Here's a sentence that would have sounded absurd two years ago: the Trump administration is now personally approving, customer by customer, who gets access to OpenAI's latest model. And yet, that's apparently where we are.

According to reporting from The Information, OpenAI's upcoming GPT-5.6 won't drop to the public the way previous models have. Instead, the company is planning a limited preview restricted to a curated list of partners—not because OpenAI cooked up some clever staged-rollout marketing strategy, but because the government told them to. At an internal staff meeting this week, CEO Sam Altman reportedly confirmed the arrangement, noting that access during the preview period would be approved on a per-customer basis. The plan, apparently, is to graduate to a broader public release a few weeks later—assuming the limited rollout doesn't go sideways.

Two specific offices are behind the ask: the Office of the National Cyber Director and the Office of Science and Technology Policy. Both reportedly worked closely with OpenAI's team on the upcoming launch. This isn't a legal mandate—yet—but it's a far cry from the administration's early posture of "we're going hands-off on AI."

The Executive Order in the Room

Earlier this month, Trump signed an executive order directing certain AI companies to voluntarily submit new models for government testing and evaluation before public release. "Voluntarily" is doing a lot of work in that sentence, of course. When the administration is in the room telling your CEO how to stage a release, the line between voluntary and compelled gets philosophically interesting.

The irony here is thick. OpenAI has long positioned itself as the company most willing to race ahead—the one pushing the frontier, moving fast, occasionally breaking things. Now it's getting nudged into the cautious lane that Anthropic staked out months ago.

Anthropic Already Did This. Controversy Followed.

Earlier this year, Anthropic announced that Claude Mythos—its frontier cyber-focused model—would be available only to a small circle of vetted partners through something called Project Glasswing. The stated reasoning: the model was simply too capable at identifying and exploiting software vulnerabilities to release into the wild responsibly.

That announcement generated the predictable split reaction. Half the observers called it responsible AI deployment. The other half called it a masterclass in scarcity marketing—nothing makes people want access to something like telling them they probably can't have it. The honest answer is probably both things are true simultaneously.

The underlying concern is legitimate, though. Frontier cyber models—the kind specifically trained or fine-tuned to reason about software vulnerabilities—can allegedly identify and exploit security weaknesses at speeds no human analyst can match. That's not a hypothetical threat. LLMs have already demonstrated competence at writing functional malware, and NYU Tandon research has shown that certain models can autonomously execute ransomware attacks end-to-end. Cybercriminals were automating attacks long before generative AI showed up; they've just got considerably better tools now.

What We Actually Don't Know

Here's the frustrating part: because these high-capability cyber models stay locked away, it's genuinely hard to assess how dangerous they really are. The threat framing comes almost entirely from the companies building them, which creates an awkward incentive structure. Claiming your model is too powerful to release freely sounds responsible—it also conveniently makes the model sound impressive, justifies restricted access programs, and lets you control the evaluation narrative.

That doesn't mean the concerns are fake. It means we're being asked to calibrate risk based on largely unverifiable claims from parties with obvious skin in the game.

What's clear is that the era of "ship it and see what happens" is ending—at least for the headline models from the major labs. Whether that's because AI has genuinely crossed some capability threshold that demands caution, or because government pressure is reshaping release calculus regardless of actual risk, is a question worth sitting with. The answer shapes everything from how quickly capabilities diffuse to who benefits from them first.

Either way, the days of OpenAI just dropping a model on a Tuesday and watching the internet lose its mind? Apparently, those require prior approval now.