I. Introduction^[1]

Artificial Intelligence (“AI”) systems^[2] have become essential to the accelerated tempo of military operations.^[3] The U.S. Department of Defense (“DoD”)^[4] needs to obtain military AI systems that not only have the requisite current capabilities, but can be modified and upgraded, when needed, to ensure (i) new data used to train the AI model “are not negatively affecting performance”^[5] and (ii) to address new threats with future capabilities.

To modify and upgrade military AI systems, DoD needs its defense contractors to grant it the requisite intellectual property (“IP”) rights to make those changes, which, depending on negotiations, may be with or without the original contractor’s participation.

Counsel for AI companies should pay attention to and draw lessons from DoD acquisitions of AI systems and DoD-published guidance on its strategies for achieving its objectives in those acquisitions—in particular, its strategies for ensuring it obtains the IP rights it needs to use, maintain, repair, and upgrade AI systems throughout their life cycle. To that end, this article will focus on five topics:

1. DoD’s published articulation of its IP strategies (“IPS”) in AI systems acquisitions, and in particular its Intellectual Property Strategies for Artificial Intelligence Programs: A Supplement to the Intellectual Property Guidebook for DoD Acquisition, issued in August 2025 (“Strategies Supplement”)
2. Issues those strategies may raise with companies considering seeking DoD award of prime contracts for AI systems or nontraditional contractors seeking award by the prime contractor of a first-tier AI system subcontract thereunder
3. Emerging tensions between DoD and the community of AI developers over IP rights and determination of the scope of use of AI systems in the last quarter of 2025
4. Disagreements that surfaced between DoD and one of its key military system contractors, Anthropic, over agreed-upon terms of an AI acquisition contract, and DoD’s handling of those disagreements in January/February 2026 through threats and punitive measures that a U.S. District Court, in late March 2026, declared unlawful and enjoined with a preliminary injunction
5. Lessons that military AI contractors may draw, at this stage, from the DoD/Anthropic controversy, especially regarding how DoD turned its published coherent strategy for acquiring IP rights in military AI systems into a conflicted strategy pursued by threats and punitive measures.

The first section of this article gives context to DoD–AI company tensions by detailing the problems that impeded an earlier DoD acquisition of a military AI system—Project Maven. The second section focuses on the Strategies Supplement, see infra, and what it reveals about issues that may need to be the subject of discussions between counsel and a nontraditional defense contractor client (“Nontraditional Defense Contractor”) when the client is considering seeking DoD award of a prime contract or first-tier subcontract for design and development of an AI system. The third section considers the DoD/Anthropic controversy, which seems to be a return to the tensions that arose between DoD and an AI developer in Project Maven and which adds to the issues counsel may need to discuss with its Nontraditional Defense Contractor client. The fourth section reviews the reasoning of the District Court’s Order Granting [Anthropic’s] Motion for Preliminary Injunction that determined DoD’s punitive measures against Anthropic to be unlawful and issued a preliminary injunction to enjoin them. The fifth section considers the lessons that counsel and its Nontraditional Defense Contractor clients might draw from this stage of the DoD/Anthropic controversy, including advice counsel to military AI contractors gave their clients in the weeks preceding the District Court’s decision and that the Court cited in support of its decision.

II. Context: Project Maven

Several successive administrations have sought to coax developers of emerging technologies (such as AI, robotics, and quantum computing) (“ETs”) to bid on DoD contracts for acquisition of ETs. DoD established the Defense Innovation Unit—Experimental to invest in Silicon Valley companies and encourage them to bid for prime contracts and subcontracts from DoD for ETs and particularly AI systems.

Unfortunately, the results were mixed, and even when a major Silicon Valley company bid on and obtained award of a DoD acquisition contract for an AI system, tensions sometimes arose between the company’s personnel and its management over performance of the DoD contract. Example: Project Maven.

Project Maven involved award of a contract to Google to use machine learning (“ML”)^[6] to identify and classify objects from moving or still imagery captured by aerial, often drone, reconnaissance (“Recon”) platforms. According to PBS reportage:

Google’s role in this project has been to create artificial intelligence to do image classification on the footage collected by drones and so they were trying to help the Department of Defense mark objects in this footage to say this car is a car, this building is a building, this is a person.^[7]

Among the potential uses of object recognition in Recon is assisting human operators to identify, verify, and select targets for drone strikes.

In 2019, Google employees expressed objections to Google’s work on Project Maven in a letter to Google’s Chief Executive Officer (“CEO”), signed by over 3,000 Google employees and published in the New York Times.^[8] The letter highlights the internal challenges that a developer of AI systems might face, especially if its workforce joined the company to be part of developing AI and not to participate in defense procurement projects—notwithstanding the clear need for such projects in order to protect U.S. national security.

The Google employees’ letter stated, in relevant part:

We believe that Google should not be in the business of war. Therefore we ask that Project Maven be cancelled, and that Google draft, publicize and enforce a clear policy stating that neither Google nor its contractors will ever build warfare technology.

Google is implementing Project Maven, a customized AI surveillance engine that uses “Wide Area Motion Imagery” data captured by US Government drones to detect vehicles and other objects, track their motions, and provide results to the Department of Defense.

Recently, Googlers voiced concerns about Maven internally. Diane Greene responded, assuring them that the technology will not “operate or fly drones” and “will not be used to launch weapons.” While this eliminates a narrow set of direct applications, the technology is being built for the military, and once it’s delivered it could easily be used to assist in these tasks.

This plan will irreparably damage Google’s brand and its ability to compete for talent. . . . Google’s unique history, its motto Don’t Be Evil, and its direct reach into the lives of billions of users set it apart.

We cannot outsource the moral responsibility of our technologies to third parties. . . . This contract puts Google’s reputation at risk and stands in direct opposition to our core values. Building this technology to assist the US Government in military surveillance—and potentially lethal outcomes—is not acceptable.

Recognizing Google’s moral and ethical responsibility, and the threat to Google’s reputation, we request that you:

1. 1. Cancel this project immediately
   2. Draft, publicize, and enforce a clear policy stating that neither Google nor its contractors will ever build warfare technology^[9]

Google management declined to cancel the project; and under the procurement contract (which is not publicly available), Google probably did not have the right to cancel—let alone cancel because its employees protested doing the work to fulfill Google’s contractual obligations.

Two other considerations may have factored into Google’s decision to continue work: one concerned a government contractor’s obligations to continue work pending a final resolution of the dispute, and one concerned the impact that a Google breach would have on Google’s “past performance” record and its adverse effect on Google’s future opportunities to win award of a U.S. government (“USG”) contract.

Consideration 1: Contractor Obligations to Continue Work

If Google had found a basis to claim a breach of the procurement contract by DoD and wanted to use the claim as a basis for stopping work, it would have found significant impediments to that strategy. If the contract was subject to the Federal Acquisition Regulation (“FAR”) and the Defense Federal Acquisition Regulation Supplement (“DFARS”), the FAR and DFARS mandate inclusion of disputes clauses that give the USG or DoD cognizant contracting officer (“CO”) the authority to require the contractor to diligently continue performing the contract. That authority is provided by federal statute. The federal statute, 41 U.S.C. § 7103(g), addresses the issue in its provision concerning the finality of review of a contractor’s claim by the cognizant contracting office:

(g) Finality of Decision Unless Appealed.—The contracting officer’s decision on a claim is final and conclusive and is not subject to review by any forum, tribunal, or Federal Government agency, unless an appeal or action is timely commenced as authorized by this chapter. This chapter does not prohibit an executive agency from including a clause in a Federal Government contract requiring that, pending the final decision of an appeal, action, or final settlement, a contractor shall proceed diligently with performance of the contract in accordance with the contracting officer’s decision.^[10]

In contracts subject to the DFARS, it is mandatory that the disputes clause at FAR 52.233-1 be included in those contracts.^[11] The disputes clause states, in relevant part: “(i) The Contractor shall proceed diligently with performance of this contract, pending final resolution of any request for relief, claim, appeal, or action arising under the contract, and comply with any decision of the Contracting Officer.”^[12] If the DoD/Google contract for Project Maven was subject to the DFARS, Google would not have had the right to stop work pending resolution of a claim. Halting work, or failing to perform work diligently, would probably have put Google in material breach of the contract.

This consideration is unique to contracting with the federal government. Commercial contracts seldom require a vendor to continue work pending final disposition of a claim against its customer. It’s an issue of probable interest to nontraditional contractors considering bidding on, and accepting award of, a prime contract or first-tier subcontract^[13] for a DoD AI system acquisition.^[14]

Consideration 2: Impact of a Work Stoppage on a Contractor’s “Past Performance” Record

Among the important criteria applied to DoD’s selection of a contractor for award of a prime contract for acquisition of defense articles is the contractor’s record, if any, of past performance. As explained by the General Services Administration on its website, “[i]nformation regarding a contractor’s actions under previous contracts and orders, also known as past performance, is an indicator of future performance and is one of the most relevant factors that a selection official should consider in awarding a contract.”^[15]

Past performance data is collected by the CO and the CO’s representative or technical representative (“COTR”), who use the data to prepare the contractor performance assessment report (“CPAR”) and enter that report into the contractor performance assessment reporting system (“CPARS”) at least annually.^[16] The contents of a CPAR are granular, empirical, comprehensive, and highly sensitive and, as such, are not releasable under a Freedom of Information Act request:

The CPAR captures current, complete, and accurate Information on contractor performance that is then made available for use in source selections. This information supports best value source selection decisions to reward proven performers and to motivate contractors to perform. Additionally, the CPAR provides up-to-date documentation of a contractor’s ability to provide quality, on-time products and services that conform to contractual requirements and supports responsibility determinations of prospective contractors. When preparing the CPAR, it’s important to remember the information is pre-decisional in nature; treat contractor performance information as privileged source selection information including any working papers and electronic files. This information is not releasable under the Freedom of Information Act (FOIA).^[17]

This consideration also is unique to contracting with the federal government. It serves as both an incentive to perform DoD contracts well and as a disincentive to perform them poorly. Google would likely have known that its performance of the Project Maven prime contract was being entered at least annually into the CPARS and that its past performance record would have been adversely affected if it had stopped work or purported to cancel the contract.

Google eventually declined to seek award of follow-on contracts for Project Maven.^[18] But Google did not withdraw from supporting U.S. national security and made clear it would continue to seek award of and perform DoD contracts. As its CEO Sundar Pichai wrote, “While we are not developing AI for use in weapons, we will continue our work with governments and the military in many other areas.”^[19]

In the three years following Google’s withdrawal from (not seeking follow-on contracts for) Project Maven, Google obtained awards of contracts with defense and intelligence agencies. The contracts included work on

detecting corrosion on Navy vessels by applying machine learning to drone imagery and . . . supporting aircraft maintenance for the Air Force. . . . [And supplying] cloud security technology to the Pentagon’s Defense Innovation Unit, set up to help the agency work more closely with tech companies. . . . [And a portion] of a large CIA cloud contract.^[20]

There would appear to be lessons worth learning from the Project Maven controversy: an AI developer does not have to have an “all-in” relationship with DoD to be of considerable support to DoD. When DoD has at times determined to terminate a traditional big defense contractor for default on a major procurement contract (e.g., termination for default of General Dynamics Corp. and McDonnell Douglas Corp. as prime contractors on the A-12 project for the first carrier-based stealth aircraft back in 1991),^[21] DoD usually continues to consider favorably bids for procurement contracts by those companies. Similarly, as Google demonstrates, when there is a parting of the ways between an AI developer and DoD, that does not require that the parties cease finding ways and projects on which they can work together in support of U.S. national security.

A more immediate lesson following Google’s decision prompted considerable discussion among Silicon Valley developers of AI. As noted in December 2019 by Peter Thiel, cofounder of PayPal and Palantir, there was a “silver lining” to Google’s decision and the subsequent discussions about it in Silicon Valley:

I think sort of the silver lining of the Maven controversy is that it tells us that AI is a military technology, or at least it’s a dual-use technology. . . . And it’s not something that Silicon Valley had acknowledged for a long time.

. . .

Even though I disagree with Google on Project Maven, I think it has forced a debate, and that sort of debate about AI is going to happen in many other areas of technology. . . . They are dual-use [technologies] and we better make sure we get the cutting-edge ones on our side.

. . .

[Silicon Valley] is very disconnected from the history of the 1950s and 1960s where it was heavily created by military R&D. And people are just not aware of that history in any way.

. . .

[Regarding the ethics debate of developing AI for miliary purposes], when it’s a choice between the U.S. and China, it is always the ethical decision to work with the U.S. government. . . . It’s really odd that we’re even having any sort of debate where that’s even framed as a question.^[22]

Contemporaneous with Thiel’s expression of his views (and in the same forum), the then head of the Pentagon’s Defense Innovation Unit (“DIU”) also saw a “silver lining” in the Google decision, namely, that it did not reflect the views or positions of many AI developers in Silicon Valley:

[W]e’re seeing no shortage of companies that want to work with us. The last solicitation we did for an AI project had 60 companies applying. . . . [W]hile very regrettable, the Project Maven-Google story . . . is significant for what that represents and how we need to change that, I don’t think that’s representative of how Silicon Valley or the other innovation hubs feel about defense.^[23]

As Thiel noted a disconnect between Silicon Valley company personnel and the DoD-funded research and development (“R&D”) projects that provided those companies with considerable work and opportunities in Silicon Valley’s formative years, it is important not to lose sight of or allow a disconnect between the Project Maven experience by DoD and a major developer of AI, Google, and the efforts of DoD and major developers of AI systems to work together with a now later generation of employees and new generation of developers, such as OpenAI and Anthropic.

The DoD/Google experience with Project Maven should also not overshadow a major tension that tends to arise whenever DoD seeks contractors (traditional or nontraditional) to perform design and develop work for AI systems: the allocation of IP rights that arise from performance of the work. Within the past year, DoD has formally expressed its views on that subject in the 2025 publication of Intellectual Property Guidebook for DoD Acquisition (“Guidebook”)^[24] and addressed the IP issues in acquisition of AI systems in its August 2025 publication of Intellectual Property Strategies for Artificial Intelligence Programs: A Supplement to the Intellectual Property Guidebook for DoD Acquisition (“Strategies Supplement”).^[25]

III. Strategies Supplement

The Strategies Supplement asserts early on that AI procurement programs have “unique” objectives—and, accordingly, titles section 2.1.2 “Unique AI Program Objectives.” It’s an interesting nontrivial assertion, especially for a federal agency that has such diverse acquisitions. Section 2.1.2 does not explain the assertion, but, as discussed below, Nontraditional Defense Contractors should take it seriously.

Accepting that AI system procurements have “unique” objectives should alert such clients that DoD’s program objectives will be unlike those of other programs; may involve accordingly “unique” strategies; and probably derive from DoD’s recognition that there are features in AI systems that are so unlike other systems DoD procures that DoD needs to make sure it gets what it needs throughout the life cycle of an AI system in performance, maintenance, repairs, and upgrades (“PMR&U”). DoD’s PMR&U objectives, moreover, require DoD to obtain, via license granted by the AI developer, the IP rights needed to use, maintain, repair, and upgrade an AI system designed and developed for DoD. DoD usually seeks those IP rights by focusing on rights to data needed to operate, maintain, install, and train (“OMIT”) users to operate equipment and systems that DoD procures. These rights are usually referred to as “OMIT data rights.”

OMIT data rights do not usually extend to rights to upgrade (correct, retrofit, or otherwise improve equipment or systems). DoD used to procure such work from the original equipment manufacturer (“OEM”), but that tended to give OEMs a lock on that work and created what DoD found to be unfavorable “vendor lock” in situations in which DoD wanted to seek competitive bids for follow-on work in maintenance, repair, and upgrades of equipment or systems.

Historical Context

The Strategies Supplement speaks in the present tense and regrettably omits historical context that would explain why DoD would be so concerned about OMIT or PMR&U (which, to be fair, can be easily inferred from the military end-users’ need to achieve mission objectives), and why DoD would be so concerned about the IP rights it needs to control and utilize the PMR&U features of an AI system (which may be obscure and hard for a Nontraditional Defense Contractor to know, or to infer or guess accurately). Here, a bit of historical context is needed because DoD acquisition professionals know it, but the Nontraditional Defense Contractor needs to be read into it—if necessary, with the help of its counsel.

Our sources for this historical background are reports prepared by the U.S. Government Accountability Office (“GAO”) in the early 2000s reflecting on DoD’s experiences in fielding and maintaining complex weapon systems downrange, far from the United States. A July 2006 GAO report summarized the challenges DoD encountered without sufficient rights to technical data needed to operate and sustain those systems and to have them available and capable of achieving military mission objectives.

A critical element in the life cycle of a weapon system is the availability of the item’s technical data—recorded information used to define a design and to produce, support, maintain, or operate the item. Because a weapon system may remain in the defense inventory for decades following initial acquisition, technical data decisions made during acquisition can have far-reaching implications over its life cycle. . . .

The Army and the Air Force have encountered limitations in their sustainment plans for some fielded weapon systems because they lacked needed technical data rights. The lack of technical data rights has limited the services’ flexibility to make changes to sustainment plans that are aimed at achieving cost savings and meeting legislative requirements regarding depot maintenance capabilities. GAO identified . . . weapon system programs that encountered such limitations—C-17, F-22, and C-130J aircraft, Up-armored High-Mobility Multipurpose Wheeled Vehicle, . . . [and] Airborne Warning and Control System aircraft. . . . Although the circumstances surrounding each case were unique, earlier decisions made on technical data rights during system acquisition were cited as a primary reason for the limitations subsequently encountered. As a result of the limitations encountered, the services had to alter their plans for developing maintenance capability at public depots, developing new sources of supply to increase production, or soliciting competitive offers for the acquisition of spare parts and components to reduce sustainment costs. For example, the Air Force identified a need to develop a core maintenance capability for the C-17 at government depots to ensure it had the ability to support national defense emergencies, but it lacked the requisite technical data rights. . . . [A]ccording to Air Force officials, some sub-vendors have declined to provide the needed technical data needed to develop core capability.^[26]

GAO’s report took DoD to task for failing to obtain, in initial contract negotiations, the tech data rights it needed for life-cycle PMR&U:

Current DOD acquisition policies do not specifically address long-term technical data rights for weapon system sustainment. For example, DOD’s policies do not require program managers to assess long-term needs for technical data rights to support weapon systems and, correspondingly, to develop acquisition strategies that address those needs. DOD, as part of the department’s acquisition reforms and performance-based strategies, has deemphasized the acquisition of technical data rights. Although GAO has recommended that DOD emphasize the need for technical data rights, DOD has not implemented these recommendations. . . . Unless DOD assesses and secures its rights for the use of technical data early in the weapon system acquisition process when it has the greatest leverage to negotiate, DOD may face later challenges in sustaining weapon systems over their life cycle.^[27]

Since publication of that report in 2006, DoD has made extensive efforts to develop long-term strategies for acquisition of IP rights needed throughout the life cycle of procured equipment and systems. Knowledge of the problem discussed by GAO in the quoted report (and others it issued back then) and knowledge of the efforts to change its IP rights acquisition strategies are assumed by the text of the August 2025 Strategies Supplement. It’s important, for example, to know that the April 2025 Guidance replaced guidance issued back in October 2001 (that took an approach to only acquire IP rights absolutely needed). DoD’s strategies change slowly and reflect long swings in the pendulum between seeking less and seeking more IP rights from the developers of complex systems. With that background, we can make an informative reading and analysis of the Strategies Supplement.

Unique Objectives

The Strategies Supplement sets out the AI procurement objectives without making clear which of the objectives are the “unique” ones. However, the Strategies Supplement, when read and reread as carefully as it deserves, allows counsel and clients to infer (with text support) what makes certain PMR&U and OMIT objectives part of DoD’s ongoing change in IP rights acquisition strategies and what seems to be unique about those needs in the procurement of AI systems.

Not surprisingly, what makes AI systems different from earlier software-intensive and data-centric systems turns out also to be what makes certain IP rights acquisition strategies for AI systems “unique.” Perhaps the most important and salient differences are the following:

• AI systems rely upon, and have at their center, an AI “model.”
• The “model” performs as a prediction machine.
• The “model” is developed or “trained” by exposing it to massive amounts of data.
• Training data quality is paramount.
• An AI “model” can degrade in performance over time, or fail to be accurate enough to perform upscaled or changed missions involving new sets, or pools, of intel-collected data, and may need to be “retrained.”
• Retraining a “model” can also enable it to be adapted for new missions or objectives, which can include using it for purposes that it may previously have been “trained” not to perform.

As a result, although AI systems include algorithms and software, those are not what make an AI system “unique.” DoD needs strategies to acquire IP rights to algorithms and software in non-AI and AI system procurements. But for the acquisition of AI systems, DoD has “unique” needs for strategies to acquire IP rights to “models” and training data—and something unobvious but apparently salient to DoD’s missions, IP rights to retrain “models.”

The Strategies Supplement, in section 2.1.2 (“Unique AI Program Objectives”), provides a bullet-point list of what short-term and long-term program objectives may include. In quoting that list below, the objectives in italics are those that appear to an outside observer to be the “unique” or most unique—and thus AI-driven—objectives. (Notice also how several of them invoke DoD’s historical experience with challenges in obtaining the necessary PMR&U and OMIT data rights.)

• Sustainment without contractor dependence or vendor lock.
• Retraining or tuning models using new or domain-specific data.
• System modification by the Government or non-Government partners.
• Integration of AI components into broader mission systems.
• Transfer of systems or capabilities to other Government platforms, non-Government partners, or coalition partners.
• Use of system telemetry data or sharing of such data with other Government platforms, non-Government partners, or coalition partners.
• Use of commercially available technology to promote acquisition efficiency.
• Promotion of innovation or fostering an environment that encourages innovation while safeguarding IP for privately developed technology.
• Protection of national security interests or ensuring that the IPS [(“IP strategy”)] aligns with national security priorities.
• Compliance with cybersecurity or RAI [(“responsible artificial intelligence”)] requirements.
• Cost-effectiveness or balancing rights to IP with cost considerations to optimize value or return on investment for the DoD.
• Scalability from accomplishing initially discrete mission objectives to broader mission objectives over program life cycle.^[28]

There thus seem to be four “unique” objectives: “retraining” of models; integrating AI components into other systems; transferring AI capabilities to other platforms; and scaling from initial mission objectives to other, broader mission objectives.

Retraining Models

Of the four “unique” objectives, there is one that is mentioned repeatedly in the Strategies Supplement—and its repetition is so frequent that it seems to be a particular priority for DoD’s strategic planning: “retraining or tuning” of models. To accomplish the other three “unique” objectives, “retraining” of AI models may be a prerequisite as integrating, transferring, or scaling an AI system will at some point probably require “retraining” of the AI system’s model.

Significantly, the Strategies Supplement refers to retraining models nine times over its fifteen pages: the term retraining models appears in five passages,^[29] and the abridged term retraining appears in four passages^[30] (each an implicit reference to the only feature of an AI system that’s retrained—its model).

The terms retraining models and retraining are doing several kinds of work in the Strategies Supplement. Each instance shows that DoD anticipates that AI systems are “unique” and certainly unlike its usual equipment or system acquisitions. DoD typically purchases equipment or systems that are complete upon delivery; they usually do not undergo fundamental changes in their capabilities: an aircraft, an aircraft carrier, and a drone are each relatively stable in design and features over their life cycle (yes, submarines undergo so-called midlife overhauls, but those aim at extending and ensuring the safe performance of the vessel when submerged, and may alter the generation of onboard weapons, but seldom reconfigure the boat to launch a different kind of weapon system than it was designed to operate).^[31]

By contrast, the Strategies Supplement, via its iterative references to retraining models, appears to be anticipating and reminding its immediate audience of DoD COs and COTRs to anticipate that AI systems will not be static or stable—and to understand why.

AI systems, though they include algorithms and software, are not intended to be as static as software is (when it’s stable, which it should be unless it’s poorly designed). When a customer buys a license to use a word processor software package, the customer wants it to be the same each time the customer sits down to use it: features like formatting, spell checking, font control, entry of letters, and punctuation must perform uniformly and consistently so that the user can concentrate on composing or writing and not on verifying and reverifying the text as it appears on the screen (editing and proofreading should be to correct user typing errors, not word processor typing errors).

AI systems, by contrast, do not give the same output to the same prompt (if they are large language model–based generative AI (“GenAI”) apps). Conventional AI systems (as distinguished from GenAI) may change in performance as datasets are fed into them. To put it differently, an AI model may be trained to a certain point, but it may be capable of modifying its performance based on the data the user enters and the uses to which it is put. AI models can degrade in predictive accuracy. AI models can develop “emergent behavior,” namely, perform in ways that they were not designed to perform, which may result in capabilities desired or not desired by its users.

But those are reasons why AI systems, by design, will not be static after delivery to DoD. There are also reasons why AI systems will not be static that derive from the work users will do with them. DoD’s missions change continuously, as do the threats to U.S. national security. AI systems appear to be highly adaptable, but adaptation may often require “retraining models” to fit the mission.

The emphasis on the need for “retraining models” is unlike any of the issues that typically arise in DoD investments in software design and development contracts or in acquisition of software-intensive systems.

Rather than attempt a summary or highlights of the Strategies Supplement, the discussion will now focus on what issues appear to be important in the appearance of the words retraining models or retraining in certain parts of the document. Tracing these issues, by looking at some of the nine uses of those terms, should give Nontraditional Defense Contractors and their counsel insights on what appears to be one of the most salient themes in the Strategies Supplement—and one that they should be prepared to address and negotiate with DoD to ensure the successful completion of a prospective acquisition of AI systems.

First Appearance

On page 4, in the discussion of unique AI program objectives, the Strategies Supplement provides an example of how clarifying the program’s short- and long-term objectives can help frame IP requirements, data deliverables, and associated license rights:

For example, if the program will retrain models or transfer them across platforms, the IPS should address how rights to training data, model weights, and supporting documentation will be secured. Also, AI programs may be contracted on a service-based model and not a typical product delivery model, which may add complexity. . . .^[32]

The agent-less statement, “if the program will retrain models,” creates an unhelpful ambiguity: it leaves unclear who will retrain the model—the AI developer or DoD or a combined effort by AI developer and DoD or a third-party contractor and potential competitor of the AI developer. That should be recognized as the threshold issue: if DoD wants to retrain the model, it will need a license that the AI developer may not be willing to grant, or may charge a significant premium to grant; and the license may come with potentially controversial restrictions and limitations that will also raise issues of the AI developer’s right (and capability) to enforce those restrictions and limitations without creating a project-impeding disagreement, or project-disrupting dispute.

The issue of who will retrain the model, and even whether its retraining will be contemplated by the contract (as a requirement, as an option, or as a prohibition) goes to the core of what the AI developer and DoD need to reach a clear understanding on before attempting to pursue their respective strategies for negotiating allocation of IP rights under the prospective AI development contract. The salient issue is this: Who will control the retraining and retraining objective(s) for the model?

Silicon Valley companies depend on protecting their IP rights and most of all protecting the IP of, access to, and control of their “crown jewel” technologies. The most secure control is to maintain the “crown jewel” as a “black box”—not only as a trade secret, but also granting no customer access to it. AI developers in particular tend to keep their AI model as a “black box.” As one commentator explained:

Any of the three components of a machine-learning system can be hidden, or in a black box. As is often the case, the algorithm is publicly known, which makes putting it in a black box less effective. So to protect their intellectual property, AI developers often put the model in a black box. Another approach software developers take is to obscure the data used to train the model—in other words, put the training data in a black box.^[33]

The Strategies Supplement omits or jumps over this threshold issue. As a result, the AI developer and DoD may overlook the issue, or decide to “kick the can down the road” and address it when and if it arises. That, however, risks a disruptive disagreement if DoD insists on using the AI system and model for purposes the AI developer assumed it would not be used for, or that the procurement agreement, in a specially negotiated license, expressly prohibited.

A second challenge arises from the retraining issue: Who will control what data the AI system model receives (and, relatedly, will the model be designed to “learn” or be self-modified by the data)? The obvious answer would seem to be the customer, but that raises the risk for the AI developer that DoD will provide the AI system model data that will change its performance parameters or cause it to develop “emergent behavior” not anticipated or desired by the AI developer.

The Strategies Supplement expresses a guidance that should help DoD anticipate and preferably avert the risk of misunderstanding and disagreement. It notes that DoD’s documentation of its IPS should

explain not only what the Government wants, but why. Clear justifications—tied to operational goals, risks and sustainment plans—improve credibility with vendors and reviewers. . . .

It must provide enough detail to guide acquisition personnel in implementing the strategy—such as describing required data categories, intended use cases, and desired license outcomes—while avoiding overly prescriptive requirements that limit tailoring at the contract level.^[34]

Coming several pages after the first reference to “retraining models,” the DoD reader and AI developer reader might not link the “intended use cases” back to the omitted issue of who will control the model’s use, its retraining, and the extent to which the data it works with will be allowed to modify or cause the model to evolve in its performance—and possibly might not be prepared for use cases that DoD did not disclose to, or discuss with, the AI developer.

The seriousness of the control issue surfaces in the sentence that immediately follows the first mention by the Strategies Supplement of “retrain the models.” It states, “Also, AI programs may be contracted on a service-based model and not a typical product delivery model, which may add complexity and require additional understanding of short- and long-term Government needs.”^[35]

This quotation may be interpreted to address procuring AI system models on an as-a-service basis, which may mean the federal government will have no ability to do anything to the AI developer’s model directly; or, if it wants that ability, it will need provisions giving it a right to access the model, either by remote connection or by entry to the premises where the AI developer has the model situated (which may be at a premises controlled by the AI developer or at one controlled by a third party with whom it has the requisite contractual relationship).

If DoD and the AI developer plan to enter into a contract for a service-based provision of the operation of the AI system, and if that contract will contemplate DoD access to the model directly, that makes it all the more important to know who will control its operation, the data it receives once in operation, and whether the AI developer will agree to “retraining the model” by DoD or by the developer itself, as well as whether a change in the aims or the mission uses of the AI system will be subject to review and approval by the AI developer. Otherwise, an AI system designed exclusively to assist in aerial reconnaissance, for example, could be adapted and “retrained” for use on an autonomous unmanned aerial vehicle (“UAV”), providing it not only recon data but also targeting identification, verification, and justification for launching an onboard missile or other munition. In short, DoD’s interest in “retraining” a model appears to open an ambiguous door to shift the mission and, to perform that mission, the training of the model—and such changes might depart from or contravene understandings reached with the AI developer and memorialized in the contract stating, for example, a prohibition against using the AI model to conduct autonomous targeting and launching of weapons against humans.

DoD, of course, could take the position that it needs that flexibility and that it cannot disclose such plans as they would involve access to classified information, and few Nontraditional Defense Contractors have the requisite security clearance to access such information. What DoD can disclose and discuss with the developer will almost certainly turn on whether the AI developer has obtained a security clearance, not only to have access to classified information, but to have a sufficiently high level of clearance to have access to the information needed for a frank and long-range discussion at the outset of what DoD wants to be the AI system model’s use cases. It takes so many months (and sometimes more than a year) to obtain a clearance and often support from a traditional defense contractor. Such processes and time frames would preclude most Nontraditional Defense Contractors from participating in a bidding process that might be much shorter.

The DoD/Google controversy over Project Maven makes these issues important and should make them a priority for threshold discussions between DoD and a prospective AI developer. Without agreement on the “use cases” and who will have “control” over the model and “access to it,” the negotiation of licensing and of allocation of IP rights to the AI system and its model will lack the fundamental understandings between the parties—especially in the context of what is increasingly the contractual vehicle: Other Transaction Authority (“OTA”) procurement agreements that are not governed by the FAR or DFARS and thus are not required to contain any clauses mandated by the FAR and DFARS.

Second Appearance

The second appearance in the Strategies Supplement of the term retrain models occurs on the same page as the first, but in a subsequent section—section 2.1.3, “AI-Specific Data Types and Categories.” This time, we will quote the sentence that uses the term and the following sentence to see where it leads. Note that this time, instead of leading into a brief mention of AI-as-a-service procurement, the text leads into a discussion of data quality and utility needed for the AI system model:

For example, if the program will retrain models or transfer them across platforms, the IPS should address how rights to training data, model weights, and supporting documentation will be secured. The quality and utility of any AI solution relies heavily on the quality of the data type being used for model training, evaluation, input, and output. Understanding the types of data associated with the AI at different points in its development and use will directly influence which AI solution and the license rights that should be secured.^[36]

The quoted discussion of data, like the one that preceded it on contract type (AI-as-a-service), again omits the key issue: Who will control the model? AI developers know that to train a model well requires copious quantities of data and that the higher the data quality, the better the model’s performance. But AI developers may find unsettling the subtle nuance expressed with the words types of data associated with the AI at different points in its development and use. Those words do not make clear whether different points in its development refers to pre-delivery of an AI system or pre-start of the delivery of AI-as-a-service. If different points in its development includes the post-delivery or post-start of the use of the AI system, we are back to the issues of the rights to “retrain the model” discussed above.

The fact that the sentence ends with will directly influence which AI solution . . . should be secured suggests that DoD will use as a contractor-selection criteria whether a prospective AI developer is willing to give DoD a free hand in deciding when, why, how, and by whom the AI system model will be “retrained.” Many AI developers may find that a bridge too far and be unwilling to cross it or even step onto it and will respond to a solicitation with “no bid.” If the AI developer does not grasp the issues that may not surface in the negotiations but will eventually focus on the rights to retrain the model, they may balk if during contract performance the DoD directs them to retrain the model (or claims it has the right to retrain it); in that event, the AI developer may seek to enforce a restriction in the license that they understood to prohibit such retraining and its mission objectives (the kind of mission and use on that mission), and, one way or another, signal that, like Google before them, they will not agree to perform any follow-on work or seek a follow-on contract.

Third Appearance

The third appearance in the Strategies Supplement of the term retrain models finally begins to make more explicit DoD’s reiteration of and focus on rights to retrain the model. It occurs in the same “AI-Specific Data Types and Categories” section and appears in a list of bullet points about data types, one of which reads in full:

• Model Data: Includes weights, biases, available features, selected features performance optimization, and parameters of trained models. These determine the:
  • Ability to maintain and retrain models.
  • Ability to modify the model’s behavior.^[37]

The two sub–bullet points are revealing. They make clear that a retraining of the model is not foreseen as primarily needed to correct degradation(s) in the model’s performance, nor to upgrade the model’s performance of its initially defined mission(s). Instead, they aim to “modify the model’s behavior,” which may suggest to an AI developer DoD’s need to have that control over the model, which then may well remove the use of the model from restrictions the AI developer may have negotiated to have expressed in the procurement agreement.

Rather than attempting a review of other key passages in the Strategies Supplement, it will be more useful for Nontraditional Defense Contractors and their counsel to see how the control over the model (its missions, use to achieve the missions, and any retraining to enable it to achieve the desired performance) may surface when these issues become points of contention between DoD and an advanced AI developer. The following section discusses what has been reported to date about the disagreement that has emerged in 2026 between DoD and AI developer Anthropic, which echoes back to the DoD/Google controversy over Project Maven.

IV. DoD/Anthropic Controversy^[38]

Award of DoD AI Acquisition Contract to Anthropic (July 2025)

Anthropic, Public Benefit Corporation (“PBC”) is a relative “start-up” and AI developer “focused on AI research safety, and policy work.”^[39] Anthropic is now valued at $380 billion.^[40] Anthropic started deploying large language models (“LLMs”) in 2023.^[41] Anthropic’s signature model is an LLM named “Claude.”^[42] Claude has been used by U.S. intelligence and defense agencies since November 2024 “through a partnership with Palantir Technologies.”^[43] DoD’s Defense Counterintelligence and Security Agency “granted Anthropic a Top Secret facility security clearance” to support classified projects.^[44]

According to Anthropic, it has “never offered any customer a [AI] model without a Usage Policy,” including the DoD.^[45] Moreover, when DoD started using Claude in March 2025, DoD did so “subject to a Usage Policy and government-specific addendum that restricted deployment to ensure safe, reliable use.”^[46]

On July 14, 2025, DoD awarded four AI developers—Anthropic, OpenAI, xAI, and Google—$200 million contracts, each to develop AI capabilities to advance U.S. national security.^[47]

According to an announcement by Anthropic posted on its website, the contract was a “two-year prototype other transaction agreement^[48] with a $200 million ceiling.^[49] As part of the agreement, Anthropic will prototype frontier AI capabilities that advance U.S. national security.”^[50] More specifically, DoD’s Chief Digital and Artificial Intelligence Office award of contract to Anthropic was “to integrate and optimize AI capabilities across” the DoD.^[51]

Anthropic’s contract differed significantly from the contracts awarded to the other three AI developers: “Anthropic is currently the only AI company to have its model deployed on the Pentagon’s classified networks, through a partnership with data analytics giant Palantir.”^[52]

The contract was reportedly to “integrate Anthropic’s Claude models into defense operations as part of the government’s deployment of AI.”^[53] Significantly, Anthropic’s July 14, 2025, press release suggests that the contract included DoD compliance with Anthropic’s “strict usage policies” for Claude: “At the heart of this work lies our conviction that the most powerful technologies carry the greatest responsibility. . . . Our commitment to responsible AI deployment, including rigorous safety testing, collaborative governance development and strict usage policies, makes Claude uniquely suited for sensitive national security applications.”^[54]

Another significant difference in Anthropic’s contract: usage restrictions. Since March 2025, DoD has used “Claude Gov,” dedicated models for national security users through the Palantir platform and with special usage restrictions:

Claude Gov has different safeguards than the civilian models and can, for example, analyze documents marked “Top Secret.” Claude Gov also has a government-specific addendum to its Usage Policy that eliminates some of the restrictions applicable to the civilian version. Since DoW began using Claude Gov in March 2025, this government-specific usage policy has “imposed broad restrictions that would have prohibited mass surveillance of Americans and lethal autonomous warfare.”^[55]

Start of DoD and Anthropic Disagreement over Usage Terms

Shortly after the contract award, DoD and Anthropic started to disagree “over the contractual terms of how Anthropic’s technology can be used. . . .”^[56] Until then, “DoW appeared to have no objection to the usage policy and did not appear to view Anthropic as a national security risk in any way.”^[57]

As reported by the Wall Street Journal:

Tensions with the administration began almost immediately after [the Anthropic contract] was awarded, in part because Anthropic’s terms and conditions dictate that Claude can’t be used for any actions related to domestic surveillance. That limits how many law-enforcement agencies such as Immigration and Customs Enforcement and the Federal Bureau of Investigation could deploy it. . . .

Anthropic’s focus on safe applications of AI—and its objection to having its technology used in autonomous lethal operations—have continued to cause problems. . . .”^[58]

The tensions increased in September 2025, when DoD began negotiating with Anthropic “a new deployment of Claude” on DoD’s “GenAI.mil” platform.^[59] According to Anthropic, DoD:

insisted for the first time that Claude be permitted for “all lawful uses.” . . . Anthropic ultimately agreed, subject to two narrow but important exceptions: Claude could not be used for lethal autonomous warfare or mass surveillance of Americans.^[60]

In a slightly different account, the U.S. District Court for the Northern District of California (in the 3/26 Order granting Anthropic’s motion for a preliminary injunction), determined that the tensions grew out of DoD’s insistence that its July 2025 contract with Anthropic be modified to relax the contract provision that expressed Anthropic’s restrictions against certain uses of Claude. DoD wanted those contractual restrictions removed and replaced by an expansive and vague authorization for Claude to be operated for “all lawful uses” (with apparently no definition of “lawful,” of who would decide on the scope and meaning of “lawful,” or of whether “lawful” could be determined after conduct of an operation or mission when any objections would be too late, making “lawful” a potentially hollow restriction):

During these conversations, DoW^[61] took the position that Anthropic should permit DoW, its contractors, and its subcontractors to use all versions of Claude for ‘all lawful uses,’ without any usage restrictions. As DoW put it, ‘We will not let ANY company dictate the terms regarding how we make operational decisions.’ Anthropic ultimately agreed to do so with ‘two critical exceptions: mass surveillance of Americans and lethal autonomous warfare.’ Anthropic did not believe Claude currently to be safe for those uses based on its training and testing. . . . [I]f Claude were used to conduct mass surveillance, Anthropic believed Claude might retrieve a much broader set of information than intended, thus inadvertently violating laws protecting civil liberties. Anthropic further believed that lethal autonomous warfare was beyond Claude’s current ability to carry out reliably, in light of the potentially grave consequences of a mistake.^[62]

DoD and Anthropic Disagreements in Public Statements (January 2026)

In January 2026, Anthropic’s CEO, Dario Amodei, authored and published a lengthy (eighty-four-page) essay entitled The Adolescence of Technology: Confronting and Overcoming the Risks of Powerful AI (“Amodei Essay”).^[63] The Amodei Essay articulates concerns that Anthropic’s CEO has about the pace, direction, and loss of control of AI systems. He notes the accelerating pace of AI development:

Because AI is now writing much of the code at Anthropic, it is already substantially accelerating the rate of our progress in building the next generation of AI systems. This feedback loop is gathering steam month by month, and may be only 1–2 years away from a point where the current generation of AI autonomously builds the next. . . . I can feel the pace of progress, and the clock ticking down.^[64]

The Amodei Essay expresses concerns about fully autonomous weapons “because they are so powerful, with so little accountability, and there is a greatly increased risk of democratic government turning them against their own people to seize power.”^[65] Furthermore, the Amodei Essay expresses concerns about AI systems used for domestic surveillance:

Sufficiently powerful AI could likely be used to compromise any computer system in the world . . . . It might be frighteningly plausible to simply generate a complete list of anyone who disagrees with the government on any number of issues, even if such disagreement isn’t explicit in anything they say or do. A powerful AI looking across billions of conversations from millions of people could gauge public sentiment, detect pockets of disloyalty forming, and stamp them out before they grow. This could lead to the imposition of a true panopticon. . . .^[66]

Those expressed concerns apparently were reflected in restrictions that Anthropic had negotiated to include in the DoD July 2026 contract for its AI system model Claude.

The fact that almost immediately after the contract start the parties were in disagreement about the terms and conditions they had just concluded negotiating (and discussing the meaning of) suggests that at least one of the parties may have decided to torque the meaning of some of the contract’s key provisions in order to release it from, or to start relaxing, the obligations or restrictions it was obligated to honor.

After the U.S. raid in February 2026 on Venezuela, the Wall Street Journal revealed that Anthropic’s AI tool Claude was “used in the U.S. military’s operation to capture former Venezuelan President Nicholás Maduro, highlighting how AI models are gaining traction in the Pentagon. . . .”^[67]

Soon after the raid, an Anthropic employee questioned a counterpart at Palantir about DoD’s use of Claude in the military operation.^[68] The implication of the report of this exchange was that Anthropic objected to certain ways and purposes for which DoD used Claude. If the objections were based on belatedly recognizing that the AI procurement contract gave DoD the rights to use Claude in ways and on missions that did not contravene the contract, then it would be a replay of sorts of Google’s expression of reservations during performance of the Project Maven contract.

But if the objections were based on apparent violations by DoD of user restrictions set forth in the AI system procurement contract, then it raises issues about whether restrictions agreed to with the federal government will, indeed, be honored by the government. That would be disconcerting for Silicon Valley developers of AI systems as it would put at risk the very IP rights they were trusting the government customer to respect: violating terms of use could be perceived as a willingness to ignore terms and conditions when they prove inconvenient. And doing so within the first few months of a procurement contract could be perceived by AI developers as a “past performance” record about the federal government and make them even more cautious and hesitant than before to bid on federal government, and particularly DoD-awarded, AI system procurement contracts.

One of the indicia of a party’s performance of a contract is what remedies it invokes when it disagrees with the other party’s interpretation of the terms and conditions. DoD has a full panoply of remedies it can invoke when a contractor fails to fulfill its contractual obligations (e.g., termination for default and the past performance record that creates)—or even when the contractor is fulfilling its obligations and the government finds it no longer in its interests to continue the contract (e.g., the government can terminate for convenience the contractor and pay a settlement amount; if it follows the regulatory procedures, the government will not be in breach for taking such action). The government can also seek to negotiate an amendment to the contract, removing a scope of the work that the contractor was supposed to perform or removing a restriction that the government no longer finds suitable for its pursuit of U.S. national security objectives. DoD has not publicly declared an intention to invoke any such remedies.

Moreover, during the amicable but apparently tense conversations, Anthropic’s CEO Amodei told DoD:

[I]f Anthropic and DoW failed to come to an agreement [on the guardrails against use of Claude for domestic surveillance of Americans and lethal autonomous warfare], Anthropic stood ready to assist in an orderly offboarding from DoW’s systems.^[69]

It would appear that the parties were disagreeing about whether DoD is contractually obligated to honor and abide by a version of Anthropic’s “Usage Policy.” There is a public version of the Usage Policy, posted by Anthropic on its website.^[70] Its effective date, September 15, 2025, appears to be later than the DoD/Anthropic contract and may, in any event, contain different terms, since the Usage Policy for public consumers might differ significantly from one crafted for, and negotiated with, DoD. But the public version of Anthropic’s Usage Policy contains what seems to be the crux of the disagreement: restrictions on the military op and surveillance use of Anthropic. The restrictions appear under a heading that gives its application expansive scope: “Universal Usage Standards.”

The relevant restriction, expressed as a prohibition, reads thus:

Do Not Develop or Design Weapons

This includes using our products or services to:

• Produce, modify, design, or illegally acquire weapons, explosives, dangerous materials or other systems designed to cause harm to or loss of human life
• Design or develop weaponization and delivery processes for the deployment of weapons^[71]

In January and February 2026, the disagreement between DoD and Anthropic intensified as a result of the following developments:

• On January 9, 2026, U.S. Secretary of Defense (“SECDEF”) Pete Hegseth issued a Memorandum for Senior Pentagon Leadership, Commanders of the Combatant Commands, and Defense Agency and DOW Field Activity Directors on “Artificial Intelligence Strategy for the Department of War” (“SECDEF Memo”).^[72] The SECDEF Memo stated, in pertinent part:

  • “I direct the Department of War to accelerate America’s Military AI Dominance by becoming an ‘AI-first’ warfighting force across all components, from front to back.”^[73]
  • “[W]e will leverage the hundreds of billions in private sector capital investment being made in America’s AI sector through our growing array of creative partnerships with America’s world-leading companies.”^[74]

  • “Consistent with the refocusing of the Department onto a wartime footing, I expect the following approaches to become internalized as essential elements of our execution in this race to maintain Military AI Dominance:

    AI Model Parity. . . . I direct [the Chief Digital and AI Office] to establish a delivery and integration cadence with AI vendors that enables the latest models to be deployed within 30 days of public release. This shall be a primary procurement criterion for future model acquisition.

    Wartime Approach to Blockers. We must eliminate blockers to data sharing . . . and other policies that inhibit rapid experimentation and fielding. We must approach risk tradeoffs, . . . and other subjective questions as if we were at war.

    . . .

    AI-Native Warfighting. . . . We must put aside legacy approaches to combat and ensure we use this disruptive technology to compound the lethality of our military. Exercises and experiments that do not meaningfully incorporate AI and autonomous capabilities will be reviewed by the Director of Cost Assessment and Program Evaluation for resourcing adjustment.

    . . .

    Clarifying ‘Responsible AI’ at the DoW—Out with Utopian Idealism, In with Hard-Nosed Realism. Diversity, Equity, and Inclusion and social ideology have no place in the DoW, so we must not employ AI models which incorporate ideological “tuning” that interferes with their ability to provide objectively truthful responses to user prompts. The Department must also utilize models free from usage policy constraints that may limit lawful military applications. . . . [A]nd I direct the Under Secretary of War for Acquisition and Sustainment to incorporate standard ‘any lawful use’ language into any DoW contract through which AI services are procured within 180 days.”^[75]

• In January 2026, SECDEF Hegseth stated at an event that DoD would not “employ AI models that won’t allow you to fight wars.”^[76] Administration officials explained he was referring to “discussions administration officials have had with Anthropic . . . .”^[77]
• An Anthropic spokesman released a statement stating that Claude was “used ‘extensively’ for U.S. national security missions and that it is ‘in productive discussions with the Department of War about ways to continue that work.’”^[78]
• In mid-February, DoD confirmed it was “reviewing its relationship with Anthropic amid a long-brewing dispute over the AI firm’s usage policy, which bars the use of Claude to conduct mass surveillance or weapons development.”^[79]

Meeting Between DoD and Anthropic (February 2026)

On February 24, 2026, in a meeting between Anthropic’s CEO Dario Amodei and SECDEF Hegseth:

• Anthropic’s CEO Amodei reportedly refused “to allow its products to be used for mass domestic surveillance of U.S. citizens or in physical attacks where AI makes targeting decisions without human input—two red lines that Amodei reiterated to Hegseth [in the meeting] . . . .”^[80]
• SECDEF Hegseth, however, “warned the company to set aside concerns over how its technology may be used by the Defense Department”^[81] and stated that while “Claude had ‘exquisite capabilities’ . . . DoW had many other vendors to choose from that have never raised’ the concerns Anthropic was raising and who ‘would never hold any veto power over DoW.”^[82]
• During the meeting SECDEF Hegseth “did not say anything about Anthropic’s AI models being unsafe, insecure, or subject to compromise,”^[83] something the DoD would later claim without substantiation.

• At the meeting’s conclusion, SECDEF Hegseth told Anthropic’s representatives:

  if Anthropic did not agree to “all lawful uses”^[84] of its products by 5:00 p.m. on February 27, 2026, DoW would immediately designate Anthropic a supply-chain risk and would prevent Anthropic from partnering with DoW, anyone affiliated with DoW, or any other agency.^[85]

• SECDEF Hegseth also stated:

  DoW might invoke the Defense Production Act [of 1950] to designate Anthropic as essential to national security and thus compel Anthropic to provide its services without the restrictions.^[86]

The SECDEF’s warning warrants several observations:

• DoD was not invoking any of its customary remedies to resolve a disagreement or dispute over a procurement contract with a defense contractor.
• DoD was not alleging that Anthropic had breached the procurement contract that it was awarded on July 14, 2025, nor was there any suggestion of a contract clause or obligation that Anthropic had threatened, by communication or action, that it would not fulfill.
• DoD’s threat to designate Anthropic a “supply chain risk” was grounded on a federal statutory authority in 10 U.S.C. § 3252 that DoD had never invoked or applied against any U.S. defense contractor—and needs some explanation.

• DoD’s threat to use the Defense Production Act of 1950 (“DPA”) against Anthropic also needs some explanation, especially as it paradoxically contradicted the threat to designate Anthropic a “supply chain risk.”

  If one claims a company is a “supply chain risk,” it is contradictory in the same breath to claim that under the DPA the company must perform its government contract; each claim undercuts the other.

Authority to Designate a Company a “Supply Chain Risk”

By its terms, the federal statute 10 U.S.C. § 3252 is expressly focused on U.S. adversaries, not on traditional or nontraditional defense contractors or any AI system developer. The clause defines the risk at issue as follows:

“[S]upply chain risk” means the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.^[87]

To invoke the authority, a “covered system” must be at such risk, and the statute defines covered system to mean “a national security system, as that term is defined in section 3552(b)(6) of title 44.”^[88]

The cross-reference to 44 U.S.C. § 3552(b)(6) provides a detailed definition of a “national security system” (and, thus, a “covered system”):

The term “national security system” means any information system (including any telecommunications system) used or operated by an agency or by a contractor of an agency, or other organization on behalf of an agency—(i) the function, operation, or use of which—(I) involves intelligence activities; (II) involves cryptologic activities related to national security; (III) involves command and control of military forces; (IV) involves equipment that is an integral part of a weapon or weapons system; or (V) subject to subparagraph (B), is critical to the direct fulfillment of military or intelligence missions; or (ii) is protected at all times by procedures established for information that have been specifically authorized under criteria established by an Executive order or an Act of Congress to be kept classified in the interest of national defense or foreign policy.^[89]

Without delving further into the intricate and complex definitions of the “supply chain risk” statute, the statute authorizes the SECDEF to take “covered procurement action,” namely, to identify a contractor as a “supply chain risk” and to determine which of the following consequences to impose on such contractor:

• Excluding the contractor from bidding on or being awarded any DoD contract
• Withholding consent for a contractor to subcontract with the “supply chain risk” contractor and directing DoD contractors to exclude such contractor from consideration for a subcontract^[90]

The net effect of SECDEF Hegseth’s threat to Anthropic would be to preclude it from award of contracts by DoD and, far broader, to preclude it from any subcontract by any DoD prime contractor or any of their subcontractors at any tier.

To invoke “supply chain risk” authority, SECDEF Hegseth was required by statute to meet certain conditions, including:

1. consulting with procurement or other relevant officials of DoD;
2. making a determination in writing that
   1. use of the authority is necessary to protect national security by reducing supply chain risk, and
   2. “less intrusive measures are not reasonably available to reduce such supply chain risk.”^[91]

Prior to the DoD/Anthropic controversy, DoD had used the “supply chain risk” designation authority solely against “foreign companies located in countries such as China and Russia. Groups that have previously been deemed a supply-chain risk include China’s Huawei and ZTE Corporation and Russia’s Kaspersky Lab.”^[92]

Anthropic might find it difficult to challenge and cause DoD to rescind the designation for several reasons. First, there do not appear to be any cases in which a contractor challenged the designation in court, and thus there is no judicial interpretation of the meaning of less intrusive measures are not reasonably available to reduce such supply chain risk.

Second, the statute gives the SECDEF the authority to limit disclosure of information by requiring that the SECDEF only explain the basis of the designation to the extent “necessary to effectuate” the designation and its consequences (an explanation that would need to be given to DoD prime contractors and subcontractors that may be subject to the designated “supply chain risk”).^[93]

And third, the SECDEF’s designation of a “supply chain risk” contractor is not “subject to review in a bid protest before the Government Accountability Office or in any Federal court.”^[94]

However, Anthropic retained the right to pursue a remedy in a U.S. District Court, which Anthropic ultimately found necessary.

Authority Under the DPA

The DPA confers on the president of the United States the authority to take a variety of actions to compel a contractor to perform work needed for the national defense. The DPA gives the president the authority to, among other things:

• require that a contractor’s performance of contracts “take priority over performance under any other contract or order” to promote the national defense^[95] and
• require “acceptance and performance of such contracts . . . by any person he finds to be capable of their performance.”^[96]

Thus, if delegated that authority by the president, the SECDEF could require Anthropic to perform the AI system contract (even if DoD is breaching it by violating a contract that included Anthropic’s Usage Policy for Claude) and to ensure that Anthropic’s performance of such contract “take priority” over its performance of any other contract.

V. Pre-Litigation “Endgame” Between DoD and Anthropic

DoD had threatened to designate Anthropic a “supply chain risk” and thus to preclude it from award of any DoD contract and from being awarded any subcontract by any DoD contractor. That would effectively freeze Anthropic out of any business related to DoD contracts at any tier.

DoD also threatened to invoke DPA authority to require Anthropic to perform the AI systems contract awarded in July 2025 and to ensure its performance took priority over performance of any other Anthropic contract with any other customer.

Initial reactions suggested some bewilderment by commentators and observers:

Dean Ball, a former AI adviser in the Trump administration, said the Pentagon is contradicting itself by forcing Anthropic to cooperate with the government even as it moves to label the company a security risk.

“You’re telling everyone else who supplies to the DOD you cannot use Anthropic’s models, while also saying that the DOD must use Anthropic’s models.” . . . He called it “incoherent” to even float the two policy ideas together, and “a whole different level of insane to move up and say we’re going to do both of those things.”^[97]

Katie Sweeten, a tech lawyer who formerly served as the Department of Justice’s point of contact with DoD, characterized DoD’s threats as “contradictory,” adding:

“I don’t know how you can both use the DPA to take over this product and also at the same time say this product is a massive national security risk.” . . . She warned that Hegseth’s “very aggressive” negotiating posture could have a chilling effect on partnerships between the Pentagon and Silicon Valley.^[98]

On February 26, 2026, two days after the meeting in which SECDEF Hegseth threatened to designate Anthropic a “supply chain risk” and to compel it, under the DPA, to perform without its AI usage restrictions, Anthropic’s CEO Amodei issued a public statement on behalf of Anthropic, stating in relevant part:

Anthropic understands that the Department of War, not private companies, makes military decisions. We have never raised objections to particular military operations nor attempted to limit use of our technology in an ad hoc manner.

However, in a narrow set of cases, we believe AI can undermine, rather than defend, democratic values. Some uses are also simply outside the bounds of what today’s technology can safely and reliably do. Two such use cases have never been included in our contracts with the Department of War, and we believe they should not be included now:

• Mass domestic surveillance. We support the use of AI for lawful foreign intelligence and counterintelligence missions. But using these systems for mass domestic surveillance is incompatible with democratic values. AI-driven mass surveillance presents serious, novel risks to our fundamental liberties. To the extent that such surveillance is currently legal, this is only because the law has not yet caught up with the rapidly growing capabilities of AI. . . .
• Fully autonomous weapons. Partially autonomous weapons, like those used today in Ukraine, are vital to the defense of democracy. Even fully autonomous weapons (those that take humans out of the loop entirely and automate selecting and engaging targets) may prove critical for our national defense. But today, frontier AI systems are simply not reliable enough to power fully autonomous weapons. We will not knowingly provide a product that puts America’s warfighters and civilians at risk. We have offered to work directly with the Department of War on R&D to improve the reliability of these systems, but they have not accepted this offer. In addition, without proper oversight, fully autonomous weapons cannot be relied upon to exercise the critical judgment that our highly trained, professional troops exhibit every day. They need to be deployed with proper guardrails, which don’t exist today.

To our knowledge, these two exceptions have not been a barrier to accelerating the adoption and use of our models within our armed forces to date.

. . .

Regardless, these threats [by DoD to designate Anthropic a “supply chain risk” and, under the DPA, to compel it to perform with Claude’s safeguards removed] do not change our position: we cannot in good conscience accede to their request.

. . .

[W]e hope they reconsider. . . . Should the Department choose to offboard Anthropic, we will work to enable a smooth transition to another provider, avoiding any disruption to ongoing military planning, operations, or other critical missions. Our models will be available on the expansive terms we have proposed for as long as required.^[99]

In short, Anthropic would not waive or agree to an amendment to remove from the DoD/Anthropic miliary AI acquisition contract the domestic surveillance and autonomous warfare restrictions on the use of Claude.

There is no reported evidence, in the media or court filings to date, that the DoD reconsidered its threats. Instead, an hour and a quarter before expiration of the DoD’s 5:00 p.m. deadline to Anthropic, President Trump, at 3:47 p.m. on February 27, 2026, issued a directive via Truth Social that “EVERY Federal Agency” in the U.S. government “IMMEDIATELY CEASE all use of Anthropic’s technology” (“Presidential Directive”). The president added:

There will be a Six Month phase out period for Agencies like the Department of War who are using Anthropic’s products, at various levels. Anthropic better get their act together, and be helpful during this phase out period, or I will use the Full Power of the Presidency to make them comply, with major civil and criminal consequences to follow.^[100]

The Presidential Directive appears to be a de facto debarment, not only of award of any DoD prime contract, or a subcontract thereunder at any tier, but a debarment that extends to “EVERY Federal Agency.” That action is beyond the scope of designating Anthropic a “supply chain risk,” and in itself did not impose that designation on Anthropic.

Moreover, there is no suggestion in the president’s Truth Social post that Anthropic posed any supply chain risk of the kind the statute targets involving a U.S. “adversary,” i.e., “the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.”^[101]

Nonetheless, at approximately 6:00 p.m. the same afternoon, SECDEF Hegseth announced his own directive on X (“Hegseth Directive”):

In conjunction with the President’s directive for the Federal Government to cease all use of Anthropic’s technology, I am directing the Department of War to designate Anthropic a Supply-Chain Risk to National Security.

Effective immediately, no contractor, supplier, or partner that does business with the United States miliary may conduct any commercial activity with Anthropic. Anthropic will continue to provide the Department of War its services for a period of no more than six months to allow for a seamless transition to a better and more patriotic service.

. . . This decision is final.^[102]

The phrasing of the Hegseth Directive unfortunately risked creating misunderstandings, confusion, and misdirection. The Hegseth Directive, as phrased exceeded the scope of the authority conferred by the “supply chain risk” statute, which limits the exclusion authority to DoD contracts, i.e.,

• excluding the contractor from bidding on or being awarded any DoD contract; and/or
• withholding consent for a contractor to subcontract with the “supply chain risk” contractor and directing DoD contractors to exclude such contractor from consideration for a subcontract.^[103]

There is no authority within the statute (10 U.S.C. § 3252(d)(2)) for the SECDEF to prohibit every contractor, supplier, or partner that does business with the U.S. military from conducting “any commercial activity with Anthropic.” To the extent the phrasing of the “supply chain risk” designation purports to apply beyond prime contracts and subcontracts for the DoD, the Hegseth Directive would appear to have been ultra vires.

The immediate impact of the Presidential and Hegseth Directives precluded Anthropic from doing business with any agency of the federal government—and any companies doing business with federal agencies. As Judge Rita F. Lin of U.S. District Court for the Northern District of California would later observe in her 3/26 Order:

Taken together, the Presidential Directive and the Hegseth Directive create an immediate, permanent, federal government-wide bar on using any Anthropic technology (except during a six-month transition period), and also prohibit private companies from doing business with both the military and Anthropic. Neither the President nor Secretary Hegseth cited any statutory authority for the Directives.^[104]

On the same day as the Hegseth Directive was issued, the Financial Times reported that Anthropic “intended to challenge” the SECDEF’s decision in court, quoting the company as stating:

No amount of intimidation or punishment from the Department of War will change our position on mass domestic surveillance or fully autonomous weapons. We will challenge any supply chain risk designation in court. . . . [Hegseth lacks] the statutory authority to back up this statement. Legally, a supply chain risk designation . . . can only extend to the use of Claude as part of Department of War contracts—it cannot affect how contractors use Claude to serve other customers.^[105]

On March 4, 2026, before Anthropic took any legal action, it received two letters “on DoW letterhead, signed by Secretary Hegseth and dated one day prior [March 3, 2026],”^[106] each a DoD notice to Anthropic: one cited 41 U.S.C. § 4713 (the Federal Acquisition Supply Chain Security Act of 2018 (“FASCSA”)) (“FASCSA Letter”); and the other cited 10 U.S.C § 3252 (“Section 3252”) (“Section 3252 Letter”).

The FASCSA Letter. The FASCSA Letter stated that DoD had

determined that (i) the use of [Anthropic’s] products or services in [Department of War] covered procurements presents a supply chain risk and that the use of the Section 4713 authority to carry out covered procurement actions is necessary to protect national security by reducing supply chain risk, and (ii) less intrusive measures are not reasonably available to reduce such supply chain risk.^[107]

The FASCSA Letter stated its determination was “effective immediately” and that the DoD would take “’all [covered procurement] actions’ under 41 U.S.C. §4713(k)(4),” including “withholding consent for and directing the exclusion of Anthropic’s current and future ‘covered products and services’ from government supply chains, including subcontracts.”^[108]

The Section 3252 Letter. The Section 3252 Letter stated, rather similarly to the FASCSA Letter, that DoD:

has determined that (i) the use of the Covered Entity’s [i.e., Anthropic’s and its subsidiaries’ and affiliates’] products or services in DoW covered systems presents a supply chain risk and that the use of the Section 3252 authority to carry out covered procurement actions is necessary to protect national security by reducing supply chain risk, and (ii) less intrusive measures are not reasonably available to reduce such supply chain risk.^[109]

The Section 3252 Letter explained that the “supply chain risk” designation was immediate and permanent, and applies to “Anthropic’s existing or future ‘covered item[s] of supply,’ or any product or service procured by DoW as part of a ‘covered system.’”^[110]

Different Scopes of the FASCSA and Section 3252 Letters. The two letters, despite their similarities, have quite different scopes of application, as revealed in a comparison of their respective definitions of “supply chain risk.”

The FASCSA defines a “supply chain risk” to mean:

The risk that any person may sabotage, maliciously introduce unwanted function, extract data, or otherwise manipulate the design, integrity, manufacturing, production, distribution, installation, operation, maintenance, disposition, or retirement of covered articles so as to surveil, deny, disrupt, or otherwise manipulate the function, use, or operation of the covered articles or information stored or transmitted on the covered articles.

By contrast, Section 3252 defines a “supply chain risk” to mean:

the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.^[111]

The FASCSA definition of “supply chain risk” differs significantly from the Section 3252 definition of “supply chain risk.” Salient differences include the following:

• The FASCSA applies “supply chain risk” to actions by “any person,” whereas Section 3252 applies more narrowly to actions by “an adversary”;
• the FASCSA includes among the threats that any person may “extract data” from the product or service—a threat not specifically mentioned in Section 3252;
• the FASCSA concerns a broad category of any person’s efforts to “otherwise manipulate the design, integrity, manufacturing, production, . . .” of a covered system, whereas Section 3252 applies more narrowly to an adversary’s efforts to “subvert the design, integrity, manufacturing, production, . . .” of a covered system; and
• the FASCSA focuses on any person ultimately being able to “manipulate the function, use, or operation of the covered articles or information stored or transmitted on the covered articles,” whereas Section 3252 applies more narrowly to an adversary being able to “degrade the function, use, or operation of such system.”^[112]

Those differences in scope and application of the “supply chain risk” may be part of the reason why, when Anthropic took legal action to challenge them, it did so in separate federal courts: challenging the FASCSA Letter’s “supply chain risk” designation in the United States Court of Appeals for the District of Columbia Circuit; and challenging the Section 3252 “supply chain risk” designation in the U.S. District Court for the Northern District of California.

VI. Initiation of Anthropic/DoD Lawsuits

On March 9, 2026, Anthropic filed two federal lawsuits. One lawsuit was a petition in the U.S. Court of Appeals for the District of Columbia Circuit for judicial review of the DoD’s 41 U.S.C. § 4713 notice (i.e., the FASCSA Letter). Anthropic could seek its remedy in that court, instead of a U.S. District Court for the District of Columbia, because the FASCSA permits a party,

[n]ot later than 60 days after a party is notified of an exclusion or removal . . . , the party may file a petition for judicial review in the United States Court of Appeals for the District of Columbia Circuit claiming that the issuance of the exclusion or removal order or covered procurement action is unlawful.^[113]

The other lawsuit, brought in the U.S. District Court for the Northern District of California, sought a temporary restraining order (and preliminary injunction) to halt the effects of the Section 3252 Letter’s actions.

Anthropic’s Suit in the U.S. Court of Appeals for the District of Columbia

On April 8, 2026, Anthropic’s action seeking a judicial review of the FASCSA Letter designation and an emergency motion for a stay pending review resulted in an order by the U.S. Court of Appeals for the District of Columbia Circuit (“D.C. Circuit”), denying the motion for a stay pending a review on the merits.^[114] In its four-page Per Curiam Order, the D.C. Circuit noted that the financial losses Anthropic would experience, absent any mechanism to recover them, “qualify as irreparable,”^[115] but found (without reaching the merits) that the “equitable balance here cuts in favor of the government” because:

On one side is a relatively contained risk of financial harm to a single private company. On the other side is judicial management of how, and through whom, the Department of War secures vital AI technology during an active military conflict. For that reason, we deny Anthropic’s motion for a stay pending review on the merits. Nonetheless, because Anthropic raises substantial challenges to the determination and will likely suffer some irreparable harm during the pendency of this litigation, we agree with Anthropic that substantial expedition is warranted.^[116]

The D.C. Circuit set briefing dates in April and May, identified issues to be briefed, and scheduled oral argument for May 19, 2026.^[117]

The D.C. Circuit’s Per Curiam Order is crafted with terms that understate and omit salient features and creates a kind of M.C. Escher–esque rendering that distorts the facts. Examples include:

• To state in one sentence that Anthropic faces “a relatively contained risk of financial harm” and three sentences later state Anthropic “will likely suffer some irreparable harm” is inconsistent; but separating those inconsistent statements with two intervening sentences makes it hard for the reader’s mind to compare them and see that each undercuts the other. Irreparable harm exceeds quantification; it’s not a contained risk, though saying so in solemn simple prose may make it seem so.
• To state that there is the problem of “judicial management of how, and through whom, the Department of War secures vital AI technology during an active military conflict” omits what government contract counsel (in and outside the government) know—and so do the judges on the D.C. Circuit:
  • The government had announced it would phase out the use of Anthropic’s Claude models over a six-month period, which the government could extend if it wished; meanwhile the government did not need to “secure vital AI technology during a military conflict”—it had and was reportedly continuing to use Anthropic’s Claude model for military operations in the Iran conflict.
  • If the government did not want or trust Anthropic’s Claude models, it would not be continuing to use them, but in any event, it could at any moment cease using them and/or terminate Anthropic’s contracts for convenience in the customary way. In short, contrary to the D.C. Court’s characterization, there was no need for “judicial management” of how and through whom the DoW would procure vital AI models; DoW had all the authority it required to terminate the contract with Anthropic and manage a reprocurement of vital AI models.
  • DoD had threatened to use the authority of the DPA to compel Anthropic to perform its contracts without usage restrictions. That further diminished the plausibility that “judicial management” was needed to help the DoD continue to prosecute a military conflict with the vital AI it needed for those operations. The Per Curiam Order omits that publicly documented fact.

Thus, the DoD’s reprocurement, if it wished, could proceed without any “judicial management.” The depiction of the DoD facing a procurement plight was a verbal illusion, but a useful one when combined with the suggestion that it outweighed the other illusion—that of a “confined risk” that the D.C. Circuit acknowledged to be “irreparable harm.” It will be interesting to see what happens as this case proceeds to a review on the merits.

Meanwhile, Anthropic’s action in the District Court of the Northern District of California challenging DoD’s Section 3252 “supply chain risk” designation has resulted in the District Court’s issuance of the 3/26 Order of a preliminary injunction that enjoins the Section 3252 Letter’s action.

For that reason, the balance of this article focuses on Anthropic suit in the District Court challenging the Section 3252 Letter, the Presidential and Hegseth’s Directives (collectively the “Challenged Actions”), and the District Court’s reasoning for issuing the 3/26 Order.

Anthropic’s Suit in the U.S. District Court for the Northern District of California

On March 9, 2026, Anthropic filed a complaint for declaratory and injunctive relief (“Complaint”) in the U.S. District Court for the Northern District of California (the “District Court”).^[118] The Complaint alleged that the Challenged Actions were harming Anthropic “irreparably,” and identified those harms as including:

In Secretary Hegseth’s own words, Anthropic’s status in the eyes of the federal government has been “permanently altered.” Official designation as a “Supply-Chain Risk to National Security” carries profound weight, particularly under a President who has threatened both “criminal consequences” and “the Full Power of the Presidency” to enforce compliance. Anthropic’s contracts with the federal government are already being canceled. Current and future contracts with private parties are also in doubt, jeopardizing hundreds of millions of dollars in the near-term. . . . Absent judicial relief, those harms will only compound in the weeks and months ahead.^[119]

The Complaint alleged that the Challenged Actions were unlawful on five grounds:

• The Section 3252 designation failed to observe the statutory procedures that governs it;
• the Challenged Actions constituted retaliation against Anthropic for its public comments that the government disfavored and such retaliation violated Anthropic’s speech and other protected activities under the First Amendment;
• the Presidential Directive that required all federal agencies to cease use immediately of Anthropic’s technology was “outside any authority that Congress has granted the Executive;”
• the Challenged Actions arbitrarily deprived Anthropic of property interests in its business relationships without “any process, much less due process,” in violation of the Fifth Amendment’s Due Process Clause; and
• the Challenged Actions violated the Administrative Procedures Act’s prohibition against imposing any sanction, penalty, revocation, suspension, or other compulsory or restrictive action against a person “except within jurisdiction delegated to the agency and as authorized by law.” ^[120]

After briefing and oral argument, the District Court issued the 3/26 Order, in which it made the following determinations:

• DoD “may permissibly stop using Claude and look for a new AI vendor who will allow ‘all lawful uses’ of its technology,’” but “[t]hat is not what this case is about.”^[121]
• The lawsuit is about whether the government’s three significant measures (the aforementioned Challenged Actions) in response to Anthropic’s public expressions of disagreement with the DoD’s demands to waive Claude’s usage restrictions were unlawful.^[122]
• The District Court characterized the Challenged Actions by reference to their disproportionate impact—and described them in terms that would in all likelihood raise concerns among Nontraditional Defense Contractors as to whether they would want to be in a contract with DoD, since it might respond similarly to a disagreement with them about the contract’s existing terms and conditions:
  • The Presidential Directive “that every federal agency (not just the Department of War) would immediately ban Anthropic from ever having another government contract”—would include “the National Endowment for the Arts using Claude to design its website.”^[123]
  • The Hegseth Directive that “anyone who wants to do business with the U.S. military must sever any commercial relationship with Anthropic” would mean that an enterprise “that used Claude to power its customer service chatbot could not serve as a defense contractor.”^[124]
  • The DoD designation of Anthropic as a ”supply chain risk” was a label that applied to “adversaries of the U.S. government who may sabotage its technology systems”—a designation that had “never been applied to a domestic company and is directed principally at foreign intelligence agencies, terrorists, and other hostile actors.”^[125]

The District Court determined that the Challenged Actions did not appear directed at the “government’s stated national security interests.”^[126] Had that been the government’s real aim—the integrity of its operational chain of command—the DoD “could just stop using Claude.”^[127] Instead, the District Court found:

• DoD designated Anthropic a “supply chain risk” because of its “hostile manner through the press” and because DoD sought to punish Anthropic “for bringing public scrutiny to the government’s contracting position” and thus constituted “illegal First Amendment retaliation.”^[128]
• DoD’s “supply chain risk” designation was “likely both contrary to law and arbitrary and capricious,” chiefly because DoD provided “no legitimate basis to infer from Anthropic’s forthright insistence on usage restrictions that it might become a saboteur.”^[129]
• “Nothing in the governing statute supports the Orwellian notion that an American company may be branded a potential adversary and saboteur of the U.S. for expressing disagreement with the government.”^[130]
• And, “these broad punitive measures were likely unlawful” and Anthropic was “suffering irreparable harm from them.”^[131]

In the course of its reasoning, the District Court highlighted the several ways in which the Challenged Actions exceeded the lawful limits of authority Section 3252 granted to the SECDEF, including the following:

• Section 3252 did not authorize the SECDEF to exclude a company from providing services to government agencies other than DoD.^[132]
• Section 3252 did not authorize the SECDEF to require all DoD contractors to cease working with the “supply chain risk” company, only those whose work involves “covered systems.”^[133]
• Section 3252 required the SECDEF to consider whether less intrusive measures were reasonably available to reduce the supply chain risk, and the evidence presented by DoD to the District Court contained no explanation of any “less intrusive measures” the SECDEF had in fact considered.^[134]

At oral argument, the District Court questioned the government’s counsel about the legal authority for the Hegseth Directive’s expansive reach: “Effective immediately, no contractor, supplier, or partner that does business with the United States military may conduct any commercial activity with Anthropic . . . This decision is final.”^[135]

Government counsel conceded he was not aware of any statute that gave the SECDEF authority to issue that prohibition—and further conceded the SECDEF’s statement had “absolutely no legal effect at all.”^[136] Government counsel also disclosed that the SECDEF’s statement did not reflect DoD’s “immediate intended course of action” and that DoD “does not intend to terminate any contractors on the basis that they have a commercial relationship with Anthropic that [i]s separate from their work” for DoD.^[137] On this point, however, oral argument did not yield the clarity the District Court appeared to be seeking, as shown in the colloquy the District Court excerpted in the 3/26 Order:

When asked why Hegseth made a public statement that had no legal effect and that did not reflect the immediate intent of Dow, counsel stated, “I don’t know.” . . . Even so, [the government] Defendants declined to stipulate to enjoin this prohibition because DoW “is continuing to assess the situation” and “will take action as needed . . . to mitigate the risk from Anthropic.”^[138]

That was one of several positions the government took during this stage of the litigation that not only keep Anthropic in a kind of “designation limbo,” but also extend that uncertainty to all DoD contractors that have, or may be negotiating to enter into, “any commercial activity” contract with Anthropic.

The number of DoD contractors with whom Anthropic has, or is in negotiations to have, commercial activity and the dollar value Anthropic might lose if the Presidential and Hegseth Directives remain in effect is not trivial—and according to Anthropic, some were lost immediately, starting the date of the Presidential and Hegseth Directives, with many more lost soon thereafter.

Some metrics may help illuminate the cascading loss of existing and prospective Anthropic contracts.

First, to cover the scope of the Challenged Actions that could impact its business, Anthropic found it necessary to name a cohort of federal agencies and officials as defendants in the Complaint, including:

• The U.S. Departments of Defense, Treasury, State, Health and Human Services, Commerce, Veterans Affairs, Energy, and Homeland Security
• The U.S. Nuclear Regulatory Commission and Social Security Administration
• The Securities and Exchange Commission, Federal Reserve Board of Governors, National Endowment for the Arts, General Services Administration, and National Aeronautics and Space Administration (“NASA”)
• The secretary, director, chairman, or administrator of those respective agencies

Second, Anthropic introduced evidence (not controverted by the government Defendants) that national security stakeholders in the military and intelligence community with whom Anthropic had developed relationships over several years of efforts to demonstrate its models could effectively serve their needs would need to consider severing their relationships with Anthropic. Anthropic detailed examples:

• “[A] defense technology provider has indicated it intends to move all U.S. government work to other generative AI model providers as soon as possible.”^[139]
• “On the same day [the President and SECDEF] issued their directives, the General Services Administration (‘GSA’) announced that it was removing Anthropic from USAi.gov, the centralized platform for federal agencies to access and adopt AI tools. That decision cuts off Anthropic’s government procurement opportunities with numerous federal entities, including the U.S. Departments of Veterans Affairs, Health and Human Services (‘HHS’), State, Labor, Interior, as well as the federal judiciary.”^[140]
• “A few days later, on March 2, 2026, Secretary of Treasury Scott Bessent announced on X.com that the Department of Treasury would terminate all use of Anthropic’s AI models in compliance with President Trump’s directive.”^[141]
• “The Department of State and HHS subsequently issued internal statements announcing the same. The Lawrence Livermore National Laboratory, a nuclear weapons research and development center funded by the Department of Energy, likewise informed Anthropic that it was shutting down Claude . . . .”^[142]
• “Government contractors for other components of the federal government have been directed to cut ties with Anthropic and to stop using Claude. One partner, which has a multi-million-dollar annual contract, immediately switched from Claude to a competing generative AI model for a deployment by their end customer, the U.S. Food and Drug Administration. That switch instantly eliminated an anticipated revenue pipeline worth more than one hundred million dollars.”^[143]

The District Court made the following determinations:

• Anthropic had shown a likelihood of success on its First Amendment retaliation claim, because:
  • The government Defendants’ conduct appeared driven “not by a desire to maintain operational control when using AI in the military but by a desire to make an example of Anthropic for its public stance on the weighty issues at stake in the contracting dispute.”^[144]
  • An internal DoD memo repeatedly referred to Anthropic’s public airing of its dispute with the DoD as the “reason that it is no longer trustworthy.”^[145]
  • “If this were merely a contracting impasse, DoW would presumably have just stopped using Claude . . . [but the] Challenged Actions . . . far exceed the scope of what could reasonably address such a national security interest. The Presidential Directive ordered a permanent federal government-wide bar, and the Hegseth Directive blacklisted Anthropic. Nothing in the record supports a determination that the contracting impasse alone would have triggered such an extreme response.”^[146]
• Anthropic had shown a likelihood of success on its procedural Due Process claim under the Fifth Amendment, because:
  • Anthropic had a Fifth Amendment protected liberty interest that includes the right to “follow a chosen profession free from unreasonable governmental interference.”^[147]
  • The debarment of Anthropic from government contract bidding constituted a deprivation of liberty that triggered Anthropic’s right to procedural guarantees of the Fifth Amendment’s Due Process Clause.^[148]
  • Each of the Challenged Actions deprived Anthropic of protected liberty interests in that they threatened “to cripple Anthropic by not only stripping it of billions of dollars in federal contracts and subcontracts but also by labeling it as an adversary to the United States and ending its ability to have any commercial relationship with any company that might want to do business with DoW.”^[149]
  • Given the sweeping aspects of the Challenged Actions, and a record that contained no evidence of any risk, much less an urgent one, that could have motivated those Actions, the government Defendants should have provided Anthropic pre-deprivation notice and process—which they failed to do.^[150]
• Anthropic had shown a likelihood of success on its APA claim, because of the following:
  • Under the APA, an agency’s action must be held unlawful and set aside if it is shown to be arbitrary, capricious, or an abuse of discretion.^[151]
  • Congress intended Section 3252 to address the risk of an “adversary” sabotaging national security systems.^[152]
  • Section 3252 does not authorize the DoD “to designate a domestic vendor a supply chain risk simply because a vendor publicly criticized DoW’s views about the safe uses of its system.”^[153]
  • Anthropic’s conduct did not appear to be within Section 3252’s definition of “supply chain risk” and the government Defendants appear to take “the position that any vendor who ‘push[es] back’ on or ‘question[s]’” the DoD becomes its “adversary.”^[154]
  • DoD failed to follow the process required by Section 3252 because, among other things, “it failed to make any reasoned determination about whether less intrusive measures were available.”^[155]
  • There was no evidence that the determinations that Section 3252 requires the SECDEF to make before designating a company or entity a “supply chain risk” were made prior to the issuance of the Hegseth Directive; on the contrary, the government Defendants’ Section 3252 determinations “all occurred after the Hegseth Directive was issued.”^[156]
  • The evidential record shows the reasons given by the government Defendants for designating Anthropic a supply chain risk were “pretextual and that Defendants’ real motive was unlawful retaliation.”^[157]
  • The Hegseth Directive was therefore “likely in excess of statutory authority and contrary to law.”^[158]

Based on its reasoning in the 3/26 Order, the District Court issued a Preliminary Injunction Order (“Preliminary Injunction”) on the same date, March 26, 2026, immediately restraining and enjoining “pending final resolution of this action or further order of this Court,” the government Defendants from:

• implementing, applying, or enforcing the Presidential and Hegseth Directives;
• issuing or maintaining “any guidance, directive, communication, or instruction to any officer, employee, contractor, or agent, in furtherance of or implementing” the Presidential and Hegseth Directives; and
• taking any other action to implement, effectuate, or further the purposes of the Presidential and Hegseth Directives.^[159]

The District Court added the following clarification purporting to demarcate what the Order did and did not do:

This Order restores the status quo. It does not bar any Defendant from taking any lawful action that would have been available to it on February 27, 2026, prior to the issuances of the Presidential Directive and the Hegseth Directive and entry of the Supply Chain Designation. For example, this Order does not require the Department of War to use Anthropic’s products or services and does not prevent the Department of War from transitioning to other artificial intelligence providers, so long as those actions are consistent with applicable regulations, statutes, and constitutional provisions.

This Order is stayed for seven days from its issuance.^[160]

In an uncommon addition, the Order further required the government Defendants to file a status report (“Status Report”) in a very short time—by no later than April 6, 2026—“describing the steps taken to ensure compliance with this Order and certifying compliance with its requirements.”^[161]

The District Court stayed its Order to give the government time to file an appeal. The government Defendants timely filed an appeal with the U.S. Court of Appeals for the Ninth Circuit (“Ninth Circuit”). The Ninth Circuit set April 30, 2026, as the due date for the government appellants to file their opening brief(s).^[162]

On April 6, 2026, government counsel timely filed with the District Court the Status Report explaining efforts made by government officials to ensure compliance with the Preliminary Injunction (which went into effect on April 3, 2026) and describing other steps taken:

• Rescinding or directing the recission of prior guidance implementing the Presidential Directive, including prior notices to pause or cease work that involves the use of Anthropic’s products and services and prior notices to remove Anthropic from USAi . . . ;^[163]
• Restoring both internal and external access to Anthropic products and services where access had been disabled;
• Authorizing relevant personnel to resume use of Anthropic’s products and services; . . .
• Rescinding a request to a contractor to remove Anthropic products from a contract and requesting the contractor submit an offer to add Anthropic products and services back to the contract under the same terms and conditions effective on February 26, 2026.^[164]

However, the Status Report also disclosed that DoD had issued a memorandum providing guidance on two “distinct directives or determinations unaffected by the Preliminary Injunction,”^[165] namely the SECDEF’s January 2026 policy AI memorandum^[166] and the FASCSA (Title 41) supply chain risk designation that Anthropic had challenged in the D.C. Circuit Court. Regarding the latter, DoD appeared intent on reinforcing the “supply chain risk” designation and its consequences, utilizing the FASCSA authority since the D.C. Circuit Court had not yet ruled on it. As the Status Report inconsistently disclosed:

The DoW memorandum advised that the Department will continue to transition from Anthropic to other AI providers . . . . The memorandum also specifically instructed that DoW may not refuse to award prime or subcontracts to Anthropic or direct vendors not to use Anthropic technology, whether for DoW or commercial work, or take any other action on the basis or in furtherance of the covered action.^[167]

Where Things Stand as of April 13, 2026

Despite the Preliminary Injunction taking effect on April 3, 2026, and the representations contained in the April 6, 2026, Status Report, Nontraditional Defense Contractors and their counsel will be challenged to sort through the current legal significance of the FASCSA and Section 3252 designation of Anthropic as a “supply chain risk.”

The District Court stated in its Preliminary Injunction Order, “This Order restores the status quo.” The reality is quite different. The Preliminary Injunction does not cause all the government contractors that severed relationships with Anthropic to restore those relationships, or undo recission or termination of contracts with Anthropic that existed prior to the Challenged Actions, or reverse the impact of guidance that counsel to traditional and Nontraditional Defense Contractors may have given their clients—either as a preemptive attempt to protect their clients from violating the Challenged Actions or in response to client requests for guidance. Much of the damage done cannot be undone by a court stating its Order “restores the status quo.”

Further undermining the Court’s declaration of restoration of the status quo, the Status Report highlights that beyond the jurisdictional reach of the Preliminary Injunction, DoD “will continue to transition from Anthropic to other AI providers.” It is curious, however, that the Status Report positioned that action as beyond the reach of the Preliminary Injunction on Section 3252 actions and within the ambit of the FASCSA designation: DoD does not need to brand, tarnish, and turn one of its trusted contractors into a target for abusive rhetoric in order to discontinue using that contractor’s products and services. As the District Court observed, “If this were merely a contracting impasse, DoW would presumably have just stopped using Claude.” DoD seems to intend to proceed with punitive actions beyond discontinued use of Anthropic’s Claude models, as evidenced by: (i) its continued litigation of the FASCSA designation of Anthropic as a “supply chain risk,” (ii) the representations in the Status Report that provide an incomplete picture of the damage done to Anthropic’s contractual relationships with other defense contractors, and (iii) the government Defendants’ appeal of the District Court’s Preliminary Injunction.

Rather than restoration of the status quo ante, where things now stand is that the defense contractor community faces considerable uncertainty about what the Ninth Circuit and the D.C. Circuit may do, and equally important, about what the DoD may decide to do if it seeks to turn an impasse with a defense contractor into a designation of the contractor as a “supply chain risk,” especially if next time the DoD exercises greater care to follow (or create the documented appearance of following) the procedural requirements of Section 3252 and FASCSA.

That picture of the status of the DoD/Anthropic controversy became further complicated by a significant development in early April 2026 that might give DoD reasons to reassess and reconsider whether it wants to cease using Anthropic’s AI models. On April 7, 2026, Anthropic announced a new general-purpose language model: Claude Mythos Preview (“Mythos”). As Anthropic explained in a blog post the same day, it found that Mythos performed “strongly across the board,” and its testing and assessment of the capabilities and safety of Mythos revealed

[i]t is strikingly capable at computer security tasks. . . .

[W]e’re limited in what we can report here. Over 99% of the vulnerabilities we’ve found have not yet been patched, so it would be irresponsible for us to disclose details about them (per our coordinated vulnerability disclosure process). Yet even the 1% of bugs we are able to discuss give a clear picture of a substantial leap in what we believe to be the next generation of models’ cybersecurity capabilities—one that warrants substantial coordinated defensive action across the industry. We conclude our post with advice for cyber defenders today, and a call for the industry to begin taking urgent action in response.^[168]

Mythos reportedly has the capability to find and exploit vulnerabilities better than most humans can, and do so at a greater scale, and thus greater speed. The risk: Mythos can find and exploit zero-day vulnerabilities^[169] in an enterprise’s (and possibly also a military system’s) digital systems. That represents a paradigm shift in cybersecurity, one that Anthropic apparently decided it could not stand back and watch by simply releasing Mythos generally to enterprises. Anthropic also does not appear to have offered use of Mythos to the DoD, not surprising in light of DoD having designated Anthropic a “supply chain risk.” And Anthropic does not appear to have acted as a “supply chain risk” actor by ignoring how a general release of Mythos would have run the risk that foreign adversaries might have used Mythos in attempts to compromise, degrade, and otherwise sabotage DoD digital military systems.

To make clear the paradigm shift posed by Mythos, Anthropic also released on April 7, 2026, the System Card: Claude Mythos Preview (“System Card”) that describes what Anthropic discovered when it tested and assessed Mythos (for capabilities and safety) and Anthropic’s responses to what it discovered:

This System Card assesses the model’s capabilities and reports many detailed safety evaluations. . . .

Claude Mythos Preview’s large increase in capabilities has led us to decide not to make it generally available. Instead, we are using it as part of a defensive cybersecurity program with a limited set of partners.^[170]

As Anthropic’s blog post summarized,

[d]uring our testing, we found that Mythos Preview is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so. The vulnerabilities it finds are often subtle or difficult to detect . . . .

The exploits it constructs are not just run-of-the-mill stack-smashing exploits . . . . In one case, Mythos Preview wrote a web browser exploit that chained together four vulnerabilities . . . . It autonomously obtained local privilege escalation exploits . . . . And it autonomously wrote a remote code execution exploit . . . . that granted full root access to unauthenticated users . . . .^[171]

Anthropic further disclosed that in the weeks leading up to Anthropic’s announcement of Mythos, Anthropic had used the model

to identify thousands of zero-day vulnerabilities . . . many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software.^[172]

One might be tempted to suspect that Anthropic trained Mythos to achieve such exceptional cyber capabilities (detecting zero-day vulnerabilities and writing code to exploit them). Anthropic’s blog post makes it clear that’s not how it happened:

We did not explicitly train Mythos Preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy. The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them.^[173]

That apparently brought Anthropic to an ethical crossroad: as Anthropic explained, Mythos could give attackers or defenders a significant advantage:

The advantage will belong to the side that can get the most out of these tools. In the short term, this could be attackers, if frontier labs aren’t careful about how they release these models. In the long term, we expect it will be defenders who will more efficiently direct resources and use these models to fix bugs before new code ever ships. But the transitional period may be tumultuous regardless.^[174]

Anthropic doesn’t mention it—not in its blog post on Mythos nor in the Mythos System Card—but imagine if Anthropic had developed Mythos, not using its own funds, but in the course of performing a DoD-funded R&D contract. Would DoD’s change in acquisition strategy and its insistence on being able to use an AI model for “all lawful uses” have allowed Anthropic to view Mythos’s unexpectedly powerful capabilities as an ethical crossroad—and to decide not to make it generally available, and only available to a limited set of users with usage restrictions attached?

Apparently, over the same period in which Anthropic was challenging in court the DoD’s “supply chain risk” designation because of Anthropic’s refusal to waive contractual provisions on usage restrictions, Anthropic arrived at a stage in its assessment of Mythos where Anthropic needed to decide how to prevent the malicious use of Mythos. Anthropic decided to invite a group of companies to concentrate on using Mythos to discover and remediate zero-day vulnerabilities—so that adversaries could not exploit them.

As explained by Anthropic, the company involved the participating companies in a project titled Project Glasswing^[175] (and subtitled Securing critical software for the AI era):

We formed Project Glasswing because of capabilities we’ve observed in a new frontier model trained by Anthropic that we believe could reshape cybersecurity. Claude Mythos Preview is a general-purpose, unreleased frontier model that reveals a stark fact: AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.

Mythos Preview has already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser. Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout—for economies, public safety, and national security—could be severe. Project Glasswing is an urgent attempt to put these capabilities to work for defensive purposes.^[176]

According to the announcement, more than forty companies will participate, including “Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.”^[177]

Within a few days of Anthropic’s announcement of Mythos and its release of the System Card detailing its cybersecurity capabilities, U.S. Secretary of the Treasury Scott Bessent convened a meeting in Washington attended by chief executives of major banks (e.g., Bank of America, Citi, and Wells Fargo) and the Federal Reserve chair, Jerome H. Powell.^[178] The Treasury secretary reportedly warned the bank executives that Mythos “could lead to heightened risks of cyberattacks” and that the model was particularly “good at identifying security vulnerabilities in software that human developers could not find.”^[179]

A couple of days later, the United Kingdom financial regulators reportedly held “urgent discussions with the government’s main cyber security watchdog and the country’s biggest banks to assess the risks posed”^[180] by Mythos. In addition, within a fortnight of those discussions, “[l]eading British banks, insurers and exchanges will be warned about the cyber security risks exposed by the model at a meeting with the regulators . . . .^[181]

Interestingly, notwithstanding the Presidential Directive and the Hegseth Directive and the ensuing lawsuits in federal courts, Anthropic’s April 7, 2026, blog post announcing plans for Project Glasswing disclosed:

Anthropic has also been in ongoing discussions with US government officials about Claude Mythos Preview and its offensive and defensive cyber capabilities. . . . [T]he emergence of these cyber capabilities is another reason why the US and its allies must maintain a decisive lead in AI technology. . . . We are ready to work with local, state, and federal representatives to assist in these tasks.^[182]

Nontraditional Defense Contractors and their counsel might well be discussing what to make of these developments and what, if any actions, they need to consider taking if, on one hand, a government CO sends them a notice directing that they cease doing business with Anthropic, and on the other hand, they have an opportunity to participate in Project Glasswing and to use Anthropic’s Mythos to identify and fix zero-day vulnerabilities in their digital networks (and possibly in military systems they are developing for the DoD).

VII. Lessons Nontraditional Defense Contractors and Their Counsel Might Draw

Actions of the magnitude of those taken by the president (through debarment from all federal contracts) and by the SECDEF (through the “supply chain risk” designation that purports to prohibit any U.S. military contractor from conducting “any commercial activity” with Anthropic) will be noticed by Nontraditional Defense Contractors and their counsel. They may perceive the actions as creating new risks for any company considering whether to become a U.S. defense contractor. The risks are new because they do not derive from the contractual relationship.

Neither the president’s nor the SECDEF’s actions cited a breach of contract by Anthropic. Their actions did not explain why the company should be subjected to measures expressly created and limited to use against the country’s “adversaries”—which means foreign adversaries, not political ones. Regrettably, the president’s Truth Social post of the Presidential Directive opens with words that would stigmatize Anthropic, not for its usage policies or reasons for them, but for not capitulating to DoD demands to relinquish them, notwithstanding that the usage terms were apparently in the contract awarded to Anthropic:

THE UNITED STATES OF AMERICA WILL NEVER ALLOW A RADICAL LEFT, WOKE COMPANY TO DICTATE HOW OUR GREAT MILITARY FIGHTS AND WINS WARS! That decision belongs to YOUR COMMANDER-IN-CHIEF, and the tremendous leaders I appoint to run our Military.

The Leftwing nut jobs at Anthropic have made a DISASTROUS MISTAKE trying to STRONG-ARM the Department of War, and force them to obey their Terms of Service instead of our Constitution.^[183]

The president’s and the SECDEF’s actions against Anthropic may also be perceived by Nontraditional Defense Contractors as creating a new context within which to read and interpret the Strategies Supplement, a document that throughout shows considerable thoughtfulness, care, and judgment.

The text of the Strategies Supplement shows that its authors made a diligent effort to create coherent, balanced strategies that will enable DoD and AI developers (traditional and nontraditional defense contractors) to negotiate for DoD to obtain the IP rights it really needs and to ensure the AI developers retain the IP rights they need for their commercial success and to be in a position to create the cutting-edge technologies that DoD needs to protect U.S. national security.

The Presidential and Hegseth Directives and the positions taken by the government Defendants in the Court adjudicating the Section 3252 designation create a context in which the Strategies Supplement may well appear skillful and truly well-intentioned, but is now irrevocably turned into a conflicted strategy. How will contractors read the Strategies Supplement differently and how will government contracting officers be guided by it differently, when there are demonstratable new risks that DoD may proceed with a conflicted strategy? The risks of a conflicted strategy include the following:

• conflicted in the pre-contract negotiations by accepting a contractor’s commercial license terms and usage restrictions, only to demand less than three months later that the contractor waive those usage restrictions;
• conflicted in the pre-contract negotiations by requiring henceforth a clause that permits DoD “all lawful uses” of a military AI system (and to achieve that by seeking to use IP rights to “re-train” the model to perform in ways that might exceed “lawful uses” (especially if “lawful” includes the laws of armed conflict); and
• conflicted in the post-contract award or performance period by threatening to resolve any dispute with a defense contractor by invoking Section 3252 or FASCSA to designate the contractor a “supply chain risk.”

The noted emphasis in the Strategies Supplement on “retraining the model” appears to have been an effort by its experienced and expert lawyer-authors at foresight, accurate foresight, which is really hard to do—and with that foresight to anticipate needs for correcting, improving, and possibly repurposing the AI system models contracted to support DoD activities and operations. It is doubtful the authors of the Strategies Supplement contemplated the DoD’s addition of “supply chain risk” designations to its IP-focused contract management toolkit, and having not foreseen that, they could not have refined the Strategies Supplement to resist wary and cautious reinterpretation by defense contractors as they observe DoD’s use of those designations. It would seem appropriate to ask (as many defense contractors and their counsel might): how does it serve DoD’s efforts to achieve superiority in military AI systems to deprive itself of AI models by Anthropic when for years it regarded them as among the best models available for DoD’s military and classified operational uses? It would also seem appropriate to ask: how does it serve DoD’s efforts to achieve missions in the current conflict with Iran to be phasing out use of Anthropic’s models that it is at present reportedly relying upon to conduct those warfare missions?^[184]

The president’s and SECDEF’s actions, by adding new and severe risks to contracting with DoD, create a context within which the Strategies Supplement may well be read and interpreted differently by Nontraditional Defense Contractors and their counsel than when first released in August 2025 and differently than its authors intended to express by their careful crafting of its text. The Strategies Supplement reads as an effort to give both DoD and its prospective AI system contractors a map to negotiating IP rights, with the implicit caution that failing to use the map well, or proceeding without a map, will lead to misunderstandings, disagreements, and disputes—which serve neither DoD nor its AI system contractors. One wonders what Nontraditional Defense Contractors will now make of the Strategies Supplement—and whether they will view it as representative of the positions that will be taken and honored by DoD’s ultimate decision-makers. What seems certain is that the DoD/Anthropic controversy will generate discussion among the Nontraditional Defense Contractors who are AI developers, and those discussions will lead to the AI developers asking their counsel some challenging questions. We consider what some of those questions might be in the final section of this article.

VIII. Concluding Observations

The DoD/Anthropic controversy provides several troubling issues that would cause many counsel for Nontraditional Defense Contractors to pause and consider what their clients might ask them to address as a result. The following questions would be reasonable for a Nontraditional Defense Contractor to ask counsel, regardless of how the DoD/Anthropic controversy is ultimately resolved:

1. In light of the SECDEF’s January 9, 2026, memorandum and its direction to include the all lawful purposes language in future DoD contracts for procurement of AI systems, can DoD be relied upon to honor an AI developer’s usage policies and restrictions that are incorporated into a procurement contract for an AI system?
2. Although the “supply chain risk” authority is expressly aimed at U.S. “adversaries,” can DoD be relied upon not to invoke that authority whenever a serious misunderstanding or disagreement arises in a procurement contract for an AI system between DoD and one of its AI developers?
3. If an AI developer wants to attract the best talent in order to compete successfully in the commercial market, is it best now to avoid bidding on DoD contracts and being put in a position of being ordered under DPA authority to perform a contract that would dissuade young, talented AI engineers from continuing to work at the company or applying to be employed by it?
4. In light of the SECDEF’s direction in his January 9, 2026, memorandum that “[t]he Department must also utilize models free from usage policy constraints that may limit lawful military applications,” how much can a Nontraditional Defense Contractor or a traditional defense contractor rely on the guidance contained in the Strategies Supplement as an accurate reflection of DoD’s current and future policy on IP rights in contracts for procurement of an AI system?
5. For the same reasons given in question #4, what seem to be DoD’s real aims in the emphasis so often in the Strategies Supplement on obtaining the rights to “retrain the model” of the AI developer?
6. In light of the Strategies Supplement’s early focus and emphasis on “if the program will retrain models or transfer them across platforms,” is there a serious risk that DoD will try to reinterpret license terms later in an AI system contract to justify its transferring of an AI developer’s AI models to its competitors and thereby to deprive the AI developer of its IP rights in those models, in both the government and commercial markets?

These questions suggest that DoD might be doing itself a disservice by trying to coax Silicon Valley start-up AI developers with the Strategies Supplement while at the same time taking the “supply chain risk” designation actions and positions it is taking in the current controversy with Anthropic.

In all fairness to the lawyer-authors of the Strategies Supplement, their efforts in drafting it undoubtedly aimed at avoiding disruptions in AI system procurement programs and at averting ruptures in AI system procurement contracts between DoD and highly talented AI developers. It is worth noting that the Strategies Supplement was published on August 25, 2025, more than two months after the DoD award of the AI procurement contract to Anthropic on July 14, 2025. But events can overtake and change the context of authors’ writings. So, in closing, it’s worth recalling Plato’s observations near the end of his dialogue Phaedrus, where Plato has Socrates comment on the risks that speeches, when written down, are exposed to once the words leave the hands of their author:

And when they have been once written down they are tumbled about anywhere among those who may or may not understand them, and know not to whom they should reply, to whom not: and, if they are maltreated or abused, they have no parent to protect them; and they cannot protect or defend themselves.^[185]

R.L.T.^[186]

Exhibit A

Exhibit B

1. © Copyright Roland Trope 2026. All rights reserved.

   Disclaimers:

   • The views expressed in this essay are solely those of its author and have not been approved by, and should not be attributed to, the author’s firm or clients; or the U.S. Military Academy at West Point, where the author lectured from 1992–2025.

   • Questions raised and issues identified in this essay are intended to clarify issues that may be encountered by counsel for companies that are or may be seeking prime contracts or subcontracts for AI systems acquisition by DoD. The raising of questions and issues herein are not intended and should not be interpreted as suggesting any criticism of DoD or of its procurement aims, policies, or strategies. ↑

2. “While there are various definitions of AI, in general, AI refers to computer systems that are able to solve problems and perform tasks that have traditionally required human intelligence and that continually get better at their assigned tasks.” U.S. Gov’t Accountability Off. (“GAO”), GAO-23-105850, Artificial Intelligence: DOD Needs Department-Wide Guidance to Inform Acquisitions 3 (June 2023).

   It is open to question whether all AI systems, including military AI systems, “continually get better at their assigned tasks,” as their models can degrade in performance or “crash.” See, e.g., Ilia Shumailov, Zakhar Shumaylov, Yiren Zhao, Nicolas Papernot, Ross Anderson & Yarin Gal, AI Models Collapse When Trained on Recursively Generated Data, 631 Nature 755 (2024); Zachary Arnold & Helen Toner, AI Accidents: An Emerging Threat—What Could Happen and What to Do, Ctr. for Sec. & Emerging Tech. (July 2021) (“[E]ven the most advanced artificial intelligence tools can unpredictably fail, potentially crippling the systems in which they are embedded.”). ↑

3. Evidence for this view includes the following:

   “The Pentagon is reportedly using AI to generate hundreds of recommendations for targets in Iran, pinpoint their location, prioritize their importance, and even evaluate whether the targeting is legal. . . . In addition to surveillance and targeting, the military is investing heavily in the development of autonomous weapons, which can select targets and take lethal action with varying degrees of human involvement.” Amos Toh & Emile Ayoub, The Military’s Use of AI, Explained, Brennan Ctr. for Just. (Mar. 12, 2026).

   “AI is no longer a peripheral advantage but a cornerstone of military operations, influencing everything from strategic-level decision-making to tactical execution. It enhances operational efficiency, provides unparalleled analytical capability, and is fundamentally reshaping future geopolitical scenarios. . . . AI provides unmatched cognitive velocity, data processing and analysis of information at a speed and scale impossible for humans, turning vast datasets from the battlefield into actionable intelligence and productive decisions. As the conflict in Eastern Europe has demonstrated, the effective use of AI for target recognition, data analysis and drone operations can be a decisive factor, allowing a smaller, technologically adept force to challenge a larger adversary.” Lt. Col. Aditya S. Khurana, The Algorithmic Battlefield: Forging the U.S. Army’s Future Dominance with a New Breed of Acquisition Leader, U.S. Army Acquisition Support Ctr.: Behind the Frontlines (Mar. 2, 2026) (emphasis added).

   “AI-enabled tools accelerate sensor fusion, compress timelines, and extend the reach of tactical formations. . . . Yet technology continues to outpace the Army’s ability to prepare the humans responsible for interpreting and acting within these systems. Contemporary work on cognitive warfare argues that the modern battlefield extends into the human mind, where contests over identity and resolve begin long before physical first contact. . . . [H]uman performance remains the decisive variable. As AI expands sensing and increases operational tempo, identity alignment becomes the factor that enables soldiers to exercise judgment, interpret intent, and act with confidence in uncertain conditions. Identity alignment is the internal coherence between a soldier’s sense of self and the demands of his or her role. . . . AI can flood formations with information, but identity-aligned soldiers decide what matters and what to act on.” Jerae Perez, When Automation Accelerates War, Identity Determines Victory, Mod. War Inst. at West Point (Jan. 26, 2026) (emphasis added). ↑

4. The statutorily authorized legal name is the “Department of Defense,” established by the National Security Act Amendments (“NSAA”) of 1949, Pub. L. No. 81-216, 63 Stat. 578 (1949). On September 5, 2025, President Trump issued Executive Order (“EO”) 14347, entitled Restoring the United States Department of War. EO 14347, contrary to its title, did not replace the name “Department of Defense” with “Department of War,” nor did it purport to override the NSAA of 1949. Instead, EO 14347 “authorized” the use of “Department of War” as a secondary title:

   Sec. 2. Implementation. (a) The Secretary of Defense is authorized the use [sic] of this additional secondary title—the Secretary of War—and may be recognized by that title in official correspondence . . . and non-statutory documents within the executive branch.

   (b) The Department of Defense and the Office of the Secretary of Defense may be referred to as the Department of War and the Office of the Secretary of War, respectively, in the contexts described in subsection (a) of this section.

   . . .

   (d) All executive departments and agencies shall recognize and accommodate the use of such secondary titles in internal and external communications, provided that the use of such titles does not create confusion with respect to legal, statutory, or international obligations.”

   EO 14347, 90 F.R. 43893 (Sep. 5, 2025), §§ 2(a), (b), (d) (emphasis added).

   In this essay, all references are to the DoD, its official statutory title and the title used in the key document under analysis, issued in August 2025 by the Office of the Under Secretary of Defense for Acquisition and Sustainment and entitled “Intellectual Property Strategies for Artificial Intelligence Programs: A Supplement to the Intellectual Property Guidebook for DoD Acquisition” (emphasis added). Where public announcements or court proceedings adopt the alternative title DoW, the essay will for clarity use such title, but otherwise, the term DoD is used in this essay’s text. Use of the statutory term DoD is not to be interpreted as any criticism or disrespect for EO 14347 nor for officials who, acting on its authority, use the term “DoW.” ↑

5. GAO, Artificial Intelligence, supra note 2, at 5. ↑

6. A brief primer on ML from Scientific American:

   Machine learning is the dominant subset of artificial intelligence. It underlies generative AI systems like ChatGPT and DALL-E 2. There are three components to machine learning: an algorithm or a set of algorithms, training data and a model. An algorithm is a set of procedures. In machine learning, an algorithm learns to identify patterns after being trained on a large set of examples—the training data. Once a machine-learning algorithm has been trained, the result is a machine-learning model. The model is what people use.

   For example, a machine-learning algorithm could be designed to identify patterns in images, and training data could be images of dogs. The resulting machine-learning model would be a dog spotter. You would feed it an image as input and get as output whether and where in the image a set of pixels represents a dog.

   Saurabh Bagchi, Why We Need to See Inside AI’s Black Box, Sci. Am. (May 26, 2023). ↑

7. Hari Sreenivasan & Kate Conger, Amid Pressure from Employees, Google Drops Pentagon’s Project Maven Account, PBS News (June 3, 2018) (transcript). ↑

8. Scott Shane & Daisuke Wakabayashi, “The Business of War”: Google Employees Protest Work for the Pentagon, N.Y. Times (Apr. 4, 2019). ↑

9. Letter from Google Employees to Google CEO, Sundar Pichai (published as an attachment to Shane & Wakabayashi, supra note 8) (emphasis in original). ↑

10. 41 U.S.C. 7103(g) (emphasis added). ↑

11. 48 C.F.R. § 33.215(a). ↑

12. Id. § 52.233-1(i) (May 2014) (emphasis added). ↑

13. Although the clause will initially appear in a prime contract subject to the DFARS, the prime contract will usually flow down that clause to the prime’s first-tier subcontractors; and they, in turn, will usually flow it down to their subcontractors. ↑

14. If the contractor’s claim is ultimately sustained, the disputes clause requires the USG to pay interest on the amount found due and unpaid “from (1) the date that the Contracting Officer receives the claim (certified, if required), or (2) the date that payment otherwise would be due, if that date is later, until the date of payment.” 48 C.F.R. § 52.233-1(h). ↑

15. Past Performance, FAI.gov (last visited Mar. 8, 2026) (emphasis added). ↑

16. Def. Acquisition Univ., Contractor Performance Assessment Report (CPAR) and the Contractor Performance Assessment Reporting System (CPARS) (APMT 019) (last visited Mar. 9, 2026). ↑

17. Id. (emphasis added). ↑

18. Billy Mitchell, The ‘Silver Lining’ in the Fallout Between Google and Project Maven, FedScoop (Dec. 10, 2019). ↑

19. Tom Simonite, 3 Years After the Project Maven Uproar, Google Cozies to the Pentagon, Wired (Nov. 18, 2021). ↑

20. Id. ↑

21. Ronald Fox, A-12 Termination Sets Harmful Precedent for Defense Programs, Nat’l Def. Mag. (Jan. 1, 2003). ↑

22. Mitchell, supra note 18. ↑

23. Id. ↑

24. Off. of the Under Sec’y of Def. for Acquisition & Sustainment, Intellectual Property Guidebook for DoD Acquisition (Apr. 30, 2025). ↑

25. Off. of the Under Sec’y of Def. for Acquisition & Sustainment, Dep’t of Def., Intellectual Property Strategies for Artificial Intelligence Programs: A Supplement to the Intellectual Property Guidebook for DoD Acquisition (Aug. 25, 2025) [hereinafter Strategies Supplement]. ↑

26. U.S. Gov’t Accountability Off., GAO-06-839, Weapons Acquisition: DOD Should Strengthen Policies for Assessing Technical Data Needs to Support Weapon Systems (July 2006) (emphasis added). ↑

27. Id. ↑

28. Strategies Supplement, supra note 25, § 2.1.2, at 4 (emphasis added). ↑

29. Id. at 2, 4 (twice), 5, 8. ↑

30. Id. at 7 (twice), 11, 14. ↑

31. A notable exception was the major, multiyear overhaul of four of the oldest U.S. Ohio-class ballistic submarines during the period 2002–2008, to be converted into guided-missile submarines capable of firing and controlling Tomahawk cruise missiles and to be modified so that two of the submarines’ twenty-four large vertical payload tubes were converted to lockout chambers for Special Forces personnel, e.g., Navy SEALS. About the US Submarine Programs, Submarine Indus. Base Council (last visited Mar. 9, 2026). ↑

32. Strategies Supplement, supra note 25, at 4 (emphasis added). Note: The second appearance of “retrain models” appears later on the same page, in an identical statement to the first, but in a section entitled “AI-Specific Data Types and Categories.” This is addressed later in this article. ↑

33. Saurabh Bagchi, Why We Need to See Inside AI’s Black Box, Sci. Am. (May 26, 2023) (emphasis added). ↑

34. Strategies Supplement, supra note 25, § 2.3, at 9 (emphasis added). ↑

35. Id. § 2.1.2, at 4. ↑

36. Id. § 2.1.3, at 4–5 (emphasis added). Note: The second appearance of “retrain models” appears later on the same page, in an identical statement to the first, but in a section entitled “AI-Specific Data Types and Categories.” This is addressed later in this essay. ↑

37. Id. (emphasis added). ↑

38. NB: A number of facts about the DoD/Anthropic controversy came to light in the account provided in the U.S. District Court for the Northern District of California Order Granting [Anthropic’s] Motion for Preliminary Injunction issued March 26, 2026. Anthropic PBC v. U.S. Department of War, No. 3:26-cv-01996-RFL (N.D. Cal. Mar. 26, 2026) (order granting preliminary injunction) [hereinafter 3/26 Order]. This article cites the 3/26 Order as the source for facts drawn from it. ↑

39. Id. at 3. ↑

40. George Hammond & Steff Chávez, Pete Hegseth Threatens to Cut Anthropic from Pentagon Supply Chain in Showdown with CEO, Fin. Times (Feb. 24, 2026). ↑

41. 3/26 Order, supra note 38, at 3. ↑

42. Id. The District Court explained at page 3: “When given access to tools, Claude can act as an agent of the user (‘agentically’)—or even autonomously—executing tasks without requiring ongoing user direction.” ↑

43. Id. at 4. ↑

44. Id. at 5. ↑

45. Petitioner’s Emergency Motion for Stay Pending Review, Relief Requested by March 26, 2026, at 8, Anthropic PBC v. U.S. Department of War, No. 26-1049 (D.C. Cir. Mar. 11, 2026). ↑

46. Id. ↑

47. Jennifer Jacobs, Jo Ling Kent & Caitlin Yilek, What’s Behind the Anthropic-Pentagon Feud, CBS News (Feb. 25, 2026). ↑

48. Other Transaction Authority (“OTA”) agreements are increasingly used for DoD procurement of frontier or emerging technologies. Contract clauses that the FAR or DFARS mandate be included in DoD contracts are not required to be in OTA agreements because the FAR and DFARS do not apply to OTA agreements. OTAs were created to

    give DoD the flexibility necessary to adopt and incorporate business practices that reflect commercial industry standards and best practices into its award instruments. When leveraged appropriately, OTs provide the Government with access to state-of-the-art technology solutions from traditional and non-traditional defense contractors (NDCs), through a multitude of potential teaming arrangements tailored to the particular project and the needs of the participants.

    Off. of the Under Sec’y of Def. for Acquisition & Sustainment, Other Transactions Guide 4 (ver. 2.0, July 2023). ↑

49. 3/26 Order, supra note 38, at 5. ↑

50. Press Release, Anthropic, Anthropic and the Department of Defense to Advance Responsible AI in Defense Operations (July 14, 2025). ↑

51. 3/26 Order, supra note 38, at 5. ↑

52. Id. Anthropic, as of this writing, is no longer the only AI developer with its model in use on DoD classified systems. The last week of February 2026, DoD decided “to put xAI at the center of some of the nation’s most sensitive and secretive operations by agreeing to allow its chatbot Grok to be used in classified settings.” Shalini Ramachandran, Heather Somerville & Amrith Ramkumar, Government Agencies Raise Alarm About Use of Elon Musk’s Grok Chatbot, Wall St. J. (Feb. 27, 2026). ↑

53. Keach Hagey, Shalini Ramachandran & Amrith Ramkumar, Anthropic-Pentagon Clash over Limits on AI Puts $200 Million Contract at Risk, Wall St. J. (Jan. 29, 2026). ↑

54. Press Release, Anthropic, Anthropic and the Department of Defense to Advance Responsible AI in Defense Operations (July 14, 2025) (emphasis added). ↑

55. 3/26 Order, supra note 38, at 4 (citations omitted). ↑

56. Hagey, Ramachandran & Ramkumar, supra note 53. ↑

57. 3/26 Order, supra note 38, at 4. ↑

58. Hagey, Ramachandran & Ramkumar, supra note 53. ↑

59. 3/26 Order, supra note 38, at 5. ↑

60. Petitioner’s Emergency Motion for Stay Pending Review, Relief Requested by March 26, 2026, at 8, Anthropic PBC v. U.S. Department of War, No. 26-1049 (D.C. Cir. Mar. 11, 2026). ↑

61. The Court in its 3/26 Order, at page 4, footnote 2, explained its use of the term “DoW”: “In the complaint, motion papers, and evidence, the parties refer to the Department of Defense as the ‘Department of War’ or ‘DoW.’ . . . This Order adopts the parties’ phrasing for consistency and ease of reference.” Except when quoting the 3/26 Order, this article will adhere to referring to the Department by its statutory name, that is, the Department of Defense or DoD. ↑

62. 3/26 Order, supra note 38, at 5–6 (emphasis added) (citations omitted). ↑

63. Dario Amodei, The Adolescence of Technology: Confronting and Overcoming the Risks of Powerful AI (Jan. 2026). ↑

64. Id. (emphasis in original). ↑

65. Id. ↑

66. Id. (citation omitted). ↑

67. Amrith Ramkumar, Keach Hagey & Vera Bergengruen, Pentagon Used Anthropic’s Claude in Maduro Venezuela Raid, Wall St. J. (Feb. 15, 2026). ↑

68. Id. ↑

69. 3/26 Order, supra note 38, at 6. ↑

70. Usage Policy, Anthropic (effective Sept. 15, 2025). ↑

71. Id. (image on file with author). ↑

72. Memorandum from Pete Hegseth, SECDEF, Artificial Intelligence Strategy for the Department of War (Jan. 9, 2026). ↑

73. Id. at 1. ↑

74. Id. at 3 (emphasis added). ↑

75. Id. at 1–5 (emphasis added). Note: It would appear that this issuance, in January 2026, of a directive to “incorporate standard ‘any lawful use’ language” into DoD AI system and service procurement contracts suggests that language was not contained in the AI system or service contract awarded by DoD to Anthropic on July 14, 2025. ↑

76. Hagey, Ramachandran & Ramkumar, supra note 53. ↑

77. Id. ↑

78. Id. ↑

79. Filip Timotija & Julia Shapero, Anthropic on Shaky Ground with Pentagon Amid Feud After Maduro Raid, Hill (Feb. 19, 2026). ↑

80. Id. (emphasis added). ↑

81. Brendan Bordelon, Pentagon Sets Friday Deadline for Anthropic to Abandon Ethics Rules for AI—or Else, Politico (Feb. 24, 2026) (emphasis added). ↑

82. 3/26 Order, supra note 38, at 7. ↑

83. Id. ↑

84. The term “all lawful uses” was a new contractual phrase the SECDEF introduced in his January 9, 2026, memorandum (supra note 72). As a contractual term it has potentially ominous implications, especially in the context of development of military AI systems. As one commentator observed:

    [W]here a contract permits “all lawful uses,” companies should assume that government customers will interpret that language broadly as carte blanche to use the tools in whatever manner they wish and that the government will take action against contractors that take any steps to try to enforce that “lawful uses” limit to prohibit activity the contractor may believe to be unlawful.

    ‘All Lawful Uses’: Precautions AI Businesses Need to Take After Anthropic v. US DoW, Herbert Smith Freehills Kramer (Mar 26, 2026). ↑

85. 3/26 Order, supra note 38, at 7 (emphasis added). ↑

86. Id. (emphasis added). See also Jennifer Jacobs & Joe Walsh, Pentagon Official Lashes Out at Anthropic as Talks Break Down: “You Have To Trust Your Military to Do the Right Thing,” CBS News (Feb. 26, 2026). ↑

87. 10 U.S.C. § 3252 (emphasis added). This authority was created by section 881 of the 2019 National Defense Authorization Act. ↑

88. 10 U.S.C. § 3252(d)(5). ↑

89. 44 U.S.C. § 3552(b)(6) (emphasis added). ↑

90. 10 U.S.C. § 3252(d)(2). ↑

91. 10 U.S.C. § 3252(b) (emphasis added). ↑

92. Steff Chávez & George Hammond, Anthropic to Sue Trump Administration After AI Lab Is Labelled Security Risk, Fin. Times (Feb. 27, 2026). ↑

93. 10 U.S.C. § 3252(c). ↑

94. Id. § 3252(c)(1). ↑

95. DPA § 101(a), 50 U.S.C. § 4511(a). ↑

96. Id. ↑

97. Brendan Bordelon, ‘Incoherent’: Hegseth’s Anthropic Ultimatum Confounds AI Policymakers, Politico (Feb. 26, 2026). ↑

98. Id. ↑

99. Dario Amodei, Statement from Dario Amodei on Our Discussions with the Department of War, Anthropic (Feb. 26, 2026) (emphasis in original). ↑

100. President Donald J. Trump (@realDonaldTrump), Truth Soc. (Feb. 27, 2026, at 3:47 PM) (emphasis added). A copy of President Trump’s complete posting, which provides the president’s explanation of his decision, is attached to this essay as Exhibit A and linked in this sentence. ↑

101. 10 U.S.C. § 3252 (emphasis added). This authority was created by section 881 of the 2019 National Defense Authorization Act. ↑

102. Secretary of War Pete Hegseth (@SecWar), X (Feb. 27, 2026, at 5:14 PM) (emphasis added). A copy of SECDEF Hegseth’s complete posting, which provides his explanation of his decision, is attached to this essay as Exhibit B and linked in this sentence. ↑

103. 10 U.S.C. § 3252(d)(2). ↑

104. 3/26 Order, supra note 38, at 9. ↑

105. Chávez & Hammond, supra note 92. ↑

106. 3/26 Order, supra note 38, at 9. ↑

107. Petition for Review at 1, Anthropic PBC v. U.S. Department of War, No. 26-1049 (D.C. Cir. Mar. 9, 2026) (citing the FASCSA Letter). ↑

108. Id. at 3. ↑

109. Section 3252 Letter, at 1 (citations omitted). ↑

110. 3/26 Order, supra note 38, at 10 (citing the Section 3252 Letter). ↑

111. 10 U.S.C. § 3252 (emphasis added). This authority was created by section 881 of the 2019 National Defense Authorization Act. ↑

112. 41 U.S.C. § 4713 (emphasis added); 10 U.S.C. § 3252 (emphasis added). ↑

113. FASCSA, 41 U.S.C. § 1327(b)(1). ↑

114. Per Curiam Order Filed (Special Panel) at 1, 4, Anthropic PBC v. United States Department of War, No. 26-1049 (D.C. Cir. Apr. 8, 2026), ECF No. 1208838678. ↑

115. Id. at 3. ↑

116. Id. at 4 (footnote omitted). ↑

117. Id. at 2. ↑

118. In a status conference held on March 10, 2026, the Court determined that Anthropic’s motion should be handled in the preliminary injunction posture rather than in the temporary restraining order posture. Reasons: to allow for development of a fuller record and afford time for the government Defendants to respond. 3/26 Order, supra note 38, at 18. ↑

119. Complaint for Declaratory and Injunctive Relief at 4, ¶ 11, Anthropic PBC v. U.S. Department of War, No. 3:26-cv-01996-RFL (N.D. Cal. Mar. 9, 2026) (emphasis added). ↑

120. Id. ¶¶ 12–16. ↑

121. 3/26 Order, supra note 38, at 1. ↑

122. Id. ↑

123. Id. ↑

124. Id. at 1–2. ↑

125. Id. at 2. ↑

126. Id. ↑

127. Id. ↑

128. Id. ↑

129. Id. ↑

130. Id. ↑

131. Id. at 3. ↑

132. Id. at 12. ↑

133. Id. ↑

134. Id. at 15. ↑

135. Id. at 16 (emphasis added). ↑

136. Id. ↑

137. Id. ↑

138. Id. ↑

139. Declaration of Paul Smith at ¶ 12, Anthropic PBC v. U.S. Department of War, No. 3:26-cv-01996-RFL (N.D. Cal. Mar. 9, 2026), Dkt. No. 6-4. ↑

140. Id. ¶ 13. ↑

141. Id. ↑

142. Id. ↑

143. Id. ¶ 14. ↑

144. 3/26 Opinion, supra note 38, at 19. ↑

145. Id. at 22. ↑

146. Id. at 24 (citation omitted). ↑

147. Id. at 25. ↑

148. Id. ↑

149. Id. at 27. ↑

150. Id. at 29. ↑

151. Id. at 30. ↑

152. Id. ↑

153. Id. ↑

154. Id. ↑

155. Id. ↑

156. Id. at 34. ↑

157. Id. at 30. ↑

158. Id. at 35. ↑

159. Preliminary Injunction Order at 1–2, Anthropic PBC v. U.S. Department of War, No. 3:26-cv-01996-RFL (N.D. Cal. Mar 26, 2026). ↑

160. Id. at 3. ↑

161. Id. at 2. ↑

162. Preliminary Injunction Time Schedule Notice at 3, Anthropic PBC v. U.S. Department of War, No. 26-2011 (9th Cir. Apr. 2, 2026). ↑

163. It’s unclear from the Status Report what the government Defendants’ current position is regarding the use of Anthropic’s Claude AI models by NASA. As disclosed by NASA’s Jet Propulsion Laboratory (“JPL”),

     NASA’s Perseverance Mars rover has completed the first drives on another world that were planned by artificial intelligence. Executed on Dec. 8 and 10 . . . the demonstration used generative AI to create waypoints for Perseverance, a complex decision-making task typically performed manually by the mission’s human rover planners. . . . [NASA Administrator Jared Isaacman stated,] “Autonomous technologies like this can help missions to operate more efficiently, respond to challenging terrain, and increase science return as distance from Earth grows. It’s a strong example of teams applying new technology carefully and responsibly in real operations.”

     . . .

     The initiative was led out of JPL’s Rover Operations Center (ROC) in collaboration with Anthropic, using the company’s Claude AI models.

     NASA’s Perseverance Rover Completes First AI-Planned Drive on Mars, JPL (Jan 30, 2026). ↑

164. Defendants’ Status Report at 2–3, Anthropic PBC v. U.S. Department of War, No. 3:26-cv-01996-RFL (N.D. Cal. Apr. 6, 2026), Dkt. No. 146. ↑

165. Id. at 2. ↑

166. This vague reference in the Status Report, without date or title, may refer to the SECDEF’s January 9, 2026, memorandum to senior Pentagon leadership, commanders of combatant commands, and defense agency and DoD field activity directors, entitled Artificial Intelligence Strategy for the Department of War, discussed supra note 72. ↑

167. Defendants’ Status Report at 2–3, Anthropic PBC v. U.S. Department of War, No. 3:26-cv-01996-RFL, (N.D. Cal. Apr. 6, 2026), Dkt. No. 146. ↑

168. Nicholas Carlini et al., Assessing Claude Mythos Preview’s Cybersecurity Capabilities, Anthropic: Frontier Red Team Blog (Apr. 7, 2026). ↑

169. As GAO explains:

     A zero-day vulnerability can lead to a threat actor exploiting a previously unknown hardware, firmware, or software vulnerability, which has no existing official fix or patch. . . . By writing an exploit for the previously unknown vulnerability, an attacker creates a potent threat since the compressed time frame between public discoveries of both makes it difficult to defend against.

     U.S. Gov’t Accountability Off., GAO-22-104746, Cybersecurity: Federal Response to SolarWinds and Microsoft Exchange Incidents, 2 n.6, 5 (Jan. 2022). ↑

170. System Card: Claude Mythos Preview 3, Anthropic (Apr. 7, 2026) (emphasis added). ↑

171. Nicholas Carlini et al., Assessing Claude Mythos Preview’s Cybersecurity Capabilities, Anthropic: Frontier Red Team Blog (Apr. 7, 2026) (emphasis added). ↑

172. Project Glasswing: Securing Critical Software for the AI Era, Anthropic (last visited Apr. 14, 2026). ↑

173. Nicholas Carlini et al., Assessing Claude Mythos Preview’s Cybersecurity Capabilities, Anthropic: Frontier Red Team Blog (Apr. 7, 2026). ↑

174. Id. ↑

175. Anthropic explained that it named the project “Glasswing” for the glasswing butterfly, Greta oto, and added, “The metaphor can be applied in two ways: the butterfly’s transparent wings let it hide in plain sight, much like the vulnerabilities discussed in this post; they also allow it to evade harm—like the transparency we’re advocating for in our approach.” Project Glasswing: Securing Critical Software for the AI Era, Anthropic (last visited Apr. 14, 2026). ↑

176. Id. (emphasis at “Given the rate of AI progress . . .” and at “Project Glasswing is an urgent attempt . . .” added). ↑

177. Id. ↑

178. Rob Copeland & Colby Smith, Banks Are Warned About Anthropic’s New, Powerful A.I. Technology, N.Y. Times (Apr. 10, 2026). ↑

179. Id. ↑

180. Martin Arnold, UK Financial Regulators Rush to Assess Risks of Anthropic’s Latest AI Model, Fin. Times (Apr. 12, 2026). ↑

181. Id. ↑

182. Project Glasswing: Securing Critical Software for the AI Era, Anthropic (last visited Apr. 14, 2026). ↑

183. President Donald J. Trump (@realDonaldTrump), Truth Soc. (Feb. 27, 2026, at 3:47 PM). ↑

184. Tara Copp, Elizabeth Dwoskin & Ian Duncan, Anthropic’s AI Tool Claude Central to U.S. Campaign in Iran, amid a Bitter Feud, Wash. Post (Mar. 4, 2026). ↑

185. Plato, Phaedrus (B. Jowett trans.). ↑

186. The author wishes to thank Olivia Stovicek and Sheila V. Sybrant for their careful and thoughtful editing of this article, which improved it substantially. ↑

The Business Law Section’s Mergers & Acquisitions Committee boasts more than 5,000 members—from sixty-one countries on six continents—making it the largest committee in the Section. To mark the forty-year anniversary of the Committee, the cochairs of the Committee’s Membership & Diversity Subcommittee, Caitlin Rose and Tracy Washburn, and the Subcommittee’s DEI (diversity, equity, and inclusion) director, Sachin Java, reflect on twenty-five distinct advantages to participating on the M&A Committee.

1. Master the art of high-stakes negotiation from peers who’ve seen it all.

Committee discussions dissect real-world deal tactics, from earnouts to sandbagging, led by practitioners who’ve closed billions in transactions. Learning directly from those at the forefront sharpens your instincts and negotiation strategy.

2. Influence national policy and the evolution of deal practice.

Members contribute to commentaries and model agreements that shape how transactions are executed across the country. Your perspective directly informs the standards that define fairness, efficiency, and market alignment.

3. Help define what “market” truly means.

Beyond deal points studies, you’ll be part of the debate that drives consensus on terms like indemnification caps and closing conditions. It’s where theory meets active market practice.

4. Build enduring relationships with leading M&A practitioners nationwide.

Networking here means more than swapping business cards; it’s about forming trusted connections with deal lawyers who understand your world and often become co-counsel, counterparts, or lifelong friends.

5. Mentor the next generation of transactional talent.

The Committee fosters meaningful cross‑generational mentorship, allowing seasoned practitioners to share hard‑earned insight and emerging lawyers to accelerate their development.

6. Stay ahead of emerging trends.

From innovative investment structures to evolving approaches to rollover equity, you gain early visibility into developments before they become mainstream.

7. Gain insider perspective on ABA model documents and their evolution.

You won’t just use the model stock purchase agreement; you’ll hear firsthand why each clause evolved and how practitioners negotiate around it.

8. Publish, present, and elevate your professional profile.

Committee work creates opportunities to contribute to white papers, continuing legal education (“CLE”) programs, and working group reports that enhance your visibility within the national M&A bar.

9. Expand your toolkit for addressing complex deal structures.

Exposure to sophisticated transaction mechanics and hybrid financing strategies equips you to craft more tailored, effective solutions for clients.

10. Exchange practical insights unavailable in CLEs or treatises.

Committee dialogue is dynamic, candid, and grounded in experience, not theoretical summaries. It’s the kind of off-the-record learning that accelerates professional growth.

11. Contribute your experience to resources relied upon across the profession.

Your input helps shape ABA publications and tools that thousands of practitioners use to benchmark precision and fairness in deal terms.

12. Explore cutting-edge issues: artificial intelligence; environmental, social, and governance (“ESG”); earnouts; and beyond.

When emerging trends intersect with transactional risk, this Committee is often the first to analyze their implications with rigor and practicality.

13. Connect with lawyers fluent in “markup,” “materiality scrape,” and “sandbagging.”

Everyone speaks the same M&A language here. The shorthand, humor, and respect for detail make every meeting feel like home turf.

14. Develop leadership experience through national working groups and task forces.

Volunteering to lead a subgroup or project builds both visibility and credibility, skills that translate directly to client and firm leadership.

15. Become a go‑to resource within the national dealmaking community.

The more you share and collaborate, the more colleagues instinctively look your way when key issues arise in negotiations or client guidance.

16. Tackle cross-border M&A where “material adverse effect” means different things in six time zones.

You’ll learn from counsel across jurisdictions who navigate complex international deal standards with agility and insight.

17. Engage directly with members of the Delaware judiciary.

Few forums offer such proximity to the judges whose decisions shape M&A jurisprudence, providing unparalleled insight into Chancery Court reasoning.

18. Strengthen your negotiation presence with insights that command respect.

Armed with perspectives from leading experts, you anchor positions with authority and anticipate counterpart arguments with precision.

19. Understand the strengths and limitations of deal points studies.

Committee sessions dissect methodology, data integrity, and outliers, enabling you to cite studies with confidence and sophistication.

20. Experience the Committee’s legendary debates.

Every group has its traditions; here, spirited exchanges, like the classic Joel‑versus‑Rick debate, advance ideas and deepen collegiality.

21. Reconnect with colleagues and friends in a collegial, deal‑focused environment.

Annual meetings blend substantive programming with genuine camaraderie, reinforcing that relationships are as important as closings.

22. Score hot rates at the Montage Laguna Beach.

Yes, the M&A stand-alone conference has perks. The premier location offers an inspiring setting for high‑level dialogue.

23. Share memorable moments with distinguished practitioners and judges.

Whether discussing a vice chancellor’s favorite Serie A team or comparing deal war stories, these interactions humanize the profession and strengthen bonds.

24. Lead or judge the MAC Cup, the Committee’s premier mock negotiation competition.

Coach, judge, or organize this high‑pressure student competition, an opportunity to shape rising talent while revisiting the intensity of live negotiation.

25. Build authentic connections within a community united by dealmaking.

Beachside conversations, spirited karaoke nights, and fireside discussions remind you that genuine relationships, both professional and personal, anchor the M&A community. Shared curiosity and passion for transactional work make this Committee not just an organization, but a true professional home.

The ABA Business Law Section is hosting its Spring Meeting in Atlanta on April 16–18, 2026, at the Hilton Atlanta. This event brings together legal professionals from around the world and offers 50+ CLE programs, networking receptions, practice group committee meetings, and ticketed dinners. With so many events happening at once, choosing which CLEs, receptions, and dinners to attend can be challenging, especially for in-house counsel. To assist, the Business Law Section’s In-House Counsel Committee has created the guide below, curated for in-house Counsel attending the ABA Business Law Section’s Spring Meeting in Atlanta this April.

ABA Business Law Section Spring Meeting: The In-House Counsel Track

This track presents one path through the conference for in-house counsel, but please note that there are other programs of interest, including others co-sponsored by the In-House Counsel Committee. Refer to the Spring Meeting agenda for details.

Bolded programs are presented by the In-House Counsel Committee.

Thursday, April 16, 2026

Friday, April 17, 2026

Saturday, April 18, 2026

The ABA Business Law Section’s Spring Meeting is a great place to network, learn, and explore a new city. It is especially valuable for in-house counsel to learn new practice areas, meet potential outside counsel, and network with fellow in-house counsel. We look forward to seeing you there!

To mark the forty-year anniversary of the Business Law Section’s Mergers & Acquisitions (“M&A”) Committee, Ann Beth Stebbins, one of the cochairs of the Committee’s Acquisitions of Public Companies Subcommittee, reflects on developments in public company M&A in the last forty years.

The Transformational Impact of the Revlon Decision

In October 1986, the Delaware Supreme Court issued its opinion in Revlon, Inc. v. MacAndrews & Forbes Holdings, Inc., defining the duties owed to shareholders when a board determines to sell a company. Revlon came on the heels of several seminal Delaware decisions in 1985, most notably Smith v. Van Gorkom and Unocal Corp. v. Mesa Petroleum Co., which focused on defensive measures a board could reasonably adopt to address perceived threats to corporate policy. The Revlon decision established a critical limitation on the board’s ability to implement defensive measures once the sale or breakup of a company is inevitable, with the board’s role shifting from defender of corporate policy to that of an auctioneer charged with securing the best price reasonably available for shareholders. Revlon imposes enhanced scrutiny on board conduct in a sales context, and directors must demonstrate that they acted to obtain the highest value reasonably available for shareholders.

The Revlon decision ushered in the modern era of M&A practice, with a focus on process design and board conduct. Following Revlon, market practice evolved to include competitive auctions, an increased reliance on financial advisers to identify interested buyers and assist in price negotiations, and procedural safeguards such as special committees to insulate a process from conflicts. Since Revlon, deal protections have become a focal point of merger agreement negotiations, with buyers pressing for terms that secure deal certainty while target boards must justify that deal protections do not impede competitive offers that could result in greater value for shareholders. Revlon also spawned a flood of fiduciary duty litigation focused on process and whether a board had satisfied its duty to obtain the highest value reasonably available for shareholders. The litigation landscape prompted more formalized board processes, as well as extensive disclosure of merger negotiations and board deliberations.

The Globalization of M&A Activity

Beginning in the 1990s, strategic buyers ramped up geographic expansion on a global scale through cross-border M&A. The privatization of state-owned assets and deregulation in sectors such as telecom, utilities, and airlines created more cross-border targets. Trade liberalization and regional integration, including the formation of the European Union, the North American Free Trade Agreement, and the Association of Southeast Asian Nations, reduced barriers for foreign buyers and liberalized inbound and outbound investment. Many companies pursued a multinational M&A strategy to achieve scale, global market access, local distribution channels, and supply chain diversification. Law firms and investment banks expanded their global capabilities to structure and negotiate multijurisdictional deals, which often involved complex legal, regulatory, and tax issues. Cross-border M&A activity has been cyclical during the period, reflecting macroeconomic conditions, interest rate and foreign exchange fluctuations, and geopolitical shifts. Deal activity in recent years has been influenced by government priorities, balancing cross-border investment with national interests.

The Regulatory Environment

Global regulatory regimes have become an important part of the M&A landscape. The rise of national security and foreign investment screening has been a significant trend over the past few decades. Governments across the globe have broadened the scope of reviews and are applying stricter approval standards, especially in sectors involving technology and personal data. The expansion of the Committee on Foreign Investment in the United States and the proliferation of similar international regimes have lengthened transaction approval timelines, imposed conditional remedies, and introduced deal uncertainty.

Antitrust scrutiny has also intensified. Following years of antitrust enforcement based on a “consumer welfare” framework, U.S. regulators adopted a more aggressive posture in the last decade, scrutinizing transactions in the technology sector, introducing new theories of competitive harm, and litigating to block transactions. The regulatory agencies have recalibrated their priorities under the Trump administration and are generally viewed as taking a more pragmatic approach to mergers; however, high-profile transactions may draw attention from politicians on the state and national levels. Disclosure obligations have increased dramatically, with filings requiring extensive document production, expanded narrative explanations, and granular line-item detail. Sophisticated merger control regimes have developed worldwide, and global cooperation has intensified, beginning with the centralization of EU merger control in the 1990s. Competition authorities routinely share information and coordinate challenges; however, differing timelines, remedies, and outcomes may complicate deal execution. Multijurisdictional planning and coordination have become essential to successful completion of a transaction.

The Rise of Private Equity

Private equity was a niche alternative asset class forty years ago. It is has grown to be a huge financial pool, fueled by investment from pension funds and sovereign wealth endowments. Private equity has become a driver of deal volume, and sponsors are active buyers of public companies in large take-private transactions, as well as carve-out sales from strategic sellers. From its genesis in the 1980s in highly leveraged hostile takeovers (e.g., KKR’s takeover of Nabisco), private equity has adopted an operational focus. The private equity playbook continues to feature debt financing, cost rationalization, and exit via a sale or initial public offering; however, the model has evolved from financial engineering to value creation, with private equity owners driving growth organically and through add-on acquisitions. Private equity sponsors continue to use leverage to finance their M&A activity; however, the sources of leverage have evolved to include private credit and direct lending, with covenant-lite debt available in certain cycles.

Expansion of Shareholder Activism

Activist hedge funds, with professional teams and dedicated capital, began appearing in the late 1990s and have become an important driver of M& A activity. It is now common practice for activists to publicly or privately push boards to initiate a sales process, break up a company, or spin off a business unit, employing diverse tactics such as board campaigns, shareholder proposals, and media efforts. Activists may advocate for transformational deals or divestment of noncore businesses to unlock value.

Installing directors aligned with its M&A strategies increases the likelihood of the activist’s desired transaction being approved and executed. The introduction of the universal proxy card, which allows shareholders to use a single ballot at a contested meeting to mix and match director candidates, has had the practical effect of lowering the cost for an activist to elect its nominees and increases the probability that the activist will win some board seats in furtherance of its agenda. Companies targeted by an activist often enter into settlement agreements that provide the activist with one or more board seats to avoid a costly proxy fight. Activists often seek the support of institutional investors, which are less likely to agitate on their own but wield significant influence because of their size and voting power.

To mark the forty-year anniversary of the Business Law Section’s Mergers & Acquisitions Committee, Samantha Horn and Bianca Levin-Soler, cochairs of the Committee’s Private Equity M&A Subcommittee, reflect on developments in private equity M&A in the last forty years.

Over the last forty years, private equity has evolved from an upstart “corporate raider” model into a dominant force in global capital markets, with global assets under management growing to over $9 trillion as of 2025. This growth has been driven by a shift from pure financial engineering to operational value creation, fueled by structural macroeconomic, regulatory, and market trends. Certain practice changes and legal developments have contributed to the incredible growth in private equity M&A activity.

Affordable Credit

On a macroeconomic level, the cost and availability of debt financing have significantly influenced private equity dealmaking levels. Interest rates remained consistently low from 2009 to 2022, making debt significantly less expensive. Consequently, the use of borrowed money was a key driver of acquisitions by private equity firms. Through the use of debt financing, a fund could carry out many more M&A transactions while committing significantly less of its own capital to each deal by leveraging the remainder with debt, often in the range of five to six times EBITDA (earnings before interest, taxes, depreciation, and amortization).

In addition to the low cost of borrowing, the proliferation of a wider range of debt providers, including not only traditional banks but also nontraditional private capital debt investors, has allowed for larger, more diversified, and more sophisticated leveraged buyouts.

Decrease in Public Company Listings

Due to volatility in the public markets and the availability of capital in the private equity ecosystem, the number of public companies has approximately halved over the past twenty years as the market increasingly turns to private equity firms and pension funds to provide an exit or a path to liquidity. In the past, a strategic M&A transaction or an initial public offering were the most common exit options. With a more robust and diversified private equity market, many companies choose not to go public in order to avoid the significant expense and scrutiny of being publicly listed.

In addition, we now see longer hold periods for investments (hold periods are on average over six or even seven years at present); and in transactions held by pension funds, hold periods can sometimes be significantly longer, sometimes reaching ten years or more.

Expansion in Private Equity Investment

The amount of capital dedicated to private equity has steadily increased over the last four decades as a result of a significant positive return history, a growing number of private companies in which to invest (as discussed above), and the proliferation of various additional players in the private equity ecosystem—including sovereign wealth funds, endowments, high-net-worth individuals, and family offices. In addition, the more traditional private equity investors such as pension funds have steadily increased their allocation to the private equity asset class. Certain private equity funds also went public, allowing an even more diversified group of investors to enter the private equity market.

Representation and Warranty Insurance Products

The introduction of representation and warranty insurance (“RWI”) products in the 2000s also provided an advantage to both buyers and sellers of companies in an already frothy sell-side market by allowing sellers to reduce or eliminate exposure for post-closing indemnity claims and escrowed funds. This was of particular importance to private equity sellers, who prefer to be able to distribute all funds from a sale immediately after closing to their limited partners, and was particularly important in late-stage funds that may otherwise have had long escrow periods due to the fact that a fund’s assets were minimal at the end of the fund’s life.

In addition, RWI allowed for the preservation of relationships with the sellers, who are often involved in managing the business after closing, by removing or limiting the potential for indemnity claims against them and moving the liability for those claims to an insurance company. This often has the added effect of making negotiations of representations and warranties and indemnities less contentious.

Conclusion

The incredible growth in the private equity M&A space has many contributors and sources, but some of the most influential include the availability of affordable credit on beneficial terms, the increase in allocation to this asset class, the expansion of the group of investors investing in this asset class, and the introduction and widespread adoption of RWI.

In successful societies, the link between legal institutions and economic performance is undeniable. The rule of law and an independent judiciary form the bedrock upon which thriving economies are built. For businesses, these legal foundations provide the stability, predictability, and fairness necessary to operate and grow. Around the globe, countries that uphold these principles tend to experience greater investment, innovation, and prosperity. Conversely, where the rule of law is weak or judicial independence is compromised, economic stagnation, corruption, and instability often follow.

This article explores how the rule of law and judicial independence are indispensable to business success and economic development, which, in turn, contribute to an environment in which individuals can pursue their version of the American Dream.

Understanding the Rule of Law and Judicial Independence

Before exploring the importance of the rule of law and judicial independence for business and economics, it is helpful to explain these concepts.

The Rule of Law

The World Justice Project—a leading independent, nonprofit organization that has for nearly twenty years worked to advance the rule of law around the world—states the rule of law is “a durable system of laws, institutions, norms, and community commitment that delivers four universal principles: (1) accountability, (2) just law, (3) open government, and (4) accessible and impartial justice.”

So, what do these four principles really mean?

• “Accountability” means that the government and private actors are all accountable under the law.
• “Just Law” refers to the fact that laws are clear, publicized, stable, and applied evenly.
• “Open Government” means that the processes for adopting, administering, adjudicating, and enforcing the laws are accessible, fair, and efficient.
• “Accessible and Impartial Justice” means that justice is delivered timely by competent, ethical, and independent officials who are respected by and can identify with the communities they serve.

It is not difficult to understand that the failure of a legal system to have any of these attributes could lead to distrust in the system.

Judicial Independence

Judicial independence is an essential part of the rule of law because it ensures that the court system operates free from undue influence from powerful interests, such as the executive or legislative leaders or well-funded private interests. Independent judges can make rulings based solely on the law and facts, not political pressure or bribery.

Together, these elements create a legal environment where business can function without fear of arbitrary interference, and where economic disputes are resolved fairly and efficiently.

As retired U.S. Supreme Court Justice Anthony Kennedy said, “Judicial independence is not conferred so judges can do as they please. Judicial independence is conferred so judges can do as they must.”

Business Success Depends on the Rule of Law and Judicial Independence

Practically all economic activity depends on the rule of law because it allows people and companies to rely on the fact that they can invest, build, buy, or sell without improper interference or violating agreements or rights.

1. Legal Certainty and Predictability

Businesses depend on clear, consistent rules. The rule of law ensures that laws are applied consistently over time and that companies can plan their operations, investments, and contracts accordingly. From standardized weights and measurements of the smallest items to anticorruption regulations of the largest, law undergirds it all. Without this predictability, businesses face heightened risk and uncertainty.

In the United States, for example, companies rely on long-standing statutes and legal precedents when entering into contracts or assessing liability risks. Investors are more likely to fund ventures in jurisdictions where they can anticipate the legal consequences of their actions and have confidence in dispute resolution mechanisms.

2. Enforceable Contracts

A fundamental requirement for business is the ability to form and enforce contracts. Without the assurance that contracts will be upheld by courts, market transactions become unreliable.

Judicial systems that can swiftly and fairly enforce contracts encourage both domestic and international investment.

For instance, in the United States, the Uniform Commercial Code (“UCC”) provides a standardized legal framework for commercial transactions across state lines, further enhancing trust and reducing transactional friction.

3. Protection of Property Rights

The rule of law also ensures secure property rights, which are essential for businesses and entrepreneurs. Clear legal protections, whether they secure physical property, intellectual property, or shares in a company, incentivize investment and innovation.

An independent judiciary is crucial in resolving disputes over ownership or infringement. In the United States, the judiciary plays a vital role in protecting patent rights, trademarks, and copyrights—key drivers of the innovation economy.

Countries with weak property rights often struggle to attract capital or support entrepreneurial ventures. Investors are hesitant to commit resources where expropriation or arbitrary seizure are a threat.

4. Anti-Corruption and Fair Competition

Corruption undermines market fairness and deters honest competition. When bribes or political connections are needed to secure licenses, win contracts, or resolve disputes, efficient and fair markets collapse.

An independent judiciary can check corruption by holding officials accountable and ensuring that laws are applied impartially.

The Economic Benefits of the Rule of Law and Judicial Independence

Not only do societies with strong rule of law traditions and independent judiciaries create an atmosphere of economic freedom for their own citizens, but the stability of these systems also attracts investment from around the world.

1. Attraction of Foreign Direct Investment

One of the clearest links between the rule of law and judicial independence and economic development is foreign investment. Investors from abroad typically seek countries where their investments will be protected by a stable and impartial legal system.

In countries like the United States, the credibility of the legal system is a major draw for foreign capital. Investors know that if disputes arise, they can turn to a fair, professional court system.

Conversely, in jurisdictions where people perceive the judiciary as biased or beholden to political authorities, foreign direct investment (“FDI”) tends to be lower, even if other economic indicators appear favorable.

2. Support for Entrepreneurship and Innovation

A fair legal system is crucial for startups and entrepreneurs, who often lack the resources to navigate informal systems or secure “favors.” Independent courts offer a venue for smaller actors to defend their rights against larger competitors or government overreach.

Furthermore, robust legal protections for intellectual property, contracts, and business operations enable innovation by ensuring that innovators can profit from their ideas.

Global leadership of the United States in technology and entrepreneurship is partially attributable to its well-developed legal system that protects innovation through enforceable patents, copyrights, and antitrust laws.

3. Lower Transaction Costs

When legal institutions are effective and impartial, businesses spend less time and money on enforcement, negotiation, and risk management. This efficiency improves overall productivity and reduces the costs of doing business.

Imagine a scenario where every contract needs personal guarantees or backup arbitration because the courts are unreliable. These additional layers of cost and complexity can deter smaller firms and inflate costs for larger ones. Independent courts reduce these burdens by providing a reliable dispute resolution mechanism. (Think about how this works in your own life. How often do you read every word of any agreement you might sign—such as for a credit card or other legal paperwork? People usually breeze past them on the assumption that everything included is fairly standard legal language that is not going to result in disaster for the consumer—although that can happen.)

Global Challenges to Judicial Independence and Rule of Law

Despite their importance, both the rule of law and judicial independence are under threat in various parts of the world—including, at times, in the United States. Recent reports from the World Justice Project highlight a concerning trend: rule of law has entered its eighth straight year in decline. Such erosion threatens to destabilize economies, diminish trust in government, and undermine basic human rights. As geopolitical tensions escalate, the need to strengthen the rule of law is increasingly urgent to safeguard a just and stable future.

One important initiative that is underway to combat the decline in the rule of law and to support the resilience of an independent judiciary is the Judicial Fellowship Program hosted by the U.S. Chamber of Commerce Foundation in partnership with the Presidential Precinct. Through this fellowship program, judges and magistrates from around the world are brought to the United States for a two-week professional exchange and residential learning experience designed to strengthen the legal systems in foreign countries by building a cadre of judicial leaders from around the world.

Political Interference

The executive and legislative branches of governments may attempt to influence court decisions through appointments, funding threats, or direct intimidation. The U.S. Constitution has enshrined separation of powers among the branches of the government, and weakening that separation can undermine public trust and discourages both domestic and foreign investment.

Overloaded or Underfunded Court

Even without overt interference, courts that are underresourced or inefficient can become bottlenecks for economic development. Delayed justice or complex bureaucratic procedures increase the cost of legal recourse. Similarly, judges who fear retribution by leaders or members of the public may not be able to render justice fairly.

Corruption

In some systems, bribery or cronyism can distort judicial outcomes. When judges are beholden to wealthy or powerful patrons, it erodes public confidence in the system and deters honest businesses from entering or staying in the market. Maintaining judicial independence requires constant vigilance, robust legal and ethical safeguards, and a culture that respects institutional integrity.

Conclusion: Legal Institutions as Economic Advantages

The rule of law and judicial independence are not abstract ideals; they are practical necessities for economic development and business success. Just as roads, power grids, and digital networks support economic activity, so, too, does a trustworthy legal system. It creates an environment where contracts are honored, property is secure, innovation is rewarded, and disputes are fairly resolved.

In the United States, these legal foundations have helped create one of the world’s most successful and resilient economies where individuals are free to pursue their version of the American Dream. Globally, the same pattern holds: countries that invest in their legal institutions attract more capital, nurture more innovation, and experience more stable growth.

As businesses become increasingly global and interconnected, the need for impartial, effective legal systems becomes even more critical. Policymakers, investors, and entrepreneurs alike must recognize that the health of a nation’s judiciary is not just a matter of justice: it is a matter of economic survival and prosperity.

* * *

Note: Law Day is an annual commemoration, held on May 1, to reflect on the rule of law and its importance. The 2026 Law Day theme is “The Rule of Law and the American Dream.” It focuses attention on how the rule of law—the idea that no person is above the law—ensures the rights of the people to live their lives as freely as possible and to pursue the American Dream. This essay launches a conversation on this theme, and the American Bar Association invites people to visit lawday.org to find more resources and information about 2026 Law Day programs and activities.

This article is part of a series on the rule of law and its importance for business lawyers created by the American Bar Association Business Law Section’s Rule of Law Working Group. Read more articles in the series.

To mark the forty-year anniversary of the American Bar Association Business Law Section’s Mergers & Acquisitions Committee, Emily Marco, vice chair of the Women in M&A Subcommittee, reflects on the rise of women in M&A in the last forty years.^[1]

There is a saying that by small means, great things can come to fruition. Leigh Walton (Bass, Berry & Sims; Nashville, TN), who served as the first female leader of the Mergers & Acquisitions Committee, can attest to this. When a male partner at her firm could not attend an ABA conference in 1986, she attended in his place. She then found herself discussing the need for practice-oriented guidance for M&A practitioners as part of the ABA Business Law Section. More than two decades later, Walton became the first woman vice chair and then the first woman chair of the M&A Committee.

As John Clifford noted in the article The Mergers & Acquisitions Committee—40 Years On, women have historically been underrepresented in the field of M&A, including within the M&A Committee itself. He explained that “[w]omen have participated in the M&A Committee from its beginning and have held important leadership positions, although the number of women lawyers who actively participated often has been small.”

At the close of Walton’s tenure as chair of the M&A Committee in 2012, Jen Muller (Houlihan Lokey; San Francisco, CA), became the second woman vice chair of the M&A Committee. One enduring initiative was launched shortly thereafter: the Women in M&A Task Force, which set out to evaluate female engagement in M&A. Together, Walton and Muller led the task force until Rita-Anne O’Neill (Sullivan & Cromwell; Los Angeles, CA) (who today is the current chair of the M&A Committee), succeeded Walton. Muller and O’Neill then became the founding co-chairs of the Women in M&A Subcommittee, established in 2013 to focus on increasing the level of participation and retention of women in M&A.

Through its work, the Women in M&A Subcommittee furthers women’s involvement in M&A and enhances opportunities at the top of the deal team.

Early Exposure and Engagement Act as Catalysts for Women’s Advancement in M&A

The Women in M&A Subcommittee began to conduct biennial studies in 2014 to more deeply assess the gender disparity in M&A and create a baseline on which to measure improvements going forward. The studies measure the composition of lawyers at each level within top law firms in North America, both in corporate groups and in M&A specifically. The early Women in M&A surveys identified, as expected, that across all disciplines, including M&A, the percentage of women decreases as the role becomes more senior. But what was interesting is that the participation of women was lower in M&A from the outset. This caused the Women in M&A Subcommittee to investigate the experience women have during law school and prompted the creation of the subcommittee’s Law School Initiative. This initiative brings senior women M&A practitioners to law schools to speak about their experience in M&A and encourage women to participate in the field, among other efforts. Encouragingly, the studies have shown that from 2014 to 2024, the percentage of M&A lawyers who are women increased from 27 percent to 37 percent. The involvement of women in the M&A Committee has risen in tandem.

Ultimately, as argued by legal scholar Afra Afsharipour, “[u]nderstanding, documenting, and disclosing the gender disparity in leadership in M&A beyond the board is critical for increasing accountability and for determining the solutions that may work to reduce such disparities.”^[2] And for the Women in M&A Subcommittee, the “small means” that can lead to great things include providing early exposure to M&A. The knock-on effects of this early and ongoing engagement are shown to result in the participation and retention of women in M&A.

Women’s Involvement in the M&A Committee Is a Lever for Change

The evolution of women’s participation in the M&A Committee has become a powerful lever for change, both within the profession and in the broader market. As the field of M&A has historically been dominated by men, the increasing visibility and leadership of women in the ABA M&A Committee has helped to challenge entrenched biases and open new pathways for advancement. 

Research consistently demonstrates that gender bias—both explicit and implicit—remains a significant barrier to women’s advancement in M&A leadership. This bias manifests in a variety of ways, from the types of assignments women receive to the opportunities for client exposure and leadership roles. For example, as described by Afsharipour, “[w]omen are often assigned support work while men are given the plum assignments that further enhance their leadership and client connections.”^[3]

Empirical data further underscores these disparities. Women are more likely to be in the third, fourth, or fifth positions on deal teams (comprising 28–32% of those roles) while their representation in the top spot is just 19%, and in the second spot, 23%.^[4] This pattern reflects both the persistence of gendered expectations and the structural barriers that limit women’s access to the most visible and influential positions on major transactions.

Involvement in the M&A Committee offers visible leadership opportunities that can accelerate the advancement of women practitioners. This dynamic is especially important given that, as Afsharipour notes, “much of M&A practice and advancement seems to rely on social contacts and client development norms that perpetuate the exclusion of women and people of color from leadership in practice.”^[5]

Jessica Pearlman (K&L Gates; Seattle, WA), vice chair of the M&A Committee, reflected on the transformative impact of her involvement with the M&A Committee:

I’ve been coming to the M&A Committee meetings since I was a third-year associate. So, it’s been a part of my now 26+ year career since almost the very beginning. As an associate, the exposure to the thought leadership of the Committee kept me up to date on the latest in M&A practice; since then, the M&A Committee has provided me with countless opportunities to be part of that thought leadership, not only at M&A Committee meetings but also through panels at top law schools and through publications (such as my interview of Marty Lipton^[6] that was published in the 75th anniversary volume of The Business Lawyer^[7]). And I’m not a one-off; this is the experience of women in M&A who not only join the M&A Committee but attend the meetings. Women in M&A often do not get the same benefit of the doubt as their male counterparts that they truly know what they are doing; the opportunities provided by the M&A Committee can bridge that perception gap.

Pearlman’s sentiments are shared by other Women in M&A Subcommittee leaders and members. Visible leadership is a core focus of the subcommittee.

Women Dealmakers Are Paving the Path for the Future

As the number of women in visible leadership positions in M&A increases, it creates a virtuous cycle where, through mentorship and sponsorship, the path to leadership becomes more attainable. Current M&A Committee Chair O’Neill selected Pearlman, Charlotte May (Covington; Washington, DC) and Jenny Hochenberg (Freshfields; New York, NY) to serve as her vice chairs of the M&A Committee. Prior to assuming the chair role, Rita-Ann was vice chair of the Committee, along with Pearlman and Patricia Vella (Morris, Nichols, Arsht & Tunnell; Wilmington, DE). All of these women dealmakers are also leading landmark deals. These women M&A leaders set new standards for practice and demonstrate the value of diverse perspectives in high-stakes negotiations.

Reflecting on the progress made since co-founding of the Women in M&A Subcommittee, Muller explained, “Early in my career, it was often notable simply to be a woman in the room. Today, that reaction is far less common—the focus has shifted to the quality of advice and leadership, not who is delivering it. That progress reflects the sustained efforts of many men and women to address the underrepresentation in the field, and while it’s not complete, it has meaningfully reduced the noise and allowed women to be more effective and fully heard.” This shift continues to benefit rising M&A leaders of all genders.

Walton’s journey—from stepping in for a male colleague at an ABA conference to becoming the first woman chair of the M&A Committee—illustrates how early exposure and a willingness to seize an opportunity grew into a legacy of leadership, connection, and inspiration. Her path is a powerful reminder that by opening doors for women in M&A today, we are building a generation of future women leaders.

1. Emily thanks the chairs of the Women in M&A Subcommittee, Joanna Lin (Dechert; Dallas, TX) and Charlotte May (Covington; Washington, DC), for their review and helpful comments on earlier drafts of this article. ↑

2. Afra Afsharipour, Women and M&A, 12 U.C. Irvine L. Rev. 359, 418 (2022). ↑

3. Id. at 390. ↑

4. Tracey E. George, Mitu Gulati & Albert H. Yoon, The Power Five: The Making of Newsworthy Deal Teams, 77 Vand. L. Rev. En Banc 105 (2024). ↑

5. Afsharipour, supra note 2, at 390. ↑

6. Marty Lipton is a renowned M&A lawyer. Based in New York City, he was a founding partner of Wachtell, Lipton, Rosen & Katz. ↑

7. Jessica C. Pearlman, Interview with Marty Lipton, 75 Bus. L. 1709 (2020). ↑

When the founders of the Mergers & Acquisitions Committee first gathered four decades ago, M&A was very different. To mark the forty-year anniversary of the Business Law Section’s M&A Committee, Daniel Rosenberg, chair of the Committee’s Technology in M&A Subcommittee, surveys how technology has reshaped M&A, bringing us to the start of a new technology revolution arguably as significant as all previous ones combined.

Late 1980s

In the second half of the 1980s, M&A was largely analog. Drafting was migrating from typewriters to early word processors, enabling lawyers to produce longer, more complex agreements. Documents were assembled manually from precedents in physical binders. Communications were dominated by phone and fax. Fax machines accelerated document circulation, but document comparison involved reading documents aloud and redlining with pens and rulers. Data rooms were literally rooms with binders, disclosure exercises involved manual cross-referencing, and closings were compiled in physical binders.

1990s

Email’s widespread adoption sped up deals as drafts could be circulated more quickly. Microsoft Office became standard, and document comparison software emerged. The first generation of knowledge management took shape, with digital precedent banks and clause libraries enabling quicker assembly of tailored documents. While diligence remained largely physical, scanned documents on CD-ROMs began to appear. Mobile phones became ubiquitous, though closings still relied on wet-ink signatures and couriered signature pages.

Early 2000s

Virtual data rooms (“VDRs”) matured, allowing sellers to run auctions with multiple bidders reviewing in parallel. PDFs and scanning became routine, with documents digitized to facilitate parallel workstreams. Electronic filing emerged at registries and regulators, reducing timetables. Document management systems became core law firm infrastructure, with more sophisticated matter management and e-billing systems giving clients greater visibility on work in progress and spend. Closing checklists and signing agendas became formalized and maintained electronically. E-signatures started to appear but remained niche due to regulatory uncertainty, with closings still relying on wet-ink and courier packs.

2010s

The 2010s consolidated a shift to cloud-based collaboration, accelerated by air travel disruption from the 2010 Eyjafjallajökull ash cloud. VDRs added sophisticated Q&A modules, bulk uploads, and analytics. E-signatures moved mainstream with clearer legal frameworks, materially shortening closing timetables and enabling same-day closings across time zones.

Automation progressed from isolated scripts to repeatable workflows, with document assembly generating standard forms such as nondisclosure agreements (“NDAs”), resolutions, and ancillary agreements from user-friendly questionnaires.

Early artificial intelligence (“AI”) tools emerged, with contract-analysis platforms applying machine learning to identify key issues such as change-of-control triggers, consent requirements, and unusual terms across large document populations. While human review remained decisive, technology triaged and prioritized documents, allowing lawyers to focus on judgment calls.

Market-terms databases matured, providing aggregated data on key metrics. These enabled more evidence-based negotiation of market terms and accelerated drafting against playbooks. Security and privacy concerns intensified, with firms adopting multifactor authentication and stricter information barriers.

2020s

The pandemic accelerated remote execution. Entire sale processes—from management presentations to signings—were conducted virtually. Videoconferencing became standard for negotiations, while e-signatures and digital closing rooms became the default. Transaction management platforms emerged, integrating checklists, document repositories, and signature packets into single workspaces.

Generative AI has begun shaping drafting, issue-spotting, and knowledge retrieval, producing first-cut markups, board minutes, and diligence summaries while surfacing precedents and market language.

Due diligence has been profoundly transformed. VDRs, AI-assisted review, and collaboration spaces enable simultaneous review, with structured reporting aligned to risk categories allowing faster conversion of findings into actionable drafting. Drafting and negotiation increasingly exploit structured data and analytics, with clause-level benchmarking informing positions on key issues. Legal project management platforms have expanded, with e-signatures and digital closing rooms compressing signing timelines.

Increasing reliance on technology has introduced new risks—in particular, cybersecurity. Multifactor authentication, encryption, and intrusion detection are standard; and strong data governance and a focus on confidentiality are becoming increasingly important issues to win and retain client trust.

Technology has reshaped the M&A legal team. Legal project managers, technologists, and knowledge lawyers are now standard in larger practices. Associates and partners are expected to be fluent in VDR configuration, document automation, and analytics.

Clients expect transparency through dashboards and disciplined budgeting, but how technological efficiencies will impact billing remains a hotly discussed topic.

Looking Forward

The speed of technological change for M&A lawyers is faster than ever, with new technology improving at astonishing speed.

The model for advice-based professions such as law is changing, and, accordingly, looking ahead at the future of M&A is challenging. It is also a challenge because brave new technology is often launched to look and feel like the comfortable past—so, for example, early movies were filmed to look like stage plays, and even the ChatGPT interface bears a remarkable resemblance to a (now) old-school Google search screen. As Canadian philosopher Marshall McLuhan observed, “We look at the present through a rear-view mirror. We march backwards into the future.”

Generative AI will likely become more embedded in drafting assistants, guided review, and negotiation support, with outputs checked against curated precedent libraries. Systems will increasingly surface prior team experience from multiple sources, with AI assistance provided within core platforms such as Word and Outlook through pop-ups and in-line suggestions.

Our ABA Technology in M&A Subcommittee produces the Directory of M&A Technologies, and, while the number of point solutions in it grows, usage will likely focus on a smaller number of integrated platforms providing end-to-end deal life-cycle coverage. The winning technologies will combine integrated coverage with proprietary, curated knowledge—insight-based conclusions and nonpublic practice points that cannot be replicated.

These systems will, in part, level the playing field between larger and smaller firms. Smaller firms will leverage technology for work previously requiring large teams, while larger firms will use technology to compete on smaller deals. More legal work will migrate in-house, with clients using platforms (increasingly contract life-cycle management systems) deploying generative AI for automated draft review against playbooks.

Conclusion

The last four decades have seen huge changes in how M&A lawyers operate. We now require not just legal expertise but also technical fluency, underpinned by strong governance and a focus on confidentiality and client trust. Those who combine these elements are best placed to succeed in the exciting years ahead. Here’s to the next decade of deals, technology improvement, and the M&A Committee.

During the Great Depression many “mom and pop” local stores suffered with their neighbors. At the same time, large companies found that by creating chains of retail outlets, they could leverage suppliers to give them better prices and terms than small businesses. Congress passed the Robinson-Patman Act, 15 U.S.C. § 13 (the “Act”), an amendment to the Clayton Act, to protect these small competitors from price discrimination that gave larger competitors an unfair pricing edge. The Act became an important tool to prevent large chains from pushing small stores out of the market and was actively enforced through the late 1970s.

Enforcement dropped off after a 1977 U.S. Department of Justice report that said preventing volume discounts to large chains caused consumers to pay higher prices notwithstanding harm to small retailers. The focus on consumer prices by regulators and courts since that time has resulted in far fewer suits under the Act. In effect, by the 1990s, the Act faced a sharp drop in both government and private party lawsuits as the U.S. Supreme Court focused antitrust law enforcement sharply on current impact on consumers.

While most people associate the Sherman Act with federal antitrust law, the Robinson-Patman Act also plays an important role. The Robinson-Patman Act applies to consumers, not just retailers or others in the sales chain. It states that “[i]t shall be unlawful for any person engaged in commerce, in the course of such commerce, either directly or indirectly, to discriminate in price between different purchasers of commodities of like grade and quality, . . . and where the effect of such discrimination may be substantially to lessen competition or tend to create a monopoly in any line of commerce, or to injure, destroy, or prevent competition . . . .” The Act is limited to commodities—it does not apply to any services (e.g., medical services), or other intangibles (e.g., wireless internet service, smartphone apps or “in-app purchases,” and advertising, including online advertising). Moreover, the commodities must be of “like grade and quality,” which generally will exclude bespoke products, pieces of art, and limited releases of high-end products.

But the Act is back! In Federal Trade Commission v. Southern Glazer’s Wine and Spirits, LLC, No. 8:24-cv-02684 (C.D. Cal. filed Dec. 12, 2024), the Federal Trade Commission (“FTC”) alleged the distributor’s discriminatory pricing practices for products harmed local stores and smaller retailers around the country by giving much better discounts and terms to large chains. This case was filed in the last months of the Biden administration. According to the complaint, defendant Southern Glazer’s Wine and Spirits had set up a scale for discounts based on volume purchases, but the volume of purchases for the deepest discounts could only be met by the biggest buyers. The biggest buyers also got a second significant advantage over smaller competitors in how Southern Glazer’s computed the volume purchase thresholds. In April 2025, the federal district court denied Southern Glazer’s motion to dismiss the FTC’s amended complaint.

The Trump administration reviewed both the Southern Glazer’s lawsuit and another Robinson-Patman Act case also filed late in the Biden administration, Federal Trade Commission v. PepsiCo, Inc., No. 1:25-cv-00664-JMF (S.D.N.Y. filed Jan. 17, 2025). The Trump administration FTC agreed to continue the Southern Glazer’s case but dropped the PepsiCo lawsuit.

The PepsiCo lawsuit alleged that PepsiCo gave Walmart unfair pricing advantages and promotional payments that were not offered to smaller retailers. The three FTC commissioners at the time of the review, all Republican, voted to dismiss the lawsuit in a settlement, arguing that the evidence was weak and the case politically motivated. In situations like those alleged in the cases above, a Sherman Act Section 1 claim or Sherman Act Section 2 claim is very difficult to pursue, since the net result of a Robinson-Patman Act claim typically will disrupt, slow, or stop price cuts to consumers by big box stores, while a Sherman Act claim generally requires harm to consumers—either through an agreement or a monopoly that reduces choice or availability or price. Claims based on price cuts to consumers generally require that there is a realistic chance of driving others out of the market by driving prices lower than their costs; the same is true for state antitrust laws based on Sherman Act Section 1 and/or 2. Nonetheless, many states have a sales below costs or unfair competition statute that can be used to capture the same conduct as that addressed by the Robinson-Patman Act.

Small businesses now have an example of a Trump administration lawsuit that shows suppliers must treat them fairly when compared to their larger competitors under the Robinson-Patman Act. Small businesses now also have a new district court decision to support their claims.

But how do smaller retailers discover the terms and prices from suppliers are giving them in comparison to those given to larger competitors? The conundrum here is the Supreme Court’s decision in Bell Atlantic Corp. v. Twombly, 550 U.S. 544 (2007), which held allegations of parallel conduct do not state an antitrust claim without a plausible allegation of an agreement to act in concert. Bell Atlantic Corp. created the plausibility requirement, which can cause difficulty in a Sherman Act Section 1 pleading. Plausibility is easier to show when a monopoly has actually been created because monopolies do not come about by accident.

Moreover, the Robinson-Patman Act has a series of exceptions, such as meeting competing suppliers’ prices or terms, or services or other consideration provided by the big box store that justifies the discount. Anyone looking at a price discrimination issue under federal or state law needs to understand the true amount of the discount and what the justification for it is.

A supplier and a big box store may try to cover their agreements and terms as trade secrets with nondisclosure agreements. This requires the potential plaintiff to look for pricing by the big box store so extreme, or a new burst of advertising of products sold by the same supplier, that the most plausible explanation for the situation is an agreement to give the big box store a significant price or other financial advantage over its small competitors.

As for suppliers and big box stores, significant discounts not provided to smaller buyers should be well documented to show they fall within an exception to the Act, preferably simply meeting competition.

To mark the forty-year anniversary of the Business Law Section’s Mergers & Acquisitions Committee, Lisa Hedrick, chair of the Committee’s Market Trends Subcommittee, reflects on M&A market trend developments in the last forty years.^[1]

For more than two decades, the Market Trends Subcommittee of the ABA Mergers and Acquisitions Committee has served as a central resource for practitioners seeking to understand the current “market” status and evolution of deal structures, negotiations, and transaction terms. The Subcommittee’s mission is straightforward but essential: to educate M&A professionals on the latest trends shaping the deal landscape. Through speaker presentations, mock negotiations, open discussion, deal points studies, and market check videos, the Subcommittee has consistently provided members with practical insights into navigating an environment where norms shift quickly and competitive pressures continue to rise.

To understand the changes in the M&A market over the last forty years, Houlihan Lokey, a leading investment bank, provided information from their dataset of transactions over this period. Several themes stand out from a review of their data: the dramatic expansion of global deal volume, the cyclical but upward‑sloping nature of U.S. activity, and the steady rebalancing of buyers as financial sponsors have grown from niche participants to dominant players.

The Rise and Cycles of Global M&A Activity

Global M&A activity has expanded enormously since the mid‑1980s. In 1985, worldwide announced transaction value totaled roughly $240 billion. By 2021, that figure exceeded $5.6 trillion, representing one of the most significant long‑term growth arcs in modern corporate finance. Even accounting for recessions, credit contractions, and geopolitical shocks, the overall trajectory is unmistakably upward.

Global M&A Volume

From 1985 to 2025, global M&A transaction value and number of transactions grew by compound annual growth rates of 7.3% and 8%, a dramatic expansion. Source: LSEG as of December 31, 2025.

The data reveal several distinct cycles. The late‑1990s surge reflected the dot‑com boom and cross‑border liberalization. The mid‑2000s peak was fueled by abundant credit and the rise of large‑scale leveraged transactions. The 2008–2009 collapse remains the sharpest contraction in the dataset, followed by a decade of recovery and the unprecedented 2021 spike driven by low interest rates, pent‑up pandemic demand, and record sponsor dry powder.

Yet the most striking feature is not the peaks—it is the resilience. Even after downturns, global deal value consistently rebounds to new highs. This suggests that M&A has become a core strategic tool for corporate growth, not merely a cyclical phenomenon.

U.S. M&A: Cyclical, Concentrated, and Still the Global Anchor

The United States remains the gravitational center of global M&A. U.S. deal value has grown from roughly $200 billion in the mid‑1980s to more than $2.4 trillion in 2021. While the U.S. market mirrors global cycles, its peaks and troughs tend to be more pronounced, reflecting the outsize role of U.S. credit markets and domestic private equity.

U.S. M&A Volume

From 1985 to 2025, U.S. M&A transaction value and number of transactions grew by CAGRs of 5.8% and 4.7%, similarly showing long-term growth. Source: LSEG as of December 31, 2025.

The 1990s expansion, the 2006–2007 credit‑fueled boom, the post‑global financial crisis recovery, and the 2021 surge all appear more sharply in the U.S. data. Yet the long‑term trend is consistent: dealmaking has become a central strategic lever for U.S. corporations, particularly in technology, healthcare, and consumer sectors.

Strategic Buyers Still Lead, but Sponsors Have Redefined the Market

Few developments have reshaped the market more profoundly than the rise of private equity. In the 1980s, private equity was still emerging from its leveraged-buyout‑era reputation. Today, it is a central pillar of the global M&A ecosystem.

In the late 1980s, strategic buyers accounted for more than 85 percent of global transaction value. The landscape has shifted dramatically since that time. As private equity matured, institutionalized, and expanded its capital base, sponsors steadily increased their share of global M&A.

Global M&A Activity: Percent Buyer Mix by Total Transaction Value

Financial sponsors have more than doubled their share of global M&A, going from 14% of transaction value in 1986–1990 to 34% in 2021–2025. Source: LSEG as of December 31, 2025.

By the 2021–2025 period, strategic buyers represented roughly 66 percent of global deal value, while financial sponsors accounted for 34 percent—more than doubling their relative participation since the 1980s. The U.S. buyer mix tells a similar story to the global data. In the late 1980s, sponsors represented less than 18 percent of U.S. deal value. By 2021–2025, that share had climbed to more than 35 percent.

U.S. M&A Activity: Percent Buyer Mix by Total Transaction Value

Financial sponsors have similarly increased their share of U.S. M&A, going from 18% of transaction value in 1986–1990 to 36% in 2021–2025. Source: LSEG as of December 31, 2025.

This shift reflects several structural changes:

• Massive capital formation in private equity, with global assets under management surpassing $8 trillion
• Operational sophistication, enabling sponsors to compete directly with strategics for complex assets
• A robust secondary market, allowing sponsors to recycle capital more efficiently
• A shift in corporate behavior, with strategics increasingly disciplined on valuation and integration risk

The result is a more balanced buyer ecosystem, one in which sponsors are no longer opportunistic participants but central actors shaping valuation, auction dynamics, and deal terms.

The Data‑Driven Deal: Technology’s Transformation of M&A Practice

If one theme defines the modern era of M&A, it is the integration of technology into every stage of the deal life cycle. The last forty years have seen a shift from paper data rooms and manual diligence to a highly digitized, analytics‑driven process.

For example, virtual data rooms, introduced in the early 2000s, revolutionized diligence by enabling secure, remote document review. They shortened timelines, expanded bidder pools, and made global auctions feasible. Long gone is the day when buyers were required to travel to a conference room in a law firm’s or accountant’s office to sift through boxes of documents. Now, sellers establish a data room and are able to track which documents are reviewed and for how long by the various bidders. More recently, deal teams have the ability to use machine learning tools to analyze contracts, suggest drafting changes, and evaluate comments from opposing counsel.

Technology has not replaced judgment, but it has fundamentally changed the speed, scope, and precision of M&A execution.

The Emergence and Influence of Deal Points Studies

One of the most important developments in the M&A marketplace over the past two decades has been the rise of deal points studies. These studies have fundamentally changed how practitioners understand market norms, negotiate key provisions, and benchmark deal terms. They have brought empirical rigor to an area that historically relied on anecdote, experience, and negotiation leverage.

The ABA M&A Committee played a pioneering role in this transformation. In 2006, the Committee published its first two deal points studies: (1) the Public Target Deal Points Study, which looked at negotiated terms in public company transactions; and (2) the Private Target Deal Points Study, providing a parallel analysis for private company acquisitions.

These studies were groundbreaking. For the first time, practitioners had access to systematically collected, anonymized data showing how often certain provisions appeared, how they were drafted, and how they evolved over time. Instead of relying on “market practice” as a rhetorical device, deal lawyers could point to actual market data.

Over time, this Subcommittee expanded the studies to include studies focusing on Canadian deals, both private and public; European deals; and carveout transactions.

The ABA’s leadership also catalyzed a broader ecosystem of deal analytics. Today, a wide range of market participants produces their own studies, including investment banks, commercial banks, stockholder representative firms, and insurance providers (particularly in the representation and warranty insurance space), among others.

A Market in Constant Motion

The past forty years have been defined by cycles of innovation, disruption, and reinvention in the M&A marketplace. Increased global M&A volume, the rise of private equity, technological transformation, and the emergence of deal points studies have each left an indelible mark on the practice.

Yet the through‑line across all these developments is adaptability. M&A has always been a forward‑looking discipline that responds quickly to economic shifts, regulatory changes, and new strategic imperatives. As we look ahead to the next forty years, the forces shaping the market will undoubtedly evolve, but the central role of M&A in corporate strategy will remain.

The Market Trends Subcommittee is proud to contribute this reflection as part of the Committee’s fortieth anniversary celebration and looks forward to continuing the conversation at the Spring Meeting.

1. Lisa thanks Houlihan Lokey for providing analysis of London Stock Exchange Group (“LSEG”) data for this article and also thanks the vice-chairs of the Market Trends Subcommittee—Edward Deibert (Arnold & Porter, San Francisco, CA) and Tatjana Paterno (Bass, Berry & Sims PLC, Nashville, TN)—for their review and helpful comments on earlier drafts. ↑