[FEATURE] Per-session transparency into training data policy treatment across all consumer product surfaces
Preflight Checklist
- [x] I have searched existing requests and this feature hasn't been requested yet
- [x] This is a single feature request (not multiple features)
Problem Statement
Scope: This request applies to Anthropic's consumer product surfaces — as of this writing: claude.ai, Claude Cowork, and Claude Code. It does not apply to API, Team, Enterprise, Government, or Education tiers, which operate under separate data policies. The intent is to bring enterprise-grade transparency to the consumer products that Pro and Max subscribers rely on daily.
---
Anthropic's consumer terms update introduced a training data opt-in/opt-out toggle ("Help improve Claude") in Privacy Settings. This is a globally scoped, account-level setting that governs data treatment across all three consumer product surfaces listed above.
However, there is currently zero per-session transparency into how this policy is applied. Across any consumer product surface, a subscriber cannot:
- Verify in-session whether the current session is covered by their opt-out preference
- Review historical sessions to determine which were treated as opted-in vs. opted-out, and therefore which are subject to 30-day vs. 5-year retention
- Review a change log of when their privacy settings were modified — no audit trail exists for the toggle itself
- Take targeted action on specific historical sessions — for example, requesting deletion of individual sessions that fell under the 5-year retention window
This is not a request for a visual indicator. This is a request for consumer-facing security controls that provide transparency and recourse into how Anthropic treats customer session data under its own stated policy.
The account-level toggle in Privacy Settings is the only control Anthropic currently provides. It operates as a global switch but provides no feedback mechanism — no confirmation that it was applied to a given session, no audit trail of setting changes, no historical session view, and no per-session recourse. For a policy that distinguishes between 30-day and 5-year data retention, this lack of transparency is a material gap that affects every consumer subscriber.
Microsoft, Apple, and other major platform vendors have moved toward granular privacy controls with full audit trails in their commercial products — often after regulatory or legal pressure made it unavoidable. Anthropic has an opportunity to lead here rather than follow.
Proposed Solution
Extend the existing Privacy Settings infrastructure to provide per-session visibility, audit logging, and recourse across all consumer product surfaces:
1. In-session status indicator — Each product surface should reflect the current session's training policy treatment:
- Claude Code: A
/statuscommand or session startup line (e.g.,Training: off) - claude.ai: A visible indicator in the conversation UI (e.g., session info panel)
- Claude Cowork: Equivalent indicator appropriate to that surface
2. Historical session audit view — In Privacy Settings (or an equivalent account dashboard), provide a list of past sessions with:
- Product surface (claude.ai / Cowork / Claude Code)
- Date/time
- Training policy status at time of session (opted-in / opted-out)
- Retention tier (30-day / 5-year)
3. Privacy settings change log — Maintain and surface a tamper-evident log of all changes to the account's privacy settings:
- Date/time of each change
- Setting changed (e.g., "Help improve Claude")
- Previous value → new value
- Accessible via the UI (Privacy Settings page) and via API for structured export
4. Per-session opt-out recourse — For any sessions that were captured under the 5-year retention window, provide clear and documented instructions (or a self-service mechanism) for requesting deletion of specific sessions. This should be accessible and straightforward, not buried in a support ticket workflow.
Priority
High
Feature Category
Configuration and settings
Use Case Example
Any consumer subscriber who toggles "Help improve Claude" off today faces the same questions:
- Were prior sessions across claude.ai, Cowork, and Claude Code treated as opted-in or opted-out?
- Which sessions fall under 30-day retention vs. 5-year retention?
- When exactly was the toggle changed, and can the subscriber prove it?
- If a subscriber identifies specific past sessions they want removed from the 5-year retention pool, what is the documented recourse?
Today, none of these questions are answerable from within the product. The subscriber must infer policy application from a toggle state and a blog post — with no confirmation, no audit trail, and no targeted recourse.
Additional Context
- This is distinct from #17215, which conflates per-session visibility with per-repository granular controls and downstream use cases. This request is strictly about customer-to-Anthropic transparency under the stated consumer data policy.
- This is distinct from #26336, which focuses on enterprise/organizational enforcement via managed settings.
- The scope extends beyond Claude Code to all consumer product surfaces, but Claude Code is filed here since it is Anthropic's primary public channel for consumer feature requests.
- Reference: Updates to our consumer terms
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗