Seems like everybody is just carelessly saying—whatever—to Claude. Client lists, trade secrets. We all know that our agents haven’t signed NDA’s, right? Right?
Salesforce has had your client list, the amount the deal is worth, the status of the deal, which of your employees are working on the deal, their bill rate etc. for years.
Zoom/Gong/Microsoft Teams knows every conversation yoh have with a client if you turn transcriptions on.
Your email provider gets your company email in plain text.
Slack has all of your interoffice communications.
Atlassian gets exactly what you are working on, whose working on it and the status of every task.
AWS/GCP/Azure know everything about your infrastructure.
BTW, Amazon is one of the most paranoid companies about confidentiality you can imagine (former employer). They use Microsoft Office, Slack (they were moving away from Chime before I left) - and the internal consulting division uses Salesforce.
Why the moral panic about Anthropic? I doubt very seriously they are going to start in my company’s case - a cloud consulting division
Anthropic is in the business of using your data to train future releases. There is no contract in place to protect your data, especially for free users. SaaS subscriptions come with contracts. They are not the same.
Forget business secrets. In my anecdotal surveys, normal people are feeding their entire lives into the normal web ui! Many of these people are on the free plan with no data protection at all! People I know have admitted to feeding chat transcripts, documents with tons of PII, most email correspondence, their private IP (medical texts, fiction, lyrics), and don’t even get me started on the emotional counseling.
I’ve had a long history of managing my digital privacy and even I’ve been quite lax with this. It’s just so easy to dump stuff in the black box. I try to use ZDR endpoints when I can via openrouter for certain tasks.
Google’s policies regarding data collection on paying customers is so shady as well. From what I understand: they train on all days of all paying customers unless you turn Gemini apps and activity off. This completely disables your ability to save chats. They obviously merge these two settings to collect as much data as possible. They allegedly do not train on temporary chats, but the UX for them is annoying and requires so many more button clicks.
Ultimately I just treat any endpoint as a public record at this point. If I wouldn’t be happy letting the world see it, I don’t attach it. Welp.
Your em-dashes make me think this is an AI generated post but whatever.
My company uses Github Copilot. We have a very specific enterprise agreement that states that data does go to Microsoft's servers where it gets processed in an ephemeral environment and wiped after 3 months.
I'm guessing Anthropic has something similar in their agreements. Now, if you have some proof that Anthropic is stealing highly confidential and/or trade secrets, that'd be good to see, but also whomever is throwing that kind of information into an off-premises and non airgapped model is just asking for a data leak.
I use agents at work and yeah they read api keys and the like. If my employer doesn’t care, I care even less. At home I don’t use agents yet, but if I have to use them I’ll probably do what I do to run untrusted code at home: use a VM
I suspect any cloud service without strong encryption at rest ala Protonmail will have insider threat issues. Hell there's an entire Wikipedia article entitled "Saudi infiltration of Twitter"[1] just to give one example.
This is anecdotal, but once when I worked for a well known NGO as an experiment I created a document outlining what our positions would be for a meeting with representatives from a certain country[2].
We in fact were taking very different positions, and using different points to support those positions.
The delegation was visibly shaken, surprised, and I daresay upset that they were completely unprepared for our meeting -- they basically refused to dialogue (the entire purpose of the meeting) and ran home to ask their overlords in the embassy what to say.
I am doubtful that they deployed zero day malware onto our network -- I suspect they had an insider at company whose cloud offering I used to create the false flag document.
Sometimes it surprises me, as someone who got my education in tech by reading Slashdot comments and researching the terms I did not understand, how trusting this generation of hackers is.
raw_anon_1111|8 days ago
https://www.sellerscommerce.com/blog/saas-statistics/
Salesforce has had your client list, the amount the deal is worth, the status of the deal, which of your employees are working on the deal, their bill rate etc. for years.
Zoom/Gong/Microsoft Teams knows every conversation yoh have with a client if you turn transcriptions on.
Your email provider gets your company email in plain text.
Slack has all of your interoffice communications.
Atlassian gets exactly what you are working on, whose working on it and the status of every task.
AWS/GCP/Azure know everything about your infrastructure.
BTW, Amazon is one of the most paranoid companies about confidentiality you can imagine (former employer). They use Microsoft Office, Slack (they were moving away from Chime before I left) - and the internal consulting division uses Salesforce.
Why the moral panic about Anthropic? I doubt very seriously they are going to start in my company’s case - a cloud consulting division
codingdave|8 days ago
jfil|6 days ago
wps|8 days ago
I’ve had a long history of managing my digital privacy and even I’ve been quite lax with this. It’s just so easy to dump stuff in the black box. I try to use ZDR endpoints when I can via openrouter for certain tasks.
Google’s policies regarding data collection on paying customers is so shady as well. From what I understand: they train on all days of all paying customers unless you turn Gemini apps and activity off. This completely disables your ability to save chats. They obviously merge these two settings to collect as much data as possible. They allegedly do not train on temporary chats, but the UX for them is annoying and requires so many more button clicks.
Ultimately I just treat any endpoint as a public record at this point. If I wouldn’t be happy letting the world see it, I don’t attach it. Welp.
sky2224|8 days ago
My company uses Github Copilot. We have a very specific enterprise agreement that states that data does go to Microsoft's servers where it gets processed in an ephemeral environment and wiped after 3 months.
I'm guessing Anthropic has something similar in their agreements. Now, if you have some proof that Anthropic is stealing highly confidential and/or trade secrets, that'd be good to see, but also whomever is throwing that kind of information into an off-premises and non airgapped model is just asking for a data leak.
arm32|8 days ago
tkiolp4|7 days ago
firefax|6 days ago
This is anecdotal, but once when I worked for a well known NGO as an experiment I created a document outlining what our positions would be for a meeting with representatives from a certain country[2].
We in fact were taking very different positions, and using different points to support those positions.
The delegation was visibly shaken, surprised, and I daresay upset that they were completely unprepared for our meeting -- they basically refused to dialogue (the entire purpose of the meeting) and ran home to ask their overlords in the embassy what to say.
I am doubtful that they deployed zero day malware onto our network -- I suspect they had an insider at company whose cloud offering I used to create the false flag document.
Sometimes it surprises me, as someone who got my education in tech by reading Slashdot comments and researching the terms I did not understand, how trusting this generation of hackers is.
[1] https://en.wikipedia.org/wiki/Saudi_infiltration_of_Twitter [2] I won't say who other than "not KSA"
gigatree|8 days ago
arm32|8 days ago
throwaway5465|7 days ago
shablulman|8 days ago
[deleted]
shablulman|8 days ago
[deleted]