Trust Without Verification: The OpenAI Pentagon Problem
Anthropic lost its Pentagon contract for publicly stating its red lines. OpenAI won by claiming similar red lines privately. The result is a system that rewards opacity and punishes transparency.
The Asymmetry
The core paradox of the Pentagon AI crisis is not complicated. Anthropic published its responsible scaling policy, which included explicit statements about autonomous weapons, nuclear systems, and military decision-making. The Pentagon read those public commitments and used them as the basis for a supply chain risk designation. OpenAI, which maintains its own usage policies with similar language about military applications, negotiated its Pentagon contract through private channels and classified briefings. One company was punished for saying something publicly. The other was rewarded for saying similar things privately.
MIT Technology Review’s analysis identified this as a “transparency trap”: the company that communicated openly with the public about its safety commitments gave the government a documented basis for retaliation, while the company that kept its commitments behind closed doors preserved its flexibility and its contracts. The incentive structure could not be clearer. If you want to do business with the US government, do not tell the public what you will and will not do. Tell the government privately, where there is no public record, no accountability mechanism, and no way for civil society to evaluate whether the commitments are real.
The Verification Gap
The Intercept reported that OpenAI’s Pentagon contract includes classified annexes that reportedly contain “safety commitments and use restrictions” analogous to Anthropic’s public policies. If accurate, this means both companies have articulated similar boundaries — but only one did so in a way that allows external verification. Anthropic’s commitments are published, cited by researchers, and subject to public scrutiny. OpenAI’s commitments, if they exist in classified annexes, are visible only to the contracting parties and to Congressional oversight committees with appropriate clearances.
This matters because safety commitments without external verification mechanisms are not safety commitments. They are promises. The entire history of defense contracting is a record of promises made in contract negotiations and subsequently eroded through amendments, waivers, and scope changes. The OpenAI contract has already been amended multiple times in its first two weeks. Without public visibility into what those amendments changed, there is no way to assess whether the original safety commitments — assuming they existed — remain intact.
The Altman Calculation
The Atlantic published a profile of Sam Altman’s approach to the Pentagon relationship, describing a strategy of “strategic ambiguity” in which OpenAI maintains public-facing safety language for its commercial products while negotiating military-specific terms through classified channels. The profile quoted a former OpenAI policy employee who described the approach as “saying the right things to the right audiences”: safety commitments for the AI research community, flexibility commitments for the defense establishment, and a wall of classification between the two conversations to prevent contradictions from becoming visible.
Whether this characterization is fair to Altman or to OpenAI is less important than what it reveals about the structural incentives. A system in which public safety commitments are punished and private flexibility is rewarded will, over time, produce companies that say less in public and promise more in private. The information asymmetry benefits the government (which gets AI companies competing to be accommodating behind closed doors) and harms the public (which loses visibility into how AI is being deployed in military contexts). It also harms the AI safety research community, which relies on published commitments as a mechanism for holding companies accountable.
What Trust Requires
Trust in the context of military AI deployment requires three elements that the current arrangement lacks. First, public standards: what does the government require from AI providers regarding autonomous systems, nuclear applications, and lethal decision-making? These standards do not exist in legislation. Second, independent verification: who confirms that AI providers are meeting their commitments, and do they have access to the classified environments where the systems operate? No such mechanism exists. Third, accountability for failure: what happens if an AI system is deployed in a way that violates its provider’s stated commitments? The current system has no answer. The result is that the Pentagon is deploying AI in classified military environments based on trust — trust in a company that has every commercial incentive to expand the scope of its military contracts and no external accountability mechanism to prevent it from doing so.