geography, or by nationality? This is not a technical worry. It is business continuity. Most organisations spent years making sure they did not depend on a single cloud. Almost none made sure they did not depend on a single source of intelligence. That gap is now visible.
The operational reality gets awkward fast. Picture an engineering team spread across Europe, the US and India, where access suddenly forks by passport. The restriction does not stop at the model. It can ripple through every tool that serves it — the coding assistant, the agent, the law firm’s research system. Questions that used to sit with HR and legal land on the architecture team’s desk. Two engineers on the same team, different tools, because of where they were born. For global organisations this stopped being hypothetical, and it is unmanagable.
The bigger problem is what comes next. If one government treats model access as a lever, others copy it. China can. Europe can. Blocs form around strategic interest. Instead of one global market competing on capability, you get several, competing on access and jurisdiction. There is a quiet casualty here too. The US had one decisive advantage as a supplier — predictable, rule-of-law, safe to build on. It spent a good part of that in a single Friday letter. None of this means governments should have no power to act. A model showing real cyber or biosecurity danger is a fair reason to intervene. The problem is timing. Blocking a release is one thing. Pulling a capability after thousands of organisations have built on it is something else entirely.
This is where the European question changes shape. For years the debate about providers like Mistral was about quality — can European models match the best American ones. That is no longer the first question. The first question is how much dependency organisations are willing to carry. For a European bank, hospital, railway or ministry, choosing a European provider stops being a technology decision and becomes a resilience decision. The US frontier models keep their lead, and their capability is real. The shift is about ending single-country dependence the way we ended single-cloud dependence.
The organisations that handle this well will build a sovereignty stack on purpose. US frontier models where you need raw capability. European providers for sovereignty-sensitive work. Open-weight models for continuity you control. An orchestration layer that lets you switch when the ground moves. It is the same logic countries use for energy. The goal was never independence. The goal is to avoid dangerous dependence. Optionality becomes a capability you invest in, not an accident.
The last decade taught us that data is strategic. This one is teaching us that access to intelligence is strategic — and that changes how AI should be governed, bought and built. The lesson from that Friday is not to panic, and it is not that governments should stand aside. It is that resilience matters. Every leadership team should be able to answer one question: what happens if our most important AI capability disappears tomorrow? The ones who can answer it are ready for what comes next.
Because once access to intelligence is a geopolitical question, sovereignty stops being a government concern. It becomes a boardroom one.