Anthropic to Collect Biometric Data from Claude Users for Identity Verification

What Happened?

Anthropic, the company behind the AI assistant Claude, has updated its privacy policy to include the collection of biometric data from certain users. According to The Next Web, the new policy, effective July 8, 2025, allows requiring 'flagged' users to upload a government-issued ID and selfies or videos to verify their identity. The data includes facial geometry templates, a type of biometric data. Verification is handled through third-party provider Persona, which specializes in identity verification. This change marks a significant shift in Anthropic's privacy stance, which had previously been characterized by a more open and permissive approach.

The decision is not isolated. Other tech companies, like Uber or Airbnb, already use identity verification for certain users, but in the generative AI space, it is virtually unprecedented. Until now, services like OpenAI's ChatGPT, Google's Gemini, or Microsoft's Copilot did not require government ID for general use. Anthropic's move could set a precedent in the industry, especially amid growing concerns about malicious AI use, such as deepfake generation, disinformation, or identity theft.

Why Is This Important?

This is one of the first times a major AI developer has implemented mandatory biometric verification for product use. Anthropic's decision reflects increasing pressure to prevent malicious AI uses, such as generating disinformation or identity theft. However, it also raises questions about privacy, sensitive data storage, and potential biases in verification systems. According to the updated policy, biometric data will be stored through Persona, which must meet security standards like SOC 2 Type II, but Anthropic does not specify how long it will be retained or whether it will be shared with third parties beyond what is necessary for verification.

Historically, biometric verification has been controversial. In 2020, Clearview AI faced lawsuits for collecting facial images without consent. In Anthropic's case, the measure is limited to 'flagged' users, but the criteria for flagging a user are unclear. The Next Web notes that the threshold may be based on suspicious usage patterns, such as mass content generation or attempts to bypass restrictions. However, it has not detailed how false positives will be avoided, which could affect legitimate users, such as researchers or journalists using Claude for large-scale data analysis.

Consequences for Users and the Market

For users, this means anonymous use of Claude could disappear. Those who trigger security alerts (e.g., due to intensive or suspicious use) will have to share personal documents. This could deter privacy-conscious legitimate users, especially in regions with strict data protection laws, like the EU under GDPR. Additionally, reliance on a third-party provider like Persona adds a layer of risk: if Persona suffers a security breach, users' biometric data could be compromised. In 2023, Okta, an identity provider, suffered a breach affecting its clients, demonstrating that such services are not immune.

For the market, Anthropic is getting ahead of potential regulations, such as the upcoming EU AI Act, which requires risk assessments for high-impact AI systems. However, it also takes on reputational risks. Competitors like OpenAI could follow suit or differentiate by maintaining anonymity. If Anthropic's measure reduces active users, it could lose ground to more open alternatives. Conversely, if it successfully reduces abuse, it could attract enterprise clients seeking security guarantees. According to a 2024 Gartner report, 60% of companies adopting generative AI consider security their top concern, so biometric verification could be a competitive differentiator.

What Should Readers Know?

• Verification is not for all users, only those flagged as suspicious by the system. This could be based on activity thresholds, such as queries per hour or generated content.
• Biometric data is stored through Persona, an external service, and Anthropic claims it will not use it for other purposes. However, the policy does not specify whether it will be shared with authorities under legal request.
• Speculation: it is unclear what threshold triggers the 'flag' or how false positives will be handled. In similar systems, like Twitter's (now X) verification, false positives have affected legitimate accounts, drawing criticism.
• Recommendation: privacy-conscious users should review the updated policy and consider alternatives if they do not wish to share biometric data. They may also choose not to use Claude if unwilling to undergo verification. For those continuing to use the service, it is advisable to monitor any communication from Anthropic about their account status.
• Additional context: the measure follows several incidents of malicious Claude use, such as generating political disinformation during the 2024 elections. Anthropic has faced pressure from governments and civil society groups to implement stricter measures.

Anthropic's move is a significant step toward identity verification in AI, but it raises tough questions about the balance between security and privacy. As the Electronic Frontier Foundation (EFF) noted in a recent statement, 'mandatory biometric verification can have a chilling effect on free speech and online anonymity.'