From the announcement here: https://aws.amazon.com/blogs/aws/anthropic-claude-fable-5-on...
> After 30 days, the data is deleted automatically, except in the rare cases where it's part of a safety investigation or we're legally required to keep it.
From: https://support.claude.com/en/articles/15425996-data-retenti...
Note that Anthropic has committed not to train models on logged data, so I don’t understand some of the concerns here. What exactly is your threat model? That Anthropic would train models contrary to their terms of service? That you trust them enough not to log your data prior to this, but not enough to trust their stated limits on how logged data will be used now?
Edit: I am partially convinced by some of the replies. However, it is worth noting that this change primarily affects Enterprise users. Data from consumer plans is already retained for 30 days. Source: https://privacy.claude.com/en/articles/10023548-how-long-do-...
It doesn't really matter how much you happen trust another party. In the regulatory world it only matters what contracts they will sign that guarantee their compliance. We do have those with AWS, we don't with Anthropic. If Anthropic physically captures the data, they just moved themselves outside the boundary of parties who we can do business with. Unless they want to sign a contract and implement all the corresponding compliance measures. They are insane if they think that's a good deal for them to do all that right now in every jurisdiction where AWS operates, when AWS has already spent a decade building it up.
The tides are turning. AI companies are IPO'ing. They've gotten where they are by selling $5 bills for $1, to update the old VC adage. I think we can look forward to them rewriting the contracts, both literal and social, on AI going forward to capture a lot more of the value. Or, to put it in more HN-friendly terms, it may not be immediately obvious on a casual viewing, but you're looking at the beginning of the enshittification process hitting AI. The term is a bit deceptive in some sense, because it's not like anyone ever sets out with a terminal goal of making something shitty. It's downstream of trying to capture more value in the customer/vendor relationship by not giving the customer any more value than is barely necessary.
How's coding with qwen doing? The only thing that's going to stop the AI providers from extracting all the value until it's just barely worth using is the free competition.
Given they could have done this with data residency rules being respected and chose not to suggests all I need to know - this is for Anthropics IPO, not for user safety
You may also have data management requirements such as allowed storage and transit countries as well as various certifications and contracts that you now need to extend to the second data processor.
Basically if you are already using AWS just adding the AWS-only bedrock model is legally easy and doesn't really change your security posture. If you need to now also log your data to Anthropic it makes the choice much more complicated.
There's a parallel between data retention and general mass surveillance. Sure, both systems can be used for purely benign purposes, with appropriate safeguards in place. But history shows that surveillance systems are alarmingly easy to co-opt for nefarious means, and model providers do have a heck of an incentive to leverage retained data for internal means.
This is worth protesting, even if I believe this policy itself does not immediately compromise my privacy.
Like Meta had committed to respect your privacy. Replace the name of the company with any of the top 50 companies in the world and go back how many have hold their promises - or just doing fine when breaking the rules. There is no legislation in the U.S. that can bankrupt the company for violating this? So there are no guarantees.
Meta openly torrented books and nobody asked them to remove/destroy their AI models. Similarly, for Anthropic, it was just a business cost. They were allowed to keep the models. No real consequences for breaking the rules.
It is a different thing when they say they don't store your data.
And when they say they store your data for 30 days and review it for "issues", it makes your "spider sense" tingle. Who and how will review it, what are the "issues" they are looking for, etc. It is to vague and they can keep it this "dangerous" model for themselves.
First of all, will they respect that promise in the future? Because, you know… they already received your data and by some legal quirks they are already required to store it for so many years. “What’s your threat model”, uhh, sending confidential information to a third party.
It’s okay if you do this with your own personal property. But if you are working on client projects, what, are you going to start shipping customer data under nda without consent? Good luck in the court.
an inference request comes in
claude fable RESTful API service does the stuff, some backend systems run the prefill and batch decode, and your conversation is cached for 5 minutes in some prefix cache.
the request is also sent to claude paraphraser, which does almost exactly the same thing as the compactor and rewrites your conversation.
then they record the paraphrased conversation and train on that. it keeps the salient parts of the conversation, like whatever internal knowledge you have, and disposes of anything that could have been correlated with the earlier conversation, which is easy to do because verification is a string comparison.
Given Anthropic's failure to secure their own source code, do you really trust them to secure yours?
https://www.theguardian.com/world/2026/feb/23/openai-tumber-...
They say their models are too dangerous for the public, so they can nerf the GA versions while allowing only their preferred megacorp or nation state partners access to the real secret good versions.
We can hope the Chinese open weight models will catch up, but if/when they really reach parity with proprietary frontier models you can bet they'll stop releasing their weights too. They don't do this stuff out of the kindness of their hearts.
It's tough to imagine what might possibly derail this.
Public utilities?
Meta and Anthropic both trained on pirated books and there were not required to destroy their models. I simply don't get it. It just encourages to do things first and see later what happens. Regulations are just a small business cost.
Ever since the Mythos announcement it’s been clear that we’re heading towards a future where SOTA models are no longer available to the average person, and not only cost more, but also require payment in the form of use case verification and data sharing. OpenAI’s 5.5-Cyber model requires the same, so it’s not just Anthropic.
We’re unhappy with this because we’ve all gotten used to being able to play with the new shiny model as soon as it’s available, but what I’m seeing in this thread about Anthropic being “stupid” is emotion-based wishful thinking.
Cool. Everybody is doing it. Doesn’t make it right or make it good for the people. Everyone should complain and help others wake up that Anthropic isn’t the “good guys” like their narrative in Feb/march led so many to believe.
In theory, definitely.
But this seems like a really, really, really no-good seriously bad decision from Anthropic. Like, I get why they want this (and can see it from their perspective), but many of their largest clients literally cannot allow this without regulator sign-off, which almost certainly won't be forthcoming.
Like, if the Fed and the ECB say this is OK then it might work, but other than that I predict that this decision will be reversed ~soon.
As long as it’s service telemetry, not used for model training, not inspected by humans, not analyzed except for service purposes… I don’t see the regulatory issue.
Are there any regulations covering what telemetry your service providers can keep? I’m skeptical, but even if so it would be trivial for Anthropic to exempt certain larger customers while still keeping the policy published as universal.
By definition lots of the use of AI in these companies is gonna require personal data/PII etc (particularly in KYC/compliance or general processing usecases) which means that there's a regulatory constraint.
I personally would've thought that said organisations and regulators would be massively opposed to this for privacy and risk reasons, which is why I think this won't happen.
Even the companies with less sensitive data are generally paranoid about service providers getting "their" (actually their customers) data.
> Are there any regulations covering what telemetry your service providers can keep?
In the EU, this should be proportionate and should avoid special categories of personal data (which FIs will have a lot of).
Their largest clients can negotiate their own deals with their own terms.
They do not have to go through the same public Amazon Bedrock deal that you and I sign up for.
That might work in some countries but Anthropic approach here doesn't fit the legal requirements in the EU.
Sure, but considering the average person and how short-term their thinking tends to be, I'm not sure I'd jump straight into "think about how much money they could lose, of course they think long-term".
Large corporations like Microslop, Google, Meta etc. were frequently behave like headless chickens
It's notable that Anthropic are still using SWEBench as a coding benchmark rather than the newer more difficult DeepSWE which shows them well behind GPT 5.5
https://deepswe.datacurve.ai/
Bear in mind that all the marketing efforts such as solving Erdos problem are the result of concerted RL training to impart those narrow capabilities, and how much of any benchmark results, or "early access" paid shill vibe reports, reflect improved performance for more general real-world use cases remains to be seen.
It's hard to tell how much of what Anthropic are currently saying is just pre-IPO marketing bullshit, or how much will be their long-term policy.
If this is just marketing bullshit ("our models are so powerful we need to keep them chained up at night"), then it does seems massively ill-conceived. I can't think of a better way to break hard-earned customer trust than to say:
1) If we don't like what you're working on - if we think it may complete with ourselves - then we will silently fuck-up the code you're paying us to generate for you
2) Much reduced privacy guarantee. We will now retain everything you send us for an unspecified amount of time while we investigate it
Both of these seem especially self-defeating given that Anthropic has been very successful at courting corporate use, especially coding, and also still seem interested in courting military use.
The silently refusing to comply one (do they just mean deliberately dumbed down, not giving you what you are paying for, or actively sabotaging the generated code?) is really quite extraordinary. Why not just refuse the request? Perhaps they want to claim that gives too much signal as to what they think is valuable, although I think this "recursive self-improvement" story is 100% bullshit trying to juice the IPO. Are they really so arrogant to think that every other company developing LLMs hasn't figured out things like basic development infra?
IMO just the fact that Anthropic think it's in any way acceptable to silently fail requests that might reflect someone else trying to build anything that competes with them is bad enough, but the massive incompetence in what "Fable" is refusing shows that any such decision making is going to be causing them to silently fail a lot more than what they are trying to do.
The Anthropic model names "Mythos", "Fable" seem to have been conceived by a 14-year old thinking that "epic" names will convince people that the model is powerful. It's a bit like putting racing stripes and a loud farting exhaust on your Honda Civic.
> For OpenAI GPT-5.4 and GPT-5.5, classifier-flagged traffic will be retained for up to 30 days for automated offline abuse detection
https://docs.aws.amazon.com/bedrock/latest/userguide/abuse-d...
https://www.anthropic.com/news/claude-fable-5-mythos-5#a-new...
---
I am willing to bet that the SpaceX deal is probably why Fable's launching now, as they are much less compute constrained than they were a month ago.
gpt-5.5 isn't larger than gpt-5.4 but costs double.
If they were doing some secret espionage or government surveillance with the data, they would just do it all in secret.
When you have a black box that sends the full stream to Anthropic, then everything (including what actually happens with the data) stays on the Anthropic side.
It's much harder to hide egress/exfil-at-scale completely; even if we assume NSA-level kernel rootkits, someone's still gonna notice "hey, why is this pipe saturated even though `nload` looks normal.
It's much easier to hide what you do with the full data when you have explanations for why you're doing egress/exfil.
that's obvious, but perhaps worth stating: it's worth it, demand for the model is unprecedented and the only downside for Anthropic if AWS rejected would be some revenue pushed a quarter away as they get Fable ready on their recently acquired compute from xAI and Google.
Anthropic is trying, well see if it's a bold strategy.
1. https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...
I've worked on a few apps for UKGov and I would absolutely be raising this as a massive red flag.
If we as a company allow the data to be copied to other regions outside the EU then WE are not compliant with the rules and can be punished for it. That is what corporate is worried about. Just like we have a deal with OpenAI, but no documentation etc is allowed to be shared and that is being monitored by our SIEM platforms.
"For more on how Anthropic handles this data, see Anthropic’s commercial terms and data retention policy. Enabling the Claude Fable 5 policy constitutes acknowledgement of this requirement. Leaving it off keeps Claude Fable 5 unavailable to your organization."
https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...
I don't think it mentions sharing the data with third parties such as Anthropic?
From https://support.claude.com/en/articles/15425996-data-retenti...
edit: Google’s own docs also say zero data retention isn’t possible with Fable and your data will be retained for 60 days “outside of your account”. I’m doubtful that this data sharing is an AWS-only thing.
https://docs.aws.amazon.com/bedrock/latest/userguide/abuse-d...
I expect them to train on their traffic, and I train on mine.
it clearly (enough, kinda) communicated
1. what data they keep/collect
2. what they do with it (and that there is a reason to have it)
3. with whom they share it
4. how long they keep it
---
GDPR might require data minimalism, but that doesn't mean you can't keep "all" conversations/data. It just means you have to have a reason of why exactly need all of it (they have), only keep it as long as strictly necessary (they do) and not use it for other purposes (they claim to do that).
Also from a legal POV you can't really argue that collecting all conversations for detecting abuse patterns is "unreasonable"/"unnecessary" or similar, as to some degree the AI Act requires exactly that for "high risk" AIs/use cases. And while by the definition of the AI Act AWS Bedrock likely doesn't fall under "high risk" they can argue that some people could (against TOS) use it for "high risk" or "illegal" AI use cases which is part of the "misuse detection" thing for which they keep conversations for a month.
Lastly GDRP deletion requests still apply. But need to be processed within ... 1 month (wich AFIK in a generic duration context you can treat as 30 days, even through there is a single shorter month). So they "auto comply" with this, too.
AFAIR it is not clear, because they write it is "30 days, but ...":
> After 30 days, the data is deleted automatically, except in the rare cases where it's part of a safety investigation or we're legally required to keep it.
So you have a vague clause saying "when" and vague clause saying for "how long". If it will fly I would be surprised.
It is also worth remembering that the entity that you are explaining this GDPR retention reasoning to is the government. I don't see the EU telling Anthropic or another AI company they can't do this for safety reasons... what I see is future legislation requiring them to give the EU access to these logs so they can enforce they own definitions of safety on it.
Their carve-outs for safety (public interest) and legal are also valid exceptions in gdpr as well.
But they don't, they have the "30 days", but just after that they add "unless ....". So the time period is vague.
Since Anthropic is a US company the GDPR compliance claims would be dubious and open to litigation by entities like NOYB.
Everybody should just assume that they are lying about data retention and learning anyway.
They showed zero respect for intellectual property in the past and they will show zero respect now or in the future. A few thousand Euros/dollars in subscription doesn't matter when several trillions are in play (at least in their plans).
It's easy to catch a data leak if you have private data. You know what the model is supposed to not know, and you can just ask to see if it does. Yet I have not seen or heard of a single case of this being documented. As far as I can tell the labs do in fact respect the request to opt out of training.
60 days.
> After 30 days, the data is deleted automatically
Do we believe that?
> or we're legally required to keep it.
Aha - so, data is forever.
If you don't believe them now why would you have believed them earlier when they said "no data is retained" ?
So basically all your data will flow to NSA/CIA/Mossad if they show even slight interest in your org or you as a person. Gotcha.
Well, that's the final frontier anyway.
Anthropic does not care about you.
Even in the happy case where nothing bad happens, you get a badly integrated product, because you integrate not against the actual vendor, but against a abstraction layer that commoditizes the actual product, effectively forcing you to either use the least common denominator of features, or circumventing the actual aggregation model itself with some kind of 'vendor_specific_parameters' parameter in the aggregator API.
My thesis is drop the vendor neutrality, and build your integration with the vendor directly.
And FedRamp has some issues with data being sent out.
Our corp doesn't allow usage of local models because of concern about potential "agent sends out code to the net" issues.
Also broadly available to us plebs via openrouter and similar. Claude is available on there under ZDR terms via the Google Vertex and Amazon Bedrock providers.
It is literally 10X to 20-X cheaper to directly buy Anthropic subscriptions for your devs.
And for the cost, if you’re an enterprise with more than 150 people, you’re on the token plan.
We 'trust' Amazon already and Amazon has no incentive at all to collect the data to finetune claude because they don't own claude.
I only told a commentor why a business would pay more to Amazon than going directly to Anthropic.
The announcement itself is def problematic and either leads to big companies accepting this and then going directly to anthropic or some talks in the background we don't know yet what it will entail.
Amazon has more to loose than Anthropic