How Anthropic Butterflied You: The Privacy Bait-and-Switch that Killed Zero Data Retention
Plus What I Got Right, What I Got Wrong, and the 30-Day Trap
Anthropic named their initial security coalition Project Glasswing - after the famous butterfly with transparent wings. The metaphor was quite obvious -
clear visibility into vulnerable codebases,
delicate handling of a dangerous AI model.
Yesterday, they released the public version, Claude Fable 5, draped in a new logo of swarming butterflies. So what they essentially did is to take the raw, terrifying power of the Mythos architecture, “butterflying” it, pinning down its dangerous capabilities under hard safety limits, and cloned it for the masses.
Back in April, I wrote a two-part deep dive on Project Glasswing. I argued then that this wasn’t just a safety play, but the smartest enterprise GTM strategy in AI and a brilliant counter-narrative to the Pentagon’s “supply chain risk” label.
Now that Fable 5 is out and the dust is somewhat settling, here is an honest look at what my April thesis got right, where I was off, and the massive data privacy controversy nobody saw coming.
What I Got Right: The “Neutered Claude 5” Prediction
In Part 2, Chapter 11, I asked what the endgame for Mythos was. I wrote: “Does it quietly become Claude 5 with the offensive capabilities neutered?”
That is exactly what Claude Fable 5 is.
Anthropic took the raw capability of the Mythos architecture and wrapped it in hard-coded safety limits.
If you ask Fable 5 to do complex cybersecurity, biology, or chemistry work, it blocks the query and routes it to the older, safer Claude Opus 4.8. They didn’t keep Mythos entirely sealed off, but they didn’t release the weaponized version either.
I also argued that Glasswing was a brilliant political counter-narrative. That holds up entirely. While the Trump administration continues to defend its Pentagon blacklist in court, Anthropic expanded Glasswing from roughly 50 to 200 organizations across 15 countries. When the Fed Chair and Wall Street banks are relying on your tech to secure their codebases, you aren’t the supply chain risk, well
you are the supply chain.
What I Got Wrong: The Missing Sectors and OpenAI’s Silence
In Part 2, I pointed out massive holes in the Glasswing coalition:
No telecom,
no operational technology (OT), and
no AI infrastructure layer.
I was right about the gaps at the time, but I underestimated how fast Anthropic would move to close them.
In early June, Anthropic expanded Glasswing to specifically include communications, power, water, and healthcare sectors. It wasn’t a permanent strategic hole; it was just Phase 1.
I also called out OpenAI’s “silence” on the issue. That take aged poorly almost immediately. Just a week after my piece, OpenAI launched GPT-5.4-Cyber, answering Anthropic not with a restricted coalition, but with a vetted-but-broad defender access model, explicitly criticizing the idea that a small central group should decide who gets to defend themselves.
The Super Bowl Irony
To fully appreciate the whiplash of this week, you have to look at Anthropic’s marketing playbook.
Back in February, they won the AI Super Bowl with ads explicitly attacking OpenAI’s commercialization: “Ads are coming to AI. But not to Claude.” They aggressively positioned themselves as the ethical, privacy-first, user-centric alternative to Sam Altman’s empire.
That media campaign was a masterclass in brand positioning. But it makes yesterday’s Fable 5 release incredibly jarring. The “privacy-first” company just killed the most important privacy standard in enterprise AI.
What’s Next: The 30-Day Trap (And Why Edge AI Should Care)
Are people actually upset about Fable 5’s capabilities? I dont think so.
they are furious about the terms.
To run Fable 5’s active safety classifiers, Anthropic quietly instituted a mandatory 30-day data retention policy on all Fable 5 traffic.
Why are they doing this? It’s a Jailbreak Defense.
Fable 5 is Mythos under the hood.
If a user figures out a complex jailbreak, they instantly gain access to a model capable of finding zero-day exploits in global infrastructure. Anthropic’s trust and safety teams need that 30-day window to manually review flagged traffic, reverse-engineer new jailbreaks, and patch the guardrails.
But for the enterprise, this is a seismic shift. It overrides the Zero Data Retention (ZDR) agreements that businesses previously negotiated. The choice is now stark:
you can have the smartest model, or
you can have data privacy.
You can no longer have both.
The Deep-Tech Founder Action Plan
If you are building in edge AI, critical infrastructure, or handling regulated client data, here is your immediate playbook:
Audit your API Routing: Ensure your automated workflows default to Claude Opus 4.8 or Sonnet 4.6. Do not let Fable 5 become the default in your codebase.
Review your DPAs: If you process data under GDPR or strict UK defense NDAs, Fable 5’s human-review clause violates your Data Processing Agreements. Keep it isolated from your core IP and sensor data.
Watch the Open-Source Edge: While the API labs fight over 30-day retention windows, the real alpha for critical infrastructure is running smaller, highly capable models locally on the sensor hardware where the data never leaves the facility.
The Final Irony
Anthropic started this saga with Project Glasswing of the transparent butterfly. Yesterday, they released Fable 5 to the public as a swarm of cloned butterflies. They successfully “butterflied” the Mythos model, pinning down its offensive cyber capabilities, clipping its wings, and making it safe enough for mass consumption.
But the transparency has flipped.
During Glasswing, Anthropic gave the model to defenders so they could see through their code.
With Fable 5 and the 30-day retention trap, the transparent butterfly is gone.
Now, Anthropic is the one demanding to look through the glass at your data.
That is how Anthropic butterflied you.