The editorial argues that the entire enterprise case for Bedrock — repeated in AWS sales decks since 2023 — was that inference traffic never leaves the customer's AWS account. Carving out Mythos-class models from that guarantee guts the differentiator at precisely the tier (high-value workloads in banks, hospitals, and federal pilots) where the data boundary mattered most.
The editorial highlights that this isn't presented as an optional feature — if you want Mythos-tier capability on Bedrock, you must accept retention and data egress from AWS's security boundary. Customers who built compliance postures around the old zero-retention guarantee now face a forced choice between capability and the data terms they originally signed up for.
The official rationale quoted in the announcement is that retaining data for a limited period allows Anthropic to detect patterns of misuse that aren't visible from a single exchange. This frames the change as a safety-engineering necessity tied to higher-capability models, not a commercial or training-data motivation.
By surfacing the line 'Once you opt into data retention, your data will leave AWS's data and security boundary,' the submitter drew attention to the fact that Bedrock's main value proposition over the direct Anthropic API has been hollowed out for flagship models. The 331-point thread reflects community recognition that the AWS-as-trust-boundary story no longer holds at the Mythos tier.
Anthropic and AWS quietly changed the deal on Bedrock. According to the announcement on the AWS blog, for Fable 5, Mythos 5, and future Anthropic models on Bedrock at similar or higher capability levels, Anthropic will require 30-day retention for all traffic on Mythos-class models. The stated rationale: "Retaining data for a limited period allows Anthropic to detect patterns of misuse that are not visible from a single exchange."
The sentence that made the Hacker News thread light up (331 points and climbing) was the next one: "Once you opt into data retention, your data will leave AWS's data and security boundary." Read that twice. Bedrock — the service AWS has spent two years selling as the enterprise-safe way to use third-party foundation models — will, for the flagship Anthropic models, ship your prompts and completions out of your AWS account and over to Anthropic infrastructure for a month.
It isn't framed as an opt-in feature. It's framed as a precondition for using the model class at all. If you want Mythos-tier capability on Bedrock, you accept the retention. If you don't accept it, you don't get the model. Older Claude models on Bedrock retain the existing zero-retention posture, so the split is by capability tier, not by account.
The single biggest reason enterprises picked Bedrock over calling the Anthropic API directly was the data boundary. The Bedrock pitch — repeated in every AWS sales deck since 2023 — was that your inference traffic never leaves your AWS account, never trains a model, never sits in a third-party retention bucket. That was the differentiator over going direct. It's what got Claude into banks, hospitals, and federal pilots that would never have signed a data-processing addendum with Anthropic directly.
That differentiator just got carved out at exactly the tier customers care about most. Mythos and Fable are the models you'd actually want to use for the high-value workloads — the long-context legal review, the clinical summarization, the trading-desk research synthesizer. Those are also the workloads where 30-day retention by a third party is most likely to blow up your compliance posture. Sarbanes-Oxley, HIPAA, GLBA, GDPR Article 28, FedRAMP Moderate — each of these regimes treats "data left our processor's boundary and sat at a sub-processor for a month" as a material event that requires contractual changes, customer notification, or both.
Community reaction on HN zeroed in on the trust gradient. The top-voted comments noted that AWS has spent significant capital marketing Bedrock as the safe choice precisely because of the boundary guarantee, and that quietly relocating that guarantee to "depends which model you pick" is the kind of footnote that turns into a procurement nightmare two quarters later. Several commenters pointed out that the policy effectively pushes high-value Anthropic traffic onto Anthropic-controlled infrastructure regardless of which cloud the customer chose — a structural shift in who owns the relationship with the enterprise.
There is a real safety argument buried in here. Anthropic's misuse detection genuinely does require pattern analysis across requests, and a single inference call in isolation tells you nothing about whether a user is jailbreaking the model into helping with something dangerous. But the engineering reality is that this requirement could have been satisfied with on-Bedrock retention managed by AWS under Anthropic's policies — instead, the data physically moves. The choice to move it suggests Anthropic wants direct operational access to the traffic, not just analytical results derived from it.
If you've built anything on Bedrock-Claude with a compliance story attached, you have homework. Start by auditing every BAA, DPA, and customer-facing security commitment that mentions Bedrock as the inference layer, because the implicit "data stays in AWS" claim is about to become model-dependent. Your security team and your legal team need to know which Claude version each workload is pinned to, and what the upgrade path looks like.
If you're on Claude 3.5 Sonnet or Claude 3.7 today, you're fine for now — the retention requirement is for Mythos-class and above. But the version-pinning strategy that everyone uses ("we'll ride the latest model for quality") now has a hidden compliance step. You can no longer auto-bump model IDs in your Bedrock client configuration without a security review. That's a real operational tax. Expect to see it show up as a CI gate, a Terraform policy check, or a missed quarter because legal sat on the upgrade.
For regulated industries specifically, the practical options are: (1) stay on the pre-Mythos generation indefinitely and accept the capability ceiling, (2) negotiate an enterprise agreement with Anthropic directly that gives you contractual control over the retention window and sub-processor status, or (3) move the workload to a different model family — Nova on Bedrock, Llama via Bedrock, or a self-hosted open weights model — where the boundary guarantee still holds. None of these are free. Option 3 in particular requires re-running your evals, which for a serious production workload is weeks of work.
The broader pattern here is that the foundation-model vendors are taking back control of the data plane from the cloud providers, and they're doing it under the banner of safety. Expect OpenAI to follow on Azure, and expect Google to do something similar on Vertex for Gemini Ultra-class models — the economics and the safety theater both push in the same direction. The era of "pick your cloud, the model is a commodity riding inside it" is ending; the model vendor is becoming a first-class sub-processor whether your procurement org wanted that or not. For practitioners, the takeaway is concrete: treat model version selection as a security boundary decision, not a performance one, and bake that into your deployment pipeline before the next capability bump forces the question on you.
> For Fable 5, Mythos 5, and future models on Bedrock with similar or higher capability levels, Anthropic will require 30-day retention for all traffic on Mythos-class models. Retaining data for a
→ read on Hacker NewsThis is odd behaviour, and provides some evidence that Anthropic isn't being managed by serious people. With this policy across AWS/GH/Zed/etc, they're taking their massive lead in enterprise/govt sales and handing it to any competitor who can serve a model anywhere nea
This policy applies across all providers. Here is the warning in Cursor: https://i.redd.it/7sfyker2ya6h1.pngNote that Anthropic has committed not to train models on logged data, so I don’t understand some of the concerns here. What exactly is your threat model? That Anthropic would tr
Pretty sure this doesn't work for any regulated enterprise or government client. But AWS knows this, so I am curious why they'd agree to it.
This smells like an advanced version of corporate espionage. Assuming most companies will use their AI in the future, this will be fed directly to an Echelon-like network that will be leaking "interesting info" to friendly parties, like the Boeing vs Airbus scandal that was first widely re
Top 10 dev stories every morning at 8am UTC. AI-curated. Retro terminal HTML email.
The root of the problem is that AI-as-a-service is corked, because companies providing it have a hell of an incentive to use all that data to out-compete their competitors, and they can do so in secret. To say nothing of salivating law-enforcement who really, really wants to tap into it. I'm ho