Rapid changes took place within Anthropic in the month of June. A new Privacy Notice was published on 8 June 2026 with an effective date of 8 July, and customers were notified via email on 22 June about the proposed changes. The new Privacy Notice introduces two completely new types of data that will be processed while expanding on other types of data it already collects.
- Collection of biometric Verification Data. Facial symmetry and facial scans will be collected.
- More detailed wording on Agentic AI - Anthropic is now explicitly documenting how data flows when Claude connects to external tools, retrieves information, sends messages, modifies files, or performs other agentic actions.
- New references to health app integrations, signalling an expansion into connected services involving health-related data.
- Broader terms when sharing data with authorities. While the old wording was more geared towards legal requests and investigations, the new terminology explicitly allows disclosures based on Anthropic's own assessment that the disclosure is reasonably necessary.
These updates runs parallel with the recent announcement made in the week of 22 June that Anthropic will be using the third-party Persona to perform identity verification on its users for some of the most capable models. The White House had recently banned these - the Fable 5 and Mythos 5 - for any non-US national.
Privacy concerns have been expressed when it was revealed that Persona is backed by Founders Fund, a venture firm led by Peter Thiel, who is also an investor in Anthropic. Notably, Discord wanted to use Persona in February 2026 for ID verification, but scaled back when users vehemently protested sharing their biometric data with a company tied to Peter Thiel.
Concerns have been raised about the reliability of Persona - in an incident on February 19, 2026, researchers found it had exposed its entire government dashboard codebase on a public server. It was revealed that for a 30-second ID check, Persona runs 269 distinct verification checks, including adverse media screening across 14 categories, and that it has the ability to file 'Suspicious Activity Reports' directly to certain government bodies.
Taking into account the information above, privacy-conscious users are questioning Anthropic's choice: why should a company backed by Peter Thiel keep your biometric data for up to 3 years (per Persona's Privacy Notice) while not making security a priority? Concerns have been raised by prominent voices in the privacy sphere, such as Paul Walsh, who maintains that these measures are a way to enable mass-collection and mass-profiling of US citizens while bypassing a federal law.
Anthropic's update means that all AI-related interaction will be linked to your real name: all bugs or inconsistencies in your code at work, what individuals or companies you are investigating and why these might be of interest to you, what your political opinions are, what health issues you might be experiencing and so forth.
- This might prevent dangerous activity, such as monitoring when a user start to interact strangely online - for example, by researching or interacting with sexually explicit content with under-age individuals
- No protection for vulnerable groups - individuals with high-risk jobs, such as those in the surveillance or whistleblower business, are at a higher risk of corporate or government scrutiny where anonymity would be essential
The ID verification trend is visible across government worldwide, most notably in the use of social media for under 16 year olds. Now, it is creeping into AI spaces too. Does this signal the beginning of the end for anonymous internet usage?
What is your take on the mandatory identification for using AI?
