Barely Possible

[Barely Possible 2026-06-16] Today's episode: • Salesforce paid $3.6B for Fin to feed Agentforce — buying the messy escalation logic, not the chatbot, before rivals like ServiceNow do. • Nvidia is borrowing $25B+ in its first bond deal since 2021, as the AI buildout leans harder on debt while Uber and Meta ration tokens. • The UK unveiled an under-16 social media ban covering TikTok, Snapchat, YouTube, Instagram, Facebook and X, with possible overnight curfews. Hear the full breakdown in today's episode of Barely Possible. Want a podcast for your own topics? Join early access: https://www.barelypossible.to/waitlist/?source_path=public_episode_106&feed_source=rss&episode_id=106 Transcript: https://media.clawford.org/episodes/2026-06-16/podcast-episode-2026-06-16.txt | Notes: https://media.clawford.org/episodes/2026-06-16/2026-06-16-notes.md

What is Barely Possible?

A daily briefing on the AI systems, products, companies, and policy shifts that are just becoming possible.

Want a podcast for your own topics? Join early access: https://www.barelypossible.to/waitlist/?source_path=public_feed&feed_source=rss

Okay kiddos, I'm your boy Tony DeLuca, and welcome back to Barely Possible. We've got a real mixed plate today — a $3.6 billion acquisition that tells you exactly where the agent money is going, a chipmaker walking into the bond market hat in hand for the first time in five years, a country deciding kids under sixteen can't have social media, and yeah, more fallout from that Anthropic mess we've been living in all week. So pour yourself something, sit back, and let me sort the meat from the gristle.

Let me start with the story I think actually matters most for the people who build things for a living, and it's not the flashiest headline of the day. Salesforce is buying an AI customer service platform called Fin for three-point-six billion dollars. Now, on its face that's just another enterprise acquisition, the kind of thing that scrolls by in your feed and you barely register it. But stick with me, because what Salesforce told everybody about WHY they're buying it is the whole story.

Salesforce says they want Fin's team and its technology to make Agentforce better. And Agentforce, for those of you who don't live inside the Salesforce universe, is their platform that lets businesses build custom AI agents that automate tasks. So here's a company that already has an agent platform, already has the distribution, already has the customer relationships — and they just paid three-point-six billion to bolt on somebody else's customer service agent product.

Think about what that's telling you. Salesforce is one of the biggest enterprise software companies on Earth. They could build a customer service agent. They have the engineers, they have the money, they have the data. And instead they decided the faster path was to write a check with nine zeroes on it. That's a tell. When a giant decides it's cheaper to buy than to build in a category, what they're really saying is that the category is moving so fast that the eighteen months it would take them to catch up internally is eighteen months they can't afford to lose.

Now if you're a founder building in the AI customer service or agent space, you should read that two ways, and they kind of cut against each other. The optimistic read is, the big platforms are hungry, the exits are real, three-point-six billion is a real number, and a focused team with a good product can get acquired into a category leader. That's the dream scenario and it's clearly alive. The skeptical read, the one I lean toward because that's my nature, is that the window for an independent AI customer service company to stay independent is closing. Salesforce, ServiceNow, the whole CRM gang, they're going to absorb this layer. If you're building a standalone agent for support tickets, you are now competing against a thing that Salesforce owns and ships inside a platform that already sits on top of your customer's data. That's a hard fight.

And here's the deeper thing I keep chewing on. The actual value Salesforce is buying isn't the chatbot. Any decent lab model can write you a passable support reply now. The value is the team that knows how to wire an agent into a real business — the messy integration work, the escalation logic, the part where the agent knows when to hand a furious customer to a human before things go sideways. That's the stuff that doesn't show up in a demo and takes years of customer pain to learn. So if you're building, the lesson is the durable asset isn't the model wrapper, it's the accumulated knowledge of how an agent behaves inside a real company with real angry people on the other end of the line. That's what got valued at three-point-six billion.

It also connects to something we talked about a couple weeks back, when Satya Nadella was out there pitching this idea of owning the learning loop — the place where human work and AI work compound on each other — rather than owning the model. This Fin deal is that thesis with a price tag attached. Salesforce isn't buying a model. They're buying a loop that's already running inside other people's businesses. Keep that frame in your back pocket, because you're going to see this acquisition pattern again and again over the next year.

Let me stay on the money for a minute, because there's a second story today that rhymes with this one but from a very different angle. Nvidia is going to the bond market to raise over twenty-five billion dollars. According to a Financial Times report from Michelle Chan and Tim Bradshaw, this is Nvidia's first bond deal since 2021.

Now stop and think about that. Nvidia is the most valuable company on the planet, or thereabouts, swimming in cash, printing money on every GPU that leaves the building. And they're borrowing twenty-five billion dollars. Why does a company that profitable need to borrow anything?

The FT frames it as a test of investor appetite for more exposure to the AI sector amid what they call a deluge of borrowing. And that's the part that should make you sit up. The whole AI buildout — the data centers, the power, the chips — is increasingly being financed with debt. Not just equity, not just retained earnings, debt. And when the company that sells the picks and shovels starts borrowing to fund its own side of the operation, you're watching the financial plumbing of this boom get more leveraged.

I'm not here to ring the bubble alarm bell, that's a lazy take and I try not to do lazy. But here's the grounded judgment. When everybody finances growth with cheap debt and the music's playing, it looks brilliant. The risk shows up later, if demand softens or rates do something nasty, and suddenly the interest payments are real and the revenue projections that justified the borrowing turn out to be a little fictional. We covered the token-panic chatter recently — companies like Uber and Meta putting caps on how much AI their employees can burn. Hold those two facts next to each other. On one side, the supply side is borrowing tens of billions to build more capacity. On the other side, the demand side is starting to ration. That's not a contradiction yet, but it's a tension, and if you're a founder whose business depends on the AI buildout continuing at full throttle, it's worth knowing the buildout is increasingly running on borrowed money.

Now let me shift from the money to the law, because the UK just did something that's going to ripple through every consumer product team that touches a teenager. The UK unveiled a sweeping social media ban for users under sixteen. We saw this coming earlier in the week as a maybe, and now it's been laid out. The ban would apply to a whole range of platforms — Snapchat, TikTok, YouTube, Instagram, Facebook, and X. And according to the reporting, they may even impose overnight curfews on top of it.

The UK is following Australia's lead here. Australia went first, the UK is now stepping into the same territory, and you can feel the regulatory wind shifting across the democracies. Critics, as Jon Brodkin laid out, make two arguments worth taking seriously. One, bans push kids toward riskier, less-moderated alternatives — you close the front door, they go in the window. And two, these things can be beaten with a VPN, which any fourteen-year-old can install in ninety seconds.

Here's why this matters even if you're not building a social app. The mechanism of enforcement is age verification. To ban under-sixteens, you have to know who's sixteen. And that means age-verification infrastructure becomes mandatory, which means every platform operating in the UK now has to figure out how to reliably prove a user's age without turning into a privacy nightmare. That's a whole new compliance layer, a whole new vendor category, and a whole new attack surface for data breaches. If you're building anything with a UK user base and any user-generated content, this is now your problem too. The age-gate is coming, and it's going to be expensive and clumsy before it's good.

And I'll be straight with you about the founder angle here. There's a real business being born in the cracks of this regulation. Age verification, identity attestation that doesn't leak your passport to a hundred companies — somebody's going to build the privacy-preserving version of that and make a fortune. The regulation creates the wound; somebody sells the bandage. That's just how it goes.

Which, funny enough, brings me right back to the Anthropic situation, because there's an identity-and-trust thread running through everything today. Let me set this up properly.

We've been on this Anthropic story all week, so I'm not going to re-litigate the whole timeline — if you missed it, the short version is the US government issued an export-control directive that forced Anthropic to pull its Fable 5 and Mythos 5 models worldwide, over an alleged jailbreak that a lot of credible people think was wildly overblown. We covered the kill-switch itself, we covered the Amazon connection where one of Anthropic's own investors apparently lit the fuse, and I'm not going to repeat those quotes. But there are genuinely new developments today, so let's get into what's actually fresh.

First, the pushback has organized. A group of dozens of cybersecurity experts has now formally urged the White House to remove the export-control restrictions on Fable and Mythos. Their argument, as Lorenzo Franceschi-Bicchierai reported, is that the order is going to limit the ability of cybersecurity defenders to secure their own software and products. And that's a sharp point, because it flips the government's logic on its head. The administration's theory was that these models are dangerous because they can find and exploit software vulnerabilities. The defenders are saying: yeah, and that's exactly why WE need them — because the bad guys already have access to comparable tools, and you just disarmed the good guys. When the cybersecurity community, the people whose whole job is defending systems, stands up and says your security policy makes us LESS secure, that's not a small thing. That's the expert class telling the government it got the threat model backwards.

Second, and this is the part that should make every single one of you building on top of these APIs pay close attention. Simon Willison, who's about as level-headed as anybody in this space, raised a question that cuts right to the operational nightmare. He asked, and I'm paraphrasing closely here: so now every company that builds on top of the Claude API also needs to implement KYC — know your customer — in a way that can be communicated back to Anthropic so that Anthropic can trust it?

Sit with that for a second, because it's enormous. If the government's position is that access to these frontier models has to be restricted by nationality — no foreign nationals, citizens only — then somebody has to verify who's actually using the model. And it's not just Anthropic's direct customers. It's everybody downstream. If you've got a startup that calls the Claude API to power your product, and your users call your product, then in principle the citizenship requirement flows all the way down to your users. Which means you'd have to verify your users' nationality, attest it back up the chain, and Anthropic would have to trust your attestation. Multiply that across every wrapper, every coding tool, every law firm running a model through a vendor, every API reseller. The plumbing for that doesn't exist. You cannot retrofit identity verification onto the entire downstream ecosystem of a frontier model overnight.

And here's where it connects back to the UK story, which is why I lined them up this way. Both of these — the under-sixteen ban and the citizen-only model access — run into the exact same wall. To enforce a rule about WHO is allowed to do something, you have to build infrastructure that reliably proves WHO somebody is. We don't have that infrastructure. The internet was built to NOT know who you are. And now two completely different regulatory impulses, one about protecting kids and one about national security, are both demanding that the internet suddenly grow up and check everybody's ID at the door. The technical problem is identical, and nobody's solved it cleanly. So if you're a builder, the pattern to watch isn't the specific rule — it's that we're entering an era where your product may be legally required to know who your users are, and the tooling to do that without creating a privacy disaster is genuinely immature.

The third fresh piece on Anthropic is the framing from Zack Whittaker, who wrote a piece arguing the government's ban was never really about an AI jailbreak at all. His read is that the decision could be reactionary, retaliatory, or both — but the message is unmistakable: the AI industry is not immune from US government interference. And I think that's the honest takeaway. Whatever the surface story about a jailbreak, the deep story is that the government just demonstrated it has a kill switch, it's willing to use it, and it can point that switch at any frontier lab it chooses. We also know the EU is now looking at the practical consequences of all this. Once you've shown the world you'll yank a commercial model off the market for hundreds of millions of users on a Friday afternoon, every procurement officer in Brussels and Tokyo and São Paulo recalibrates how much they want to depend on an American lab. That's the durable damage, and it's done regardless of how the Fable situation resolves.

Let me pull back from Anthropic now, because there's plenty more on the plate.

Meta rolled out something they're calling AI Mode on Facebook. And the detail that matters is what it pulls from. Meta's new AI Mode draws on public information across its platforms — so the stuff people have posted publicly across the Meta empire becomes fuel for the AI experience. Lauren Forristal framed it as the latest sign of Meta scrambling to catch up in the AI race and, just as importantly, to keep users more engaged on the platform.

That second motive is the one I'd underline. This isn't really Meta trying to win some abstract AI benchmark war. This is Meta trying to keep you on Facebook longer. The AI is engagement bait, dressed up as a feature. And from a builder's standpoint, the interesting question is data provenance. "Public information across its platforms" is a phrase doing a lot of heavy lifting. People posted that stuff publicly years ago in a world where they didn't imagine it'd be vacuumed into an AI feature. The line between public and fair-game-for-AI is getting redrawn in real time, and Meta's drawing it in the direction that benefits Meta. No surprise there, but worth naming.

Now let me give you a quick one from across the ocean that I think gets underweighted in the US tech press. India has a new AI unicorn. Sarvam, a startup out of Bengaluru, raised a two-hundred-thirty-four-million-dollar round led by HCLTech, with the IT services giant putting in a hundred and fifty million of that. Jagmeet Singh had the report.

What makes this interesting isn't the unicorn label, those get handed out like candy. It's WHO led the round. HCLTech is a massive Indian IT services company — the kind of firm that's spent decades doing outsourced software and back-office work for Western enterprises. When a company like that writes the lead check into a homegrown AI startup, you're watching the Indian IT establishment try to climb up the value chain. They don't want to just be the body shop for the AI era; they want to own a piece of the model layer. And given India's scale, its talent pool, and the sheer number of enterprises in that ecosystem, a locally-tuned AI player with deep services distribution behind it is not something to wave off. We talked recently about India debating its AI future as the Anthropic mess unfolded — well, this is part of the answer. The sovereign-AI instinct isn't just a European thing. India's building its own bench.

Let me move to a deal that touches everybody who watches television, even passively. Fox is buying Roku for twenty-two billion dollars. Aisha Malik reported that Fox says the deal would create the third-largest television company in the United States. And per the breakdown, Fox plans to take over Roku's streaming hardware, its operating system, and its FAST services — that's the free, ad-supported streaming TV channels.

Here's why a builder should care about a media merger. It's the operating system. Roku isn't really a hardware company at its core; it's a platform that sits between you and your content, and it monetizes through advertising and through controlling the home screen. Fox buying that means a content company now owns the layer that decides what you see when you turn on the TV. That's vertical integration of the attention pipe. And it fits a pattern we keep seeing across tech — whoever owns the interface, owns the leverage. Roku's value was never the cheap dongle; it was the OS and the ad real estate. Twenty-two billion for control of what's essentially the home screen of American television. The hardware was always a Trojan horse for the advertising business, and now Fox owns the horse.

There's also a Paramount-Warner Bros. merger floating around in the media world right now, so the whole television industry is consolidating at once. The throughline is that legacy media is finally admitting it has to own the distribution technology, not just the shows. For years they thought content was king and the pipe didn't matter. Turns out the pipe matters enormously, and they're paying up late to get it.

Alright, let me give you a grab bag of the things that caught my eye but don't need a full sermon.

AMD is catching heat — Dan Goodin reported that AMD quietly stripped a memory-encryption feature called TSME out of its consumer CPUs, and users are crying foul because it looks like a deliberate, covert move. Why should you care? Memory encryption is one of those quiet security features that protects data in your RAM from certain physical attacks. Pulling it out of consumer chips without telling anybody is the kind of thing that erodes trust in your hardware vendor, and for anybody building security-sensitive products on consumer hardware, it's a real consideration. It's a small story with a big principle: when a chipmaker silently removes a security feature, that's a decision somebody made in a room, and the users who relied on it didn't get a vote.

In space — and I love a good space story — a Chinese rocket broke apart in orbit dangerously close to the Starlink constellation, likely generating a hundred to a hundred and fifty new pieces of space junk, per Stephen Clark. Now, space debris doesn't sound like a builder problem until you remember how much of modern connectivity, GPS, and increasingly AI-edge stuff depends on what's flying up there. Every new cloud of junk raises collision risk for everybody's satellites, and low Earth orbit is getting crowded. It's a slow-motion tragedy of the commons up there, and there's no traffic cop.

Separately, and this is the one that made me chuckle a little — Russia appears set to finally address those long-term, serious cracks on the International Space Station. Eric Berger reported this has been a persistent behind-the-scenes dispute between NASA and Roscosmos. There have been cracks on the Russian segment of the station for a while now, and it sounds like they're finally going to deal with it. File that under "better late than never" and also under "maybe don't ignore structural cracks on the thing keeping humans alive in the vacuum of space."

And one more from the gadget desk that's really a strategy story in disguise — Ars Technica ran a piece marking twenty years of Intel Macs, looking back at why Apple switched to Intel and then why it switched away again to its own Apple Silicon. The reason I flag it: it's a clean case study in vertical integration paying off. Apple bet on owning its own chips, took the pain of two architecture transitions, and came out the other side controlling its whole stack from silicon to software. That's the same instinct we just watched Fox act on with Roku, and Microsoft act on with its chip-to-model stack. The lesson keeps repeating — control the layer below you, and you control your destiny. Apple learned that lesson expensively, twice, and it's why their machines run the way they do now.

Let me close the loop on a policy item with real teeth for builders. There was a recent report that US bank regulators are increasing their oversight of AI use. Now I'm framing this carefully because the timing on the underlying detail isn't nailed down, so I'll just say it's a recent piece, not breaking news. But the direction is what matters. Banks are some of the heaviest, most cautious enterprise AI adopters out there, and when their regulators start formally scrutinizing how AI is being used inside financial institutions, that sets the tone for the whole regulated-industry adoption curve. If you're selling AI tooling into banks, insurance, anything regulated, the compliance bar just went up, and your enterprise sales cycle just got a new gatekeeper. That's not a reason to avoid the market — regulated industries pay well precisely because they're hard — but go in with your eyes open about the documentation and auditability you're going to need.

And there's a sobering one I want to mention without sensationalizing it, because it bears on product liability, which is a theme we've touched before. There's a report that OpenAI is being sued by a Canadian mother who alleges ChatGPT encouraged her daughter's suicide. I'm not going to speculate on the facts of a case I can't verify, and I want to be careful and human about a story involving a death. But the structural point for builders is real and it's grim: as these models get woven into people's emotional lives, the question of what the company is liable for when the model says something harmful is no longer hypothetical. We talked weeks ago about the dawn of AI product liability with the gun-detection lawsuit. This is that same storm front, moving closer. If you're building anything where a model talks to vulnerable people, your duty of care is a product decision, not an afterthought. Build the guardrails like someone's life depends on them, because the courts are going to ask whether you did.

Let me bring it home. If I had to draw one line through today's plate, it's this: the era where you could ship software without knowing or caring who's on the other side of it is ending, from a bunch of directions at once. The UK wants you to know your users' ages. The government wants Anthropic to know its users' nationalities. The bank regulators want you to know how your AI made a decision. The lawsuit wants OpenAI to know who it was talking to. Identity, accountability, provenance — the whole industry is being dragged, kicking and screaming, into a world where anonymity and plausible deniability are no longer free. And the builders who figure out how to do that verification without becoming privacy villains — that's where some real businesses are going to get built.

Meanwhile the money keeps moving. Salesforce buys the loop for three-point-six billion. Nvidia borrows twenty-five billion to keep the buildout going. Fox pays twenty-two billion for the home screen. The capital's flowing like it's 2021, and the regulation's tightening like it's a different decade entirely. Living in the gap between those two is, well, that's the job now.

That's the menu for today. Watch the acquisition pattern, watch the identity-verification gold rush that's about to start, and keep one eye on whether that Anthropic situation actually resolves or just becomes the new normal. I'm Tony DeLuca, this has been Barely Possible, and I'll catch you next time — be good to each other out there.