The Cost of Frontier AI: AWS Bedrock's New Data-Sharing Mandate for Anthropic Mythos

For enterprise developers, AWS Bedrock has long been the gold standard for deploying large language models securely. The platform’s core promise—that your data remains strictly within your virtual private cloud (VPC) and never leaves AWS's security boundary—made it easy to win over cautious Chief Information Security Officers (CISOs).

However, the arrival of next-generation frontier models is shifting this landscape. With the release of Claude Fable 5 and Mythos 5, developers looking to leverage these highly capable "Mythos-class" models must now navigate a significant compliance hurdle: a mandatory 30-day data retention policy that requires sending prompt and completion traffic directly to Anthropic.

This policy represents a fundamental change in how data boundaries are managed on Bedrock, forcing engineering teams to carefully weigh the raw capabilities of frontier models against strict data-residency and compliance requirements.

The Mechanics of the Mythos-Class Mandate

Under the new terms, using Fable 5, Mythos 5, or any future models on Bedrock with similar or higher capability levels requires opting into a 30-day data retention policy. According to Anthropic, retaining this data for a limited window is necessary to detect complex patterns of abuse and misuse that cannot be identified from a single, isolated prompt-and-response exchange.

The critical architectural catch is where that data goes. Once an organization opts into this retention policy, their data leaves AWS’s data and security boundary. It is transferred to Anthropic, where it is retained for 30 days before being automatically deleted. The only exceptions to this automatic deletion are rare cases where the data becomes part of an active safety investigation or if Anthropic is legally obligated to retain it.

To enable these models, developers must flip an account-wide flag in their AWS console, explicitly consenting to share their prompts and completions with the third-party model vendor. For organizations in highly regulated sectors like finance, healthcare, or government, this step introduces a new vendor into their data-transit path, complicating existing risk assessments.

Cloud Provider Divergence: AWS vs. GCP

Interestingly, the implementation of this safety mandate varies across cloud providers, presenting developers with different architectural trade-offs depending on where they host their infrastructure.

While AWS Bedrock requires data to leave its security boundary and travel to Anthropic, Google Cloud handles the requirement differently. On Google Cloud's Agent Platform, deploying Fable 5 also requires enabling data retention, but Anthropic's support documentation notes that this retained data "stays in your GCP environment." However, Google Cloud's terms under its Advanced AI Safety Addendum specify a 60-day retention policy for these workloads.

This divergence means that developers requiring strict data residency within a single cloud provider's physical boundaries may find Google Cloud's implementation easier to clear with compliance teams, even though the retention window itself is twice as long as Bedrock's 30-day period.

The Industry-Wide Retreat from Zero-Retention

This shift is not unique to Anthropic. The era of absolute zero-data-retention (ZDR) guarantees for top-tier frontier models appears to be drawing to a close across the industry.

For example, AWS Bedrock's documentation reveals that OpenAI's latest models, such as GPT-5.4 and GPT-5.5, also do not offer absolute zero data retention. For those models, any traffic flagged by safety classifiers is retained for up to 30 days to perform automated offline abuse detection.

However, there is a key operational difference between the two approaches:

• OpenAI on Bedrock: Retention is triggered only for traffic flagged by safety classifiers, and the data is managed within AWS's ecosystem.
• Anthropic Mythos-Class on Bedrock: All traffic is subject to the 30-day retention policy, and the data must actively leave AWS's security boundary to be processed by Anthropic.

This trend is also surfacing in developer tooling. Integrations of Claude Fable 5 in platforms like GitHub Copilot are subject to similar underlying retention policies, signaling that developers will encounter these data-sharing requirements regardless of where they consume frontier models.

Compliance and Architectural Implications

For engineering teams, this policy change transforms what used to be a simple deployment decision into a complex compliance review. Developers must now address several key questions before moving Mythos-class models into production:

1. Vendor Risk Assessment: Because data leaves AWS to reside with Anthropic for 30 days, Anthropic must be vetted and approved as a direct subprocesser of customer data, rather than relying solely on AWS's enterprise agreements.
2. Data Residency and Sovereignty: For applications operating under strict regional data laws (such as GDPR in Europe), developers must verify whether Anthropic's retention infrastructure complies with local data-residency mandates.
3. Fallback Architectures: If compliance teams block the use of Mythos-class models due to the data-sharing mandate, developers will need to design fallback architectures. This might involve routing highly sensitive workloads to slightly older, non-Mythos models that still support zero-data-retention, while reserving Fable 5 for less sensitive tasks.

Ultimately, the pressure on organizations to adopt cutting-edge AI capabilities is immense. While some enterprise CISOs may find themselves forced to accept these new data-sharing terms to keep pace with technological advancements, developers must ensure they understand the exact boundaries of their data transit before flipping the switch.