The privacy policy update

On July 8, Anthropic's updated privacy policy takes effect, introducing a notable change: the company may now require certain Claude users to upload a government-issued ID and a selfie (photo or video) for identity verification. This is not a blanket request but targeted at flagged profiles or suspicious behavior. The policy explicitly mentions the collection of "facial geometry templates," a biometric data type that raises immediate questions about management, retention, and the boundaries of consent.

Anthropic has not publicly detailed the exact flagging criteria, but it is plausible that violations of terms of service, abuse, or anomalous activity trigger the process. It remains to be seen how long this data will be stored, whether it will be shared with third parties, and what safeguards will apply in jurisdictions with stringent regulations like GDPR.

Biometric data: a qualitative leap

Facial geometry templates are a particularly sensitive category. Unlike a simple photo, they are mathematical models describing the structure of a face and can be used for automated recognition. European regulation classifies them as special biometric data, requiring an enhanced legal basis for processing. Anthropic will need to demonstrate that the collection is necessary and proportionate, or obtain explicit consent that is not tainted by information asymmetry.

For professionals using LLMs in enterprise contexts, this move is a red flag: cloud models, even when not training directly on prompts, can trigger verification procedures involving intimate personal data. The convenience of an API comes with a potential exposure that is hard to quantify in advance.

Data sovereignty and the on-premise alternative

Those operating in regulated sectors—healthcare, finance, government—have long learned to carefully evaluate where data flows. Anthropic's initiative strengthens the case for those who choose to keep AI workloads under direct control, for instance with self-hosted models. Running an LLM on-premise provides physical certainty that no data leaves the corporate perimeter, not even for an identity check demanded by an external provider.

Of course, self-hosting requires investment in hardware, skills, and maintenance. GPUs with adequate VRAM, serving frameworks, and monitoring pipelines demand significant commitment. But for organizations that prioritize data sovereignty, it is the only path to avoid contractual surprises like this. AI-RADAR closely follows the evolution of on-premise stacks, offering analysis on architectural choices and trade-offs.

What it means for companies

For businesses that already use Claude or are considering LLM adoption, the policy update is a wake-up call. It shows that cloud service terms can change quickly, introducing unforeseen data collection requirements. GDPR compliance could become more complex if employees, while accessing AI tools, find themselves having to provide biometric data to a non-EU entity.

The response is not uniform: some will continue to rely on the cloud for speed of adoption, others will accelerate on-premise AI projects. In any case, vendor transparency and auditability become discriminating factors. Digital sovereignty is not a slogan but an operational requirement that influences infrastructure choice. And this Anthropic update is yet another confirmation.