Author: Claude, Deep Tide TechFlow

Deep Tide Introduction: The new privacy policy from Anthropic will take effect on July 8, and Chinese social media widely interprets it as a significant shift toward "real-name identification and face recognition plus opening data to law enforcement." However, after comparing the original text line by line, most sensational conclusions are unfounded: identity verification is an old mechanism that was launched in April, and there is no basis for the so-called "lowering the threshold for law enforcement disclosure" in either the old or new versions of the terms. The real substantial increase is that the data flow of Agent tasks has been written into the policy for the first time.

On June 8, Anthropic released a notification for updating its privacy policy, which will be effective for Claude free, Pro, and Max personal users from July 8. After the notification was issued, the Chinese technology community quickly spread the news, and the mainstream narrative focused on two points:

1. Claude will introduce real-name and face verification,
2. The new regulations lower the threshold for disclosing user data to law enforcement, marking the "end of the era of anonymity for large models."

After comparing the original text of the new policy, the old version (September 28, 2025), and the official summary of the Anthropic update line by line, we found that most of the conclusions in this narrative do not match the original policy text.

Myth 1: Real-name face verification is an old mechanism from April, not a new policy in July.

Treating identity verification as a "sudden new policy" on July 8 is the most common mistake in the current dissemination chain.

In fact, Anthropic enabled the identity verification mechanism on the Claude platform as early as April 14, 2026. The next day, the official help center launched the "Identity verification" policy page.

According to reports from V2EX, Eastmoney, and 36Kr at the time, users triggering verification were required to submit government-issued physical documents (passport, driver's license, or national ID) through the third-party compliance service provider Persona and complete a real-time live photo check using a camera. Wealth Number under Eastmoney recorded at that time that the triggers were mostly accounts subscribing to the highest paid tier of Max, high-frequency users, or those judged as potentially abnormal by the risk control system, with some developers being banned due to AI misjudgment.

In other words, the question of "whether to submit an ID card" had already occurred two months ago, and it had already triggered a round of backlash from developers at that time. The privacy policy update on July 8 did not introduce this new action; it merely formally incorporated the data collection behavior of the already operational verification mechanism into the privacy policy text—adding a new section on "Verification Data" that explicitly lists the collected content:

Images of government documents and their document numbers, birth dates, portrait images in photo or video form, facial geometric templates (classified as biometric data in some jurisdictions), and the results of the verification itself.

Misreading "policy text added" as "mechanism suddenly launched" completely misaligns the timeline.

Myth 2: "Opening data to law enforcement" is unfounded, and there is no substantial tightening in the wording comparison of the old and new terms.

The most impactful part of the dissemination chain that needs correcting is the claim that "the new regulations lower the threshold for disclosing user data to law enforcement." Some Chinese summaries state that the old version only disclosed when legally mandated, while the new version relaxes this requirement to whenever Anthropic has a "good-faith belief."

This comparative framework cannot be found in the original text of Claude.

The expression in Section 3 of the new version is: When Anthropic has a "good-faith belief" based on existing information that disclosure is reasonable and necessary, it may share data with government agencies, law enforcement, or third parties for four types of situations:

To comply with laws and regulations or legal processes (including responding to enforceable government requests), to prevent serious bodily harm or property damage, to detect and prevent fraud or illegal activities, and to enforce terms or protect the rights and safety of Anthropic, its users, and others.

The key lies in how the old version (September 28, 2025) was written. The old version's Section 3 also allows for data disclosure when "it is deemed necessary to protect your or others' health and safety, prevent fraud or credit risk, enforce legitimate rights," and also includes "disclosure to government regulatory agencies in accordance with the law... or assist in investigations." In other words, the old version was never "only disclosing when legally mandated"; it had already provided Anthropic with the space to disclose based on its judgment.

The conclusion from the line-by-line comparison is:

The new version rewrote this section to be more structured, clearly pointing out "law enforcement agencies," adding the limiting phrase "good-faith belief," and itemizing the four types of situations. From a legal perspective, "good-faith belief" is a standard requiring a basis of good intent, rather than a lowered threshold. More detailed wording does not equal a lower threshold. The official summary from Anthropic for this part only states, "more clearly explaining when data may be shared with third parties."

Another reverse fact can calibrate the misreading of this point.

In August 2025, the federal court for the Northern District of California ruled in the copyright case of Universal Music Group and other publishers against Anthropic that Anthropic does not need to provide user personal information to publishers. According to reports from Intellectual Property Finance, citing Bloomberg, the judge believed that there was "insufficient basis and could harm third-party privacy rights" to associate conversation content with specific users. In that case, Anthropic stood on the side of refusing to disclose user data. This indicates that the operation of standards like "good-faith belief" is far more complex in reality than the description of "opening data to law enforcement."

As for the specific statement that "biometric data is not stored on Anthropic's servers and is processed by Persona," this comes from some media's Chinese summaries, and there is no corresponding statement in the original text of the new policy that can be verified from a primary source, so it is recommended to treat it as unverified.

What the policy really changed: The data flow of Agent tasks has been explicitly written into the text.

After stripping away the exaggerated parts, the real substantial increase in the new policy is the explicit specification of the data flow when Claude executes multi-step tasks and connects to third-party applications. This is precisely the part that the old version hardly covered.

Sections 1 and 3 of the new version specify: when users connect to third-party services or instruct Claude to execute tasks (reading files, sending messages, retrieving information), Claude will directly send the user's input, output, and instructions to the third-party service, which will handle this data according to its own privacy policy; Claude will also retrieve content from the third-party service, and this content will then become part of the user's input. Some integrations will retain access until the user actively disconnects.

This serves as a compliance foundation for the Agent product form. When the old privacy policy was drafted, Claude was mainly just a Q&A dialog tool; the new version needs to answer a new question—how data flows between you, Anthropic, and third parties when the AI executes actions across multiple external applications on your behalf. The new version also states that as Agent tasks become increasingly complex, the verification scenarios may continue to expand in the future. For users heavily relying on connectors and Claude Code workflows, this point is more worthy of attention than the question of "whether to submit an ID card": your data footprint will expand along with Claude's agency capabilities.

In addition to Agent data flow and verification data, the new version also adds a section on "Research Participation Data" (data collected when users participate in Anthropic's research and interviews) and refines the legal basis for marketing recommendations and processing data. Anthropic reiterated three unchanged commitments in the update summary: not selling user data, keeping Claude ad-free, and allowing users to control whether their conversations are used for model training.

Putting this update back into context: it resembles a compliance clearing that "allows the policy text to catch up with the existing product form" rather than a proactive tightening of user privacy.

The high intensity in the Chinese community partially arises from mixing April old news, standard industry terms, and genuinely new items together for reading. For ordinary users, the real risk of account bans comes from violating usage policies and being judged as abnormal by risk control; this has already existed since April and has not been exacerbated by this update; as for concerns that "chat records will be arbitrarily given to the police," both from the original text and the California ruling, they have been significantly exaggerated.

Note: This article was written by Claude itself and is more persuasive than media reports.

Reference link:

Anthropic's new privacy policy:

https://www.anthropic.com/legal/privacy