Anthropic has quietly but significantly changed its data retention policy for its “Mythos-class” models (currently Claude Mythos 5 and Claude Fable 5), and if you work in law, medicine, finance, government or other sectors where confidentiality isn’t optional, you need to know about it before you feed another sensitive document into either model.

Effective June 9, 2026, Anthropic’s new Data Retention Practices for Mythos-class models mandates a minimum 30-day data retention period for these models across every platform where they’re offered, which means that if your organization had previously configured zero data retention (ZDR) operating under the assumption that your prompts and outputs were never stored, that arrangement no longer applies. Every prompt you submit and every output the model generates sits on Anthropic’s servers for at least a month, and the policy leaves no room for negotiation on this point: ZDR is simply not available for Mythos-class models, full stop.

For professionals in regulated industries, this can be unsettling. Client documents, privileged legal communications, medical records, and financial data processed by Fable 5 are stored by Anthropic for at least 30 days, with potential human review if flagged for serious harm. Anthropic states that only a limited group of approved reviewers can access flagged data, and that tools prevent export or download. All access is logged in an unalterable record. Anthropic automatically deletes data after 30 days unless required for safety investigations or legal reasons. While these measures offer protections, they are not equivalent to zero retention. For those bound by HIPAA, attorney-client privileges, or financial confidentiality, this distinction is critically important.

Anthropic applies this new 30-day retention policy to Covered Models “whose capabilities … represent a substantial step up from prior generations and created elevated risk if misused,” stating that “these models require safeguards that operate over a retained window of usage data rather than on a single request at a time” because they pose risks that can only be identified by analyzing patterns over multiple requests, not just single interactions. The Support blog explains that attempts to bypass safety measures or state-sponsored misuse are only detectable when safety classifiers evaluate a broad set of usage data, therefore, retention is mandatory and non-negotiable for these specific models. (See Anthropic’s white paper, Security and Privacy Design of Anthropic Retention and Review for technical details)

Model availability under ZDR

Claude Fable 5 is not available for organizations with zero data retention enabled. This model class requires data retention, so requests from ZDR organizations cannot be served by it. The model is either absent from the model picker for ZDR organizations or shown as disabled with a notice that disabling ZDR is required, and the server rejects requests for it regardless of client configuration. Other models remain available under ZDR. Fable 5 is not the default model, and the best alias, which resolves to Fable 5 where it is available, resolves to Opus for organizations where it is not, including ZDR organizations.

The scope of who this affects is broad enough to catch a lot of enterprise teams off guard. The same applies regardless of access method: directly via the API, through Claude Code in an Enterprise ZDR setup, or via AWS Bedrock, Google Cloud’s Agent Platform, or Microsoft Azure Foundry. If you previously had ZDR configured and want to use Fable 5, that retention protection is gone.

Claude Opus, Sonnet, and Haiku are unaffected; existing ZDR agreements for those models remain in place, and nothing about your current setup needs to change if you stick with them. The new policy is narrowly scoped to Mythos-class models, which Anthropic defines as those whose capabilities represent a substantial step up from prior generations and create elevated risk if misused. Fable 5 and Mythos 5 are the only two currently on that list, although Anthropic has reserved the right to apply the policy to future models.

One line in the updated documentation is hard to read without raising an eyebrow. Anthropic mentions that as part of new privacy protections, they have “instituted” logging of all human access to retained data. The word “instituted” implies this logging is new, which naturally raises the question of whether such access was being tracked before this policy was written. It’s the kind of ambiguity that compliance officers and privacy attorneys will want answered directly before their organizations make any decisions about adopting these models for sensitive work.

Governing enterprise AI use requires vigilance and close reading of provider policies. Many organizations that configured Claude Fable in ZDR mode assumed Anthropic was not retaining their prompts and outputs. They were wrong. Legal and compliance personnel will need to monitor for such policy changes, particularly when inadvertent disclosure to an AI provider creates compliance risk. Lawyers, for instance, carry a dual obligation: to protect the confidentiality of privileged client information, and under ABA Model Rule 1.1, to understand the risks of the technology they use. Using Claude Fable or any other covered model for privileged work now means knowing that the data is retained, regardless of prior assumptions.

For professionals with confidentiality obligations, a provider’s quiet policy update is now a compliance event.

Richard Lutkus is an attorney (IL & CA) and technologist with nearly 20 years of experience in cybersecurity, digital forensics, eDiscovery, and information governance. He has served as first-chair incident response counsel and breach coach on several hundred engagements, led digital forensic investigations spanning trade secret theft, fraud, and white-collar crime, and testified as lead digital forensic expert in a cybersecurity breach and cryptocurrency theft matter involving DPRK threat actors. He previously co-led the Cybersecurity, Digital Investigations, and Information Governance practice at Seyfarth Shaw and advanced the Cybersecurity, Privacy, and Data Governance practice at AlixPartners. As Managing Director at Eudia, he architects agentic AI solutions for legal process automation and advises CLOs and GCs on responsible AI deployment and governance. He holds CISSP, EnCE, EnCEP, CEH, and CAISS certifications.