Week 30: Access Controlled
UN negotiations, premium models, hardware mega-projects and the rules defining frontier AI.
Another Monday, another post to keep you up to speed with the AI world. Here’s what happened in the global AI market this week.
The United Nations convened 169 countries in Geneva to figure out who controls access to frontier AI, and nobody left with an answer. Gemini 3.5 Pro started rolling out after missing its deadline twice. Fable 5 moved to a credits-only model, ending its inclusion in subscriptions. China gave ByteDance nine days to shut down humanlike AI agents for 345 million users. And South Korea committed $880 billion to semiconductor infrastructure in a single national plan.
Here’s everything you need to know before Monday gets the best of you.
UN AI Summit in Geneva Ends Without Agreement on Frontier Model Access
The inaugural UN Global Dialogue on AI Governance opened in Geneva on July 6, 2026, bringing together delegates from 169 countries for the largest multilateral AI governance conversation ever convened.
The two-day dialogue, mandated by UN General Assembly Resolution A/RES/79/325 and facilitated jointly by the ITU, UNESCO, and the UN Office for Digital and Emerging Technologies, ran through July 7. It fed directly into the ITU AI for Good Global Summit from July 7 to 10, and the first meeting of the UN AI for Good Global Commission on July 8.
The question on the agenda was not abstract. With the Fable 5 export-control incident fresh in every delegation’s mind, the practical question of which country or institution controls access to frontier AI models has become the most contested governance question in technology.
The dialogue produced no binding agreements. It was not designed to. The output is a structured set of inputs to the UN Secretary-General’s Advisory Body on AI and a mandate for further consultations through 2027.
What it did produce is visibility into how different blocs are positioning themselves. The US delegation pushed a voluntary standards framework aligned with what the White House is expected to announce shortly. The EU pushed for binding international treaty obligations covering export controls, minimum safety standards, and access rights.
China, present but cautious, argued for sovereignty-first governance that would give each nation full authority over AI systems operating within its borders. Developing nations, represented in unusually large numbers, made the most direct arguments: that governance frameworks built in Washington, Brussels, and Beijing will be designed around the interests of countries that already have frontier AI, not the 140-plus countries that do not.
The UN Secretary-General António Guterres gave the speech that generated the most coverage. He said AI is developing faster than global regulation can keep up with, called for “genuinely multilateral” rather than “plurilateral” AI governance, and used the Fable 5 incident directly as an example of a unilateral action by one country that had downstream effects on 169 others.
None of those affected nations had any formal mechanism to contest the decision or request a timeline for resolution. The framing is accurate, but it lacks a mechanism to change it.
This is why the Fable 5 incident, which prompted the urgency of this gathering, produced no concrete solution. The governance timeline and the capability timeline are running at different speeds, and Geneva made that gap official rather than closing it.
Why it matters
The world’s most significant multilateral AI governance event produced no binding agreements on the question that most urgently needed one: who decides which countries can access frontier AI, and what recourse exists when that decision is made unilaterally. The UN has now officially acknowledged the gap. Closing it is a different problem that nobody in Geneva had an answer to.
Gemini 3.5 Pro Rolls Out as the Most Affordable Frontier Model
Gemini 3.5 Pro began its gradual rollout in early July 2026, following an expanded Vertex AI enterprise preview that started in late June.
Google committed to a May general availability at Google I/O, drew audible groans from the developer audience who had already been told May once before, and then missed the June 30 GA target it confirmed in late June. This is the third self-imposed deadline the model has missed since it was first described publicly.
The confirmed specifications remain genuinely differentiated. It features a 2 million token context window, the largest of any production frontier model, doubling both Fable 5 and Claude Opus 4.8.
It also includes a Deep Think reasoning mode gated to the $250 per month Ultra subscription tier. Pricing is set around $1.25 input and $10 output per million tokens for the standard tier.
This makes Gemini 3.5 Pro the cheapest frontier-tier model currently available by a significant margin, well below Sol at $5/$30, Fable 5 at $10/$50, and Opus 4.8 at $5/$25.
The pricing is the thing developers have been waiting for, and the benchmarks are the thing Google has been careful not to publish on a committed date. As of this week, full benchmark data for Gemini 3.5 Pro remains unpublished for the standard tier.
Deep Think has posted 82.4 percent on GPQA Diamond, covered last issue, but the standard model’s performance across the coding, agentic, and instruction-following evaluations that enterprise teams use to make procurement decisions has not been released with the rollout.
Google’s stated reason is ongoing calibration based on enterprise preview feedback. The practical effect is that developers evaluating whether to migrate workloads from Sonnet 5 or GPT-5.6 Terra are doing so without the comparative data they need.
The 2-million-token context window and the sub-$2 input pricing are compelling on their face. Whether the model delivers on them at the task level is a question only early-access enterprise testers can answer, while the public cannot.
The delay context matters for how Alphabet’s leadership is reading this product internally. Four senior Gemini researchers left for Anthropic in the week of June 21-27. The model missed its public commitment.
The $84.75 billion equity raise that followed the $269 billion market-cap drop was explicitly framed as providing resources to rebuild the research team and close the compute gap.
Gemini 3.5 Pro shipping is the first concrete test of whether Alphabet can execute under the kind of pressure it has faced since the SpaceX IPO week. An unremarkable rollout to limited-enterprise users is not the test.
The question is what happens when it reaches general availability, if it does so this month, and whether the standard-tier benchmarks, when published, support the claim that the pricing reflects value rather than distress.
Why it matters
The cheapest frontier model in the market is now rolling out after three missed deadlines, without the comparative benchmarks developers need to evaluate it. The 2-million-token context window and sub-$2 input pricing are real advantages if the model performs. The question everyone is waiting for an answer to is whether it does.
Anthropic Ends Subscription Inclusion for Fable 5, Moving to Credits-Only
The billing change that Anthropic announced when it restored Fable 5 on July 1 took effect on July 8. From that date, accessing Fable 5 through Claude.ai, Claude Code, or Claude Cowork requires pre-purchased usage credits billed outside the standard subscription.
The API pricing is unchanged at $10 per million input tokens and $50 per million output tokens. What changed is the access mechanism for subscription users.
Previously, Fable 5 was included in Pro, Max, Team, and select Enterprise plans at no extra cost, subject to a 50 percent weekly usage limit, which was introduced when the model was restored after the export control shutdown. That inclusion is now gone.
If an account does not have usage credits enabled in the billing settings at claude.ai, Fable 5 access is disabled entirely, and the account falls back to Sonnet 5 or Opus 4.8, depending on the task.
The practical impact has split cleanly by user type. Individual developers and researchers who occasionally use Fable 5 for high-stakes tasks, complex reasoning, and cybersecurity work have largely moved to Sonnet 5 for routine work and are purchasing credits specifically for tasks that require Fable’s capability.
Enterprise teams with structured AI budgets have converted to credits-based billing without significant disruption, since their procurement processes already handle usage-based costs in other AI tools.
The group that has experienced the most disruption is the middle tier: power users on Pro or Max plans who had integrated Fable 5 into daily workflows under the assumption that subscription inclusion was permanent, and had not budgeted for per-task credits on top of their subscription cost.
Anthropic published a detailed guide to the billing transition, effective July 8th. This included advice on auditing, which workflows require Fable 5 versus which can be handled by Sonnet 5 at lower cost, and how to set spending caps on credits to prevent unexpected charges from agent loops that iterate longer than expected.
The credit system has a minimum top-up of $10 and no expiry, which limits the downside of pre-purchasing for infrequent Fable use.
The broader context is that Fable 5 at $10/$50 per million tokens is priced at twice the input cost and nearly three times the output cost of Claude Opus 4.8, and five times the input cost of Sonnet 5.
The billing cliff is the mechanism that enforces the distinction between the tiers. Whether that distinction holds depends on whether Fable 5 continues to perform at a level that justifies the premium for the tasks where it matters.
Why it matters
Fable 5 is now a premium credits product, not a subscription inclusion. For teams that were using it as a general-purpose model within their subscription, the cost structure just changed substantially. For teams that were using it selectively for high-stakes tasks, the change formalizes what was already the right approach.
China Orders ByteDance to Shut Down Humanlike AI Agents
China’s Interim Measures for the Administration of AI Anthropomorphic Interactive Services take effect on July 15, 2026.
ByteDance’s Doubao, China’s most-used AI app with 345 million monthly active users, is shutting down its humanlike and user-created agent features before the deadline.
The regulation, co-issued in April 2026 by the Cyberspace Administration of China and four partner agencies, requires AI services that simulate human personality to implement three specific controls: anti-addiction systems, mandatory usage notifications, and instant-exit mechanisms that allow users to immediately terminate AI interaction and return to a default non-AI state.
Doubao evaluated whether to retrofit existing agent architectures to compliance and concluded that rebuilding from scratch was more practical. Alibaba’s Qwen is making the same choice for its humanlike features.
The instant-exit requirement is the architectural blocker that forced the shutdown rather than a retrofit. An agent managing persistent memory and context across sessions cannot cleanly implement an exit that genuinely terminates its ongoing work.
A user who tells a persistent agent to stop mid-task while it is holding open connections to multiple services, modifying files, and maintaining session state cannot achieve the “return to default non-AI state” required by the regulation.
To do so, developers would have to either strip the agent of exactly the capabilities that make it useful or build a new architecture designed for that exit from the start.
ByteDance’s agent features built on Doubao’s existing stack were not designed that way. The compliance decision is a product rebuild, not a settings change.
ByteDance has indicated it may relaunch Doubao agents as a separate product under a compliance-first architecture in the future. Users can view their agent configurations and conversation histories in read-only mode until October 15, 2026, after which Doubao says the data will be permanently inaccessible.
Alibaba has made no similar commitment for Qwen’s agent features. The July 15 deadline applies to both platforms and every other service in China that runs humanlike AI agents, which cover a significant portion of the Chinese consumer AI market.
The regulation is China’s first direct legislative action specifically targeting agentic AI behavior, arriving roughly at the same time Western governments are still debating what voluntary frameworks for agentic AI should look like. China chose mandatory rules and a hard deadline. The agents went offline.
Why it matters
China just ordered a shutdown on humanlike AI agents for 345 million users with a hard legislative deadline and mandatory architectural requirements. Western governments are still debating voluntary frameworks. The gap between those two governance timelines is visible and widening.
South Korea Commits $880 Billion to Global Semiconductor Dominance
South Korea announced an $880 billion ten-year investment plan covering semiconductors, AI infrastructure, and robotics, with Samsung and SK Hynix committing a combined $518 billion toward new chip fabrication sites and expanded High Bandwidth Memory production.
The plan was announced this week and is the largest single-country semiconductor investment commitment in history, exceeding the US CHIPS Act, Europe’s Chips Act, and Japan’s semiconductor revival program combined in absolute dollar terms over the same horizon.
South Korea is not starting from zero: Samsung and SK Hynix together already hold leading global positions in DRAM, NAND, and HBM, the three categories of memory that AI data centers depend on.
The $880 billion is not a bet on an industry that doesn’t exist. It is a bet on extending an already established lead, and that China and the US are both trying to close.
The HBM context is the most strategically significant part of the announcement. High Bandwidth Memory is the component that limits how fast AI accelerators can process data.
Every major AI chip, Nvidia’s Blackwell and Rubin architectures, Google’s TPUs, AMD’s MI series, and OpenAI’s Project Titan, depends on HBM supplied primarily by SK Hynix and Samsung.
SK Hynix holds the supply lead for the current Blackwell generation, and both companies are competing to be the primary HBM supplier for the next architecture.
The $518 billion commitment from the two companies is, in large part, a commitment to maintain that position against rapidly improving competitors in China, where CXMT is developing domestic HBM at a pace that industry analysts describe as two to three years behind SK Hynix’s current generation, narrowing from a wider gap than it was twelve months ago.
The announcement was timed to land the same week as SK Hynix’s NYSE debut, covered last issue, which priced the company’s US listing and gave American institutional investors direct equity exposure to HBM supply for the first time.
South Korea’s government framed the $880 billion plan as much a national security measure as an economic one.
Losing the HBM supply position would not just affect Samsung and SK Hynix’s revenues; it would make South Korea’s most strategically valuable export dependent on Chinese and Taiwanese alternatives at a moment when the geopolitical reliability of both is under active discussion.
The investment is designed to ensure that doesn’t happen on a ten-year horizon. Whether $880 billion is enough to hold that position depends on how fast competitors close the gap.
Why it matters
The country that holds the lead in the memory chip that every AI accelerator depends on just committed $880 billion to keep the lead. South Korea’s HBM position is one of the most strategically important assets in the global AI supply chain. The plan to protect it at this scale is the clearest sign yet that every major player understands the hardware race is as consequential as the model race.
Kimi K2.7 Code Becomes First Open-Weight Model in GitHub Copilot
Moonshot AI’s Kimi K2.7 Code became the first open-weight model available inside GitHub Copilot this week, following Microsoft’s decision to open the Copilot model selection menu to third-party models, including Chinese open-weight releases.
Kimi K2.7 Code is a coding-specialized derivative of the K2.7 base model, optimized on a dataset of code generation, debugging, and code review tasks, and available on the Copilot platform on a usage-based billing model.
The addition gives Copilot’s developer user base a lower-cost option for coding tasks where the Chinese model’s benchmark performance is competitive with closed frontier alternatives, particularly on code completion and straightforward debugging.
The enterprise compliance question that immediately arose this week is the same one that has followed every Chinese open-weight model into Western enterprise environments: data residency and IP exposure.
Kimi K2.7 Code processes queries through Moonshot AI’s inference infrastructure by default when accessed through the Copilot interface.
Enterprise customers with data sovereignty requirements or contractual prohibitions on sending code to non-approved third-party infrastructure cannot use it under standard settings.
Microsoft has published guidance indicating that enterprise-tier Copilot customers can request inference routing through Microsoft-hosted infrastructure for approved third-party models. Still, that capability is not yet generally available, and the timeline has not been confirmed.
Until it is, Kimi K2.7 Code in Copilot is effectively limited to individual developers and teams without strict data governance requirements.
The broader significance is what this signals about the Copilot platform strategy. Microsoft built Copilot as an OpenAI-exclusive product and renegotiated that exclusivity to a non-exclusive arrangement in April 2026.
Adding a Chinese open-weight model to the platform within three months of that renegotiation is the clearest possible signal that the non-exclusive arrangement means exactly what it says. Copilot is now a model marketplace, not a single-model product.
The developers who use it can choose from OpenAI’s GPT series, Anthropic’s Claude, Meta’s Llama family, and now Kimi K2.7 Code, with more models expected to follow. Whether that breadth strengthens Copilot’s position or dilutes its identity is an open question that the next several months of market share data will answer.
Why it matters
The first open-weight model in GitHub Copilot’s history is Chinese. Microsoft’s non-exclusive OpenAI arrangement has moved from a governance change to a visible product change in three months. Copilot is now a model marketplace. The enterprise compliance questions around data residency are real and unresolved. Both things are true simultaneously.
Five Eyes Alliance Warns of Rapid AI-Driven Cybersecurity Transformation
The Five Eyes cybersecurity alliance, comprising the intelligence agencies of the United States, United Kingdom, Australia, Canada, and New Zealand, issued a joint warning in July 2026 stating that frontier AI models will “fundamentally transform” offensive and defensive cyber capabilities, and that the timeline is “not years, it is months.”
The warning is the third major Five Eyes AI security document in two months, following the May guidance on agentic AI security and the June guidance on frontier model export controls.
The July warning focuses specifically on the offensive dimension: the use of AI models, including those accessible through public APIs, to accelerate vulnerability discovery, automate exploit development, and execute attacks at a pace and scale that human defensive teams cannot currently match.
The operational context behind the “months, not years” framing is the Project Glasswing data from Anthropic’s May report, covered in Issue 008: 23,019 vulnerabilities found in one month, 6,202 high or critical severity, across 1,000-plus open source projects.
The same class of model capability that found those vulnerabilities offensively can find and exploit them.
The Five Eyes document does not cite Glasswing specifically, but the threat scenario it describes matches what the data demonstrated: a frontier model directed at a target system’s codebase can identify and chain medium and low-severity issues into critical exploits, automatically, at scale, faster than patch cycles can respond.
The warning also references the ExploitBench result from OpenAI’s GPT-5.6 Sol system card, which showed Sol to be competitive with Mythos on cybersecurity capability evaluations using one-third of the compute.
The document’s recommendations for critical infrastructure operators are practical rather than aspirational: inventory all externally exposed services immediately, prioritize patching of known exploitable vulnerabilities over comprehensive security programs, implement network segmentation that limits the blast radius if an AI-assisted attacker achieves initial access, and begin tabletop exercises specifically designed around AI-accelerated attack scenarios.
The Five Eyes agencies do not typically issue tactical operational guidance in joint documents. The fact that this one does suggests the threat assessment inside those agencies is closer to the warning timeline than the public framing implies.
Three joint documents in two months from the same alliance is not a communications campaign. It is an escalating alarm.
Why it matters
The five most sophisticated national cybersecurity agencies in the Western world just said AI will transform offensive cyber in months. Three joint documents in two months from the same alliance signal that the internal assessment is urgent enough to require repeated public communication. The recommended actions in the July guidance are the ones to act on now, not after the next incident.
Tesla Expands Driverless Robotaxi Operations to Miami
The Information reported on July 5-6 that Tesla has deployed its Robotaxi service in Miami, Florida, without a safety monitor in the vehicle, making Miami its fifth city for fully driverless commercial operation following Austin, Houston, Dallas, and Phoenix.
Tesla’s driverless deployment model differs from Waymo’s in a detail that has not received sufficient attention in the mainstream coverage: Tesla is operating without the remote monitoring infrastructure that Waymo uses for its driverless fleet, where human operators can observe and intervene in vehicle operation remotely.
Tesla’s approach is fully autonomous, with no remote operator watching individual rides, relying on the onboard Full Self-Driving system to handle every situation without a human backup option.
The Miami deployment is in a limited area and at restricted hours, which is standard for a new city rollout.
But Miami’s road environment is meaningfully more complex than the Sun Belt highway driving that characterizes most of Tesla’s prior driverless deployments: the city has dense urban streets, significant pedestrian activity, aggressive local driving patterns, and weather conditions, including heavy tropical rain that affect sensor performance.
The operational choice to remove the safety driver in Miami rather than extend the supervised phase longer than in prior cities suggests Tesla’s internal confidence in the FSD system’s performance on those specific route segments has crossed a deployment threshold. Whether that threshold is the right one is a question the NHTSA safety record will answer over time.
The competitive context: Waymo currently operates the largest driverless commercial fleet in the United States, with tens of thousands of fully autonomous rides per week across San Francisco, Los Angeles, Phoenix, and Austin.
Tesla’s Robotaxi fleet is smaller but expanding faster by city count, and Tesla’s manufacturing advantage means its unit economics at scale are substantially better than Waymo’s.
The question that the Miami deployment advances is whether Tesla’s safety record across five cities without a safety driver remains clean enough to support continued expansion, and whether regulators in the next set of target cities see the existing record as a sufficient basis for approval.
Phoenix, Austin, Houston, Dallas, and Miami have all approved. The next cities will be watching the data from those five before deciding.
Why it matters
Tesla is running fully driverless commercial robotaxis, with no remote monitoring, in its fifth US city. The operational record across those five cities is the data set that will determine whether the rest of the country approves or waits. The Miami deployment in a genuinely challenging urban environment is the most demanding test that the record has faced.
Coding Agents Trigger Half of Vercel’s Six Million Daily Deployments
Vercel CEO Guillermo Rauch told TechCrunch this week that the platform now sees 6 million deployments per day, with half triggered by coding agents rather than human developers.
The AI gateway that Vercel runs, which proxies model calls for applications deployed on the platform, is processing more than 1 trillion tokens per day. Both figures are new public disclosures, and both are larger than most industry watchers expected from a developer infrastructure platform.
The 50 percent agent-triggered deployment figure in particular represents a structural shift in how software gets shipped: in a platform where three million daily deployments are now initiated by an AI agent completing a coding task rather than a developer manually pushing code, the relationship between writing software and shipping it has changed in a way that does not show up in headcount statistics or productivity surveys.
The trillion-token figure through the AI gateway is worth contextualizing. For reference, Anthropic’s entire API business in early 2025 was processing roughly 1 trillion tokens per month, according to estimates from that period.
Vercel’s gateway is now processing that volume every day, across a platform that was primarily a deployment infrastructure company twelve months ago.
The volume reflects not just the coding agent deployments but the full range of AI-powered applications that Vercel hosts, many of which are making real-time model calls for every user interaction.
The gateway processes model calls from OpenAI, Anthropic, Google, and open-source models in a unified interface, giving Vercel visibility into AI consumption patterns across the developer ecosystem that very few companies outside the model providers themselves have access to.
Amazon is closing Mechanical Turk to new customers on July 30, 2026. The timing, announced this week, connects directly to the Vercel data: Mechanical Turk’s original purpose was to provide human judgment for tasks that computers couldn’t handle reliably, particularly data labeling, content moderation, and quality evaluation.
AI models are handling the same tasks at a fraction of the cost, and at a scale no human workforce could match.
Amazon’s decision to stop accepting new customers is the clearest corporate statement yet that the economic case for crowdsourced human micro-tasks has been structurally disrupted by the same AI tools that the platform spent years helping train. The loop closed quietly this week, and Amazon confirmed it by closing the door.
Why it matters
Half of Vercel’s daily deployments are now agent-triggered. Amazon is closing Mechanical Turk to new customers. Both events in the same week say the same thing from different angles: AI has moved from assisting human workflows to replacing the human-in-the-loop step in two of the most labor-intensive parts of software development. The data shows it happening at scale, not as a projection.
White House Prepares to Announce Voluntary AI Standards Framework
The Financial Times confirmed this week that the White House is in advanced talks with OpenAI, Google, and Anthropic to finalize voluntary standards for the release of a frontier AI model, with an announcement expected as soon as this coming week.
The framework would establish testing timelines, access rules, and benchmarks for advanced models before they reach general availability.
The word “voluntary” carries significant weight in the current context: the GPT-5.6 Sol launch under a government-managed access list was also described as a temporary voluntary accommodation by OpenAI, and Anthropic’s Fable 5 compliance with the export control order was described as voluntary cooperation pending a formal statutory framework.
In practice, “voluntary” in this context means “agreed to under sufficient pressure to make non-compliance commercially unacceptable” rather than “entirely at the company’s discretion.”
The expected framework contents, based on reporting from the FT, Axios, and Build Fast with AI, include: pre-release government testing with a defined timeline, specifically 30 to 60 days before planned general availability; a standardized set of capability evaluations covering cybersecurity, biological, and chemical risk categories that the government and the lab agree on before testing begins; an access tier structure for models that clear testing but carry significant capability risk, modeled on the GPT-5.6 Sol precedent; and a formal dispute process for cases where a lab disputes the government’s risk assessment of a specific model or jailbreak, which was the central failure point in the Fable 5 incident.
If those elements survive into the final announced version, the framework will represent a significant improvement over the ad hoc letter-and-phone-call process that produced the June 12 shutdown.
The open question is enforcement. A voluntary framework that labs comply with because non-compliance would risk an export control order is functionally a mandatory framework with an informal enforcement mechanism.
A formal statutory alternative, which Anthropic has explicitly called for and which the Great American AI Act draft from June 4 attempts to create, would put the rules in law, give companies clear appeal rights, and create accountability mechanisms that do not depend on Commerce Department discretion.
Whether Congress moves on the GAAIA before the next frontier model launches is the timeline question. The voluntary framework expected this week is what fills the gap until it does, assuming it does.
The labs have been operating in that gap since June 12 and are anxious to have something more durable to plan around.
Why it matters
A voluntary AI model standards framework expected this week would give labs the pre-release process and dispute mechanism that the Fable 5 shutdown exposed as missing. Voluntary is better than ad hoc. Statutory is better than voluntary. The framework is what exists while Congress decides whether to legislate. Every frontier lab is planning its next release around whatever this week’s announcement says.
And that wraps up this week. Tune in next Monday, same time, for another deep-dive into the stories shaping the AI world.
The Sentinel lands in your inbox every Monday so you can catch up with the fast-moving AI space while sipping your morning coffee. Every detail that matters, none that doesn’t.











