Skip to content
Anthropic v. DoW

Issue

APA — Supply Chain Designation (10 U.S.C. § 3252)

Doctrinal framework

APA § 706(2)(A), (C), (D). Statutory authority must come from the text of § 3252, which targets risk that an "adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert" a covered system.

Procedural requirements at § 3252(b)(2)(B) and (b)(3)(B) include a written determination that less intrusive measures are not reasonably available; 48 C.F.R. § 239.7304(a) requires risk assessment from the Under Secretary of Defense for Intelligence.

Status after the PI

Three independent APA problems found.

(a) The designation falls outside the statute's text — government counsel could not identify record evidence that Anthropic has technical capability to alter or stop Claude in DoW environments after deployment.

(b) Procedural defects — the six identical letters to congressional committees did not discuss less intrusive measures, and the assessment came from the wrong Under Secretary (Michael, who led contract negotiations).

(c) Arbitrary and capricious / pretextual under Department of Commerce v. New York.

Open questions

Whether the major questions doctrine applies (Lawfare argument, drawing on the Roberts plurality in the SCOTUS IEEPA tariffs decision earlier in 2026).

Whether the Acronis AG designation (Sept. 2025) is the only meaningful precedent and how much weight to give that.

Related on this site

Sources & authority

  1. 1.OpinionPI Opinion (Dkt. 134, N.D. Cal., Mar. 26, 2026) · source-docs/134-pi-opinion.txt
  2. 2.Authority10 U.S.C. § 3252 — DoD Supply Chain Risk authority
  3. 3.Authority48 C.F.R. § 239.7304 — Risk assessment requirement
  4. 4.AuthorityMotor Vehicle Mfrs. Ass'n v. State Farm · 463 U.S. 29 (1983)
  5. 5.AuthorityDepartment of Commerce v. New York · 588 U.S. 752 (2019)

← All issues