The root of the problem is that AI-as-a-service is corked, because companies providing it have a hell of an incentive to use all that data to out-compete their competitors, and they can do so in secret. To say nothing of salivating law-enforcement who really, really wants to tap into it. I'm hoping there will be at some point open-source and affordable hardware that can run competent models.
show comments
OtherShrezzing
This is odd behaviour, and provides some evidence that Anthropic isn't being managed by serious people. With this policy across AWS/GH/Zed/etc, they're taking their massive lead in enterprise/govt sales and handing it to any competitor who can serve a model anywhere near these capabilities with a modestly nice UI.
Note that Anthropic has committed not to train models on logged data, so I don’t understand some of the concerns here. What exactly is your threat model? That Anthropic would train models contrary to their terms of service? That you trust them enough not to log your data prior to this, but not enough to trust their stated limits on how logged data will be used now?
Edit: I am partially convinced by some of the replies. However, it is worth noting that this change primarily affects Enterprise users. Data from consumer plans is already retained for 30 days. Source: https://privacy.claude.com/en/articles/10023548-how-long-do-...
show comments
rohansood15
Pretty sure this doesn't work for any regulated enterprise or government client. But AWS knows this, so I am curious why they'd agree to it.
show comments
storus
This smells like an advanced version of corporate espionage. Assuming most companies will use their AI in the future, this will be fed directly to an Echelon-like network that will be leaking "interesting info" to friendly parties, like the Boeing vs Airbus scandal that was first widely reported and then swept under the rug officially.
show comments
abofh
Not a sub processor for us, so insta banned. Also spiked the ball on us updating our sub processor list. If they'd done something in-cloud we wouldn't have blinked, but no governance or controls, non starter.
jreynar
Ugh. I'm sure we're not the only company that's going to face the difficult decision to either stay with Opus 4.8, switch to a different model provider or update and significantly weaken our terms of service around no model re-training, not sending data to third parties and the like. I understand why Anthropic wants to do this but I'd be much more comfortable with it if the data never made it to Anthropic unless an analysis Amazon ran, maybe even using tools from Anthropic, determined that there was something to look at. That'd be an easier carve out in an enterprise Terms Of Service / Privacy Policy.
show comments
moezd
That's it. If you have confidential data that you're running with Fable, you're giving that away for free. Maybe you have always been, but now they explicitly ask for it.
stuaxo
That rules it out for all sorts of apps.
I've worked on a few apps for UKGov and I would absolutely be raising this as a massive red flag.
show comments
I_am_tiberius
So they use this "suspicious behavior" as a reason to train on our data.
htrp
you've got to respect anthropic being willing to shoot themselves in the foot over a belief around Mythos performance
show comments
ramstar3000
Is this related to the pricing for these models, since these are not going to be subsidised, they do not have much incentive to offer zdr.
My current thought is that many businesses use claude code on API based pricing opposed to subscriptions due to the zdr. However, these models are already not being subsidised?
thefounder
They want your data like you everybody else and enterprise data is juicy to say at least
throw03172019
So all HIPAA workloads are now going to be an issue? They should at least allow us to “retain data” per API key or login so the non-PHI workloads can use Fable and PHI can remain on other models and respect the ZDR.
cherryteastain
I guess this is an anti-distillation move?
1313ed01
Same as for GitHub Copilot?
"For more on how Anthropic handles this data, see Anthropic’s commercial terms and data retention policy. Enabling the Claude Fable 5 policy constitutes acknowledgement of this requirement. Leaving it off keeps Claude Fable 5 unavailable to your organization."
"Legally required" ... gotcha, script writing on Melania Movie 3 has begun in exchange for a national security letter requiring Amazon to both keep the data and not exclude it from training.
rozumbrada
They say it's opt-in but since they are capable of agreeing to this, I am just waiting until they hide this opt-in into the regular ToS when asking for a new model access...
show comments
nullbio
Cancel your subscriptions, or you are to blame. Simple.
If you aren't voting with your wallet, you can't cry when the world ends.
Wonder why Anthropic wants all those data? Isn't it a good company?
zmmmmm
OpenAI ... your move. The enterprise market just cracked wide open. Do you want it?
show comments
_pdp_
This is not going to fly in EU.
show comments
buzer
One very important point here is that it looks like Anthropic is becoming GDPR controller for all submitted data. So data subjects have Article 15 right to request information about processing and possibly a copy of the data. Latter might be contested under "rights of others", but former is more absolute.
What this means it that if someone makes an Article 15 request, they would be entitled to know if Anthropic holds personal data about them and also from who they received this data at minimum.
If someone wants to do that, I would recommend combining it with Article 18 request to forbid deleting the data for legal claim in case you contest Anthropic's reply. Otherwise they could just delete the data per their retention policy and DPA would find much later that they no longer hold the data.
a34729t
Who would have thought that our saviors will be the Chinese!?
LetsGetTechnicl
Simple solution here is to not use AI?
amluto
It’s worth noting that Anthropic has made some very odd moves in the last few months in which Claude Code reviews your usage of it and penalizes you for mentions of some short strings that don’t even indicate TOS violations. And if they’re going to insist on retaining all data for 30 days for nebulously defined “safety”, then I’m not particularly interested in doing business with them.
Imagine if they interpret “safety” such that they scan for the string “com.openai” and, if found, ask an LLM to summarize your entire session and send it for human review?
throwfaraway4
Things like siphoning your data and using it to train while nerfing the model for everyone else is just the beginning of shady, rug-pulling, enshitification behavior we should expect. The dev community more than ever now needs to focus on being self-reliant and supporting open source models. They're counting on our skills atrophying over time to where you need their models to get work done. Ask yourself, do you actually need a frontier model to do this work? I think in many cases the answer is no. Don't support hostile behavior like this. Also, you can bet they're going to front government surveillance if not by choice, by regulation and political pressure.
gdiamos
What I do is route general data to Mythos, and my own IP to a local model.
I expect them to train on their traffic, and I train on mine.
_bobm
Very confident. But will it stick? And if it doesn't -- what then? Back to scheming?
If it’s for future models at the same level of Sonnet and Opus, then it might become a problem for the for companies using this.
At the end of the day we will need private LLMs and Cohere might save a traço great chance here
adithyaharish
Woah, if anthropic does it, even OpenAI would start doing the same with Azure models
avereveard
*Anthropic requires it
romanovcode
> except in the rare cases where it's part of a safety investigation or we're legally required to keep it
So basically all your data will flow to NSA/CIA/Mossad if they show even slight interest in your org or you as a person. Gotcha.
show comments
shevy-java
They want your data.
> After 30 days, the data is deleted automatically
Do we believe that?
> or we're legally required to keep it.
Aha - so, data is forever.
show comments
razieloren
it's either this or playing x30 for a token, anyhow i physically can't write code again
show comments
drcongo
Got an email from Zed about the same this morning.
themafia
What a "frontier."
show comments
TZubiri
My thesis is that in software you don't want aggregators. They provide the promise of vendor neutrality, but it comes at the expense of increased supply chain compromise risk, small print technically legal data exfiltration.
Even in the happy case where nothing bad happens, you get a badly integrated product, because you integrate not against the actual vendor, but against a abstraction layer that commoditizes the actual product, effectively forcing you to either use the least common denominator of features, or circumventing the actual aggregation model itself with some kind of 'vendor_specific_parameters' parameter in the aggregator API.
My thesis is drop the vendor neutrality, and build your integration with the vendor directly.
rvz
Imagine still believing that local models do not have a use-case after seeing policies like this.
Anthropic does not care about you.
codeduck
aaaand there it is.
dhavd
lol
gauravvij137
The data leaving AWS boundary kills this for any regulated workload. We've been running side-by-side evals of open models against Claude on private test suites, using Neo as the orchestration layer. Keeps everything in-house and gives us objective comparison data.
chattermate
The regulated-enterprise angle is the interesting part. Bedrock's whole pitch to those customers was "your data never leaves your AWS boundary" — that's the line that gets it through procurement and compliance reviews. A 30-day retention requirement where traffic crosses into the vendor's boundary quietly invalidates that, and for healthcare/finance/gov it's not a knob they can flip no matter how good the model is. This is exactly why we keep our LLM layer provider-agnostic with a self-hosted fallback (Ollama-class models) for data-sensitive paths — you eat a capability hit, but you keep the option of not sending regulated data anywhere. The risk TZubiri names is real: the moment you're reaching for "vendor_specific_parameters," the neutrality you bought the aggregator for is already gone.
Torikul007
I understand the safety/misuse argument, but I wonder where enterprises will draw the line here. “30-day retention for advanced models” sounds reasonable in isolation, until you remember many teams are sending proprietary code, internal docs, or customer-sensitive context through these systems.
show comments
malephex
This is BS. They want to train on user data.
jedisct1
Because they didn't store data before? Don't be so naive.
show comments
wewewedxfgdf
Note that if you use AWS Bedrock then you're choosing to pay 10X to 20X because you trust AWS more than Anthropic.
It is literally 10X to 20-X cheaper to directly buy Anthropic subscriptions for your devs.
The root of the problem is that AI-as-a-service is corked, because companies providing it have a hell of an incentive to use all that data to out-compete their competitors, and they can do so in secret. To say nothing of salivating law-enforcement who really, really wants to tap into it. I'm hoping there will be at some point open-source and affordable hardware that can run competent models.
This is odd behaviour, and provides some evidence that Anthropic isn't being managed by serious people. With this policy across AWS/GH/Zed/etc, they're taking their massive lead in enterprise/govt sales and handing it to any competitor who can serve a model anywhere near these capabilities with a modestly nice UI.
This policy applies across all providers. Here is the warning in Cursor: https://i.redd.it/7sfyker2ya6h1.png
Note that Anthropic has committed not to train models on logged data, so I don’t understand some of the concerns here. What exactly is your threat model? That Anthropic would train models contrary to their terms of service? That you trust them enough not to log your data prior to this, but not enough to trust their stated limits on how logged data will be used now?
Edit: I am partially convinced by some of the replies. However, it is worth noting that this change primarily affects Enterprise users. Data from consumer plans is already retained for 30 days. Source: https://privacy.claude.com/en/articles/10023548-how-long-do-...
Pretty sure this doesn't work for any regulated enterprise or government client. But AWS knows this, so I am curious why they'd agree to it.
This smells like an advanced version of corporate espionage. Assuming most companies will use their AI in the future, this will be fed directly to an Echelon-like network that will be leaking "interesting info" to friendly parties, like the Boeing vs Airbus scandal that was first widely reported and then swept under the rug officially.
Not a sub processor for us, so insta banned. Also spiked the ball on us updating our sub processor list. If they'd done something in-cloud we wouldn't have blinked, but no governance or controls, non starter.
Ugh. I'm sure we're not the only company that's going to face the difficult decision to either stay with Opus 4.8, switch to a different model provider or update and significantly weaken our terms of service around no model re-training, not sending data to third parties and the like. I understand why Anthropic wants to do this but I'd be much more comfortable with it if the data never made it to Anthropic unless an analysis Amazon ran, maybe even using tools from Anthropic, determined that there was something to look at. That'd be an easier carve out in an enterprise Terms Of Service / Privacy Policy.
That's it. If you have confidential data that you're running with Fable, you're giving that away for free. Maybe you have always been, but now they explicitly ask for it.
That rules it out for all sorts of apps.
I've worked on a few apps for UKGov and I would absolutely be raising this as a massive red flag.
So they use this "suspicious behavior" as a reason to train on our data.
you've got to respect anthropic being willing to shoot themselves in the foot over a belief around Mythos performance
Is this related to the pricing for these models, since these are not going to be subsidised, they do not have much incentive to offer zdr.
My current thought is that many businesses use claude code on API based pricing opposed to subscriptions due to the zdr. However, these models are already not being subsidised?
They want your data like you everybody else and enterprise data is juicy to say at least
So all HIPAA workloads are now going to be an issue? They should at least allow us to “retain data” per API key or login so the non-PHI workloads can use Fable and PHI can remain on other models and respect the ZDR.
I guess this is an anti-distillation move?
Same as for GitHub Copilot?
"For more on how Anthropic handles this data, see Anthropic’s commercial terms and data retention policy. Enabling the Claude Fable 5 policy constitutes acknowledgement of this requirement. Leaving it off keeps Claude Fable 5 unavailable to your organization."
https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...
"Legally required" ... gotcha, script writing on Melania Movie 3 has begun in exchange for a national security letter requiring Amazon to both keep the data and not exclude it from training.
They say it's opt-in but since they are capable of agreeing to this, I am just waiting until they hide this opt-in into the regular ToS when asking for a new model access...
Cancel your subscriptions, or you are to blame. Simple.
If you aren't voting with your wallet, you can't cry when the world ends.
Is this also the case for Google Cloud? https://docs.cloud.google.com/gemini-enterprise-agent-platfo...
Wonder why Anthropic wants all those data? Isn't it a good company?
OpenAI ... your move. The enterprise market just cracked wide open. Do you want it?
This is not going to fly in EU.
One very important point here is that it looks like Anthropic is becoming GDPR controller for all submitted data. So data subjects have Article 15 right to request information about processing and possibly a copy of the data. Latter might be contested under "rights of others", but former is more absolute.
What this means it that if someone makes an Article 15 request, they would be entitled to know if Anthropic holds personal data about them and also from who they received this data at minimum.
If someone wants to do that, I would recommend combining it with Article 18 request to forbid deleting the data for legal claim in case you contest Anthropic's reply. Otherwise they could just delete the data per their retention policy and DPA would find much later that they no longer hold the data.
Who would have thought that our saviors will be the Chinese!?
Simple solution here is to not use AI?
It’s worth noting that Anthropic has made some very odd moves in the last few months in which Claude Code reviews your usage of it and penalizes you for mentions of some short strings that don’t even indicate TOS violations. And if they’re going to insist on retaining all data for 30 days for nebulously defined “safety”, then I’m not particularly interested in doing business with them.
Imagine if they interpret “safety” such that they scan for the string “com.openai” and, if found, ask an LLM to summarize your entire session and send it for human review?
Things like siphoning your data and using it to train while nerfing the model for everyone else is just the beginning of shady, rug-pulling, enshitification behavior we should expect. The dev community more than ever now needs to focus on being self-reliant and supporting open source models. They're counting on our skills atrophying over time to where you need their models to get work done. Ask yourself, do you actually need a frontier model to do this work? I think in many cases the answer is no. Don't support hostile behavior like this. Also, you can bet they're going to front government surveillance if not by choice, by regulation and political pressure.
What I do is route general data to Mythos, and my own IP to a local model.
I expect them to train on their traffic, and I train on mine.
Very confident. But will it stick? And if it doesn't -- what then? Back to scheming?
Similar for GCP if anyone's wondering, and in fact a bit further in some ways: https://cloud.google.com/terms/advanced-ai-safety-addendum
60 days.
If it’s for future models at the same level of Sonnet and Opus, then it might become a problem for the for companies using this.
At the end of the day we will need private LLMs and Cohere might save a traço great chance here
Woah, if anthropic does it, even OpenAI would start doing the same with Azure models
*Anthropic requires it
> except in the rare cases where it's part of a safety investigation or we're legally required to keep it
So basically all your data will flow to NSA/CIA/Mossad if they show even slight interest in your org or you as a person. Gotcha.
They want your data.
> After 30 days, the data is deleted automatically
Do we believe that?
> or we're legally required to keep it.
Aha - so, data is forever.
it's either this or playing x30 for a token, anyhow i physically can't write code again
Got an email from Zed about the same this morning.
What a "frontier."
My thesis is that in software you don't want aggregators. They provide the promise of vendor neutrality, but it comes at the expense of increased supply chain compromise risk, small print technically legal data exfiltration.
Even in the happy case where nothing bad happens, you get a badly integrated product, because you integrate not against the actual vendor, but against a abstraction layer that commoditizes the actual product, effectively forcing you to either use the least common denominator of features, or circumventing the actual aggregation model itself with some kind of 'vendor_specific_parameters' parameter in the aggregator API.
My thesis is drop the vendor neutrality, and build your integration with the vendor directly.
Imagine still believing that local models do not have a use-case after seeing policies like this.
Anthropic does not care about you.
aaaand there it is.
lol
The data leaving AWS boundary kills this for any regulated workload. We've been running side-by-side evals of open models against Claude on private test suites, using Neo as the orchestration layer. Keeps everything in-house and gives us objective comparison data.
The regulated-enterprise angle is the interesting part. Bedrock's whole pitch to those customers was "your data never leaves your AWS boundary" — that's the line that gets it through procurement and compliance reviews. A 30-day retention requirement where traffic crosses into the vendor's boundary quietly invalidates that, and for healthcare/finance/gov it's not a knob they can flip no matter how good the model is. This is exactly why we keep our LLM layer provider-agnostic with a self-hosted fallback (Ollama-class models) for data-sensitive paths — you eat a capability hit, but you keep the option of not sending regulated data anywhere. The risk TZubiri names is real: the moment you're reaching for "vendor_specific_parameters," the neutrality you bought the aggregator for is already gone.
I understand the safety/misuse argument, but I wonder where enterprises will draw the line here. “30-day retention for advanced models” sounds reasonable in isolation, until you remember many teams are sending proprietary code, internal docs, or customer-sensitive context through these systems.
This is BS. They want to train on user data.
Because they didn't store data before? Don't be so naive.
Note that if you use AWS Bedrock then you're choosing to pay 10X to 20X because you trust AWS more than Anthropic.
It is literally 10X to 20-X cheaper to directly buy Anthropic subscriptions for your devs.