Summary of Major Developments
- NSPM-11 signed June 5, Fact Sheet released June 6: President Trump signed National Security Presidential Memorandum NSPM-11 on June 5, 2026, formally directing the national security enterprise to accelerate the integration of frontier AI models into defense and intelligence infrastructure. The White House released the public Fact Sheet on June 6. NSPM-11 is the national security companion to the June 2 Executive Order on AI Innovation and Security, which governs civilian federal agencies. Together the two instruments constitute the most comprehensive US government AI governance framework since the Biden administration’s October 2024 National Security Memorandum.
- Eight AI companies already deployed on classified networks: The Department of War confirmed in May 2026 that eight leading AI companies — including SpaceX (Grok/xAI), OpenAI, Google, NVIDIA, Reflection, Microsoft, Amazon Web Services, and Oracle — have active agreements to deploy AI capabilities on classified Impact Level 6 and Level 7 networks for warfighter use. NSPM-11 provides the formal national security policy framework governing these deployments and all future classified AI integrations.
- Civil liberties guardrails explicitly written into the memo: NSPM-11 contains a direct prohibition that is notable for its specificity: ‘American AI technologies shall neither be developed nor used by the national security enterprise to censor free speech, embed ideological bias, or conduct unauthorized or unlawful surveillance activities.’ Commanders, directors, and agency heads are personally accountable for ensuring these prohibitions are observed at every level of command.
Technical Breakdown: What NSPM-11 Actually Directs
NSPM-11 operates across three distinct layers of the national security enterprise’s AI integration challenge. The first layer is deployment acceleration: the memorandum directs all national security agencies to prioritise the adoption of frontier AI capabilities across classified networks, with the eight-company May 2026 deployment agreements serving as the operational foundation. The direction is explicit — AI adoption in the national security enterprise should be treated as an urgent operational priority, not a long-term research programme.
The second layer addresses the governance and accountability structure for AI systems operating in high-stakes military and intelligence contexts. The memorandum requires the Secretary of War to update DOD Directive 3000.09 on Autonomy in Weapon Systems within 90 days of signing — a directive that governs when and how autonomous systems can make lethal or operational decisions without direct human authorisation. The update is to be reviewed annually to account for the rapid evolution of AI capabilities. Within 120 days, the Secretary of War and the Director of the NSA must submit standardised AI Test, Evaluation, Verification, and Validation (TEVV) methodologies for high-security AI systems — the technical quality assurance framework that governs whether an AI system meets the performance and safety bar required for classified deployment.
The third layer — and the one with the most significant commercial implications for AI vendors — is the access continuity provision. The Fact Sheet’s language indicates that once AI capabilities are deployed in national security contexts, vendors cannot unilaterally restrict or withdraw access. This provision directly addresses the tension that emerged in May 2026 when Anthropic publicly stated it would not support deployment of Claude for offensive military applications. The NSPM-11 framework appears designed to ensure that AI vendors who enter classified deployment agreements cannot subsequently restrict government access to those capabilities based on their own commercial or ethical judgements after the fact.
The civil liberties prohibition in NSPM-11 — banning AI use for domestic surveillance, free speech censorship, or ideological bias — represents a structural constraint on how military and intelligence agencies can deploy the AI systems they are now being directed to adopt. These prohibitions are not aspirational policy goals; they are operational directives with personal command accountability attached. A commander who authorises the use of AI for unlawful surveillance under NSPM-11 faces personal accountability under the memorandum’s accountability framework, separate from any existing legal exposure.
| NSPM-11 Directive | Timeline | Responsible Agency | Commercial Impact |
| Accelerate frontier AI adoption across classified networks | Immediate — already in effect via May 2026 DoW agreements | Department of War + all national security agencies | 8-company vendor list established; Anthropic absent |
| Update DOD Directive 3000.09 (Autonomy in Weapon Systems) | 90 days from June 5 = September 3, 2026 | Secretary of War | Defines autonomous AI decision authority for all vendors |
| Submit standardised AI TEVV methodologies | 120 days from June 5 = October 3, 2026 | Secretary of War + NSA Director | Sets technical bar for classified AI system approval |
| Prohibit AI for surveillance, censorship, ideological bias | Immediate — operational prohibition | All commanders, directors, agency heads — personally accountable | Limits allowable use cases for all vendor deployments |
| Establish access continuity for deployed systems | Embedded in deployment agreements | Department of War + contracting agencies | Vendors cannot unilaterally withdraw access post-deployment |
Commercial and Enterprise Market Impact
The most commercially significant aspect of NSPM-11 for the AI vendor market is the structural exclusion of Anthropic from the eight-company classified deployment list. Anthropic’s public statements in May 2026 — indicating the company would not support deployment of Claude for offensive military applications — appear to have resulted in its absence from the DoW’s announced vendor partnerships. For a company that leads the enterprise AI market share metrics and is preparing an IPO, the government AI market exclusion represents a material gap in its total addressable market.
The government AI market — classified networks, defence procurement, intelligence community contracts — is one of the most durable and highest-margin segments in enterprise software. Contracts are multi-year, non-competitively awarded in many cases, and priced at rates that reflect the security requirements and switching costs involved. Companies that establish themselves on classified networks in 2026 will be positioned to hold those positions for five to ten years through the combination of security clearance requirements, integration depth, and procurement inertia.
“NSPM-11’s access continuity provision is the clause that will define vendor negotiations for the next decade. The government is saying: once you are in, you cannot walk out. That changes the risk calculus for every AI company considering a classified deployment agreement. Anthropic’s decision to stay out of offensive military applications looks strategically cleaner in this light — it avoided a contract structure that would have constrained its future commercial and ethical freedom.” — National Security Technology Policy Analyst, Washington DC, June 2026
“The personal command accountability framework in NSPM-11 is genuinely novel. Previous US policy frameworks made organisations accountable; NSPM-11 makes individual commanders accountable for AI civil liberties compliance at every level of command. That changes the deployment decision calculus for military AI significantly — a commander who approves a borderline AI application now has personal exposure, not just organisational exposure.” — Defense Technology Policy Analyst, national security research, June 2026
Frequently Asked Questions
What does NSPM-11 say about AI vendors cutting access to military systems?
NSPM-11 and its associated deployment agreements establish a framework under which AI capabilities deployed in classified national security contexts cannot be unilaterally withdrawn by vendors after deployment. The Fact Sheet language indicates that once AI systems are integrated into defense and intelligence infrastructure, access continuity is a contract obligation. This provision emerged in the context of the May 2026 tension with Anthropic, which stated it would not support deployment of Claude for offensive military applications. The NSPM-11 framework is designed to prevent vendors from restricting government access to deployed AI capabilities based on their own subsequent commercial or ethical judgements.
Which AI companies are NOT on the Pentagon’s classified network list?
The Department of War’s May 2026 announcement named eight companies with classified deployment agreements: SpaceX (Grok/xAI), OpenAI, Google, NVIDIA, Reflection, Microsoft, Amazon Web Services, and Oracle. Notably absent is Anthropic, despite Claude holding the highest enterprise AI market share as of April 2026 per Ramp’s AI Business Spend Index. Anthropic’s absence is widely attributed to the company’s public statements about not supporting deployment of Claude for offensive military applications. The commercial consequence is that Anthropic is currently excluded from the government AI market segment that NSPM-11 is rapidly expanding.
What does NSPM-11 prohibit AI from doing in national security contexts?
NSPM-11 explicitly prohibits the national security enterprise from developing or using AI to censor free speech, embed ideological bias, or conduct unauthorised or unlawful surveillance of American citizens. The memorandum states that civil liberties and constitutional protections are non-negotiable, and makes commanders, directors, and agency heads personally accountable for ensuring these prohibitions are observed at every level of command. These are operational directives with personal accountability attached, not aspirational policy goals.
Sources
White House. (2026, June 5). NSPM-11: National Security Presidential Memorandum on AI. https://www.whitehouse.gov/presidential-actions/2026/06/national-security-presidential-memorandum-nspm-11/
White House. (2026, June 6). Fact Sheet: President Trump Signs Historic Directive on AI in the National Security Enterprise. https://www.whitehouse.gov/fact-sheets/2026/06/fact-sheet-president-donald-j-trump-signs-historic-directive-on-ai-in-the-national-security-enterprise/
American Presidency Project. (2026, June 6). White House Fact Sheet: President Donald J. Trump Signs Historic Directive on AI in the National Security Enterprise. https://www.presidency.ucsb.edu/documents/white-house-fact-sheet-president-donald-j-trump-signs-historic-directive-ai-the-national
A.O. Shearman. (2026, June 3). White House issues executive order on AI and cybersecurity. https://www.aoshearman.com/en/insights/trump-administration-issues-executive-order-on-ai-and-cybersecurity
Lawfare. (2026, June 3). White House Releases Executive Order on AI. https://www.lawfaremedia.org/article/white-house-releases-executive-order-on-ai
Inside Privacy. (2026, June 3). White House Releases Executive Order on Advanced AI Innovation and Security. https://www.insideprivacy.com/artificial-intelligence/white-house-releases-executive-order-on-advanced-ai-innovation-and-security/
