Microsoft has restricted internal employee access to Anthropic’s Claude 3.5 Sonnet—the latest model in the company’s high-capability AI lineup—while its legal and security teams conduct a formal review of updated data retention policies. The move follows the release of Anthropic’s new safety-focused data handling guidelines, which mandate that user prompts and outputs be retained for 30 days for trust and safety monitoring.
Why Microsoft is Restricting Access
Microsoft is exercising caution regarding the integration of third-party AI models that require data retention for safety analysis. According to an internal memo reviewed by The Verge, the company is evaluating whether Anthropic’s new policy meets its strict enterprise security standards.
Anthropic’s policy for its most capable models, including the Claude 3.5 series, involves storing user interactions for 30 days to help developers identify novel attacks, such as jailbreaks or cross-request exploits. If a prompt or output is flagged by automated trust and safety classifiers as a policy violation, Anthropic states it may retain that data for up to two years.
Data Retention and Corporate Security
The friction between Microsoft and Anthropic highlights a growing tension in the enterprise AI sector: the trade-off between model safety and data privacy. While Anthropic maintains that the 30-day retention period is necessary to "defend against complex and novel attacks," corporate legal departments often view any external data retention as a potential liability.
According to Anthropic’s official documentation, the company does not use this retained data to train its foundational models. Instead, the logs are restricted to safety purposes, with human access to the data subject to internal logging and auditing. Despite these safeguards, Microsoft’s internal security teams are currently verifying if these protocols align with the company’s "zero-trust" architecture.
Comparative Data Policies
The approach to AI data retention varies significantly across the industry, creating a fragmented landscape for enterprise users.
| Feature | Anthropic (Claude 3.5) | Microsoft (Azure OpenAI) |
|---|---|---|
| Default Retention | 30 days (Safety/Trust) | Opt-out/Zero-retention (Enterprise) |
| Model Training | Data not used for training | Data not used for training |
| Safety Flagging | Up to 2 years | Varies by deployment |
Microsoft’s own Azure OpenAI service generally offers enterprise customers the ability to opt out of data logging entirely. Because Anthropic’s new policy for its high-capability models appears to be a mandatory component of its safety infrastructure, Microsoft’s internal teams must determine if an exception can be made or if the tool must remain blocked for certain internal use cases.
What Happens Next
Microsoft employees are currently advised to use alternative tools while the review process continues. The timeline for the review remains unclear, but the company’s decision to limit access reflects a broader trend among Fortune 500 firms to treat generative AI as a high-risk asset.
Security researchers note that as AI models become more adept at software engineering and scientific research, the sensitivity of the data processed by these models increases. Consequently, legal teams are moving to standardize how third-party providers handle input data, ensuring that "trust and safety" justifications do not inadvertently create privacy risks for corporate intellectual property.