The company that built its brand refusing Pentagon surveillance contracts now wants your government-issued ID, a selfie, and a facial geometry template. And the vendor handling all of it is a firm backed by Peter Thiel, whose other portfolio company literally helped build the US surveillance apparatus.
Anthropic updated its privacy policy this month to allow identity verification for Claude users "in certain circumstances." The policy takes effect July 8, 2026, and applies to Free, Pro, and Max plans. The company says it will collect a photo of your government-issued ID, a selfie or video, facial geometry templates, and the result of the verification. All processed through Persona, a third-party firm backed by Founders Fund, the venture capital firm Peter Thiel co-founded.
The timing is suspicious. Three days before the policy update, Anthropic was forced to disable its two newest models, Fable 5 and Mythos 5, under a US government export control directive. The government cited "national security authorities." Reporting by the Wall Street Journal and Semafor points to Amazon as the catalyst: CEO Andy Jassy reportedly told Treasury Secretary Scott Bessent that Amazon researchers had used Claude Fable 5 to obtain information that could enable cyberattacks. Anthropic publicly disagreed with the order but complied, pulling the models from hundreds of millions of users overnight.
Anthropic claims the ID verification update is "unrelated to the Fable or Mythos rollout." The policy language tells a different story. Verification can be triggered by "specific safety or compliance measures," and the company reserves the right to share user data with government authorities. When a company just had its flagship models yanked by the government and responds by building identity verification infrastructure, the connection writes itself.
The Persona choice is what makes this genuinely alarming. In February 2026, security researchers discovered Persona's front-end code sitting exposed on a Google Cloud server connected to the Federal Risk and Authorization Management Program, the US government's cloud security framework. The researchers found 53 megabytes of code on what they described as a doorstep, requiring no exploitation whatsoever. The code revealed that Persona performs 269 verification checks beyond basic age verification, including comparing user photos against government watchlist databases and screening against "14 categories of adverse media from terrorism to espionage."
Discord dropped Persona immediately after the discovery, ending a partnership that lasted less than a month. The company had been testing Persona for age verification in the UK. Gamers Nexus reported that Persona's infrastructure was linked to Palantir, the data analytics firm Thiel co-founded, which provides facial recognition and AI surveillance technology to the FBI, CIA, and ICE.
Anthropic chose this vendor anyway. The company says Persona holds the identity data, not Anthropic's systems, and is contractually limited to using it for verification and fraud prevention. But Anthropic has not disclosed how long Persona retains the data, and the policy gives Anthropic broad discretion to share information with government authorities when it deems it necessary.
The community reaction has been brutal. On r/ClaudeAI, the consensus is "massive, overwhelming absolutely not." Users are furious about the Persona choice specifically, given its security breach history and Thiel connections. One commenter captured the mood: "Persona is NOT safe, and I'm not handing out my ID to a company who suffered from a huge breach just months ago. Not to mention Peter Thiel."
There is a painful irony buried in this. Anthropic gained roughly 60% of its user base since January, with many privacy-conscious users fleeing OpenAI specifically because Anthropic refused to let the US military use Claude for mass surveillance. The company won a court injunction over that refusal. Users chose Claude because it was supposed to be different. Now the same company is collecting biometric data through a vendor whose code was found on a government server, performing watchlist screening, and reserving the right to share that data with government authorities.
The policy also creates jurisdictional nightmares. In India, where DPDP Act rules govern cross-border data transfers, it is unclear whether Anthropic has legal standing to send Indian citizens' biometric data to US servers. The US RISAA law may compel American companies to share foreign citizen data with intelligence agencies. So Indian users handing their IDs to a Thiel-backed firm could be feeding data into a surveillance pipeline they have no legal recourse against.
Anthropic has not specified what triggers an identity check beyond vague references to "keeping services safe and secure." The company has not explained what happens if a user refuses to comply. The consequences of non-compliance remain undefined, though the policy suggests safety filters could be applied or service access could be denied.
This is the real story of AI in 2026. The companies that positioned themselves as alternatives to Big Tech's surveillance model are discovering that government pressure works. The Trump administration's approach to Anthropic has been methodical: label the company a "supply chain risk," force model removals via export controls, then watch as the company builds compliance infrastructure that happens to align with government interests. Whether the ID verification is genuine compliance or strategic capitulation depends on how much you trust the company that chose a Thiel-backed vendor after that vendor's code was found on a government server.
The 60% of users who joined Anthropic for privacy are now being asked to hand over their faces to a firm with ties to the surveillance state. The company that refused the Pentagon is building exactly the kind of identity infrastructure the Pentagon would want. And the vendor handling it is a company that literally screens for terrorism on behalf of whoever is paying.
Maybe this is just the cost of operating in 2026. Maybe Anthropic had no choice. But "we had no choice" is not the pitch that built this company. The pitch was "we are different." And different, it turns out, lasts exactly until the government decides it doesn't.