AWS Bedrock to require sharing data with Anthropic for Mythos and future models

AI
Privacy
Security
Regulation
Infrastructure

The post points to AWS and Anthropic documentation saying Anthropic’s new highest-capability Bedrock models require 30-day retention, and that once customers opt in, their traffic leaves AWS’s security boundary and goes to Anthropic for misuse detection. Anthropic says the data is deleted after 30 days unless it is part of a safety investigation or there is a legal requirement to keep it. That landed badly because Bedrock was widely treated as the enterprise-safe way to use frontier models without sending prompts and documents directly to the model vendor.

The strongest conclusion was not “Anthropic might secretly train on your data.” It was more immediate and concrete. A second processor now sits in the path, which means more legal review, more compliance work, more geographic and residency questions, and in many cases a straight contract conflict. People working in healthcare, finance, government, HR, and enterprise software said the whole reason they chose Bedrock was to stay inside AWS’s established contractual and regulatory envelope. For them, this is not a vague privacy concern. It breaks procurement assumptions, forces new subprocessor analysis, and can make the top-tier Anthropic models unusable regardless of their quality. A lot of commenters also read this as an industry shift, not a one-off Anthropic mistake. The emerging pattern is that the best models may come bundled with extra conditions like retention, narrower access, heavier guardrails, and more verification, all justified as safety or anti-abuse controls but also conveniently making distillation, competitive benchmarking, and enterprise switching harder. Several people tied that to a broader “enshittification” arc for AI services. Early access was generous while labs chased adoption. Now the contracts are tightening as the vendors try to capture more value and protect their moat. Bedrock softens some of that for older models, but the concern is that “similar or higher capability” language gives Anthropic room to drag more of the lineup into this regime over time. The mood was angry and distrustful, but not confused. Most people were not arguing over whether Anthropic has a plausible safety rationale. They were saying that even if the promise not to train on retained data is sincere, the operational and legal reality changes the moment customer traffic leaves AWS and lands with another US vendor under another set of terms. That is enough to kill adoption in sensitive workflows. The practical answer many landed on was boring but clear. Keep regulated or proprietary workloads on older models, split traffic so only low-sensitivity prompts reach frontier services, or move more serious use cases toward self-hosted and open-weight models where data governance is not at the mercy of a changing provider policy.

If you rely on Bedrock to satisfy zero-retention, data residency, or subprocessor limits, treat Anthropic’s new model tier as a policy break, not a routine model upgrade. Recheck contracts, model allowlists, and fallback plans now, because commenters expect this carveout to spread to future frontier models and possibly other vendors.

June 10, 2026
news.ycombinator.com
Discuss on HN

Discussion mood

Strongly negative and distrustful. People saw this as Bedrock giving up its main enterprise advantage, with the biggest complaints centered on compliance breakage, extra subprocessor risk, vague retention carveouts, and the fear that frontier AI vendors are starting to tighten access and terms as they gain leverage.

Key insights

The real break is adding a second processor

Adding Anthropic to the data path changes the compliance posture even if nobody ever trains on the retained prompts. AWS was already inside many companies’ approved legal and security boundary. Anthropic often is not, which means new subprocessor reviews, new contract work, and in some cases an immediate ban for workloads that were fine on Bedrock yesterday.

Do not frame this internally as a privacy preference or a trust issue. Treat it as a vendor-boundary change that needs procurement, legal, and security review before anyone enables the model.

Attribution:

kevincox #1
zmmmmm #1
abofh #1

Zero-retention demands flow down the supply chain

The impact is not limited to giant banks and governments. Startups serving enterprise customers inherit zero data retention and no-third-party-processing clauses in their own contracts. That means even companies far from the regulatory edge can lose access to these models because their customers wrote Bedrock-style assumptions into downstream agreements.

If you sell into enterprises, audit your customer contracts before adopting new frontier models. Your blocker may come from your own product terms, not from a regulator.

Attribution:

realusername #1
flir #1
nijave #1
justinhj #1

Future model upgrades just became governance risk

The most worrying clause was not Fable or Mythos themselves. It was Anthropic reserving this policy for future models with “similar or higher” capability. That turns model upgrades from a routine quality improvement into a policy event, because teams now need explicit allowlists, review gates, and fallback plans whenever a provider ships a new default.

Stop treating model swaps as harmless version bumps. Put model selection behind policy controls and keep approved fallback models ready before current models are deprecated.

Attribution:

abofh #1
nijave #1
instagib #1

Safety language also protects the moat

A recurring read was that misuse detection is only part of the story. Full-session retention makes it easier to spot distillation, competitive evaluation, or other high-value usage patterns, and harder for rivals or customers to treat the best models as interchangeable commodities. In that framing, safety is the public justification for a business move to keep frontier capability scarce and defensible.

Expect future frontier offerings to bundle technical access with business conditions. When evaluating vendors, score policy stability and exit cost alongside raw model quality.

Attribution:

cobolcomesback #1
jerf #1
treis #1
logancbrown #1

Cloud provider policies are already diverging and muddy

The comparison with Google Cloud and OpenAI on Bedrock showed how messy this market is getting. Google documentation suggested a different retention setup. AWS applies 30-day retention to classifier-flagged OpenAI traffic but says Anthropic requires sharing all Fable-class traffic. Even basic questions like where data physically sits and who can access it were hard to answer cleanly from the docs.

Do not rely on marketing summaries for hosted model privacy. Pull the exact provider addenda and service docs for each model and cloud, because the differences now matter at the per-model level.

Attribution:

lima #1
Sayrus #1
cobolcomesback #1
thisisauserid #1

This pushes sensitive workloads toward local models

Several comments converged on a pragmatic split rather than a purity test. Use frontier hosted models for generic work, but keep proprietary code, regulated data, and internal knowledge on local or self-hosted models. The capability gap may still matter, but the policy gap is now wide enough that governance, not benchmark performance, decides architecture for many teams.

Segment workloads by data sensitivity now. A mixed stack with a weaker in-house model is often easier to justify than a single best-in-class service with unstable data terms.

Attribution:

LetsGetTechnicl #1
cloudengineer94 #1
rvz #1
gdiamos #1

Against the grain

Big customers may just negotiate around this

The bleakest readings assume Anthropic is walking away from enterprise revenue. Another view is that the public policy mainly governs standard access paths, while the largest customers get custom terms, exemptions, or private arrangements. If the best model is good enough, many organizations will bend harder than outsiders expect rather than give up the capability edge.

Watch what happens in custom enterprise deals before assuming the policy kills adoption. Public terms may be stricter than what top accounts actually sign.

Attribution:

Aurornis #1
tokioyoyo #1

If you never trusted them, nothing changed

A few commenters pushed back on the panic by noting that anyone using hosted AI already had to trust provider claims about logging and retention. They also argued there is still little public evidence that labs secretly scoop opted-out API data into training, despite years of opportunities to catch that through private benchmark leakage. From that angle, the announcement is more a disclosure change than proof of new bad behavior.

Separate the contractual problem from the speculative one. If your real issue is trust in any hosted vendor, the fix is self-hosting, not wishful reading of zero-retention language.

Attribution:

jedisct1 #1
toasty228 #1
stalfie #1

GDPR probably does not block this outright

Several replies rejected the claim that Europe automatically makes the policy impossible. Their view was that GDPR allows retention when the purpose is stated, the customer consents, and the retention window is limited, with safety and legal-hold carveouts being fairly standard. The harder issue is customer contracts and data transfer politics, not a simple claim of per se illegality.

Do not assume regulation alone will save you from provider policy. You still need contract controls, residency review, and technical safeguards even in Europe.

Attribution:

dhruvrrp #1
lima #1
dathinab #1

In plain english

AWS ↩

Amazon Web Services, Amazon’s cloud computing platform.

Bedrock ↩

Amazon Web Services’ platform for accessing foundation models from companies including Anthropic.

distillation ↩

A method for training a smaller model to imitate the outputs or behavior of a larger, more capable model.

GDPR ↩

General Data Protection Regulation, a European Union privacy law that gives people rights over how organizations store and use their personal data.

Reference links

Primary announcements and policy docs

AWS announcement for Anthropic Claude Fable 5 on AWS
Primary source for the Bedrock policy change and the note that data leaves AWS’s security boundary once retention is enabled
Anthropic data retention practices for Mythos-class models
Anthropic support article describing 30-day retention and deletion exceptions
Anthropic Fable 5 and Mythos 5 announcement
Anthropic product post cited for the claim that the policy applies across first- and third-party surfaces

Cloud provider documentation and comparables

AWS Bedrock abuse detection documentation
Used to compare Anthropic’s policy with OpenAI models on Bedrock, where only classifier-flagged traffic is retained
AWS GovCloud Bedrock documentation
Referenced in discussion about whether Fable is available in GovCloud and how government deployments differ
Google Cloud partner models documentation for Claude
Raised to compare whether similar retention requirements apply on Google Cloud
Google Cloud advanced AI safety addendum
Cited as showing a 60-day retention requirement for comparable covered models on Google Cloud
Amazon announcement for OpenAI models on Bedrock
Used to argue that OpenAI was positioning as an alternative on Bedrock

Other surfaces affected

GitHub Copilot changelog for Claude Fable 5
Shows the same Anthropic retention acknowledgement appearing in GitHub Copilot
Claude consumer data retention policy
Referenced to note that consumer Claude plans already retain data for 30 days

Benchmarks and evaluation references

DeepSWE benchmark
Mentioned in comparison of Fable’s coding claims versus newer software engineering benchmarks

News and historical analogies

Guardian story about the OpenAI Tumbler Ridge shooter account
Brought up as an example of law enforcement and AI account monitoring intersecting after a violent incident