alt Hacker NewsThe US government is applying severe sanctions against a US company that does not "influence their supply chain". Donald Trump believes the economy is great and at the same time declares economic emergencies to justify doing certain things. It could be true that Anthropic's products are useless for the DoD because of the products' safeguards, but that doesn't mean they're a risk to the US government.
As to this being 100% legal, I'm not so sure (not a lawyer). It might not be a criminal offese, but there's a whole category of abuse of power that this may fall under if Anthropic is put under a certain status without real justification. Many powers given to the executive branch are not absolute and can't be applied arbitrarily, but require justification. Anthropic might be able to sue the government for declaring them a "supply-chain risk" without sufficient justification. E.g. they could claim that not being sufficiently patriotic in the eyes of the administration does not constitute a risk, and that since their not the sole supplier of the tech, they were not trying to strong arm the government to do anything.
I agree with your second paragraph; we will have to see to what degree the "viral" effect of Supply Chain Risk designation goes (perhaps you contract the DoD under an LLC that has a supply chain firewall from your company) and also look forward to seeing how this would be handled in court, but I would not automatically be dismissive of this being totally legal.
> does not "influence their supply chain"
I would be wary of making this conclusion. Obviously it could conceivably influence the supply chain when you build on top of their model. If you look at the type of risks enumerated in DoD guidelines, it is not just "oh this software has vulnerability" which is what started the discussion in this subthread in the first place. There are many kinds of risks DoD needs to address, none are particularly new; including Sustainment Risk. The closest thing I remember to this case was Sun Java "no use in nuclear facility" EULA term, which LLM suggests was ignored by DoE/D because that was interpreted as a "limitation on warranty" not a "restriction of use."