BRUSSELS — ChatGPT maker OpenAI is in talks with the European Commission to grant EU authorities access to a model capable of identifying software vulnerabilities.
The unexpected move is a boon for Europe after weeks of struggling to grasp the cybersecurity risks coming from novel AI models. But it’s also a stark contrast with OpenAI rival Anthropic, which hasn’t yet allowed the EU access to its cybersavvy model Mythos.
OpenAI’s lead executive on the initiative, former U.K. Chancellor of the Exchequer George Osborne, wrote to the Commission in the night from Sunday to Monday to offer access to the advanced AI model capable of exploiting software gaps, he told POLITICO. The company has also kicked off the “process of contacting member states,” Osborne added.
“The idea is … to work with them to make sure that they are probably defended … the institutions, the utilities, the important infrastructure components of Europe,” Osborne said in the exclusive interview.
The move right away eased nerves in Brussels, where cybersecurity and AI officials have failed to gain access to Anthropic’s superhacking AI model, Mythos, for weeks.
European Commission spokesperson Thomas Regnier welcomed OpenAI’s “transparency,” adding that it would help EU officials “monitor the deployment of this model” and “to potentially address security concerns.” The Commission already had talks with OpenAI, and further talks would follow throughout the week, Regnier said.
ENISA, the Commission’s Greece-based cybersecurity agency, also confirmed OpenAI reached out.
The lack of access has frustrated officials and risks weakening Europe’s protections against an expected wave of AI-enhanced cyberattacks — while the U.S. and China race to develop superior AI technologies.
OpenAI’s offer is related to a cyber-focused variant of GPT-5.5, the company’s most advanced model, which it launched about three weeks ago.
EU officials and government watchdogs would get access to the most cyber-permissive version of the model. The main model has all kinds of safeguards built in to prevent users from turning it into a hacking tool.
OpenAI’s move comes just as EU officials have begun to lose patience with Anthropic, a key OpenAI rival, for limiting the release of its cyber-capable model Myths to a dozen U.S.-based trusted tech and cyber firms and 40 unnamed organisations.
A group of 30 lawmakers pressed the Commission’s cybersecurity agency, ENISA, to gain access to Mythos, and 4 countries, including Spain, asked the Commission for more information and coordination on the model.
The Commission’s Regnier said that the Commission had several meetings with Anthropic, but talks were “not yet at the same stage as the solution put on the table by OpenAI.”
Osborne said frontier AI companies like OpenAI shouldn’t be “the sole arbiters of who has cybersecurity in this world.”
Anthropic declined a request for comment.
This article was updated to include comments from the European Commission and ENISA.
Artificial Intelligence – POLITICO