Statutory & Administrative Law Analysis

Key Findings

I. The Governing Statute: 10 U.S.C. § 3252

Statutory Text and Structure

The supply chain risk authority invoked against Anthropic resides in 10 U.S.C. § 3252, titled "Requirements for information relating to supply chain risk." The statute authorizes the head of a covered agency to carry out a "covered procurement action" upon determining that a supply chain risk exists.^[1]

Three statutory definitions are central to the analysis:

Supply chain risk (§ 3252(d)(4)) means "the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system."^[1]

Covered system (§ 3252(d)(1)) is defined by reference to "national security system" under 44 U.S.C. § 3552(b)(6).

Covered procurement action (§ 3252(d)(2)) is limited to three categories: (a) exclusion of a source "that fails to meet qualification requirements"; (b) exclusion of a source otherwise "on the basis of supply chain risk"; and (c) the withholding of consent for a contractor to subcontract with a particular source.^[1]

Mandatory Procedural Requirements

Section 3252(b) establishes preconditions for exercising the authority. It may be exercised "only" after: (1) "obtaining a joint recommendation" by consulting with the procurement official and any other relevant official; (2) making a "written determination" that the authority is necessary to protect national security and that "less intrusive measures" are not reasonably available, including a finding that the risk of disclosure of the determination outweighs the risk of non-disclosure; and (3) providing "notification" to appropriate congressional committees "not later than 7 days after the date the determination is made," including a summary of the risk assessment, the basis for the determination, and a discussion of less intrusive measures considered.^[1]

The word "only" is significant — it signals these are mandatory preconditions, not discretionary guidelines.

II. Three Independent Statutory Violations

Violation 1: Procedural Deficiency

No written determination, risk assessment, "less intrusive measures" finding, or congressional notification has been publicly documented. The designation was announced via the Secretary of War's X account. Anthropic stated it "ha[d] not yet received direct communication from the Department of War or the White House" at the time of its response.^[2]

Constitutional law professor Bullock (Institute for Law & AI) observed that the government cannot designate a supply chain risk without a risk assessment and congressional notification. Fortune reported that legal experts questioned whether the government had made a "good faith effort" to pursue less intrusive measures — as the statute requires.^[3]

Under 5 U.S.C. § 706(2)(D), a reviewing court "shall ... set aside agency action, findings, and conclusions found to be ... without observance of procedure required by law."^[4] This is not a discretionary standard — the statute mandates that improperly procedured actions be set aside.

Violation 2: Definitional Overreach ("Adversary")

The statutory definition requires an "adversary" who may "sabotage" or "subvert" military systems. This language was designed for threats from hostile foreign governments and their instrumentalities — companies like Kaspersky (linked to Russian intelligence services) and Huawei/ZTE (linked to the Chinese military).

Anthropic is a domestic AI safety company engaged in a contractual dispute about the ethical boundaries of military AI deployment. It is not seeking to sabotage or subvert any military system — it is refusing to build certain capabilities it considers dangerous. Characterizing this contractual position as "supply chain risk" stretches the statute beyond any reasonable interpretation of its terms.

Under 5 U.S.C. § 706(2)(C), a court shall set aside agency action "in excess of statutory jurisdiction, authority, or limitations, or short of statutory right."^[4]

Violation 3: Scope Overreach ("Any Commercial Activity")

Section 3252 authorizes three specific "covered procurement actions": source exclusion, qualification-based exclusion, and subcontract consent decisions. These are procurement-scoped actions within the defense contracting system.

Hegseth's designation orders that "no contractor, supplier, or partner ... may conduct any commercial activity with Anthropic."^[5] This extends far beyond covered procurement actions to regulate the private commercial relationships of defense contractors. A company's decision to use Claude for its internal commercial purposes has nothing to do with defense procurement — yet the designation purports to prohibit it.

Peter Harrell (Georgetown/former NSC director) stated directly that the Department of War "can't legally tell contractors don't use Anthropic in private contracts." Dean Ball (Foundation for American Innovation, former Trump AI policy advisor) called this interpretation "almost surely illegal" and "a psychotic power grab."^[3]

III. Comparative Administrative Record

Kaspersky Lab (2024)

The Kaspersky ban was the first ICTS Final Determination under Executive Order 13873.^[6] The process included: formal investigation under ICTS authorities; initial determination with opportunity for mitigation; final determination published in the Federal Register at 89 FR 52434 (Case No. ICTS-2021-002); and Entity List additions through BIS. The Bureau described it as "a lengthy and thorough investigation."^[7]

Huawei/ZTE (2020)

The FCC designated Huawei and ZTE as threats to national security on June 30, 2020, under the Secure and Trusted Communications Networks Act. The process included formal rulemaking published at 85 FR 230, public comment periods, and published findings documenting the companies' connections to the Chinese military and intelligence services.^[8]

The FASC Framework

FAR Subpart 4.23 establishes the Federal Acquisition Security Council (FASC) with explicit procedural requirements for supply chain risk actions — evidence that Congress intended formal processes for these determinations, not social media announcements.^[9]

The Implication

The entire statutory and regulatory architecture surrounding supply chain risk presumes formal administrative process. Congress created detailed procedural frameworks precisely because designating a company as a security threat carries devastating consequences. The Anthropic designation bypassed every element of these frameworks.

IV. The APA Framework

The Administrative Procedure Act provides the judicial review mechanism. Under 5 U.S.C. § 706, a reviewing court shall set aside agency action found to be:^[4]

(A) "arbitrary, capricious, an abuse of discretion, or otherwise not in accordance with law" — the designation may be arbitrary because it punishes Anthropic for contractual terms the government simultaneously accepted from OpenAI;

(C) "in excess of statutory jurisdiction, authority, or limitations" — the "adversary" definition and "any commercial activity" scope both exceed § 3252's reach;

(D) "without observance of procedure required by law" — the mandatory § 3252(b) procedures were not followed;

(E) "unsupported by substantial evidence" — no evidence has been presented that Anthropic poses the kind of threat (sabotage, subversion by an adversary) the statute addresses.

The Major Questions Doctrine

In Learning Resources, Inc. v. Trump (Feb. 20, 2026), the Supreme Court held 7–2 that the executive must "identify clear congressional authorization" for extraordinary claims of regulatory authority. The Court struck down sweeping tariffs imposed under the International Emergency Economic Powers Act, finding the executive had claimed power far beyond what Congress intended the statute to provide.^[10]

The same principle applies here. Using a supply chain risk statute designed for foreign adversary threats to punish a domestic company's contractual negotiating position — and extending it to ban all commercial relationships — is precisely the kind of extraordinary executive claim that the Major Questions Doctrine requires clear congressional authorization to support. No such authorization exists.

V. The Defense Production Act

If the government pivots to the DPA to compel Anthropic's cooperation, additional statutory constraints apply. Rozenshtein's Lawfare analysis identified several key limitations:^[11]

Title I compelled contracting has been barely used since the Korean War. 15 CFR § 700.13(c) permits rejection of DPA orders where the "item is not supplied or service is not performed" — Anthropic could argue that Claude-without-guardrails is a different product it does not supply. Whether removing safety features constitutes a "new product" or a modification of an existing product is genuinely contested. The DPA's use for this purpose would likely face its own Major Questions challenge.

The Mercatus Center analysis further noted statutory scope limitations on DPA authority, including the Biden-era executive order framework that may constrain its application.^[12]