There is a quiet assumption baked into nearly every AI strategy deck written in the last two years. The assumption is that the model will be there tomorrow. You build a workflow on a frontier model, you wire it into your systems, you train your people on it, you put it in a slide with an upward arrow, and you plan your roadmap around capabilities you expect to keep getting better and to keep being available.
The last week of June 2026 put a crack in that assumption. The arrow, it turns out, has terms and conditions.
When OpenAI launched its strongest model yet, GPT-5.6 Sol, it did not launch the way new flagship models usually do. It launched to a small circle. Not because of a bug, not because of a capacity crunch, but because the government asked. OpenAI said so directly: "At their request, we are starting with a limited preview for a small group of trusted partners whose participation has been shared with the government, before releasing more broadly." (OpenAI, Previewing GPT-5.6 Sol)
That single sentence is one of the clearest enterprise AI signals this year, and most businesses scrolled right past it on the way to asking the model to write a LinkedIn post.
OpenAI began a limited preview of the GPT-5.6 series: Sol, the flagship, plus Terra and Luna, the mid and budget tiers. The company framed broad access as the goal, then explained the detour. The reason was capability, specifically cybersecurity. OpenAI said the model shifts the performance-efficiency frontier for long-horizon security tasks, including vulnerability research and exploitation, while also stating that it did not demonstrate the ability to autonomously carry out end-to-end attacks against hardened targets.
A model that is genuinely good at finding software vulnerabilities is useful to defenders and useful to attackers. It is the same knife that slices the bread and worries the parents. That dual-use quality is exactly why the rollout got gated. OpenAI was candid that it does not see this as a precedent it wants to live with. In its own words, "We don't believe this kind of government access process should become the long-term default." (OpenAI, Previewing GPT-5.6 Sol; see also reporting from TechCrunch)
CEO Sam Altman said much the same thing publicly, and his framing matters because of how reasonable it sounds. He called the phased approach defensible while admitting it was not the plan: "this isn't quite the process that we think is optimal." He also confirmed the trigger plainly, noting the model launched in limited preview "at the request of the US government." (Sam Altman on X, June 26, 2026)
This is not a conspiracy. It is not an overreach story. By every account, the labs and the government are cooperating in good faith on a hard problem. That is precisely what makes it worth paying attention to. Nobody twirled a mustache. For this release, a government-influenced access process was used, the cooperation was friendly, the paperwork was in order, and a practical precedent now exists. Mechanisms built in good faith do not always stay confined to good-faith situations, which is a lesson history teaches roughly once per generation and we forget roughly once per generation.
The story is not that the government turned off a model. The story is that frontier-model access can now be shaped by policy, safety review, compute scarcity, and vendor discretion. For business leaders, that makes AI dependency mapping and model portability a real continuity-planning issue.
The story is that frontier-model access can now be shaped by policy, safety review, compute scarcity, and vendor discretion. For business leaders, that makes AI dependency mapping and model portability a real continuity-planning issue.
The gate did not stay closed for long. After about two weeks, OpenAI moved GPT-5.6 to general availability on July 9, 2026, across ChatGPT, Codex, and the API, and the models are broadly accessible today. That resolution matters, but not in the way a skeptic might hope. A restriction being temporary does not erase the precedent; it confirms the shape of it. A frontier model was held back at a government's request and then released once the process allowed. The lane was built, used, and left standing for the next release. The planning lesson is not "the model came back." It is that access now runs through a gate that did not exist a year ago, and gates, once built, tend to stay built.
A caveat matters here: this does not prove a universal government off switch, and it does not mean every future model launch will follow the same path. It shows that access to frontier AI can become conditional when capability, safety, policy, and scarcity collide. That is enough to warrant planning without drifting into theater.
AI sovereignty is the degree of real control your organization has over the AI capabilities it depends on. It asks a simple question with uncomfortable answers: if the model you built your workflow on disappeared, changed, or became restricted next quarter, what happens to your business?
Most companies have never asked it, in the same way most people never ask whether the bridge they drive over every day was inspected recently. They treat access to a frontier model the way they treat access to electricity, an always-on utility billed by usage. The GPT-5.6 launch is a reminder that frontier AI is not a utility. It is a product, delivered by a private company, operating inside a regulatory environment that is changing in real time, and increasingly subject to government input on who gets the best capabilities and when. Your power company, whatever its faults, has never put your toaster into limited preview.
Sovereignty is not about paranoia or about abandoning the major providers. The major labs are where the best capabilities live, and that is not changing. Sovereignty is about knowing your exposure and engineering for it, the same way a mature business plans for a key vendor, a single supplier, or a sole-source dependency in any other part of operations. It is insurance, not a bunker.
The concern is not that a government will dramatically pull the plug on AI tomorrow. The concern is the slope, because every step on it looks perfectly reasonable from the step before. Slippery slopes never feel slippery while you are standing on them. They feel like a series of sensible meetings.
Step one is gating on capability. That is the step the GPT-5.6 preview just walked, in public. The most capable models get held back from broad release while safety, evaluation, and government coordination catch up. Reasonable. And the fact that it later relaxed does not un-walk the step; it simply shows the step is survivable, which is exactly what makes it easy to take a second time. OpenAI itself described coordinating with the Administration on a "cyber Executive Order framework and a repeatable process for future model releases."
Step two is the process becoming routine. A "repeatable process for future model releases" is, by definition, a process that repeats. That is the whole charm of the word. Once early access to frontier models runs through a government review lane, that lane becomes the normal path, not the exception. The temporary becomes the default, which is exactly the outcome OpenAI said it wanted to avoid, and exactly the outcome temporary things specialize in becoming.
Step three is differentiated access. If government review determines who gets early or full access, then access becomes a lever. Trusted partners get the frontier. Everyone else waits, or gets the throttled tier. The decision about which businesses operate with the best AI starts to live partly outside the market and partly inside a process you were not invited to.
Step four is conditioned access. Once access is a lever, it can carry conditions. Compliance requirements, monitoring requirements, usage restrictions by sector or use case. Again, much of this will be defensible on its own terms. Each condition arrives wearing a lanyard and a good reason. That is what makes a slope a slope.
Step five is revocation risk. At the far end, the same operational capability used to determine who gets access and when can also restrict or revoke access under defined conditions. Nobody has to intend the bottom of the slope for the slope to exist. Control infrastructure remains control infrastructure, regardless of who is standing at the top of it or how good their intentions are this particular fiscal year.
You do not have to believe any specific government will walk all five steps. You only have to recognize that the first step has been taken, in public, with everyone's agreement, and that the steps are wired together like a string of holiday lights.
AI sovereignty is not only a question of what your own government does. It is a question of a global system where capability, compute, and access are all becoming instruments of policy.
The compute layer makes this concrete. In the same week, multiple reports said Google capped how much of its Gemini models Meta could use because of compute constraints. Earlier that month, reporting detailed Google's agreement to lease substantial external AI compute capacity through SpaceX/xAI infrastructure. When one of the largest infrastructure owners on earth is rationing access for another trillion-dollar technology company and leasing outside GPU capacity at massive scale, the lesson lands: the supply underneath AI is finite and contested, and access can be throttled from above, whether the throttle is government policy, commercial priority, or a vendor quietly running out of chips.
Then there is the international picture. Several recent reports point to rapid progress by Chinese AI labs, including models positioned as lower-cost competitors to leading Western systems. Treat that as directional context, not as a settled ranking of the frontier. It matters for sovereignty because it shows that frontier capability is becoming more distributed across vendors and countries. That reduces some forms of dependency while increasing the odds that governments treat AI as strategic infrastructure worth controlling. Nothing makes a technology feel strategic quite like watching someone else get good at it.
Capability gating, compute rationing, and geopolitical competition are not three separate stories. They are three faces of the same shift: AI is moving from product to strategic asset, and strategic assets get controlled. That is practically the definition of the word.
Here is the good news, and it is the part that should sound familiar to any leader who has built a resilient IT operation. The defense against sovereignty risk is not exotic. It is the same boring, effective discipline that protects you from any concentrated dependency: know your exposure, reduce single points of failure, and govern what you build. AI sovereignty risk is a vendor-concentration and business-continuity problem wearing a futuristic costume, and the costume comes off the moment you treat it like the supply-chain question it actually is.
Map your model dependencies. You cannot protect what you have not inventoried. List every workflow, product, and process that depends on an external frontier model. For each one, record which model, which provider, what it would cost you if that specific model became unavailable or restricted, and how quickly you could switch. Most organizations have never drawn this map, partly because a real chunk of their AI usage is shadow AI — unsanctioned tools employees adopt on their own that never make it onto any official inventory. Our Shadow AI Playbook walks through how to surface that hidden usage and channel it into something governable. The first version of the map will be uncomfortable. Good. Discomfort means it is accurate.
Tier your workflows by criticality. Not every use of AI carries the same risk. A marketing team drafting copy can tolerate a model swap. A core product feature or a customer-facing system built on a single frontier model cannot tolerate a surprise. Separate the nice-to-have from the load-bearing, and spend your sovereignty planning where an outage would actually generate phone calls.
Design for model portability. The single most powerful protection is the ability to switch models without rebuilding everything you own. Abstract your AI access behind an internal layer or gateway rather than hardcoding one provider's specifics into every integration. Use a model router so you can redirect traffic. Avoid building so deeply around one provider's unique features that leaving becomes a six-month project with its own steering committee. Portability is to AI what multi-sourcing is to a supply chain: unglamorous, slightly annoying to set up, and priceless on the bad day.
Keep a viable fallback. Maintain at least one tested alternative for critical workflows, whether a second commercial provider or a capable open-weight model you can run yourself. The open-weight ecosystem matters here precisely because it cannot be gated the same way: a model you have already downloaded and can run on your own infrastructure does not require anyone's permission to keep running. It may not be the frontier, but a known, available, good-enough model beats a brilliant frontier model you suddenly cannot reach. A reliable sedan in the driveway beats a Ferrari behind a locked gate.
Govern the data layer you control. You may not control the model, but you control your data, your prompts, your retrieval systems, and your institutional knowledge. The more your AI value lives in well-governed data, clean retrieval, and documented workflows rather than in one model's specific personality, the more portable and durable your AI program becomes. Your moat should be your data and your process design, not your emotional attachment to a single vendor's weights.
Watch the policy environment as an operational input. Executive orders, access frameworks, and export rules are no longer background noise for the legal team to mutter about. They are operational variables that can change what tools your business can use next quarter. Someone in your organization should be tracking AI policy the way you track any regulatory change that affects operations, ideally before it affects operations.
Sovereignty is not built the week the model gets gated. It is built in the quarters before, when switching is still cheap, the map is still accurate, and nobody is panicking in a conference room.
Before assuming your AI capability is something you own rather than something you are renting month to month, leadership should ask blunt questions. Which external models are our critical workflows built on right now? If our primary provider restricted access tomorrow, which products or processes stop working? How long would it take us to switch models, and have we ever actually tested it, or do we just believe it would go fine? Do we have a tested fallback for anything business-critical?
The questions continue into governance. Who in our organization is tracking AI policy and access changes? Is our AI value concentrated in one provider's specific features, or in our own data and workflow design? Could we run a meaningful version of our AI operation on a model nobody can revoke? If the answer to that last one is "we assume so," that is not a yes. That is a project that has not started.
01. If the single best model you currently depend on launched in "limited preview" next quarter and your company was not on the list, what specifically in your business would break, and how would you explain it on the Monday call?
02. When access to a frontier model changes, who in your organization owns the response: IT, product, security, legal, or the person who picked the vendor in 2024 and has been quietly hoping nobody would ask?
Those answers reveal whether AI is a capability you have engineered for resilience or a dependency you have simply assumed will always be there, like the office coffee machine, right up until the morning it isn't.
Visibility
☐ Inventory every workflow and product that depends on an external frontier model.
☐ Record the provider, the model, the switching cost, and the switching time for each.
☐ Tier workflows by how badly an outage or restriction would actually hurt.
Resilience
☐ Abstract model access behind an internal gateway or router for portability.
☐ Maintain and actually test a fallback model for every business-critical workflow.
☐ Keep a capable open-weight option available for the most critical use cases.
Governance
☐ Concentrate AI value in your own data, retrieval, and workflow design, not vendor lock-in.
☐ Assign an owner to track AI policy, access frameworks, and export rules.
☐ Review model dependencies and switching readiness quarterly.
The GPT-5.6 launch made a quiet kind of history. A leading lab held back its strongest model from broad release at a government's request, said openly that it hoped this would not become the norm, and proceeded because it viewed the phased release as the fastest responsible path forward. Everyone behaved reasonably. Everyone meant well. And a mechanism for shaping who gets frontier AI access is now visible to the businesses downstream of it. The preview has since ended and the models are widely available again — but the mechanism it revealed has not gone anywhere.
The lesson for business leaders is not to fear AI or to abandon the major providers. It is to stop treating access to frontier models as a permanent, guaranteed utility that arrived from the heavens with a service-level agreement. AI capability is delivered by private companies, runs on contested compute, and is increasingly shaped by government policy. That is a concentrated dependency, and concentrated dependencies get managed, not assumed.
Sovereignty means knowing your exposure, building for portability, keeping a fallback nobody can revoke, and anchoring your AI value in the data and workflows you actually control. Companies that do this will keep operating no matter who gets early access to the next flagship model. Companies that do not will discover how much of their strategy was borrowed on the day the borrowing stops, and that is a remarkably expensive day to learn an otherwise free lesson.
The future belongs to businesses that can use AI well. Using it well now includes the deeply unglamorous part where somebody made sure the company would survive losing access to any single model, and then went back to their actual job.
Sovereignty is built in the quiet quarters before a model gets gated — when the dependency map is still accurate and switching is still cheap. CompassMSP's AI Enablement & Automation practice helps mid-sized businesses map their model dependencies, design for portability, stand up tested fallbacks, and govern AI use so that a single vendor's decision never becomes your outage.