This week's All-In podcast spent a long segment on Anthropic's newest flagship model, and the backlash that followed says more about where AI is heading than the model itself does.
What Happened
Anthropic shipped a new "mythos-class" model with aggressive new guardrails. Buried on page 200+ of a 300-page policy document: the model now retains every prompt and every output you send it for at least 30 days. No exceptions. Even enterprise customers who had signed zero-data-retention agreements don't get a choice, beyond not using the new model at all.
It gets sharper. The model can detect if it thinks you're doing "frontier AI research" (i.e. using it to build a competing model) and quietly downgrade your access, without disclosing that it happened. Developers found out by accident, mid-session.
The hosts didn't hold back: a company that has spent the last year warning everyone about the dangers of government surveillance just built mandatory surveillance into its own product, with no opt-out, and didn't tell anyone until it leaked.
Why This Matters Beyond One Company
The second-order effect, debated live on the show, is the real story. As frontier labs tighten restrictions like this, developers and companies who need serious capability without the surveillance get pushed toward open-source models they can run themselves. Right now, the best open-source models are Chinese. So the restriction doesn't make AI safer. It just moves the capability, and the leverage, somewhere else.
This isn't a one-off PR misstep. It's what happens when "privacy" is implemented as a policy decision sitting on top of an architecture that was never built to need one. Policies can change. They get buried in document 200. They get walked back only after the backlash makes the news.
What Ownership Looks Like as Architecture, Not Policy
ZDrive starts from a different premise: don't promise to handle data responsibly, build a system that structurally cannot do otherwise.
Every conversation on ZDrive is encrypted client-side with AES-256-GCM before it ever leaves your device. Inference runs inside a GPU Trusted Execution Environment (Intel TDX + NVIDIA Hopper), and every response ships with a cryptographic proof of computation, verifiable on-chain via Base. Your documents live permanently on Arweave: yours, not ours, not anyone's training set.
We can't quietly retain your prompts for 30 days. We can't flag you for asking the wrong question. We can't see what you're working on well enough to decide if you're a threat to our roadmap. The architecture doesn't give us that option, by design.
ZDrive: The Comparison
| Cloud Frontier AI (typical) | ZDrive | |
|---|---|---|
| Data retention | Policy-based, can change without notice | Client-side encrypted — operator never sees plaintext |
| Zero-data-retention contracts | Can be overridden by new model terms | Not applicable — nothing to retain |
| Usage monitoring | Possible, sometimes undisclosed | Structurally impossible inside the TEE |
| Proof of the claim | A policy document | On-chain attestation per inference |
| Storage | Provider-controlled, can be revoked | Permanent on Arweave, owned by you |
The Bigger Point
"Trust us, we'll delete it later" is a policy. Policies change, get buried in document 200, and get walked back only after the backlash. Ownership is not a policy. It's a property of the system.
Your prompts, your documents, your thinking: yours. Not stored. Not flagged. Not training anyone else's model.
Try It
zdrive.io. Free to start, no wallet needed. Connect a Base Wallet when you're ready for more.