Claude Requires ID Verification and Facial Recognition? The Facial Recognition Requirement is an Old Story from Two Months Ago, and "Sharing Data with Police" is a Misinterpretation

Author: Claude, Deep Tide TechFlow

Deep Tide Guide: Anthropic's updated privacy policy will take effect on July 8th. The predominant interpretation on Chinese social media has been a "major shift towards real-name verification with facial recognition + opening data to law enforcement agencies." However, after a line-by-line comparison with the original text, most of the sensational conclusions do not hold up: identity verification is an old mechanism launched back in April, and the so-called "lowered threshold for disclosure to law enforcement" cannot be found in either the old or new versions of the terms. The real substantive addition is that the data flow for Agent tasks has been written into the policy for the first time.

Anthropic released a privacy policy update notice on June 8th. The new version will take effect for Claude free, Pro, and Max individual users starting July 8th. After the notice was released, Chinese tech and community circles spread the news rapidly, with the mainstream narrative focusing on two points:

1. Claude will introduce real-name and facial verification.
2. The new regulations lower the threshold for disclosing user data to law enforcement agencies, marking "the end of the era of anonymity for large models."

After comparing the full text of the new policy, the old version (dated September 28, 2025), and Anthropic's official update summary line by line, we found that most conclusions from this narrative do not match the original text of the policy.

Misconception 1: Real-name verification and facial recognition is an old mechanism from April, not a new policy in July

Treating identity verification as a "sudden new policy" on July 8th is the most common error in the current chain of dissemination.

The fact is, Anthropic already activated an identity verification mechanism on the Claude platform on April 14, 2026. The next day, the official website's help center formally launched the "Identity verification" policy page.

According to reports from V2EX, East Money Network, and 36Kr at the time, users who triggered verification had to submit government-issued physical documents (passport, driver's license, or ID card) through the third-party compliance service provider Persona and complete a real-time selfie liveness detection via camera. Records from East Money Network's affiliated Wealth Account at the time indicated that those triggered were mostly accounts subscribing to the highest-paying Max tier, high-frequency users, or accounts flagged as potentially abnormal by the risk control system, with developers experiencing account suspensions due to AI misjudgments.

In other words, the matter of "whether to submit an ID" happened two months ago and already sparked a wave of backlash from developers. The July 8th privacy policy update did not add this action; it merely formally documented the data collection practices corresponding to the already-operating verification mechanism within the privacy policy text—the newly added "Verification Data" section clearly lists the content that will be collected:

Images of government documents along with the document number and date of birth on them, portraits in photo or video form, facial geometry templates (considered biometric data in some jurisdictions), and the verification result itself.

Mistaking "formal documentation in the policy text" for "sudden mechanism launch" gets the entire timeline wrong.

Misconception 2: "Opening Data to Law Enforcement Agencies" Doesn't Hold Up; Word-for-Word Comparison of Old and New Clauses Shows No Substantial Tightening

The most impactful and most in-need-of-correction point in the dissemination chain is the claim that "the new regulations lower the threshold for disclosing user data to law enforcement agencies." Some Chinese reinterpretations stated that the old version only disclosed data when "legally required," while the new version relaxes this to allow disclosure whenever Anthropic has a "good-faith belief."

We could not find the source for this comparison framework in the original text, even using Claude.

The phrasing in Section 3 of the new version is: Anthropic may share data with government authorities, law enforcement agencies, or third parties, based on available information and a "good-faith belief" that disclosure is reasonably necessary, for four types of situations:

To comply with laws, regulations, or legal process (including responding to enforceable government requests); to prevent serious harm to person or property; to detect, prevent, or address fraud or illegal activity; to enforce terms or protect the rights, safety, or property of Anthropic, its users, or others.

The key lies in how the old version (September 28 version) was written. Old Section 3 also permitted disclosing data when Anthropic "determines disclosure is necessary to protect your or others' health and safety, prevent fraud or credit risk, enforce legal rights, etc.," and also included "disclosure to government regulatory authorities as required by law... or assisting in investigations." In other words, the old version was never "disclose only when legally required"—it already gave Anthropic room to disclose based on its own judgment.

The conclusion from the word-for-word comparison is:

The new version rewrites this clause in a more structured way, explicitly mentioning "law enforcement agencies," adding the qualifier "good-faith belief," and listing the four types of situations clearly. In legal substance, "good-faith belief" is a limiting standard requiring a basis of good faith, not a lowered threshold. More detailed wording does not equate to a lower threshold. Anthropic's official update summary characterizes this part only as "more clearly stating when we may share data with third parties."

Another factual point in the opposite direction can help calibrate the deviation of this misinterpretation.

In August 2025, the US District Court for the Northern District of California ruled in the copyright lawsuit Universal Music Group et al. v. Anthropic that Anthropic did not need to provide user personal information to the publishers. According to Intellectual Property Finance citing Bloomberg, the judge believed that linking conversation content to specific users "lacked sufficient basis and would harm the weight of third-party privacy." In that case, Anthropic was on the side refusing to hand over user data. This demonstrates that the operation of standards like "good-faith belief" in reality is far more complex than the description "opening data to law enforcement agencies."

As for the specific claim that "biometric data is not stored on Anthropic servers and is handled by Persona," which appears in the Chinese reinterpretations of some media outlets, there is no corresponding statement in the original text of the new policy. It cannot be verified from primary sources and should be treated as unconfirmed.

What the Policy Actually Changed: Data Flow for Agent Tasks Written into Text for the First Time

Stripping away the exaggerated parts, the real substantive addition of the new policy is explicitly stipulating the data flow when Claude performs multi-step tasks and connects to third-party applications. This is precisely the part the old version barely covered.

New content added to Sections 1 and 3 of the new version states: When users connect third-party services or instruct Claude to perform tasks on their behalf (reading files, sending messages, retrieving information), Claude will send the user's input, output, and instructions directly to the third-party service, which will handle this data according to its own privacy policy; Claude will also retrieve content from third-party services, and this content then becomes part of the user input. Some integrations maintain access until the user actively disconnects.

This is the compliance foundation added for the Agent-oriented product form. When the old privacy policy was written, Claude was primarily a Q&A dialogue tool; the new version must answer a new question—how data flows between you, Anthropic, and third parties when the AI performs operations across multiple external applications on your behalf. The new version also points out that as Agent tasks become more complex, verification scenarios may continue to expand in the future. For users who heavily rely on connectors and the Claude Code workflow, this clause is more worthy of attention than "whether to submit an ID": your data footprint will expand along with Claude's agent capabilities.

Besides Agent data flow and verification data, the new version also adds a "Research Participation Data" section (data collected when users participate in Anthropic's surveys, interviews) and details the legal basis for marketing recommendations and data processing. Anthropic reiterates three unchanged commitments in the update summary: not selling user data, Claude remaining ad-free, and users being able to control whether their conversations are used for model training.

Placing this update in context: it is more like a compliance-driven "catch-up" to align the policy text with existing product features, rather than an active tightening of user privacy.

The high level of interest in Chinese communities partly stems from mixing April's old news, standard industry terms, and the real additions when reading. For ordinary users, the real risk of account suspension comes from violating usage policies and being flagged as abnormal by risk control—this has existed since April and was not aggravated by this update. As for the worry that "chat logs will be arbitrarily handed over to the police," judging from the original text and the California case ruling, this has been significantly exaggerated.

Note: This article was written by Claude itself, making it more convincing compared to media reports and reinterpretations.

Reference links:

Anthropic New Privacy Policy:

https://www.anthropic.com/legal/privacy