What to keep out of Claude
Working with Claude — CC BY 4.0
The last lesson was about not trusting what comes out of Claude. This one is about being careful with what you put in. Every message you type is sent off your machine to be processed somewhere else, by a company you don’t control. Before you paste, ask one plain question first — and know the few things that really shouldn’t go in.
The first custody question
Whenever you’re about to hand something to any AI tool, ask: where does this go, and who can reach it once it leaves my hands?
That’s the custody question, and it’s the habit this whole lesson is built on. Not “is this tool good”, but “once I paste this, who has it, for how long, and under whose laws?” You keep asking it — of Claude, of any chatbot, of any cloud service. It’s the difference between using a tool and quietly handing your work to a stranger.
For Claude specifically, the plain answer is: your message goes to Anthropic, a US company, and is processed on servers it operates. What happens next depends on which version you’re using — and that difference matters enough to spell out.
Where your data actually goes
Anthropic draws a hard line between its consumer plans and its commercial ones, and they’re governed by different terms.
- Consumer plans (Free, Pro, Max). As of an update that took effect in late September 2025, your chats and coding sessions may be used to train Claude — unless you turn that off. If you allow it, they can be kept for up to five years; if you opt out, retention drops back to around 30 days. The opt-out lives in your account settings under the privacy area (look for a toggle about using your data to improve the models — confirm the exact wording in-app, as menu names shift). One caveat: conversations that Anthropic’s systems flag for safety review can still be used regardless of your setting.
- Commercial plans (Claude for Work / Team / Enterprise, the API, and government or education offerings). By default these are not used to train the models, and there’s no opt-in/opt-out toggle because training isn’t on the table. Retention is shorter, and larger organisations can arrange stricter terms.
So the first practical move, if you’re on a free or paid personal plan and doing anything sensitive, is to find the privacy setting and turn training off. It takes a minute and it changes what happens to everything you type from then on.
(These specifics come from Anthropic’s own published terms and can change — check the current privacy settings and terms rather than taking a course as gospel.)
The US CLOUD Act, in one line
Here’s the part people miss. Because Anthropic is a US company, US law reaches its data. The CLOUD Act (a 2018 US statute) lets US authorities compel a US-based provider to hand over data in its control — even if that data is stored outside the United States. Opting out of training doesn’t touch this; it’s a separate question about legal reach, not model improvement. For most everyday use this is academic. For anything you’re legally obliged to protect, it isn’t.
What simply shouldn’t go in
Rules of thumb, in plain terms:
- Other people’s personal data. Names tied to health, finances, immigration status, addresses, dates of birth — anything that identifies a real person and would embarrass or harm them if it leaked. If it’s not yours to share, don’t paste it.
- Client and confidential business material. Contracts under NDA, unreleased plans, commercially sensitive figures. If you signed something promising to keep it in-house, sending it to a third party may break that promise.
- Anything covered by legal privilege. Communications between a lawyer and their client can carry a special protection in law. Pasting privileged material into a third-party tool risks waiving that protection — losing it. If that word applies to your work, treat it as off-limits and take proper advice.
- Credentials and secrets. Passwords, API keys, bank details, one-time codes. Never. (There’s a whole later lesson on this.)
- Health and identity records you’re holding on someone’s behalf — patient notes, HR files, student records.
If you genuinely need Claude’s help with sensitive material, the safer path is to strip it back first: remove the names, swap real figures for placeholders, describe the situation in the abstract. You usually get the same quality of help from an anonymised version.
Before you paste anything sensitive: whose information is it — yours, or someone who trusted you with it?
If they could see it landing on a US company’s servers, would they be comfortable? And if you’re not sure, who would you ask before pasting — not after?
A note for anyone working with Māori data
If your work touches information about Māori individuals, whānau, or communities, data sovereignty is a live and legitimate concern — the principle that Māori data should be subject to Māori governance. Sending it to a US-operated service is exactly the kind of decision that deserves a proper conversation with the people it belongs to, not a solo call in a chat window.
Not legal advice
This lesson is general education, not legal advice. Privilege, privacy obligations and confidentiality duties turn on your specific situation and jurisdiction. If real exposure is on the line — a client’s data, a regulated record, anything privileged — talk to a qualified lawyer about your circumstances. The point here is only to make you pause and ask the custody question before you paste, because once it’s sent, you can’t unsend it.
That’s the whole discipline: you decide what leaves your hands. The tool never gets to make that call for you.
Shared freely, in good faith. If it's been of value, a koha toward development and running costs is warmly welcomed.
Leave a koha →