A U.S. legal technology company has sued the federal government over an order limiting foreign access to Anthropic’s most advanced artificial intelligence models, escalating a policy fight that now reaches beyond AI developers and into the enterprise software customers building products on top of frontier model APIs.

Legion LegalTech Corp filed the complaint on June 23 in the U.S. District Court for the District of Columbia, naming the United States, the Commerce Department, Commerce Secretary Howard Lutnick, the Bureau of Industry and Security, BIS Under Secretary Jeffrey Kessler, the Executive Office of the President and unnamed federal defendants. The case challenges a June 12 directive that, according to the lawsuit and Reuters reporting, required Anthropic to disable access to its Fable 5 and Mythos 5 models for “any foreign national.”

The lawsuit says the directive reached Anthropic by letter from Commerce’s BIS and gave the AI company 90 minutes to comply under threat of prompt criminal and civil penalties. Legion alleges the order exceeded export-control authority, violated statutory limits on restrictions involving informational materials and amounted to arbitrary and capricious agency action. The company is asking the court to declare the directive unlawful, vacate it and enjoin its enforcement against Legion and its personnel.

The filing makes Legion one of the first known downstream customers to challenge the U.S. government’s recent intervention in access to a deployed frontier AI model. Anthropic is not a party to the litigation, but the suit is rooted in the company’s decision to suspend access after receiving the government directive. Reuters reported that Anthropic turned off access for all customers the same day to ensure compliance, rather than attempting immediately to distinguish users by nationality across global deployments.

Legion describes itself as a U.S.-based AI-native litigation technology company that builds drafting and case-management tools for attorneys on top of frontier AI models. The company says it is a commercial customer of Anthropic and had a contractual right and license to access Fable 5, which it said was integral to building and operating its platform. The complaint says Legion’s software development team includes Canadian nationals working remotely from Canada, and that the directive immediately stripped those team members of access to a core development tool.

The dispute is significant for the technology sector because it shifts the practical consequences of AI export controls from hardware suppliers and model labs to business users that have embedded third-party models into their products. Legal technology, coding tools, cybersecurity software, compliance platforms and enterprise workflow systems increasingly depend on hosted AI models that are accessed through commercial APIs, cloud marketplaces or managed platforms. If access to those services can be suspended by government order after deployment, customers face a new class of regulatory continuity risk.

Legion’s filing argues that the order is especially disruptive because frontier AI product cycles move quickly. The company says lost access cannot easily be recovered later because competitive ground in AI-enabled legal software is defined by continuous development, testing and deployment against the most capable available models. The complaint characterizes the harm to Legion as “immediate, irreparable, and existential,” a phrase that underscores how dependent some software companies have become on a narrow group of model providers.

The June 12 directive followed the launch of Anthropic’s Fable 5 and Mythos 5 models, which Reuters reported were among the company’s most advanced systems. Anthropic previously said the government cited national security concerns and that the company understood the concern to involve a potential method of bypassing, or “jailbreaking,” a safeguard that would prevent Fable 5 from being used to identify software vulnerabilities. Anthropic said at the time that it disagreed that a narrow potential jailbreak should justify recalling a commercial model deployed to a large global user base.

The government action also comes as Washington is expanding its focus from the semiconductor supply chain to software-layer AI capabilities. For several years, U.S. export controls on AI were centered largely on advanced chips, semiconductor manufacturing tools and data-center infrastructure used to train and run powerful models. A restriction on foreign access to hosted AI services would move policy closer to the model output layer, where commercial users interact with AI systems without receiving model weights, source code or other technical artifacts traditionally associated with export-control regimes.

That distinction is central to Legion’s legal theory. The complaint alleges that no currently operative provision of the Commerce Control List classifies access to a hosted AI model, or its inferential text output, as a controlled item. It argues that providing access to a hosted AI model that returns text in response to prompts does not release technology, source code, model weights or technical data to the user. The government has not publicly issued a detailed legal rationale for the directive in the materials cited by Legion.

Legion also argues that any reliance on the International Emergency Economic Powers Act would run into limits Congress imposed through the Berman informational-materials exemption. The company says the outputs it receives from Fable 5, including written legal analysis, summaries and drafted text, are informational materials. On that basis, the lawsuit contends the federal government cannot use emergency economic powers to indirectly restrict the flow of those materials to recipients.

The complaint further claims the directive was arbitrary because it imposed a categorical worldwide suspension on foreign nationals regardless of nationality, location, employer or purpose. Legion says the order failed to consider narrower alternatives, such as restrictions targeted at adversary nations or specific end uses. It also says the same or similar code-analysis capabilities remain available through competing products, an allegation that frames the order as both underinclusive and commercially distortive.

For Anthropic customers, the immediate operational question is whether nationality-based access controls can be implemented without broad service interruptions. Reuters reported that Anthropic initially disabled access to the models worldwide to ensure compliance. That kind of response illustrates the complexity of applying export-control-style restrictions to cloud AI tools: vendors may need to verify citizenship or nationality, track location, screen enterprise users, segment access by team member and maintain audit trails across API, cloud and agentic coding products.

The case is also likely to draw attention from companies with cross-border development teams. Many U.S. software businesses employ engineers, product managers, data scientists and contractors outside the United States, including in allied countries. Legion’s complaint emphasizes that its affected developers are Canadian nationals working from Canada, a close U.S. ally and Five Eyes intelligence partner. The lawsuit therefore presents the order not as a narrow China- or adversary-focused measure, but as a sweeping restriction with consequences for allied-market collaboration.

Cybersecurity executives have already pushed back against the curbs. Reuters reported earlier in June that security leaders at major U.S. firms, including Nvidia and Adobe, urged the Trump administration to lift restrictions on Anthropic’s most powerful models, arguing that the bans could hamper efforts to find and fix software flaws while other AI tools make it easier for attackers to exploit vulnerabilities. That criticism reflects a broader debate over whether advanced AI systems create more risk when used by malicious actors or more defensive value when used by trusted researchers.

The Trump administration has framed advanced AI capabilities as a national security priority. A June 2 executive order titled “Promoting Advanced Artificial Intelligence Innovation and Security” said advanced AI can strengthen the nation while introducing national security considerations requiring coordinated action across agencies. The order also said the administration would work with industry to deploy secure technology rapidly and protect American ingenuity and intellectual property from exploitation and theft by adversaries.

Legion’s lawsuit points to that same executive order, arguing that the June 12 directive conflicts with language stating that the order should not be construed to authorize a mandatory governmental licensing, preclearance or permitting requirement for the development, publication, release or distribution of new AI models, including frontier models. Legion says the challenged directive imposed precisely that kind of requirement by forcing access to a published commercial AI service through an emergency government command.

The Commerce Department and White House did not immediately respond to Reuters requests for comment on the lawsuit. Anthropic referred Reuters to a prior statement saying it was grateful to the administration for its ongoing partnership in working to resolve the matter as quickly as possible. Because Anthropic is not a defendant, the litigation will initially focus on the government’s authority and process rather than on the company’s compliance decisions.

The commercial stakes are substantial because model access is becoming a foundational input for software companies. Legal technology firms use AI to draft briefs, summarize discovery, manage case records and support attorney workflows. Other sectors use frontier models for software engineering, customer support, risk management, drug discovery, data analysis and cybersecurity. A court ruling that limits or affirms the government’s power to restrict deployed model access could shape contract language, procurement diligence, business-continuity planning and the design of enterprise AI architectures.

The lawsuit also raises a governance question for AI labs preparing models for broad release. If the government can intervene after launch based on undisclosed or contested safety findings, model providers may face pressure to consult regulators earlier, build more granular access controls before release and create region- or nationality-specific deployment plans. Customers may in turn demand stronger service-level commitments, disclosure of regulatory exposure and fallback access to multiple model providers.

For the investment community, the dispute adds a regulatory discount to the otherwise powerful growth narrative surrounding frontier AI. Investors have valued AI infrastructure, cloud capacity and model developers on expectations that advanced systems will become embedded across enterprise software. But if model access can be interrupted by national-security directives, revenue forecasts for both model providers and dependent application companies become more sensitive to policy decisions. That is particularly relevant for companies using a single frontier-model vendor as a core production dependency.

The litigation is separate from broader tensions between Anthropic and the federal government over military and national-security uses of AI. Reuters has previously reported that Anthropic sued the Trump administration after the government moved to place the company on a supply-chain blacklist over its refusal to allow military use of its AI models for domestic surveillance or fully autonomous weapons. Legion’s suit does not ask the court to resolve that dispute, but it uses the surrounding context to argue that the June 12 directive did not arise in isolation.

The next procedural step will be whether Legion seeks and obtains preliminary relief. A preliminary injunction would require the company to show, among other elements, a likelihood of success on the merits and irreparable harm. If the court grants interim relief, the decision could pressure the government to narrow the directive or provide a more detailed justification. If the court denies relief, enterprise customers may have to operate under the assumption that frontier-model access can remain restricted while the case proceeds.

Regardless of the immediate outcome, the suit underscores that AI regulation is entering a new phase. The central disputes are no longer limited to training data, copyright, privacy or chip exports. They now include whether access to a hosted AI model itself can be treated as a controlled national-security capability, who must bear the cost of compliance and how much process the government must provide before disrupting a commercial AI service used by global businesses.

For Legion, the issue is concrete: the company says the directive sidelined engineers and disrupted a product built around Anthropic’s most capable model. For the broader market, the case is a warning that the legal and operational architecture of enterprise AI may need to account for sudden policy intervention at the model layer. That risk is likely to influence vendor diversification, deployment design and contract negotiations across companies building commercial software on frontier AI systems.