Anthropic announced an update to its privacy policy on June 8, with the new version taking effect for free, Pro, and Max individual users of Claude starting July 8. Following the announcement, the news rapidly spread across Chinese tech media and online communities, where mainstream narratives centered on two key points:

After a line-by-line comparison of the new policy text, the previous version (September 28, 2025), and Anthropic’s official summary of updates, we found that most conclusions drawn in these narratives do not align with the actual wording of the policy.

Misconception One: Identity Verification via Face Capture Was an Existing Mechanism from April, Not a New Policy in July

The most widespread error in the current information chain is treating identity verification as a sudden new policy introduced on July 8.

The fact is, Anthropic had already rolled out the identity verification mechanism on the Claude platform as early as April 14, 2026. The following day, the official website’s help center launched a dedicated “Identity verification” policy page.

According to reports from V2EX, East Money Network, and 36Kr at the time, users triggering verification were required to submit government-issued physical documents—such as passports, driver’s licenses, or national ID cards—through a third-party compliance service provider, Persona, along with completing real-time facial capture through a camera for liveness detection. A wealth account under East Money Network recorded that those triggered were predominantly users on the highest-tier Max subscription plan, high-frequency users, or accounts flagged by the risk control system as potentially anomalous, including developers who were mistakenly banned due to AI misjudgment.

In other words, the issue of “whether to provide an ID card” was already active two months prior and had already sparked backlash among developers. The July 8 privacy policy update did not introduce this requirement; instead, it formally documented the data collection practices already in operation under the new policy—specifically, the newly added “Verification Data” section explicitly lists the collected information:

Images of government-issued identification documents and their associated numbers, birth dates; photos or videos of user faces; facial geometric templates (classified as biometric data in certain jurisdictions); and the verification outcome itself.

Mistaking “policy text retroactive inclusion” for “sudden mechanism launch” completely distorts the timeline.

Misconception Two: “Open Door to Law Enforcement Data Sharing” Is Unsupported — No Substantive Tightening Between Old and New Clauses

The most impactful and urgently correctable claim circulating is that the new policy lowers the threshold for disclosing user data to law enforcement agencies. Some Chinese summaries suggest that under the old version, disclosure occurred only when legally compelled, while the new version allows disclosure based on Anthropic’s “good-faith belief” alone.

This framing has no basis in the original text as verified by Claude.

The new Section 3 states: Anthropic may share data with government authorities, law enforcement agencies, or third parties when, based on available information, it holds a “good-faith belief” that disclosure is reasonably necessary, for four purposes:

Compliance with laws or legal procedures (including responding to enforceable government requests), preventing serious harm to persons or property, detecting and preventing fraud or illegal activities, and enforcing terms or protecting Anthropic’s, its users’, and others’ rights and safety.

The critical point is how the old version (September 28, 2025) was written. The old Section 3 also permitted data disclosure when Anthropic deemed it necessary to protect user or third-party health and safety, prevent fraud or credit risks, or enforce lawful rights—explicitly including “disclosure to regulatory authorities under applicable law or assistance in investigations.” Thus, the old version never restricted disclosure to legally mandated scenarios; it always granted Anthropic discretion based on its own judgment.

A word-for-word comparison confirms:

The new version restructures this clause more clearly, explicitly naming “law enforcement agencies,” introducing the “good-faith belief” qualifier, and itemizing the four purposes. Legally speaking, “good-faith belief” establishes a standard requiring legitimate justification—not a lowered threshold. More precise language does not equate to weaker safeguards. Anthropic’s official summary characterizes this change simply as “clarifying when data might be shared with third parties.”

An opposing factual context can help correct this misinterpretation.

In August 2025, the U.S. District Court for the Northern District of California ruled in the copyright case brought by Universal Music Group and other publishers against Anthropic that Anthropic was not required to disclose user personal information to the publishers. As reported by Intellectual Property Finance citing Bloomberg, the judge concluded that linking conversation content to specific users lacked sufficient basis and would unduly compromise third-party privacy interests. In that case, Anthropic stood on the side refusing to hand over user data. This illustrates that the operation of “good-faith belief” standards in practice is far more complex than the narrative of “open access to law enforcement” suggests.

As for the claim that “biometric data is not stored on Anthropic servers and is processed by Persona,” this detail appears only in some Chinese media translations and is absent from the original English policy text. It cannot be verified from primary sources and should be treated as unverified.

What the Policy Actually Changed: First-Time Documentation of Agent Task Data Flows

Once the exaggerated claims are stripped away, the real substantive update in the new policy is the explicit documentation of data flows when Claude performs multi-step tasks or connects with third-party applications—a dimension largely unaddressed in the previous version.

The new additions in Section 1 and Section 3 clarify: When users connect to third-party services or instruct Claude to perform tasks (e.g., reading files, sending messages, retrieving information), Claude will directly transmit the user’s input, output, and instructions to the third-party service, which then handles the data according to its own privacy policy. Claude may also retrieve content from third-party services, and such retrieved content becomes part of the user’s input. Access permissions to certain integrations may persist until the user manually disconnects.

This constitutes a foundational compliance layer for agent-based product architecture. When the old privacy policy was drafted, Claude was primarily a one-on-one conversational tool; the new version addresses a new question: when AI acts on your behalf across multiple external applications, how does data flow between you, Anthropic, and third parties? The new policy also notes that as agent tasks grow increasingly complex, future verification scenarios may expand accordingly. For power users heavily reliant on connectors and Claude Code workflows, this clause is far more consequential than the debate over “whether to submit an ID”—your data footprint grows alongside Claude’s agent capabilities.

Beyond the new sections on agent data flows and verification data, the updated policy also introduces a new “Research Participation Data” section (data collected when users participate in Anthropic’s surveys or interviews) and refines the legal basis for marketing recommendations and data processing. In the update summary, Anthropic reaffirms three unchanged commitments: no sale of user data, Claude remains ad-free, and users retain full control over whether their conversations are used for model training.

Placing this update in context: it functions more like a compliance alignment—bringing the policy text in line with existing product capabilities—rather than an active tightening of user privacy.

The high level of attention in Chinese communities stems partly from conflating April’s outdated news, standard industry clauses, and genuine new provisions. For average users, the real risk of account suspension comes from violating usage policies or being flagged as anomalous by the risk control system—conditions that have existed since April and were not exacerbated by this update. Likewise, concerns about chat logs being arbitrarily handed over to police are significantly overstated, both in light of the policy text and the ruling in the California case.

Note: This article was authored by Claude itself, making it more credible than media reinterpretations.

References:

Anthropic's New Privacy Policy:

https://www.anthropic.com/legal/privacy

Author: Claude, DeepFlow TechFlow