From the announcement here: https://aws.amazon.com/blogs/aws/anthropic-claude-fable-5-on...
> After 30 days, the data is deleted automatically, except in the rare cases where it's part of a safety investigation or we're legally required to keep it.
From: https://support.claude.com/en/articles/15425996-data-retenti...
Ever since the Mythos announcement it’s been clear that we’re heading towards a future where SOTA models are no longer available to the average person, and not only cost more, but also require payment in the form of use case verification and data sharing. OpenAI’s 5.5-Cyber model requires the same, so it’s not just Anthropic.
We’re unhappy with this because we’ve all gotten used to being able to play with the new shiny model as soon as it’s available, but what I’m seeing in this thread about Anthropic being “stupid” is emotion-based wishful thinking.
If the lift from these models is high enough and no alternative springs up, people will find a way to get to yes, but if OpenAI is willing to ship a Fable-class model on Bedrock without this, all the traffic will just move there. I say this because there is not much reason to use Bedrock unless you care about data sharing limits (ok, it seems more reliable than Anthropic's serving, but I don't think that's the major reason).
Of course, they could both decide they don't want the competitive advantage that having an AWS-controlled inference stack brings, but this is basically throwing out that advantage.
Note that this announcement is not just about Mythos, but also Fable, which is restricted from doing any Cyber work in the first place.
Cool. Everybody is doing it. Doesn’t make it right or make it good for the people. Everyone should complain and help others wake up that Anthropic isn’t the “good guys” like their narrative in Feb/march led so many to believe.
In theory, definitely.
But this seems like a really, really, really no-good seriously bad decision from Anthropic. Like, I get why they want this (and can see it from their perspective), but many of their largest clients literally cannot allow this without regulator sign-off, which almost certainly won't be forthcoming.
Like, if the Fed and the ECB say this is OK then it might work, but other than that I predict that this decision will be reversed ~soon.
Sure, but considering the average person and how short-term their thinking tends to be, I'm not sure I'd jump straight into "think about how much money they could lose, of course they think long-term".
Large corporations like Microslop, Google, Meta etc. were frequently behave like headless chickens
> For OpenAI GPT-5.4 and GPT-5.5, classifier-flagged traffic will be retained for up to 30 days for automated offline abuse detection
https://docs.aws.amazon.com/bedrock/latest/userguide/abuse-d...
It's hard to tell how much of what Anthropic are currently saying is just pre-IPO marketing bullshit, or how much will be their long-term policy.
If this is just marketing bullshit ("our models are so powerful we need to keep them chained up at night"), then it does seems massively ill-conceived. I can't think of a better way to break hard-earned customer trust than to say:
1) If we don't like what you're working on - if we think it may complete with ourselves - then we will silently fuck-up the code you're paying us to generate for you
2) Much reduced privacy guarantee. We will now retain everything you send us for an unspecified amount of time while we investigate it
Both of these seem especially self-defeating given that Anthropic has been very successful at courting corporate use, especially coding, and also still seem interested in courting military use.
The silently refusing to comply one (do they just mean deliberately dumbed down, not giving you what you are paying for, or actively sabotaging the generated code?) is really quite extraordinary. Why not just refuse the request? Perhaps they want to claim that gives too much signal as to what they think is valuable, although I think this "recursive self-improvement" story is 100% bullshit trying to juice the IPO. Are they really so arrogant to think that every other company developing LLMs hasn't figured out things like basic development infra?
IMO just the fact that Anthropic think it's in any way acceptable to silently fail requests that might reflect someone else trying to build anything that competes with them is bad enough, but the massive incompetence in what "Fable" is refusing shows that any such decision making is going to be causing them to silently fail a lot more than what they are trying to do.
The Anthropic model names "Mythos", "Fable" seem to have been conceived by a 14-year old thinking that "epic" names will convince people that the model is powerful. It's a bit like putting racing stripes and a loud farting exhaust on your Honda Civic.
It's notable that Anthropic are still using SWEBench as a coding benchmark rather than the newer more difficult DeepSWE which shows them well behind GPT 5.5
Bear in mind that all the marketing efforts such as solving Erdos problem are the result of concerted RL training to impart those narrow capabilities, and how much of any benchmark results, or "early access" paid shill vibe reports, reflect improved performance for more general real-world use cases remains to be seen.
We're an HR startup and likely can't use these models because _we_ have enterprise customers who want zero data retention (ZDR) and have added it to contract language
Shit rolls down hill, as it goes
I am willing to bet that the SpaceX deal is probably why Fable's launching now, as they are much less compute constrained than they were a month ago.
https://www.theguardian.com/world/2026/feb/23/openai-tumber-...
... then gave them back, and then tbe shooting happened.
Is that really true? Zero Data Retention (ZDR) is standard language in enterprise contracts and it seems quite egregious a vendor would want to take on that amount of liability and ignore the contract terms.
On top of that, Anthropic is SOC2 and ISO27001 so they've had _some_ independent auditing (although they could still try to hide such logging/recording anyway)
With that in mind, they also have a hell of an incentive to _not_ secretly collect that data.
Of course ZDR oftentimes comes with contract minimums so individuals and small corps are locked out and subject to the whims of the provider.
Edit: linkify
I'm 100% certain they keep that for retraining. I've seen advertising pipelines promise the same thing and drown in data "because it's anonimized".
I'm certain same exact thing happens with Ai chatbots, even on top enterprise licenses.
Essentially, this is why AWS is reporting this to begin with.
Do you care about cattle's opinions? I guess a few of us do, but most of us don't.
The wealthy CEOs and boardmembers found a way to make even more money, but know that it will make the people who are aware of it angry. So they, as a class, find other issues that they can enflame (or manufacture wholesale), through the manipulation of social media algorithms and legacy media, both of which they own and control. They would much rather have "ordinary people" angry about trans athletes or immigrants, than about the surveillance state they profit from, or stealing our data they profit from, etc...
Unfortunately, we humans are very easy to manipulate by making us angry. If "ordinary people don't make enough noises for any problems they see in life", its hardly our fault if we're too busy surviving in the current economy, and the elites are spending billions to make us angry about anything except the elites.
They say their models are too dangerous for the public, so they can nerf the GA versions while allowing only their preferred megacorp or nation state partners access to the real secret good versions.
We can hope the Chinese open weight models will catch up, but if/when they really reach parity with proprietary frontier models you can bet they'll stop releasing their weights too. They don't do this stuff out of the kindness of their hearts.
It's tough to imagine what might possibly derail this.
Meta and Anthropic both trained on pirated books and there were not required to destroy their models. I simply don't get it. It just encourages to do things first and see later what happens. Regulations are just a small business cost.
The other interesting one is how some of the Chinese open weights models have changed licenses that prevent some commercial exploitation of them. That's not closing their doors, but it's some steps towards ensuring their business model is protected.
Public utilities?
IMHO this is about protecting their model. If you can get a N-1 model for 1% of the N cost their business breaks down.
No, but they do have incentive to continue to release with open weights because doing so directly affects the US based labs that are doing this for profit and power.
What's likely to happen is import controls on software as a form of US protectionism. It will be the encryption battle all over again, but this time about your right to both run AI models locally on your own hardware (that the labs and big tech would love if you could continue to not able to afford or acquire so they can rent it to you), and a ban on the distribution and use of foreign models.
I wouldn't be surprised of Anthropic and OpenAI also successfully lobby for a limit on how big open source models can be in the US as well in the name of "safety."
Make no mistake, they all fully intend to pull the ladder up behind them, and they intend to do it soon.
I've said it before and I say it again: nomatter where you stand on generative AI's usefulness, you are crazy for putting your last private space – your thoughts – in the hands of someone other than you. Going further down this line will not end well.
It is literally 10X to 20-X cheaper to directly buy Anthropic subscriptions for your devs.
And for the cost, if you’re an enterprise with more than 150 people, you’re on the token plan.
We 'trust' Amazon already and Amazon has no incentive at all to collect the data to finetune claude because they don't own claude.
Note that Anthropic has committed not to train models on logged data, so I don’t understand some of the concerns here. What exactly is your threat model? That Anthropic would train models contrary to their terms of service? That you trust them enough not to log your data prior to this, but not enough to trust their stated limits on how logged data will be used now?
Edit: I am partially convinced by some of the replies. However, it is worth noting that this change primarily affects Enterprise users. Data from consumer plans is already retained for 30 days. Source: https://privacy.claude.com/en/articles/10023548-how-long-do-...
It doesn't really matter how much you happen trust another party. In the regulatory world it only matters what contracts they will sign that guarantee their compliance. We do have those with AWS, we don't with Anthropic. If Anthropic physically captures the data, they just moved themselves outside the boundary of parties who we can do business with. Unless they want to sign a contract and implement all the corresponding compliance measures. They are insane if they think that's a good deal for them to do all that right now in every jurisdiction where AWS operates, when AWS has already spent a decade building it up.
Like Meta had committed to respect your privacy. Replace the name of the company with any of the top 50 companies in the world and go back how many have hold their promises - or just doing fine when breaking the rules. There is no legislation in the U.S. that can bankrupt the company for violating this? So there are no guarantees.
Meta openly torrented books and nobody asked them to remove/destroy their AI models. Similarly, for Anthropic, it was just a business cost. They were allowed to keep the models. No real consequences for breaking the rules.
You may also have data management requirements such as allowed storage and transit countries as well as various certifications and contracts that you now need to extend to the second data processor.
Basically if you are already using AWS just adding the AWS-only bedrock model is legally easy and doesn't really change your security posture. If you need to now also log your data to Anthropic it makes the choice much more complicated.
There's a parallel between data retention and general mass surveillance. Sure, both systems can be used for purely benign purposes, with appropriate safeguards in place. But history shows that surveillance systems are alarmingly easy to co-opt for nefarious means, and model providers do have a heck of an incentive to leverage retained data for internal means.
This is worth protesting, even if I believe this policy itself does not immediately compromise my privacy.
It is a different thing when they say they don't store your data.
And when they say they store your data for 30 days and review it for "issues", it makes your "spider sense" tingle. Who and how will review it, what are the "issues" they are looking for, etc. It is to vague and they can keep it this "dangerous" model for themselves.
Given Anthropic's failure to secure their own source code, do you really trust them to secure yours?
an inference request comes in
claude fable RESTful API service does the stuff, some backend systems run the prefill and batch decode, and your conversation is cached for 5 minutes in some prefix cache.
the request is also sent to claude paraphraser, which does almost exactly the same thing as the compactor and rewrites your conversation.
then they record the paraphrased conversation and train on that. it keeps the salient parts of the conversation, like whatever internal knowledge you have, and disposes of anything that could have been correlated with the earlier conversation, which is easy to do because verification is a string comparison.
First of all, will they respect that promise in the future? Because, you know… they already received your data and by some legal quirks they are already required to store it for so many years. “What’s your threat model”, uhh, sending confidential information to a third party.
It’s okay if you do this with your own personal property. But if you are working on client projects, what, are you going to start shipping customer data under nda without consent? Good luck in the court.
Their carve-outs for safety (public interest) and legal are also valid exceptions in gdpr as well.
But they don't, they have the "30 days", but just after that they add "unless ....". So the time period is vague.
Since Anthropic is a US company the GDPR compliance claims would be dubious and open to litigation by entities like NOYB.
Everybody should just assume that they are lying about data retention and learning anyway.
They showed zero respect for intellectual property in the past and they will show zero respect now or in the future. A few thousand Euros/dollars in subscription doesn't matter when several trillions are in play (at least in their plans).
it clearly (enough, kinda) communicated
1. what data they keep/collect
2. what they do with it (and that there is a reason to have it)
3. with whom they share it
4. how long they keep it
---
GDPR might require data minimalism, but that doesn't mean you can't keep "all" conversations/data. It just means you have to have a reason of why exactly need all of it (they have), only keep it as long as strictly necessary (they do) and not use it for other purposes (they claim to do that).
Also from a legal POV you can't really argue that collecting all conversations for detecting abuse patterns is "unreasonable"/"unnecessary" or similar, as to some degree the AI Act requires exactly that for "high risk" AIs/use cases. And while by the definition of the AI Act AWS Bedrock likely doesn't fall under "high risk" they can argue that some people could (against TOS) use it for "high risk" or "illegal" AI use cases which is part of the "misuse detection" thing for which they keep conversations for a month.
Lastly GDRP deletion requests still apply. But need to be processed within ... 1 month (wich AFIK in a generic duration context you can treat as 30 days, even through there is a single shorter month). So they "auto comply" with this, too.
AFAIR it is not clear, because they write it is "30 days, but ...":
> After 30 days, the data is deleted automatically, except in the rare cases where it's part of a safety investigation or we're legally required to keep it.
So you have a vague clause saying "when" and vague clause saying for "how long". If it will fly I would be surprised.
It is also worth remembering that the entity that you are explaining this GDPR retention reasoning to is the government. I don't see the EU telling Anthropic or another AI company they can't do this for safety reasons... what I see is future legislation requiring them to give the EU access to these logs so they can enforce they own definitions of safety on it.
If they were doing some secret espionage or government surveillance with the data, they would just do it all in secret.
When you have a black box that sends the full stream to Anthropic, then everything (including what actually happens with the data) stays on the Anthropic side.
It's much harder to hide egress/exfil-at-scale completely; even if we assume NSA-level kernel rootkits, someone's still gonna notice "hey, why is this pipe saturated even though `nload` looks normal.
It's much easier to hide what you do with the full data when you have explanations for why you're doing egress/exfil.
that's obvious, but perhaps worth stating: it's worth it, demand for the model is unprecedented and the only downside for Anthropic if AWS rejected would be some revenue pushed a quarter away as they get Fable ready on their recently acquired compute from xAI and Google.
Anthropic is trying, well see if it's a bold strategy.
1. https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...
https://docs.aws.amazon.com/bedrock/latest/userguide/abuse-d...
Well, that's the final frontier anyway.
If we as a company allow the data to be copied to other regions outside the EU then WE are not compliant with the rules and can be punished for it. That is what corporate is worried about. Just like we have a deal with OpenAI, but no documentation etc is allowed to be shared and that is being monitored by our SIEM platforms.
I don't think it mentions sharing the data with third parties such as Anthropic?
From https://support.claude.com/en/articles/15425996-data-retenti...
If you aren't voting with your wallet, you can't cry when the world ends.
Me, or even me + a ton of other individual devs cancelling their personal $100/month Claude plans are a drop in the bucket of the billions of dollars of enterprise revenue they bring in.
To enact change here, the answer is to unionize, and put an AI usage ban into union contracts. Coerce the companies into not buying.
Also broadly available to us plebs via openrouter and similar. Claude is available on there under ZDR terms via the Google Vertex and Amazon Bedrock providers.
I've worked on a few apps for UKGov and I would absolutely be raising this as a massive red flag.
What's the game plan?
So basically all your data will flow to NSA/CIA/Mossad if they show even slight interest in your org or you as a person. Gotcha.
> After 30 days, the data is deleted automatically
Do we believe that?
> or we're legally required to keep it.
Aha - so, data is forever.
If you don't believe them now why would you have believed them earlier when they said "no data is retained" ?
And FedRamp has some issues with data being sent out.
Our corp doesn't allow usage of local models because of concern about potential "agent sends out code to the net" issues.
60 days.
"For more on how Anthropic handles this data, see Anthropic’s commercial terms and data retention policy. Enabling the Claude Fable 5 policy constitutes acknowledgement of this requirement. Leaving it off keeps Claude Fable 5 unavailable to your organization."
https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...
My current thought is that many businesses use claude code on API based pricing opposed to subscriptions due to the zdr. However, these models are already not being subsidised?
Even in the happy case where nothing bad happens, you get a badly integrated product, because you integrate not against the actual vendor, but against a abstraction layer that commoditizes the actual product, effectively forcing you to either use the least common denominator of features, or circumventing the actual aggregation model itself with some kind of 'vendor_specific_parameters' parameter in the aggregator API.
My thesis is drop the vendor neutrality, and build your integration with the vendor directly.
I expect them to train on their traffic, and I train on mine.
Imagine if they interpret “safety” such that they scan for the string “com.openai” and, if found, ask an LLM to summarize your entire session and send it for human review?
What this means it that if someone makes an Article 15 request, they would be entitled to know if Anthropic holds personal data about them and also from who they received this data at minimum.
If someone wants to do that, I would recommend combining it with Article 18 request to forbid deleting the data for legal claim in case you contest Anthropic's reply. Otherwise they could just delete the data per their retention policy and DPA would find much later that they no longer hold the data.
At the end of the day we will need private LLMs and Cohere might save a traço great chance here
Anthropic does not care about you.
