Anthropic's contractual AI safeguards are no substitute for public law

When Anthropic refused to drop two contract clauses restricting the Defense Department's use of Claude -- one barring mass domestic surveillance, one blocking autonomous lethal weapons -- Defense Secretary Pete Hegseth responded by designating the company a "supply chain risk" and threatening to invoke the Defense Production Act. Most commentary focused on whether Anthropic's positions were substantively correct. Writing in Tech Policy Press, David Gantt, a J.D. candidate at Harvard Law School, asks a harder question: even if they are correct, who should be making those calls?

Gantt's answer is direct. When Anthropic embeds restrictions in a government contract, it makes public policy through private negotiation, bypassing elected representatives who bear no accountability for those decisions. He calls this "governing by contract" and argues it produces "dangerously brittle protections" -- not because the company's intentions are bad, but because a private commitment can be walked back without any of the procedural friction that public law creates.

The brittleness is not hypothetical. Jared Kaplan, Anthropic's chief science officer, admitted that under Responsible Scaling Policy Version 3.0 the company no longer felt it made sense to make "unilateral commitments...if competitors are blazing ahead." That statement is the central piece of evidence Gantt marshals: the same company drawing the red lines had already signaled that competitive pressure could dissolve them.

Gantt's historical frame is the Church Committee's revelations of CIA and FBI surveillance abuses, which eventually produced the Foreign Intelligence Surveillance Act in 1978. Durable civil liberties protection, he argues, required "public exposure, public outrage, and public law" -- not a clause in a federal procurement agreement. He also notes that federal courts would be "deeply reluctant" to enjoin presidential military operations, further weakening contract enforcement as a practical backstop.

The honest caveat is that Gantt agrees with Anthropic's substantive red lines; this is not an argument for removing them but for routing the same protection through legislation. What the piece does not resolve is whether Congress has appetite to codify those limits, or what form such legislation would take. Anthropic's decision to file two federal lawsuits challenging the supply chain risk designation keeps the immediate dispute alive in court -- but litigation over a procurement label is a different question from whether elected representatives should set binding rules on AI in defense and surveillance.