Skip to content

Anthropic Markets Itself on AI Safety. It Also Wants Your Passport and Your Face.

DS
LDS Team
Let's Data Science
10 min
Effective July 8, 2026, Anthropic can require some Claude Free, Pro, and Max users to submit a government ID and a live selfie before they can keep using certain features. The company processing that data, Persona, is backed by Peter Thiel's Founders Fund, which is also an investor in Anthropic. Anthropic says only a small subset of flagged accounts are affected and the data will never train its models.

Anthropic's privacy policy has a section called Verification Data. It is short. One sentence inside it took effect yesterday: "In certain circumstances, we may ask you to verify your age or identity."

For a Claude Free, Pro, or Max subscriber who trips whatever wire triggers that sentence, what follows is concrete. A scan of a passport or driver's license. A live selfie, checked for liveness so a photo of a photo will not pass. A facial geometry template built from that face, generated by a company most Claude users have never heard of.

That company is Persona. It now holds a growing share of the government IDs and facial biometrics collected from one of the most-used AI products on Earth. Persona is backed by Founders Fund, the venture firm Peter Thiel co-founded. Thiel is also an investor in Anthropic.

The update, published in June and effective July 8, formalizes a system Anthropic switched on in limited form back in mid-April. It applies only to consumer accounts, Free, Pro, and Max; Team, Enterprise, and API customers are exempt. Anthropic says the goal is narrow: catch fraud, and give flagged accounts a path to prove their innocence instead of losing access outright. But a company built on taking AI risk seriously is now asking users to hand over exactly the data biometric privacy laws exist to protect.

The Policy Formalizes What Started Quietly in April

Anthropic quietly switched on identity verification through Persona in mid-April 2026, describing it as covering "a small number of cases where we see activity that indicates potentially fraudulent or abusive behavior." The June update moved that practice from a support article into the privacy policy itself, the document governing what a company can legally do with user data.

Anthropic has not published a list of what triggers a check. Its support page says users may see a prompt "when accessing certain capabilities, as part of our routine platform integrity checks, or other safety and compliance measures." None of those three justifications names an actual capability or threshold. Users of a product with tens of millions of monthly users cannot know in advance what might trigger a request for their passport.

Thariq Shihipar, a member of Anthropic's technical staff, wrote on X that the change applies to a "small subset of users" whose accounts are flagged but not banned, giving them an appeals path rather than an outright ban. Anthropic has not disclosed how large that subset is.

What Anthropic Actually Collects

Anthropic's own policy language spells out what the company gathers once verification is triggered:

"In certain circumstances, we may ask you to verify your age or identity. If you choose to do so, data we will collect includes, depending on the method: an image of your government-issued identity document and the information appearing on it (such as your ID number and date of birth); your image in photo or video form, facial geometry templates (which may be considered 'biometric data' in some jurisdictions); and the result of the verification."

In practice, that breaks down into:

  • A photo of a passport, driver's license, or national ID card (photocopies, screenshots, and digital IDs are all rejected)
  • The personal data printed on that document, including full name, date of birth, and ID number
  • A selfie photo or video, screened with liveness detection to rule out a static image
  • A facial geometry template, a numeric map of the face generated for matching against the ID photo
  • The pass or fail result of the check itself

For age-only checks, Anthropic uses a separate vendor, Yoti, which returns a yes-or-no answer without sending the ID image to Anthropic. Full identity checks go through Persona; the raw documents and biometric templates live on its servers, not Anthropic's. That "biometric data" hedge is not decorative: Illinois law treats facial geometry as protected biometric data with a private right to sue, the same statute that cost Facebook $650 million in 2021.

If You Use Claude and Want to Limit Exposure

Team, Enterprise, and API accounts are exempt from this policy entirely. Free, Pro, and Max users are only asked to verify in triggered cases, and only an original physical passport, driver's license, or national ID card qualifies; photocopies and digital IDs are rejected. Anthropic has not said what happens if you decline.

Consumer Accounts Face a Check That Business Accounts Do Not

The policy draws a sharp line between who can be asked for a face scan and who cannot.

Claude Free, Pro, Max (consumer)Claude Team, Enterprise, API
Subject to ID and biometric verificationYes, in triggered casesNo
Vendor involvedPersona (full ID) or Yoti (age only)Not applicable
Data that may be collectedPassport or license scan, selfie, facial geometry templateNone under this policy
Stated trigger"Certain capabilities," "platform integrity checks," "safety and compliance"Not applicable

Anthropic says the identity data will not train its models or be shared with anyone else. The company remains the "data controller" that sets the rules; Persona is the "data processor" that executes them, and the documents sit on Persona's infrastructure under a contract most users will never read.

The Company Checking Your Face Shares Investors With Anthropic

Persona has done this kind of work before, for Roblox and, briefly, Discord. That Discord chapter is why the Anthropic rollout draws extra scrutiny.

In February 2026, Discord tested Persona's age verification on a subset of its users. Backlash followed once users noticed Persona's ties to Peter Thiel, and deepened after researchers found Persona's dashboard code sitting on a publicly accessible government server, exposing 2,456 files. Discord apologized and reversed course within weeks.

Persona is backed by Founders Fund, which co-led the firm's $200 million Series D round in 2025.

That round valued Persona at $2 billion. Thiel, Founders Fund's co-founder, is also an investor in Anthropic.

Persona's chief operating officer, Christie Kim, addressed the overlap directly after the Discord backlash: "He is not on our board, does not advise us, has no role in our operations or decision-making, and is not directly involved with Persona in any way."

That may be true. It does not change that the same investor sits upstream of both the AI company and the firm now holding its users' passports.

Anthropic Says This Is About Fraud, Not Surveillance

Anthropic's explanation is straightforward: verify people most likely abusing the platform, and give them a way to clear their name instead of losing access outright.

The company has reason to worry about that kind of abuse. Alibaba Opened 25,000 Fake Accounts to Talk to Claude. Anthropic Took It to the Senate. documented a competitor using tens of thousands of fraudulent accounts to extract Claude's outputs for a rival model. In that context, identity verification is a plausible fraud-prevention tool, not an obviously bad-faith idea.

Anthropic also cites contractual limits: Persona cannot use verification data for advertising, or repurpose it beyond the fraud and compliance functions it was collected for. Roblox, another Persona customer, says it deletes user images immediately after processing; Anthropic has not confirmed the same for its own data.

Anthropic has not published that timeline, a list of triggers, or a count of affected accounts. Those gaps do not prove bad intent, but they mean users are trusting a process they cannot see.

The Timing Looks Connected. Anthropic Says It Is Not.

The privacy update landed in the same stretch of weeks as Anthropic's export-control standoff over Fable 5 and Mythos 5, the models Washington forced offline in June before restoring access on July 1.

Tech Times has floated the idea that identity verification could eventually help Anthropic prove a user's nationality before granting access to a restricted model, though it notes that path is not confirmed. Shihipar addressed the broader theory directly: the identity verification update is "unrelated to the Fable or Mythos rollout." Anthropic has offered no statement connecting the two.

Both stories are real. Both involve Anthropic reassuring a skeptical audience, one in Washington, one among its own users. On the record available, they look like two problems that collided on the calendar, not one policy answering the other.

The Bottom Line

Strip away the caveats and the situation is simple. Some Claude users can now be told to hand over a passport, a selfie, and a facial geometry template, or lose access to Claude altogether. The company holding that data answers to an investor who also holds a stake in Anthropic itself, the same AI lab California just gave access to every state agency.

Anthropic's defense, that this catches a small number of bad actors and protects everyone else, may well be true. It has offered no evidence to let outsiders check that claim: no retention schedule, no trigger list, no user count. For a company whose identity rests on being careful enough to say no to Washington, asking users to take its data practices on faith is a strange place to land.

Anthropic has spent two years selling itself as the AI lab cautious enough to slow down and ask hard questions first. This week, it asked its own users to hand over their faces first, and trust that the same caution applies to them too.

Sources

Practice interview problems based on real data

1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.

Try 250 free problems