Safety & Standards

Caitlin Kalinowski, who led OpenAI's robotics team for less than six months after joining from Meta's Reality Labs, resigned Saturday specifically citing OpenAI's agreement to deploy models within the Pentagon's classified network. In her departure statement reported by Politico and TechCrunch, Kalinowski stated that 'surveillance of Americans without judicial oversight and lethal autonomy without human authorization are lines that deserved more deliberation than they got.' This represents the first senior technical departure explicitly over national security work, not general commercial direction disputes.

The resignation exposes how OpenAI's January policy reversal — removing its blanket prohibition on military applications — was implemented with insufficient internal process for technical staff with direct responsibility for systems that could enable autonomous weapons. Kalinowski's specific reference to inadequate deliberation suggests the company's safety governance structures, including its Preparedness team and board oversight, either were not consulted or were overridden on these specific use cases. For organisations evaluating OpenAI partnerships, this indicates that stated safety commitments can be subordinated to commercial and government relationships without transparent process.

Anthropic is refusing to allow the Department of Defense to remove safety restrictions from its Claude models for classified military deployments, according to The Guardian and Bloomberg. The negotiations have escalated sufficiently that the Pentagon has brought in a former Uber executive to manage the dispute, suggesting the government views this as a major precedent for whether AI companies can maintain independent safety policies when they conflict with national security requirements. The core issue is whether Anthropic's responsible scaling policy and constitutional AI safeguards can be overridden for military applications, or whether the company retains veto power over how its models are deployed even in government contexts.

This conflict illuminates a fundamental gap in current AI governance: voluntary safety commitments have no legal force, but neither does the government have explicit statutory authority to compel modifications to commercial AI systems absent specific procurement leverage or national security directives. If Anthropic prevails, it establishes a precedent that company-level safety policies can constrain government use; if the Pentagon compels compliance, it demonstrates that voluntary frameworks collapse under government pressure. The involvement of a senior negotiator suggests the Pentagon is pursuing a negotiated resolution rather than immediate legal compulsion, but the fact that this dispute has become public indicates substantial disagreement over what 'safe AI' means in military contexts.

Iran's Shahed 136 drone strike on an Amazon Web Services datacentre in the UAE represents the first documented deliberate military targeting of commercial AI infrastructure, according to The Guardian. The attack, which caused a devastating fire and forced power shutdown, signals that datacentres are now considered legitimate military targets in regional conflicts — a fundamental shift in threat modelling that current AI safety frameworks do not address. The UAE and Bahrain have positioned themselves as AI superpowers through massive compute investments, but neither has military-grade physical defences comparable to critical infrastructure in jurisdictions with active defence industries.

This incident exposes how AI safety discussions have focused almost entirely on software vulnerabilities, misuse risks, and alignment problems while ignoring that frontier AI systems require massive physical infrastructure that is vulnerable to conventional weapons. For organisations building or deploying AI systems, this means physical security considerations — including geopolitical stability, air defence capabilities, and redundancy across jurisdictions with different threat profiles — are now material risk factors. The fact that this was a commercial AWS facility, not a government or military system, indicates that any datacentre supporting AI workloads is potentially targetable in conflicts involving states or non-state actors.