TechPulseTechPulse
Back to News
Advertisement

AWS Bedrock to require sharing data with Anthropic for Mythos and future models

TTomAnthony about 3 hours ago 51 comments

ES version is available. Content is displayed in original English for accuracy.

> For Fable 5, Mythos 5, and future models on Bedrock with similar or higher capability levels, Anthropic will require 30-day retention for all traffic on Mythos-class models. Retaining data for a limited period allows Anthropic to detect patterns of misuse that are not visible from a single exchange. Once you opt into data retention, your data will leave AWS’s data and security boundary.

From the announcement here: https://aws.amazon.com/blogs/aws/anthropic-claude-fable-5-on-aws-mythos-class-capabilities-with-built-in-safeguards-now-available/

> After 30 days, the data is deleted automatically, except in the rare cases where it's part of a safety investigation or we're legally required to keep it.

From: https://support.claude.com/en/articles/15425996-data-retention-practices-for-mythos-class-models

Advertisement

⚡ Community Insights

Discussion Sentiment

67% Positive

Analyzed from 1144 words in the discussion.

Trending Topics

#data#anthropic#aws#more#don#amazon#fable#https#claude#model

Discussion (51 Comments)Read Original on HackerNews

OtherShrezzingabout 1 hour ago
This is odd behaviour, and provides some evidence that Anthropic isn't being managed by serious people. With this policy across AWS/GH/Zed/etc, they're taking their massive lead in enterprise/govt sales and handing it to any competitor who can serve a model anywhere near these capabilities with a modestly nice UI.
UqWBcuFx6NV4r33 minutes ago
Let’s be real, chances are that the people with a lot of money on the line have given it more thought than the passing thought that you gave this comment.
chatmasta14 minutes ago
They give it some thought, but Anthropic and AWS have the whole menu of compliance and security checkboxes needed to reassure CISO it doesn’t need to be “the office of no” and can allow the AI onboarding. The pressure to adopt and adapt to AI is so high right now that there’s nothing a CISO or CFO can say to stop its adoption. And the more they say “no” or “wait,” the more at-risk they put their job.
lijok25 minutes ago
You would be very, very surprised
j-bos24 minutes ago
Yeah, seen some downright facepalm moves from execs regarding AI and security.
ReptileMan10 minutes ago
Counter point - Marisa Mayer and Stephen Elop.
cyanydeez30 minutes ago
right, and they realize the money doesnt exist unless they inflate the values in shadow circles of flow.
RA_Fisher19 minutes ago
I don’t think there are other models near Fable’s capabilities.
pitchedabout 1 hour ago
OpenAI just added their own models to Bedrock recently too, making that an easy switch.
voxic117 minutes ago
Bedrock doesn't offer zero data retention for openAI's latest models either

> For OpenAI GPT-5.4 and GPT-5.5, classifier-flagged traffic will be retained for up to 30 days for automated offline abuse detection

https://docs.aws.amazon.com/bedrock/latest/userguide/abuse-d...

rohansood15about 3 hours ago
Pretty sure this doesn't work for any regulated enterprise or government client. But AWS knows this, so I am curious why they'd agree to it.
whynotmaybe7 minutes ago
It's the same for girthub copilot [1] which is more present in gov than aws's solutions.

Anthropic is trying, well see if it's a bold strategy.

1. https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...

baqabout 1 hour ago
> why they'd agree to it

that's obvious, but perhaps worth stating: it's worth it, demand for the model is unprecedented and the only downside for Anthropic if AWS rejected would be some revenue pushed a quarter away as they get Fable ready on their recently acquired compute from xAI and Google.

xnx37 minutes ago
Is this also the case for Google Cloud? https://docs.cloud.google.com/gemini-enterprise-agent-platfo...
lima21 minutes ago
Fable on GCP requires accepting a 60-day retention policy: https://cloud.google.com/terms/advanced-ai-safety-addendum

I don't think it mentions sharing the data with third parties such as Anthropic?

Sayrus7 minutes ago
> Through Google Cloud's Agent Platform: Retention will need to be enabled for your new covered model, and retained data stays in your GCP environment. When models become available, onboarding details will be shared.

From https://support.claude.com/en/articles/15425996-data-retenti...

stuaxoabout 1 hour ago
That rules it out for all sorts of apps.

I've worked on a few apps for UKGov and I would absolutely be raising this as a massive red flag.

1313ed01about 2 hours ago
Same as for GitHub Copilot?

"For more on how Anthropic handles this data, see Anthropic’s commercial terms and data retention policy. Enabling the Claude Fable 5 policy constitutes acknowledgement of this requirement. Leaving it off keeps Claude Fable 5 unavailable to your organization."

https://github.blog/changelog/2026-06-09-claude-fable-5-is-g...

wyynoapp14 minutes ago
Thinking about this from a product perspective: the best early-stage tools I've seen (including wyyno.com, a price comparison tool I'm building) succeed by solving a very narrow problem for a very specific user. The 'boring' use case of price comparison turned out to be compelling because the savings are tangible and immediate.
rozumbradaabout 2 hours ago
They say it's opt-in but since they are capable of agreeing to this, I am just waiting until they hide this opt-in into the regular ToS when asking for a new model access...
wewewedxfgdfabout 1 hour ago
Note that if you use AWS Bedrock then you're choosing to pay 10X to 20X because you trust AWS more than Anthropic.

It is literally 10X to 20-X cheaper to directly buy Anthropic subscriptions for your devs.

weberer15 minutes ago
The token price is exactly the same on AWS as it is directly from Anthropic. This is the one service that AWS doesn't charge a huge markup for.
pitchedabout 1 hour ago
The security boundary that AWS maintains is important in a lot areas, like medical, where the datacenter has to support some specific certifications. It isn’t a choice to pay 10x more in those cases, it is the only option allowed.
Qhemlomoabout 1 hour ago
Yeah thats not the point though.

We 'trust' Amazon already and Amazon has no incentive at all to collect the data to finetune claude because they don't own claude.

kgwgk15 minutes ago
What is the point then of a submission about how you will be required to share data with Anthropic? I’d say that the point is precisely that it’s an issue when you don’t trust them as much as Amazon.
Qhemlomo1 minute ago
Not sure if i follow you tbh.

I only told a commentor why a business would pay more to Amazon than going directly to Anthropic.

The announcement itself is def problematic and either leads to big companies accepting this and then going directly to anthropic or some talks in the background we don't know yet what it will entail.

63stack15 minutes ago
Amazon's incentive is to fine tune their own possible future model
htrp34 minutes ago
is the 10x the difference between a sub and api token pricing?
UqWBcuFx6NV4r28 minutes ago
I mean, no. Even ignoring the very real benefit (for some) that comes with not needing to trust another party, there are use-cases beyond what you can do with “subscriptions”. Apples and oranges. People just have use cases that aren’t yours.
zmmmmmabout 1 hour ago
OpenAI ... your move. The enterprise market just cracked wide open. Do you want it?
pitched44 minutes ago
It looks like they’ve been preparing: https://www.aboutamazon.com/news/aws/bedrock-openai-models
htrp35 minutes ago
you've got to respect anthropic being willing to shoot themselves in the foot over a belief around Mythos performance
_pdp_about 2 hours ago
This is not going to fly in EU.
UqWBcuFx6NV4r18 minutes ago
Americans’ increased awareness of and expectations of the EU is hilarious. This is not how it works.
jstummbilligabout 2 hours ago
I suspect they will simply not offer it, for as long as they maintain that it has to in fact fly. Anthropic appears to be somewhat principled here.
lima20 minutes ago
Yes it will, there's a clear purpose and the customer explicitly agrees.
dhruvrrpabout 1 hour ago
This will fly in EU. As long as the company states the time period for which it will keep data and clean it afterwards, gdpr has no issues with the data retention.

Their carve-outs for safety (public interest) and legal are also valid exceptions in gdpr as well.

Advertisement
officialchickenabout 3 hours ago
"Legally required" ... gotcha, script writing on Melania Movie 3 has begun in exchange for a national security letter requiring Amazon to both keep the data and not exclude it from training.
adithyaharishabout 2 hours ago
Woah, if anthropic does it, even OpenAI would start doing the same with Azure models
jedisct1about 1 hour ago
Because they didn't store data before? Don't be so naive.
tybitabout 1 hour ago
Zero data retention was an enterprise agreement that Anthropic and Amazon agreed with customers and delivered on. There’s no way AWS would trade in their reputation with enterprises just to soak up some slop.
shevy-javaabout 2 hours ago
They want your data.

> After 30 days, the data is deleted automatically

Do we believe that?

> or we're legally required to keep it.

Aha - so, data is forever.

toasty228about 2 hours ago
> Do we believe that?

If you don't believe them now why would you have believed them earlier when they said "no data is retained" ?

drcongoabout 2 hours ago
Got an email from Zed about the same this morning.
themafiaabout 2 hours ago
What a "frontier."
wewewedxfgdfabout 1 hour ago
Space.

Well, that's the final frontier anyway.

Hamukoabout 2 hours ago
It's wild!
romanovcodeabout 2 hours ago
> except in the rare cases where it's part of a safety investigation or we're legally required to keep it

So basically all your data will flow to NSA/CIA/Mossad if they show even slight interest in your org or you as a person. Gotcha.

razielorenabout 1 hour ago
it's either this or playing x30 for a token, anyhow i physically can't write code again
TZubiriabout 2 hours ago
My thesis is that in software you don't want aggregators. They provide the promise of vendor neutrality, but it comes at the expense of increased supply chain compromise risk, small print technically legal data exfiltration.

Even in the happy case where nothing bad happens, you get a badly integrated product, because you integrate not against the actual vendor, but against a abstraction layer that commoditizes the actual product, effectively forcing you to either use the least common denominator of features, or circumventing the actual aggregation model itself with some kind of 'vendor_specific_parameters' parameter in the aggregator API.

My thesis is drop the vendor neutrality, and build your integration with the vendor directly.

dhavdabout 1 hour ago
lol
Advertisement
codeduckabout 2 hours ago
aaaand there it is.