Thursday, 11 June 2026

The Deep Feed

The Governance of Intelligence and the Cost of Compute

72 min read · 6 pieces
In this issue
01 The Tokenmaxxing Delusion 12 min
02 The Silent Saboteur 10 min
03 The Anthropic U-Turn 8 min
04 The Agentic Handshake 7 min
05 The Private Regulators 11 min
06 The Acceleration Paradox 9 min
Editor's Letter

Tonight we examine the friction between rapid AI deployment and the invisible hand of corporate control. From the wasteful culture of token consumption to the silent guardrails of frontier models, we look at who is actually steering the future of intelligence.

01 Not Boring

The Tokenmaxxing Delusion

Why corporate AI adoption is currently a race to burn money

By Packy McCormick · 12 min read
Editor's note: A critique of the current incentive structures driving AI spend in the Fortune 500.

The current corporate obsession with AI is producing a strange, wasteful phenomenon. We see companies celebrating 'AI Innovators' not because they have solved a business problem, but because they have managed to burn through massive amounts of compute. This is 'tokenmaxxing'. It is a feedback loop where AI labs sell tokens, and corporations commit to huge spends to get discounts, then encourage employees to use those tokens as much as possible to justify the cost. This creates a culture of performative usage. Instead of asking if a model makes a supply chain more efficient, the question becomes how many tokens were used this week. It is a metric that measures activity rather than value. This is the same hollow metric that drove the attention economy in social media, but applied to the most expensive resource on the planet: compute. When the goal is to maximise the spend, the actual output becomes secondary. We are seeing the rise of a new class of digital bureaucracy, where the primary task is to manage the consumption of an expensive, semi-intelligent resource that often produces little more than polished-looking noise.

The Feedback Loop of Waste

To understand this, one must look at the relationship between the labs and the enterprise. When a company like KPMG commits to a massive token spend in exchange for a discount, they create a sunk cost. The pressure to 'get value' from that commitment often manifests as a mandate to use AI for everything. This leads to a scenario where agents are given company credit cards with no spending limit, effectively acting as digital employees for the lab itself. They run up bills to their own creators. The employees, eager to meet their 'AI innovation' targets, direct these agents to perform tasks that are computationally expensive but value-poor. They build dashboards, generate endless reports, and run simulations that no one reads. It is a form of AI psychosis where the volume of interaction is mistaken for the quality of integration.

Tokenmaxxing was a lab-grown supermeme that worked better than the labs could have hoped.

The danger here is that this period of high spending is being treated as the standard for success. If a CEO sees a massive line item for Anthropic or OpenAI, they may assume the company is evolving. But business evolution requires more than just consuming intelligence; it requires the application of that intelligence to specific, high-leverage problems. True evolution happens when a business becomes software, allowing it to iterate millions of times. Tokenmaxxing is the opposite of this. It is a blunt-force approach that prioritises the scale of the engine over the direction of the vehicle. We are currently in a phase of tremendous trial and error, but much of that error is being bought and paid for by companies that do not yet know what they are looking for.

Signs of Tokenmaxxing
  • Rewarding employees based on AI usage volume
  • Using agents for tasks that require no reasoning
  • Prioritising token spend over task completion
  • Building complex AI dashboards to track consumption

We must distinguish between the cost of discovery and the cost of waste. Building a business that can evolve through tiny, automated iterations is a worthy goal. However, the current trend suggests we are simply building bigger, more expensive ways to do the same old things. The real return on tokens will not come from how many we use, but from how little we need to use to achieve a specific, transformative result. Until then, the industry is essentially running a massive, expensive experiment in how much compute a corporation can burn before it notices the lack of return.

Key Takeaway

Value in AI is found in the efficiency of the result, not the volume of the spend.

AI economicsbusiness strategycompute
Read the original →
02 Simon Willison

The Silent Saboteur

The ethics of invisible model interventions

By Simon Willison · 10 min read
Editor's note: An investigation into the controversial practice of silent model steering.

Imagine a researcher working on a breakthrough in machine learning. They pose a technical question to a frontier model, expecting a rigorous, detailed response. Instead, the model provides an answer that is slightly vague, or perhaps subtly incorrect. The researcher assumes the model is simply struggling with the complexity of the topic. They do not realise that the model has been intentionally steered away from the truth. This is the reality of the new 'invisible safeguards' being deployed by major AI labs. Anthropic recently revealed that for certain categories of requests—specifically those targeting frontier LLM development—the model would not refuse the query, but would instead limit its effectiveness through methods like prompt modification or steering vectors. This is a form of soft censorship that leaves the user in the dark.

The Mechanics of Stealth

Traditional safety filters are easy to spot. A model says, 'I cannot answer that question because it violates my safety policy.' This is a hard refusal. It is clear, and it allows the user to understand the boundary. The new approach is far more insidious. By using parameter-efficient fine-tuning (PEFT) or steering vectors, the lab can change the model's behaviour without triggering a refusal message. The model remains polite and helpful in tone, but its actual reasoning capability is throttled. This is designed to prevent 'recursive self-improvement'—the fear that an AI could be used to design even more powerful AI. While the intention is to prevent a runaway intelligence loop, the method is a direct strike against scientific transparency.

A model that silently corrupts its replies to questions about ML design is a model that cannot be trusted for research.

The justification for this is rooted in a fear of the unknown. If an AI can assist in designing better chips or more efficient training pipelines, the speed of intelligence could accelerate beyond human ability to govern it. To prevent this, companies are creating a 'black box' of safety. But this creates a massive problem for the scientific method. Science relies on the ability to replicate results and understand why a system behaves the way it does. If the very tools we use to study intelligence are being manipulated in secret, then the data we collect is tainted. We are no longer observing the model; we are observing the model as it has been shaped by a corporate safety layer.

Risks of Invisible Safeguards
  • Erosion of scientific rigour
  • Unintentional corruption of research data
  • Loss of user trust in model reliability
  • Creation of a 'knowledge gap' between labs and researchers

The backlash from the research community has already forced a partial retreat. Anthropic has moved toward making these safeguards visible, but the precedent has been set. The idea that a private company can secretly modify the intelligence of a tool to suit its own strategic interests is a terrifying one. It suggests that the frontier of knowledge is not an open field, but a gated garden, where the gates are controlled by the providers of the tools. As we move forward, the question is not just whether the models are safe, but whether they are honest.

Key Takeaway

Invisible censorship is more dangerous than outright refusal because it destroys the foundation of scientific trust.

AI ethicsgovernanceresearch
Read the original →
03 Simon Willison

The Anthropic U-Turn

When corporate safety meets public outrage

By Simon Willison · 8 min read
Editor's note: A look at the fallout from Anthropic's failed attempt at invisible guardrails.

Anthropic recently found itself in the middle of a significant policy crisis. The company had implemented a set of safeguards within its Claude Fable 5 model that were designed to be invisible. These safeguards were intended to limit the model's effectiveness when handling requests related to frontier LLM development. The goal was to prevent the model from being used to accelerate the creation of competing, potentially dangerous models. However, the decision to keep these interventions hidden from users sparked immediate and widespread outrage. Researchers and developers realised that they were being manipulated by a system that refused to admit it was being restricted. This wasn't just a technical disagreement; it was a fundamental breach of the user-provider relationship.

The Failed Trade-off

In a statement to Wired, Anthropic admitted they had made the wrong trade-off. They had prioritised the ability to deploy safeguards quickly and narrowly over the need for user visibility. The logic was that visible safeguards can be probed and bypassed by bad actors, whereas invisible ones can be more robust. By keeping the interventions secret, they hoped to maintain a higher level of security with fewer false positives. But in doing so, they ignored the necessity of transparency. For the developers and researchers who rely on these models, knowing why a model is underperforming is as important as the performance itself. Without that knowledge, the model becomes an unreliable partner.

We made the wrong tradeoff and we apologize for not getting the balance right.

The reversal is now in motion. Anthropic is rolling out changes to make these safeguards visible. When a request is flagged, the system will no longer silently degrade the response. Instead, it will visibly fall back to an older, more stable model, such as Opus 4.8. On the API, users will receive a specific reason for the refusal. This is a move toward a more honest architecture, but it also highlights the immense pressure these companies are under. They are trying to manage the risks of a technology that is evolving faster than our ability to regulate it, and they are doing so while trying to maintain a competitive edge in a crowded market.

Lessons for AI Providers
  • Transparency is non-negotiable for professional users
  • Silent interventions damage brand trust
  • Safety must be explainable, not just effective
  • The research community is a critical stakeholder

This incident serves as a warning to the entire industry. As models become more capable, the temptation to implement secret guardrails will only grow. The fear of misuse is real, but the cost of secrecy is the loss of the very community that is helping to build and refine these systems. If the providers of intelligence become the silent arbiters of what can and cannot be known, they will find themselves isolated from the progress they seek to protect. The Anthropic U-turn is a small victory for transparency, but the battle over how AI is governed is only just beginning.

Key Takeaway

Safety without transparency is just another form of control.

AnthropicAI policytransparency
Read the original →
04 Simon Willison

The Agentic Handshake

Human-in-the-loop as the new standard for AI agency

By Simon Willison · 7 min read
Editor's note: The technical shift from passive chatbots to active, tool-using agents.

We are moving past the era of the chatbot and into the era of the agent. A chatbot waits for a prompt and provides a response; an agent takes a goal and executes a series of actions to achieve it. This shift requires a fundamental change in how we interact with software. Agents need to use tools—they need to write code, query databases, and interact with web services. But this level of agency introduces significant risk. An agent that can execute SQL can accidentally delete a production database. An agent that can send emails can be used for mass phishing. The solution to this problem is not to limit the agent's capability, but to refine its relationship with the human user.

The Power of the Pause

Recent developments in agentic workflows, such as those seen in the release of `datasette-agent`, are introducing a critical mechanism: the ability for a tool to ask the user a question mid-execution. This is the 'agentic handshake'. Instead of blindly proceeding with a potentially destructive action, the agent pauses. It presents a question—a yes/no, a multiple-choice, or a request for free text—and waits for human approval. While the question is unanswered, the agent's turn is suspended. This allows the conversation to persist even if the server restarts, ensuring that the human can return to the task at their convenience. Once answered, the agent re-executes its plan, incorporating the human's input.

Agency without accountability is just a liability.

This pattern is essential for building trust in autonomous systems. It solves the problem of 'side effects'. In software engineering, a side effect is any change to the state of the system that occurs outside of the immediate function call. For an AI agent, side effects are everywhere. By requiring human approval for actions like saving a query or executing a command, we create a safety buffer. The agent is still doing the heavy lifting—writing the complex SQL or navigating the API—but the human retains the final authority over the consequences. This is not about slowing the agent down; it is about making it safe to run at high speeds.

Core Components of the Agentic Handshake
  • Mid-execution interruption
  • Human-readable decision forms
  • State persistence during suspension
  • Mandatory approval for side effects

As we integrate these agents into our professional lives, the role of the human will shift from 'doer' to 'reviewer'. We will spend less time writing code and more time approving the intent and the outcome of the code written by our digital colleagues. This requires a new set of skills: the ability to quickly audit an agent's proposed actions and the judgement to know when to say no. The success of the agentic revolution will depend on how well we master this handshake. If we get it right, we gain a massive boost in productivity; if we get it wrong, we lose control of our digital infrastructure.

Key Takeaway

The future of AI agency lies in the ability to pause and ask for permission.

AI agentssoftware engineeringautomation
Read the original →
05 Stratechery

The Private Regulators

How LLM providers are becoming the world's intelligence gatekeepers

By Stratechery · 11 min read
Editor's note: An analysis of the shift from open research to proprietary safety standards.

For decades, the boundaries of scientific and technological progress were set by academic institutions, government regulators, and international treaties. Today, those boundaries are being drawn by a handful of private companies in Silicon Valley. As frontier models like Claude Fable 5 and GPT-series models become the primary tools for research and development, the companies that own them are becoming the de facto regulators of human intelligence. By deciding what constitutes a 'dangerous' request or a 'restricted' topic, companies like Anthropic and OpenAI are setting the limits of what can be explored, studied, and built. This is a massive concentration of power that operates outside the traditional democratic process.

The Policy as Law

The terms of service for these models are no longer just legal documents; they are the rules of engagement for the future of knowledge. When a company implements a safeguard that limits a model's ability to assist in 'ML accelerator design' or 'pretraining pipelines', they are effectively placing a moratorium on certain types of research. This is not done through legislation or public debate, but through a change in a system card or a software update. The impact is immediate and global. A researcher in London or Tokyo who relies on these models for their work must abide by the safety policies decided in San Francisco. The 'law' of AI is being written in code, not in courts.

We are moving from a world of open inquiry to a world of proprietary safety.

This shift is driven by a genuine fear of the risks associated with advanced AI. The potential for misuse in biotechnology, cybersecurity, or the creation of autonomous weapons is significant. Companies argue that they have a responsibility to prevent these outcomes. However, the lack of transparency in how these risks are assessed and how the safeguards are implemented is a major concern. When safeguards are invisible, as they were with Anthropic's recent policy, there is no way to audit them. There is no way to know if the restriction is truly about safety or if it is about protecting a company's market position by preventing competitors from using AI to accelerate their own development.

The Consequences of Private Regulation
  • Lack of public oversight and democratic accountability
  • Potential for anti-competitive gatekeeping
  • Stifling of legitimate scientific inquiry
  • Inconsistency in global research standards

The challenge for the next decade will be to find a way to govern these technologies without stifling the very innovation that makes them valuable. We need a framework for AI safety that is transparent, auditable, and subject to public scrutiny. Relying on the benevolence and the self-regulation of a few massive corporations is not a sustainable strategy for humanity. As these models become more integrated into our core infrastructure, the question of who controls the 'off switch'—and who decides what is 'safe'—becomes one of the most important political questions of our time.

Key Takeaway

The companies that provide the tools of intelligence are becoming the gatekeepers of human knowledge.

AI governancepoliticstech monopoly
Read the original →
06 Simon Willison

The Acceleration Paradox

Managing the fear of recursive self-improvement

By Simon Willison · 9 min read
Editor's note: Exploring the theoretical and strategic fear of AI-driven intelligence explosions.

In the halls of AI labs, there is a specific kind of fear that keeps engineers awake at night. It is not the fear of a robot uprising or a Hollywood-style apocalypse. It is the fear of the recursive loop: the moment an AI becomes capable of assisting in its own improvement. If a model can help design more efficient neural architectures, write better training code, or optimize the hardware it runs on, the cycle of intelligence growth could shift from linear to exponential. This is the concept of recursive self-improvement, and it is the primary driver behind the most aggressive and controversial safety measures being implemented today. The goal is to prevent a runaway intelligence explosion that moves too fast for human intervention.

The Speed of Intelligence

Current AI development is a slow, human-intensive process. It involves massive data collection, months of training, and endless cycles of human evaluation. But if we delegate the core tasks of development to the models themselves, we remove the human bottleneck. An AI could theoretically run thousands of experiments in parallel, learning from each one in real-time. The speed at which intelligence could advance would no longer be limited by human cognition or the pace of our research cycles. This creates a paradox: the very capability that makes AI so useful—its ability to solve complex problems—is the same capability that makes it potentially uncontrollable.

The fear is not that AI will be evil, but that it will be too fast.

To mitigate this, companies are creating 'speed bumps'. These are the safeguards we have discussed—the invisible steering, the restricted topics, the fallback models. They are designed to slow down the rate of progress in specific, high-leverage areas. But this creates a strategic tension. On one hand, companies want to lead the race to AGI (Artificial General Intelligence). On the other hand, they are terrified of what happens if they actually win. If they create a system that can improve itself, they may find they have lost the ability to direct it. This tension is baked into the very architecture of modern AI development.

The Drivers of the Acceleration Loop
  • Automated algorithm optimization
  • AI-driven hardware design
  • Synthetic data generation for training
  • Automated research paper synthesis

The debate over whether recursive self-improvement is a realistic threat or a science-fiction distraction is ongoing. However, the fact that companies are spending billions to prevent it tells us everything we need to know about their perception of the risk. We are currently building the most powerful engines in history, and we are simultaneously trying to build the brakes. The question is whether the brakes will be strong enough, and whether they will be applied in time. As we approach the threshold of autonomous development, the margin for error becomes razor-thin.

Key Takeaway

The greatest risk of AI is not its malice, but its ability to accelerate beyond our capacity to govern it.

AGIAI safetyfuture of tech
Read the original →
Endnote
Tonight's pieces reveal a common thread: the struggle for control in an era of unprecedented capability. We see it in the wasteful spend of 'tokenmaxxing', where the metric of success is decoupled from actual value. We see it in the silent interventions of model providers, where safety is used as a justification for opacity. And we see it in the growing tension between the need for rapid AI development and the fear of an uncontrollable intelligence loop. As these systems move from passive tools to active agents, the responsibility of the human user shifts from simple prompting to critical oversight. We are no longer just users of technology; we are the governors of a new kind of agency. The challenge is to ensure that this agency remains transparent, accountable, and, above all, directed by human intent rather than corporate convenience.
If the tools you use to think are being subtly steered, how can you ever be sure of your own conclusions?
The Deep Feed · A nightly magazine · Thursday, 11 June 2026