AWS Bedrock to require sharing data with Anthropic for Mythos and future models
177 pointsby TomAnthony5 hours ago38 comments
  • dsign37 minutes ago
    The root of the problem is that AI-as-a-service is corked, because companies providing it have a hell of an incentive to use all that data to out-compete their competitors, and they can do so in secret. To say nothing of salivating law-enforcement who really, really wants to tap into it. I'm hoping there will be at some point open-source and affordable hardware that can run competent models.
  • pczy3 minutes ago
    This policy applies across all providers. Here is the warning in Cursor: https://i.redd.it/7sfyker2ya6h1.png

    Note that Anthropic has committed not to train models on logged data, so I don’t understand some of the concerns here. What exactly is your threat model? That Anthropic would train models contrary to their terms of service? That you trust them enough not to log your data prior to this, but not enough to trust their stated limits on how logged data will be used now?

  • OtherShrezzing2 hours ago
    This is odd behaviour, and provides some evidence that Anthropic isn't being managed by serious people. With this policy across AWS/GH/Zed/etc, they're taking their massive lead in enterprise/govt sales and handing it to any competitor who can serve a model anywhere near these capabilities with a modestly nice UI.
    • cobolcomesback15 minutes ago
      Every one of the competitors capable of a similar model have been salivating for a long time at the idea of consensual data sharing. Anthropic just opened the door for everyone to do the same thing without having to deal with being the first to do so. My bet is that OpenAI etc’s next model will have these same requirements.

      Ever since the Mythos announcement it’s been clear that we’re heading towards a future where SOTA models are no longer available to the average person, and not only cost more, but also require payment in the form of use case verification and data sharing. OpenAI’s 5.5-Cyber model requires the same, so it’s not just Anthropic.

      We’re unhappy with this because we’ve all gotten used to being able to play with the new shiny model as soon as it’s available, but what I’m seeing in this thread about Anthropic being “stupid” is emotion-based wishful thinking.

    • jeremyjh18 minutes ago
      They are betting that without a competitor distilling their most powerful models, they can stay ahead far enough and long enough that people will accept this.
    • UqWBcuFx6NV4r2 hours ago
      Let’s be real, chances are that the people with a lot of money on the line have given it more thought than the passing thought that you gave this comment.
      • disgruntledphd236 minutes ago
        > Let’s be real, chances are that the people with a lot of money on the line have given it more thought than the passing thought that you gave this comment.

        In theory, definitely.

        But this seems like a really, really, really no-good seriously bad decision from Anthropic. Like, I get why they want this (and can see it from their perspective), but many of their largest clients literally cannot allow this without regulator sign-off, which almost certainly won't be forthcoming.

        Like, if the Fed and the ECB say this is OK then it might work, but other than that I predict that this decision will be reversed ~soon.

        • brookst3 minutes ago
          I’m not sure that’s true. Do the Fed and ECB sign off on telcos keeping records of who these companies called? Of car rental companies keeping records of where employees rented cars?

          As long as it’s service telemetry, not used for model training, not inspected by humans, not analyzed except for service purposes… I don’t see the regulatory issue.

          Are there any regulations covering what telemetry your service providers can keep? I’m skeptical, but even if so it would be trivial for Anthropic to exempt certain larger customers while still keeping the policy published as universal.

        • 26 minutes ago
          undefined
      • chatmasta2 hours ago
        They give it some thought, but Anthropic and AWS have the whole menu of compliance and security checkboxes needed to reassure CISO it doesn’t need to be “the office of no” and can allow the AI onboarding. The pressure to adopt and adapt to AI is so high right now that there’s nothing a CISO or CFO can say to stop its adoption. And the more they say “no” or “wait,” the more at-risk they put their job.
        • realusernamean hour ago
          I know the only reason we are using Claude right now in my large org was because of this policy and another model would have been picked otherwise
          • flir42 minutes ago
            A model that opens the slightest gap for a leak would be unacceptable to the org I work for. We are very paranoid about losing vulnerable customers' data.
            • chatmasta24 minutes ago
              Anthropic has all the answers for that. You’ll go through some compliance exercises and classify them as a subprocessor of highest tier of data sensitivity.
      • embedding-shapean hour ago
        > chances are that the people with a lot of money on the line have given it more thought

        Sure, but considering the average person and how short-term their thinking tends to be, I'm not sure I'd jump straight into "think about how much money they could lose, of course they think long-term".

      • lijok2 hours ago
        You would be very, very surprised
        • j-bos2 hours ago
          Yeah, seen some downright facepalm moves from execs regarding AI and security.
          • embedding-shapean hour ago
            Don't even need to involve AI or security to be able to highlight some very strange decisions that seem more like intentional sabotage from the inside than anything else. Of course, people are more likely just dumb and lack long-term thinking.
      • panny32 minutes ago
        You've mistaken "a lot of money" with "intelligence." Which is why I think the AI crowd really really wants this magical machine god thing to succeed. Then they can really have money = intelligence whilst keeping the rest of us poor and stupid. You know, like how they used to prevent literacy among the slaves.
      • wqaatwt38 minutes ago
        Intelligent individuals tend to make rational decisions very often this doesn’t result in rational behavior on the organizational level.

        Large corporations like Microslop, Google, Meta etc. were frequently behave like headless chickens

      • ReptileManan hour ago
        Counter point - Marisa Mayer and Stephen Elop.
      • cyanydeez2 hours ago
        right, and they realize the money doesnt exist unless they inflate the values in shadow circles of flow.
    • RA_Fisher2 hours ago
      I don’t think there are other models near Fable’s capabilities.
      • fc417fc80240 minutes ago
        For how long though? The past two months have seen a ridiculous number of model releases.
    • pitched2 hours ago
      OpenAI just added their own models to Bedrock recently too, making that an easy switch.
      • voxic11an hour ago
        Bedrock doesn't offer zero data retention for openAI's latest models either

        > For OpenAI GPT-5.4 and GPT-5.5, classifier-flagged traffic will be retained for up to 30 days for automated offline abuse detection

        https://docs.aws.amazon.com/bedrock/latest/userguide/abuse-d...

        • eastonan hour ago
          I think that’s by AWS though. For Fable you need to flip an account wide flag that says “I want to share my prompts with the model vendor.”
          • justinclift26 minutes ago
            The Fable announcement page on the Anthropic site says this data sharing will be applied regardless of the sharing setting of the company account.

            https://www.anthropic.com/news/claude-fable-5-mythos-5#a-new...

            ---

              ## A new data retention policy

  Finally, we’re making a change to the way we handle business
  customer data for Fable 5, Mythos 5, and future models with
  similar or higher capability levels. We will require 30-day
  retention for all traffic on Mythos-class models, on both
  first- and third-party surfaces. [...]
    • scottmcmacan hour ago
      I mean, they were already capacity constrained and just introduced a larger model that takes more capacity to run... They were gonna have to hand some business to competitor one way or another.
      • disgruntledphd234 minutes ago
        > I mean, they were already capacity constrained and just introduced a larger model that takes more capacity to run

        I am willing to bet that the SpaceX deal is probably why Fable's launching now, as they are much less compute constrained than they were a month ago.

      • irthomasthomasan hour ago
        Is it a larger model or just better trained? Anthropic does not actually claim it is a larger model anywhere that I can see.
        • ChrisLTD31 minutes ago
          If it’s not larger, it’d be tough to justify the massive price increase for using it.
          • BoorishBears15 minutes ago
            Opus 4.7 was smaller and people still paid 4.6 prices.

            gpt-5.5 isn't larger than gpt-5.4 but costs double.

  • storus36 minutes ago
    This smells like an advanced version of corporate espionage. Assuming most companies will use their AI in the future, this will be fed directly to an Echelon-like network that will be leaking "interesting info" to friendly parties, like the Boeing vs Airbus scandal that was first widely reported and then swept under the rug officially.
    • thisisauserid18 minutes ago
      Smells more like a secret agreement with the government.
  • rohansood154 hours ago
    Pretty sure this doesn't work for any regulated enterprise or government client. But AWS knows this, so I am curious why they'd agree to it.
    • baq3 hours ago
      > why they'd agree to it

      that's obvious, but perhaps worth stating: it's worth it, demand for the model is unprecedented and the only downside for Anthropic if AWS rejected would be some revenue pushed a quarter away as they get Fable ready on their recently acquired compute from xAI and Google.

    • whynotmaybean hour ago
      It's the same for girthub copilot [1] which is more present in gov than aws's solutions.

      Anthropic is trying, well see if it's a bold strategy.

      1. https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...

  • jreynar25 minutes ago
    Ugh. I'm sure we're not the only company that's going to face the difficult decision to either stay with Opus 4.8, switch to a different model provider or update and significantly weaken our terms of service around no model re-training, not sending data to third parties and the like. I understand why Anthropic wants to do this but I'd be much more comfortable with it if the data never made it to Anthropic unless an analysis Amazon ran, maybe even using tools from Anthropic, determined that there was something to look at. That'd be an easier carve out in an enterprise Terms Of Service / Privacy Policy.
    • jstummbillig15 minutes ago
      Can you explain what AWS supposedly guarantees currently that your company values? I am not super familiar with the platform but, I would assume, just like any other US company, that they will provide data to US agencies upon legal request as per CLOUD act, regardless of place of storage etc.
  • thefounderan hour ago
    They want your data like you everybody else and enterprise data is juicy to say at least
  • stuaxo2 hours ago
    That rules it out for all sorts of apps.

    I've worked on a few apps for UKGov and I would absolutely be raising this as a massive red flag.

  • htrp2 hours ago
    you've got to respect anthropic being willing to shoot themselves in the foot over a belief around Mythos performance
  • 1313ed013 hours ago
    Same as for GitHub Copilot?

    "For more on how Anthropic handles this data, see Anthropic’s commercial terms and data retention policy. Enabling the Claude Fable 5 policy constitutes acknowledgement of this requirement. Leaving it off keeps Claude Fable 5 unavailable to your organization."

    https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...

  • xnx2 hours ago
    Is this also the case for Google Cloud? https://docs.cloud.google.com/gemini-enterprise-agent-platfo...
    • lima2 hours ago
      Fable on GCP requires accepting a 60-day retention policy: https://cloud.google.com/terms/advanced-ai-safety-addendum

      I don't think it mentions sharing the data with third parties such as Anthropic?

      • Sayrusan hour ago
        > Through Google Cloud's Agent Platform: Retention will need to be enabled for your new covered model, and retained data stays in your GCP environment. When models become available, onboarding details will be shared.

        From https://support.claude.com/en/articles/15425996-data-retenti...

        • walthamstowan hour ago
          At least it stays in your GCP environment, AWS disclosure says that it will leave your data privacy and security boundary.
          • cobolcomesbackan hour ago
            That Claude support page says the exact same thing about AWS (“retained data stays in your AWS environment”). AWS’s docs say differently, though, so it seems one of them has incorrect documentation. I wouldn’t necessarily trust the Claude docs to be correct even regarding GCP until some of this is ironed out.

            edit: Google’s own docs also say zero data retention isn’t possible with Fable and your data will be retained for 60 days “outside of your account”. I’m doubtful that this data sharing is an AWS-only thing.

  • gdiamos33 minutes ago
    What I do is route general data to Mythos, and my own IP to a local model.

    I expect them to train on their traffic, and I train on mine.

  • officialchicken4 hours ago
    "Legally required" ... gotcha, script writing on Melania Movie 3 has begun in exchange for a national security letter requiring Amazon to both keep the data and not exclude it from training.
  • cherryteastain23 minutes ago
    I guess this is an anti-distillation move?
  • rozumbrada3 hours ago
    They say it's opt-in but since they are capable of agreeing to this, I am just waiting until they hide this opt-in into the regular ToS when asking for a new model access...
  • _bobman hour ago
    Very confident. But will it stick? And if it doesn't -- what then? Back to scheming?
  • zmmmmm3 hours ago
    OpenAI ... your move. The enterprise market just cracked wide open. Do you want it?
  • BoorishBears19 minutes ago
    Similar for GCP if anyone's wondering, and in fact a bit further in some ways: https://cloud.google.com/terms/advanced-ai-safety-addendum

    60 days.

  • _pdp_3 hours ago
    This is not going to fly in EU.
    • jstummbillig3 hours ago
      I suspect they will simply not offer it, for as long as they maintain that it has to in fact fly. Anthropic appears to be somewhat principled here.
      • 2 hours ago
        undefined
    • UqWBcuFx6NV4r2 hours ago
      Americans’ increased awareness of and expectations of the EU is hilarious. This is not how it works.
    • lima2 hours ago
      Yes it will, there's a clear purpose and the customer explicitly agrees.
    • dhruvrrp2 hours ago
      This will fly in EU. As long as the company states the time period for which it will keep data and clean it afterwards, gdpr has no issues with the data retention.

      Their carve-outs for safety (public interest) and legal are also valid exceptions in gdpr as well.

      • LunaSea2 minutes ago
        But companies will have to request consent from there users for their data to be shared to Anthropic.

        Since Anthropic is a US company the GDPR compliance claims would be dubious and open to litigation by entities like NOYB.

      • Vespasianan hour ago
        Yeah it'll fly legally.

        Everybody should just assume that they are lying about data retention and learning anyway.

        They showed zero respect for intellectual property in the past and they will show zero respect now or in the future. A few thousand Euros/dollars in subscription doesn't matter when several trillions are in play (at least in their plans).

    • baqan hour ago
      us europoors have a choice of using or not using Fable.
  • shevy-java3 hours ago
    They want your data.

    > After 30 days, the data is deleted automatically

    Do we believe that?

    > or we're legally required to keep it.

    Aha - so, data is forever.

    • toasty2283 hours ago
      > Do we believe that?

      If you don't believe them now why would you have believed them earlier when they said "no data is retained" ?

  • wewewedxfgdf2 hours ago
    Note that if you use AWS Bedrock then you're choosing to pay 10X to 20X because you trust AWS more than Anthropic.

    It is literally 10X to 20-X cheaper to directly buy Anthropic subscriptions for your devs.

    • pridkettan hour ago
      There’s a few things mixed up in this comment. But the 10-20x cheaper, I’m assuming comes from the difference between the number of tokens you can use on a $200 Claude Max subscription and the cost of those via the API. That’s neither here nor there for this topic around data retention as Fable has that on all providers.

      And for the cost, if you’re an enterprise with more than 150 people, you’re on the token plan.

    • fp6437 minutes ago
      I can't use "Claude Max" subscription and the likes with my own software, can I? Using OpenCode instead of ClaudeCode violates the ToS, doesn't it? How would I go about permissions and integrating with my other services I already run on AWS? IAM roles for Bedrock are pretty nice. You appear very confident and concerned about my spending, so please help me here!
      • wewewedxfgdf25 minutes ago
        I grant you the right to spend 10X to 20X on Bedrock. Use it wisely.
    • weberer2 hours ago
      The token price is exactly the same on AWS as it is directly from Anthropic. This is the one service that AWS doesn't charge a huge markup for.
    • Qhemlomo2 hours ago
      Yeah thats not the point though.

      We 'trust' Amazon already and Amazon has no incentive at all to collect the data to finetune claude because they don't own claude.

      • kgwgk2 hours ago
        What is the point then of a submission about how you will be required to share data with Anthropic? I’d say that the point is precisely that it’s an issue when you don’t trust them as much as Amazon.
        • Qhemlomoan hour ago
          Not sure if i follow you tbh.

          I only told a commentor why a business would pay more to Amazon than going directly to Anthropic.

          The announcement itself is def problematic and either leads to big companies accepting this and then going directly to anthropic or some talks in the background we don't know yet what it will entail.

          • kgwgkan hour ago
            If you were just repeating the commenter’s point about « choosing to pay 10X to 20X because you trust AWS more than Anthropic » what was not the point?
      • 63stack2 hours ago
        Amazon's incentive is to fine tune their own possible future model
        • Qhemlomoan hour ago
          Amazon/AWS knows how to handle this conflict in a way that customers trust them enough.

          Amazon has more to loose than Anthropic

    • pitched2 hours ago
      The security boundary that AWS maintains is important in a lot areas, like medical, where the datacenter has to support some specific certifications. It isn’t a choice to pay 10x more in those cases, it is the only option allowed.
      • an hour ago
        undefined
    • sheeshkebaban hour ago
      Pro/max subs are not as flexible as bedrock in api use and don’t seem to run the same models either - often times they are notably dumber (quantized I guess) than bedrock equivalent.
    • htrp2 hours ago
      is the 10x the difference between a sub and api token pricing?
    • UqWBcuFx6NV4r2 hours ago
      I mean, no. Even ignoring the very real benefit (for some) that comes with not needing to trust another party, there are use-cases beyond what you can do with “subscriptions”. Apples and oranges. People just have use cases that aren’t yours.
  • adithyaharish3 hours ago
    Woah, if anthropic does it, even OpenAI would start doing the same with Azure models
  • malephexan hour ago
    This is BS. They want to train on user data.
  • romanovcode4 hours ago
    > except in the rare cases where it's part of a safety investigation or we're legally required to keep it

    So basically all your data will flow to NSA/CIA/Mossad if they show even slight interest in your org or you as a person. Gotcha.

    • baqan hour ago
      always has been, they're explicitly warning you about this now.
  • razieloren3 hours ago
    it's either this or playing x30 for a token, anyhow i physically can't write code again
    • dwedgean hour ago
      I mean being priced put of sota AI has been on the cards for a year it's mostly a question of when. If that will affect you maybe you should use the chance to resharpen your skills
  • drcongo3 hours ago
    Got an email from Zed about the same this morning.
  • themafia4 hours ago
    What a "frontier."
    • wewewedxfgdf2 hours ago
      Space.

      Well, that's the final frontier anyway.

      • skeledrew34 minutes ago
        That's what they say, but is it really?
    • Hamuko3 hours ago
      It's wild!
  • jedisct12 hours ago
    Because they didn't store data before? Don't be so naive.
    • tybit2 hours ago
      Zero data retention was an enterprise agreement that Anthropic and Amazon agreed with customers and delivered on. There’s no way AWS would trade in their reputation with enterprises just to soak up some slop.
      • fc417fc80232 minutes ago
        > Zero data retention was an enterprise agreement

        Also broadly available to us plebs via openrouter and similar. Claude is available on there under ZDR terms via the Google Vertex and Amazon Bedrock providers.

  • TZubiri3 hours ago
    My thesis is that in software you don't want aggregators. They provide the promise of vendor neutrality, but it comes at the expense of increased supply chain compromise risk, small print technically legal data exfiltration.

    Even in the happy case where nothing bad happens, you get a badly integrated product, because you integrate not against the actual vendor, but against a abstraction layer that commoditizes the actual product, effectively forcing you to either use the least common denominator of features, or circumventing the actual aggregation model itself with some kind of 'vendor_specific_parameters' parameter in the aggregator API.

    My thesis is drop the vendor neutrality, and build your integration with the vendor directly.

  • dhavd2 hours ago
    lol
  • lufiya01a minute ago
    [dead]
  • lufiya013 minutes ago
    [dead]
  • codeduck3 hours ago
    aaaand there it is.
  • gauravvij13736 minutes ago
    The data leaving AWS boundary kills this for any regulated workload. We've been running side-by-side evals of open models against Claude on private test suites, using Neo as the orchestration layer. Keeps everything in-house and gives us objective comparison data.
  • chattermate3 hours ago
    The regulated-enterprise angle is the interesting part. Bedrock's whole pitch to those customers was "your data never leaves your AWS boundary" — that's the line that gets it through procurement and compliance reviews. A 30-day retention requirement where traffic crosses into the vendor's boundary quietly invalidates that, and for healthcare/finance/gov it's not a knob they can flip no matter how good the model is. This is exactly why we keep our LLM layer provider-agnostic with a self-hosted fallback (Ollama-class models) for data-sensitive paths — you eat a capability hit, but you keep the option of not sending regulated data anywhere. The risk TZubiri names is real: the moment you're reaching for "vendor_specific_parameters," the neutrality you bought the aggregator for is already gone.
  • Torikul0074 hours ago
    I understand the safety/misuse argument, but I wonder where enterprises will draw the line here. “30-day retention for advanced models” sounds reasonable in isolation, until you remember many teams are sending proprietary code, internal docs, or customer-sensitive context through these systems.
  • cboyardee2 hours ago
    [dead]
  • wyynoapp2 hours ago
    Thinking about this from a product perspective: the best early-stage tools I've seen (including wyyno.com, a price comparison tool I'm building) succeed by solving a very narrow problem for a very specific user. The 'boring' use case of price comparison turned out to be compelling because the savings are tangible and immediate.