Ethics Is Strategy

My book is about building a system of trust around something fundamentally untrustworthy. This post is about choosing who to trust to build your black box — knowing that when your trust architecture fails, that’s what’s left.

I’ve spent the last year writing about trust as architecture. Transparency, explainability, alignment, control planes, verification — the whole apparatus an enterprise needs to deploy AI with confidence. My book, On Trust and AI, and the posts that followed it (The Verification Gap, When You Stop Owning Your Words, When Coding Becomes Cheap, Making Verification Tangible) all orbit the same core idea: you don’t earn trust by hoping the AI gets it right. You earn it by building systems that make the work of verification visible, and by keeping humans accountable at the points where it matters.

But there’s a layer underneath all of that, and until last week it was mostly theoretical.

Every framework I’ve written is designed to compensate for the fact that the model is a black box. Transparency, verification, control planes, human accountability — the whole architecture exists because you can’t see inside the thing. But architecture has gaps. Humans skip the review. The control plane misses an edge case. The governance loop breaks at 2 a.m. on a Friday. And when it does, what you’re left resting on is the model itself — and the company that built it. Their values, their training choices, their willingness to hold a line when holding it is expensive. That’s the layer I didn’t write much about, because I didn’t have a clean way to test it.

Now I do.

The $200 million test

On February 27, 2026, Anthropic walked away from a $200 million Pentagon contract rather than remove two safety restrictions: no fully autonomous weapons and no mass domestic surveillance of Americans. Within hours, the government designated it a supply chain risk — the first time that label had ever been applied to an American company. Within hours of that, OpenAI announced it would take the deal. The next day, the military used Claude in combat strikes against Iran anyway.

I wrote a detailed account of the facts. This post isn’t about the facts. It’s about what the facts reveal.

What played out over that week was not a policy disagreement. It was a live, public, high-stakes demonstration of something the AI industry has been arguing about in abstractions: does it matter what kind of company builds the model? Does the character of the vendor show up in the product? And if it does, can the market actually tell the difference?

The answer to all three, it turns out, is yes.

Ethics as a product feature

In When You Stop Owning Your Words, I described the difference between AI that coaches a human and AI that replaces one. The first scenario preserves accountability. The second hollows it out. The distinction isn’t about capability — both systems produce language. It’s about whether someone with skin in the game is standing behind what gets shipped.

Now scale that logic up from a single AI output to the model itself.

When you deploy Claude or ChatGPT inside your enterprise, you are not just licensing a capability. You are inheriting a set of decisions about what the model will and won’t do, how it was trained, what values were baked into its behavior, and what the company behind it considers non-negotiable. Those decisions propagate downstream through every application, every agent, every customer interaction that touches the model. The model’s ethics become your product’s ethics, whether you designed it that way or not.

This is where my book’s framework runs out of road. I wrote extensively about the architecture of trust precisely because the model can’t be trusted on its own — it’s a black box, and you build around it. Control planes, verification layers, human accountability. All of it designed to compensate for a foundation you can’t see into. But no architecture is perfect. When it degrades — and it will — you end up resting on the model itself, and on the company that decided what it would and wouldn’t do. The Pentagon showdown forced that question into the open: when your architecture breaks down, what kind of company do you want to be left resting on?

Two companies, two answers

Anthropic and OpenAI were asked the same question by the same customer. Both drew the same two lines: no autonomous weapons, no mass surveillance. The difference was in the mechanism. Anthropic insisted on explicit contractual language. OpenAI accepted the Pentagon’s “all lawful purposes” standard and layered its own safeguards on top.

That difference sounds procedural. It isn’t.

A contractual restriction is a binding commitment. It creates legal recourse if violated. It means the vendor has placed a constraint on itself that survives changes in leadership, changes in strategy, and changes in political pressure. It’s the corporate equivalent of what I described in my book as “trust that rests on something outside the model” — an external, auditable, enforceable boundary.

A voluntary safeguard is a policy. Policies are valuable, but they are revocable. They depend on the goodwill of the people currently in charge. They survive exactly as long as the incentives that created them. When Sam Altman admitted the deal was “opportunistic and sloppy” and began renegotiating terms days later, he demonstrated exactly how fragile that layer is.

In the language of Chapter 7 of my book: Anthropic offered a trust mechanism. OpenAI offered a trust signal. The market knew the difference.

The market as a trust detector

The consumer response was immediate and dramatic. Claude went to number one on the App Store. More than a million people signed up per day. The #CancelChatGPT movement claimed 2.5 million participants. ChatGPT uninstalls surged by 295%.

But the enterprise data tells a more structural story. According to Ramp, Anthropic’s share of combined business spending with OpenAI reached approximately 65% by February 2026, up from 10% at the start of 2025. More than 500 customers were spending over a million dollars a year. And critically, most of those customers were adding Anthropic as a second vendor, not replacing OpenAI. The market was not reshuffling. It was expanding — and the expansion was disproportionately flowing toward the company that had just demonstrated it would absorb a $200 million loss rather than compromise on two principles.

That pattern should be familiar to anyone who has read what I’ve written about where value is heading in the AI economy. In When Coding Becomes Cheap, I argued that when the cost of producing software collapses, value migrates toward whatever remains scarce: verification, accountability, operational reliability, proof. The same logic applies to model companies. When every frontier lab offers comparable capabilities — and they increasingly do — the differentiator stops being what the model can do. It becomes what the company behind it will and won’t do. The scarce resource is not intelligence. It’s integrity.

Why this matters for your enterprise

If you’re a leader deploying AI, this story has direct implications for how you think about vendor selection.

My book describes a dual mandate: you must adopt AI to remain competitive, and you must govern it to manage the novel risks it introduces. What the Pentagon conflict makes clear is that the dual mandate extends below your own organization. It reaches into the values of the company that built the model sitting at the center of your stack.

Consider the analogy I keep returning to. In When You Stop Owning Your Words, I described what happens when an enterprise ships unreviewed AI outputs: the customer discovers that the firm silently delegated judgment to something that cannot explain itself, cannot be held to account, and doesn’t have any stake in what it damages. The trust collapse is immediate.

Now extend that one more layer. What happens when the customer discovers that the model your enterprise relies on was built by a company that, when tested, chose revenue over principle? That accepted government terms it privately disagreed with because the alternative was losing a contract? That the brain of your intelligent enterprise was built by people who, under pressure, folded?

The damage is not hypothetical. It propagates. Your control plane, your verification layer, your human-in-the-loop governance — all of it is built to compensate for a model you can’t fully see into. But those layers have gaps. They degrade under load, under speed, under the pressure of a team that skips the review because the deadline moved. And when they degrade, what’s left is the model — and whatever the company behind it decided was non-negotiable. If the vendor’s boundaries are negotiable, then every gap in your architecture becomes a live risk, whether you designed it that way or not.

The ethics premium

There is a cynical reading of this story: Anthropic made a calculated bet that the PR value of walking away would exceed the revenue lost. I don’t think that reading survives contact with the facts. The company didn’t know how the public would react. It didn’t know whether the supply chain risk designation would cripple its government business permanently. It didn’t know whether its investors would tolerate the stance. It had every financial incentive to comply, and it chose not to.

That matters because trust, the real kind, is not produced by optimization. It is produced by costly signals — decisions that are expensive to fake. Game theorists call this credible commitment. Behavioral economists call it skin in the game. I’ve been calling it verification. Whatever the label, the mechanism is the same: you demonstrate trustworthiness by incurring a cost you didn’t have to incur, in a situation where defection would have been easier and more profitable.

Walking away from $200 million is a costly signal. Getting labeled a supply chain risk by your own government is a costly signal. Watching your competitor take the deal you refused and then choosing not to reverse course — that is a very costly signal.

The market understood this intuitively. People saw a company that held a line under pressure, and they moved toward it. Not because Claude is a better model — by many measures the products are comparable — but because the company behind it demonstrated something the product alone cannot prove.

The missing chapter

So the market can tell the difference. That validates the book’s framework. It also reveals what the framework was missing.

Every framework I offer — the three pillars of trust, the control plane, the governance loops, the economics of verification — is an answer from the inside out. Architect the system correctly. Keep humans accountable. Make verification visible. This post is meant to encourage you to also ask the question from the outside in: what kind of company do you trust to build the brain of these systems in the first place?

That is what I mean when I say ethics is strategy. Not ethics as a compliance checkbox. Not ethics as a page on the website. Ethics as the thing your architecture degrades to when everything else fails — and the thing that determines whether those failures are recoverable or catastrophic.

If what’s underneath is negotiable, everything above it is borrowed time.

---