,

Securing Access to Frontier AI: The Case for an India–U.S. Trusted Corridor

,
Loading the Elevenlabs Text to Speech AudioNative Player...

The following piece originally appeared on ORF’s Raisina Debates on May 18, 2026.

By: Rudra Chaudhuri

On April 7, Anthropic announced the launch of Claude Mythos Preview. This general-purpose frontier artificial intelligence (AI) model, according to its creators, “is strikingly capable at computer security tasks.” Anthropic claims that Mythos Preview has identified “high-severity vulnerabilities” in “every major operating system and web browser”.

Political leaders across the world are predictably exercised. Britain’s AI Minister, Kanishka Narayan, has argued that Mythos represents a “step-up in AI cyber capabilities.” The AI Security Institute (AISI) — a government research organisation in the United Kingdom (UK) — is the only non-American entity to have been granted access to Mythos. Having reviewed Mythos in controlled evaluations, the AISI concluded that it could “exploit vulnerabilities autonomously — tasks that would take human professionals days of work”. Anthropic is reportedly in conversation with several countries wanting access to Mythos Preview.

At present, Anthropic has limited access to the model to a few dozen enterprises in the United States, allowing them to use the model to test for vulnerabilities and patch them. The White House has reportedly blocked Anthropic from providing further access because of serious security and proliferation concerns. In India, Finance Minister Nirmala Sitharaman has argued that the challenge posed by Mythos is “unprecedented”. The Indian government is in talks with Anthropic to gain access to Mythos.

It is unclear how countries will gain access to Mythos or other highly capable models. The extent of access available to enterprises and governments outside the United States will likely be determined by both American firms and the U.S. government. This will eventually become a matter for export controllers to consider. If a technology is found to be “critical to the national security of the United States,” it can be placed under a licensing regime. There is also a renewed conversation within the United States about “appropriate guardrails.”

At this time, there is nothing stopping firms that build highly capable models from sharing access. Rather, those firms appear to want to proceed cautiously, responsibly, and safely. The likely inference is that firms are also wary of opening wider access in case the U.S. government imposes licensing restrictions on highly capable models. The approach will be for firms and the government together to find a workable framework for sharing access with those outside the United States whose systems could compromise U.S. national security. The key concern will be to avoid what AI experts call distillation efforts intended to access core features of the model by countries like China and Russia. The White House has taken note of the risk of distillation campaigns.

In time, America’s treaty and security allies are likely to be granted access to highly capable models, and the terms governing that access may already be under negotiation. Japan, South Korea, the United Kingdom, the European Commission, Germany, France, Australia, New Zealand, and a few others are expected to be at the front of the queue. For many of these countries and the enterprises within them, pre-existing protocols for verified access to controlled technologies are already in place. Adapting these protocols for AI models will require new frameworks; some basic structures already exist.

In India’s case, there is a genuine need to develop a new set of protocols that would enable both Indian enterprises and the government to access highly capable models. What is required is a Trusted AI Corridor between India and the United States. 

Given that India is not a treaty ally of the United States, securing export control waivers for jet engines and drones has required an enormous effort in the past. It has required an outsized determination from insider champions of the U.S.-India relationship to move bureaucracies across the U.S. government. What ultimately worked was a strategic push from the White House. Those negotiating the India-U.S. Nuclear Agreement (2005–2008) and, more recently, those negotiating various aspects of the India-U.S. Initiative on Critical and Emerging Technology (iCET) — during the Biden years — illustrate the colossal task involved in getting protected technologies to India.

At present, there are no established templates for accessing highly capable models. Governments and firms will need to work together to define the assurances required to enable such access. For countries like India, the state will need to negotiate what those assurances entail and what regulatory adjustments may be necessary to align with them.

There are at least two sets of reasons why a dedicated AI Corridor is worth the investment for both the U.S. and the Indian governments, as well as a range of frontier technology firms.

First, from a U.S. perspective, India remains a major destination for American investments in AI infrastructure, including data centers, submarine cables, and the ports where those cables make landfall. Microsoft and Google have together invested over US$30 billion in the last eight months alone. During the India AI Impact Summit, US$200 billion in investment commitments were announced. Venture capitalists from the Bay Area and New York are also making deeper investments in purpose-built sovereign Large Language Models (LLMs) and startups focused on specific-use cases.

For Big Tech, as Microsoft puts it, the aim is to “drive AI diffusion at population scale”. Sundar Pichai, CEO of Google, argues that “India is going to have an extraordinary trajectory with AI,” which is why Google is making what is called a “full-stack commitment including products, skilling, and infrastructure”. Dario Amodei has emphasised that India has an “absolutely central role to play” in shaping AI, both in harnessing the opportunities and addressing the risks. Anthropic opened an office in India in 2025 and has struck major enterprise deals and collaborations with Indian conglomerates.

In many ways, India is an excellent example of the U.S. AI Action Plan in practice, which is centred on diffusion. The underlying thesis is simple: the more a population uses American technologies or builds applications powered by them, the less it is likely to rely on what China offers. This is clearly an attractive market for America’s technology firms. “Indian users”, as Sundar Pichai underscores, “are amongst the highest adopters of voice and visual search globally”.

The growing compact on AI across infrastructure, applications, population-scale build-outs, and enterprise deals is based as much on markets, investments, and expertise as it is on trust. If Indian users, enterprises, and the government cannot access top models from firms investing and expanding in India, there is every reason to believe New Delhi will make market access harder and actively explore alternatives.

Second, from an Indian standpoint, there is merit in establishing a framework of protocols between the U.S. and Indian governments that makes it easier — and legally permissible — for firms to share model access with Indian users, enterprises, and officials. What are India’s alternatives? The fact is that only a handful of firms are capable of building frontier models, and as far as we know, all of them are based in the United States. Comparable Chinese models might be anything between seven and eighteen months behind the curve.

Either way, when they are released, it is arguably more of a risk than an advantage to deploy such proprietary models in India, even if they could be independently tested. For a country that shares a very long, contested, and highly militarized boundary with China, it would be bordering on reckless to deploy Chinese proprietary models capable of detecting and patching cyber vulnerabilities and other complex tasks in Indian systems.

This leaves Indian builders with two options: open-source Chinese models and a small but growing set of increasingly capable Indian sovereign models. Technical experts argue that open-source Chinese models can be engineered in ways that allow safe and extensive use. Strategists generally do not like this argument, given the prevailing antipathy towards China. What is clear is that Indian developers are uninterested in the politics of fine-tuning Chinese models — they are interested in the opportunities such models afford.

Until India’s sovereign models can serve as genuine alternatives — to open-source Chinese LLMs and even to some American models — there is little choice but to rely on American Application Programming Interface (APIs). To make the best of the American option, it is imperative to have access to the most advanced models available at any given time.

To achieve this, the Indian and American governments — along with the firms involved — need to urgently set out the parameters for a Trusted AI Corridor between the two countries. Without it, India will remain perennially reliant on second-best options.

In turn, American firms ought not to underestimate the effects of India being left out of a pool of chosen adopters. There is a need for an architecture, such as a Trusted AI Corridor, which can help mitigate the risk that regulators in both the United States and India take steps that could roll back years of investment in a deepening technology partnership. Further, the Indian market is accessible today, but it should not be taken for granted. Regulation, as any government well knows, can be used as leverage. Access, in the end, is something any party can grant — or withhold.

Rudra Chaudhuri is Vice President at the Observer Research Foundation.

Observer Research Foundation America, 1100 17th St. NW, Suite 501, Washington DC 20036 USA