This will fly in EU. As long as the company states the time period for which it will keep data and clean it afterwards, gdpr has no issues with the data retention.
Their carve-outs for safety (public interest) and legal are also valid exceptions in gdpr as well.
> As long as the company states the time period
But they don't, they have the "30 days", but just after that they add "unless ....". So the time period is vague.
But companies will have to request consent from there users for their data to be shared to Anthropic.
Since Anthropic is a US company the GDPR compliance claims would be dubious and open to litigation by entities like NOYB.
Yeah it'll fly legally.
Everybody should just assume that they are lying about data retention and learning anyway.
They showed zero respect for intellectual property in the past and they will show zero respect now or in the future. A few thousand Euros/dollars in subscription doesn't matter when several trillions are in play (at least in their plans).
Honestly, I have yet to see any evidence of data leak from private sources. I think one of the better example is "simple-bench", which at least used to be a low-key benchmark that I would assume would have been saturated quickly if the labs were secretly scooping up data from API requests. Yet it's been years and it has yet to be saturated.
It's easy to catch a data leak if you have private data. You know what the model is supposed to not know, and you can just ask to see if it does. Yet I have not seen or heard of a single case of this being documented. As far as I can tell the labs do in fact respect the request to opt out of training.