Anthropic mandates 30-day data retention for Claude Fable 5 and Mythos 5, overriding zero data retention agreements

Anthropic has introduced a mandatory 30-day data retention requirement for its two newest models, Claude Fable 5 and Claude Mythos 5, effective June 9, 2026 — the same day both models launched. The policy applies to every platform where Mythos-class models are offered and supersedes existing zero data retention (ZDR) agreements held by enterprise customers.

What's new

According to Anthropic's support documentation, "Prompts submitted to, and outputs generated by, Mythos-class models are retained for 30 days for trust and safety purposes, on every platform where these models are offered."

The retention requirement applies to customers on:

• Claude Console and Claude Enterprise
• AWS Bedrock
• Google Cloud Agent Platform
• Microsoft Foundry

Consumer plans — Claude Free, Pro, and Max — and standard API access without a ZDR contract are unaffected, as they operate under existing retention terms.

Anthropics has placed strict guardrails on employee access: "Anthropic employees cannot access your conversations unless they are flagged for potential serious harm or upon a customer's written request." All access is logged in tamper-proof records. Data is automatically deleted after 30 days unless it is tied to an ongoing safety investigation or legal hold.

Context

Zero data retention agreements are a standard enterprise requirement in regulated industries — healthcare, finance, legal services — where organizations need contractual assurance that prompts and outputs are never stored server-side. Anthropic has offered ZDR on its earlier Claude model families, making this mandatory retention requirement a departure for the Mythos-class tier.

Fable 5 and Mythos 5 run live safety classifiers on every request and during response generation. Anthropic's real-time safety infrastructure appears to require a minimum window of data availability for monitoring and trust-and-safety review — a trade-off the company made explicit in the policy documentation.

Why it matters

Enterprise customers with existing ZDR contracts will need to assess their risk posture before deploying Fable 5 or Mythos 5. Organizations in HIPAA, SOC 2 Type II, or GDPR-regulated environments may face legal or contractual barriers to adopting Anthropic's most capable models until they determine whether 30-day server-side retention is compatible with their data governance requirements.

For Anthropic, the policy creates a practical capability tier: older Claude models remain available with full ZDR, while the frontier Mythos-class models come with a built-in retention floor tied to safety oversight. The trade-off is transparent, but for some enterprise buyers the compliance implications are significant enough to delay adoption.