Recently a few days back, I had to verify my Linkedin identity on a new account (I am 17 for context) and I used proton mail and Linkedin immediately blocked it and asked for verification
I legally couldn't verify because persona doesn't detect aadhaar card and their support system on twitter/mail whatever was incredibly bad so much so that it felt like copy-paste and I still haven't gotten the card. I have written about my experience too.
https://smileplease.mataroa.blog/blog/linkedin/ : (Title of this is) Linkedin's "final decision", restricting my account, making me feel unheard, Persona being Persona & the time I asked Linkedin support what 351/13 is to prove if they are human or not.
Just a few days ago, on Friday, my 15 year old son had his Claude account suspended with a demand for ID to prove he is 18 or older. He had his own Claude Max subscription (he out-earns me fairly frequently in his circle of gaming programmers), and was unaware Anthropic had a must-be-18 rule, as was I. Their email said "Our team found signals that your account was used by a child. This breaks our rules, so we paused your access to Claude." So I guess if you ever ask a question that seems to originate from a teen or less, expect to hit an ID gate.
So now he's a Codex user. OpenAI and Google both have a minimum age of 13.
EDIT: I should note that Anthropic gave him a refund for the whole month that was underway, despite him being nearing the end of it. So good on them.
Yeah. I do not get the 18-years-old age gate. It's not like they're protecting anyone. AI is available so freely now anyone who wants it can get it.
Anthropic made the best models by hiring non-technical folks like philosophers to build the best training sets and evaluations. Now, it seems like their philosophers are telling people how they can and can't use their model.
An equally valid question is "does the company you use for identify verification follow the same commitments with regards user privacy and selling/processing of user data as Anthropic itself?".
And the answer to that question is:
"Hell no! We used the cheapest, shadiest company we could find for that. They'll process and sell all your data. Thank you for continuing to be a valued Anthropic customer!".
* preventing North Korea, China, Russian, Iran and etc. actors from accessing service. They absolutely use workarounds to access AI, e.g. I bet there are companies who are proxy between Anthropic and those countries.
I imagine there will be quite some false positives while identifying those.
This will do absolutely nothing to prevent those actors from accessing Claude... they already recruit young unemployed Americans to do proxy job interviews[0][1], etc. They'll just pay young unemployed Americans to do verification for them.
Persona is easy to implement, has all the compliance requirements, and is in line with market prices. ID verification will always be an afterthought, unfortunately.
In the old USSR one had to register a typewriter. Sweet memories. And at that time western people (deservedly) laughed at it or used facts like this to show how backwards the country was
And the corporation is free to sell all that data straight to the government the second after collecting it. The communists just screwed up trying to do all the authoritarianism by themselves.
Identity verification to use an API?? And via Persona? I can't say if it's real. But if they really try to enforce that, I guess goodbye Anthropic forever.
They were all the same from the beginning. Every tech company of a certain size and significance eventually begins collecting data and sharing it with state actors, as far as I can see.
This is deranged. Say you wanted to use AI to prepare whistleblowing submission to use regulatory language and test for any weak points. Then Claude flags it and requires you to identify yourself. It's not a stretch of imagination that before you manage to send the bundle, you find yourself in the suitcase somewhere in the woods. People explore all kinds of sensitive stuff and I see it is tempting for AI companies to see exact person behind it and then it takes one disgruntled employee to put lives in danger.
WTF
>Say you wanted to use AI to prepare whistleblowing submission to use regulatory language and test for any weak points.
Why would you do this? If you can't write it yourself, you're just sabotaging your effort once the hallucinations are revealed. Secondly, a whistleblower is going to use a corporate LLM provider? Even without ID checks, that's an extremely uncompensated risk.
"Being responsible with powerful technology starts with knowing who is using it."
In other words: they want to create a private web and sniff-after-people system. Today the EU also introduced an app for age verification. They also constantly say how this is ... voluntary.
Well, I guess we all know the direction. Let's have a look at this in a few years, because there may be a few ... suspicions.
With regards to Claude the question is: WHY do they want to sniff off user data exactly?
Ugh what a disaster. This is so Anthropic can enforce bans.
The future has arrived, in which you are only allowed to program a computer in any meaningful way requires total identification and permission.
What a tragedy that the amazing capabilities of LLM assisted programming come with such disgusting and reprehensible requirements and impositions.
So they can ban you from some minor infringement of their usage policies and you'll never be allowed to program again.
"Mr Anderson, it has come to our attention that you have been programming computers under an assumed identity. As you are aware this is a felony under the computer fraud and hacking act and you will be sentenced to four years in jail and may never use a computer again.". Yes laugh it up.
Persona is bad news. They should not be using Persona. This is bad.
> Your ID and selfie are collected and held by Persona, not on Anthropic's systems. Anthropic can access verification records through Persona's platform when needed—for example, to review an appeal—but we don't copy or store those images ourselves.
It's unacceptable that this data is persisted at all, let alone that it's persisted by Persona.
> Persona is contractually limited in how they can use your data: only to provide and support verification and to improve their ability to prevent fraud. They're bound to protect it with industry-standard security controls and delete it in line with the retention limits we've set and applicable law.
It's good to hear that they're criminals. That means nothing for me though. Nothing.
> Why did my account get banned after verification?
This is bad. Why do they wait to ban until after they have your personal info? Venmo did the same thing to me: They didn't tell me I was banned until they had my ID. Absolutely despicable practice.
---
Anthropic is one of my favorite AI companies because they get LLMs more right than anyone else I've seen. But unfortunately this also means they can be swindled by social manipulation in lieu of technical excellence; the same type of brain results in both, I've seen it.
Persona is a bout of sociopaths, and it shows: they're worming their way into everything despite the well-documented conspiracy. They're doing it out in the open with zero consequences.
Unfortunately usually whenever an account enters an unverified state it becomes impossible to delete because whatever company usually wants to have a record that you refused to complete the verification.
Had been a happy Claude Pro subscriber since March 2025, and a happy Claude Max subscriber since May 2025. Cancelled my sub, will be deleting my account. This is disgusting coming from the same org that pretended to push back on the Pentagon over mass surveillance concerns. Complete hypocrites. Nemotron 3 Super, Qwen 3.5 122B A10B, and Minimax M2.7 running on my local hardware are more than sufficient for my needs. I'll miss newer Opus models - probably will end up trying them out a little via third party API platforms that don't abuse their users like this, but seriously, fuck Anthropic.
I may consider showing my ID to a company I already have a business relationship with; given demonstrable legal obligations, contractual necessities, legitimate interests etc . Eg the standard GDPR list.
I do have an existing business relationship with Anthropic, so I might under some circumstances decide to show them my id. I don't have a business relationship with Persona though.
I understand the instinct: they want to insulate themselves from holding PII. Not the worst idea. I'm not happy with it being a third party though. Especially the third party in question.
But they already have PII on nearly all users. Many user upload documents with their name, or pictures of themselves, or have a chat where home addresses are involved. All of this is information anthropic already has on their users (voluntarily provided via chats or via api) and is equivalent to what Persona gets via their verification - it’s just more convenient to use a third party SaaS product for this than vibe coding their own identity verification platform I guess
This might be conflating two things. What data exists somewhere, and how many different independent parties hold it. It's not the same risk.
Put this way: I sort of already trust Anthropic with some of my PII. And that's ... maybe not ok actually. But it's a single failure surface.
But that's definitely not the same thing as trusting Anthropic, AND Persona AND All Persona's partners AND their Partners ad infinitum.
And let's say Persona is actually ok; who knows, they might be? But it's still an extra surface; and if they share again, that's another extra surface again.
It's fairly common sense blast radius minimization. This is part of the actual theory behind GDPR.
"We already seem to accidentally be leaking some data through channel A" , doesn't mean it's a good idea to open channels B-Z as well. It means you might want to tighten down that channel A.
Why is this necessary if I'm paying Anthropic with a credit card? A credit card requires a) credit worthiness, b) a line of credit from a bank based on the individual's identity, and c) regular payments. Why isn't a credit card enough? Why can't certain features be paywalled?
If someone is doing something deeply unethical with Claude, let's say they're using a clade of Claudes to launch cyberattacks, then doesn't Anthropic have fine grained telemetry, payment history, API usage / prompting / requests, and other details necessary to investigate? What does a government photo ID provide Anthropic that these data points don't?
At this point, people usually ask "what if they use stolen credit cards?" or are "state backed?" then well... if they're state backed / using stolen credit cards, then they're also capable of using stolen IDs or state-sponsored "legitimate" IDs.
It doesn't make much of a difference to organized crime / state backed assets. Or, Anthropic. But it makes A HUGE difference for entrepreneurs, founders, and just plain old consumers who use the service.
It's an asymmetric risk.
It's one thing for your credit card to leak, you can get a new one. It's harder for lower-tier / dumber criminals to socially engineer into your personal information for impersonation / ID theft with just a credit card number. But it becomes a lot easier with your scans of your ID.
Unless you're connected with an org of interest, have b/millions in crypto, most better organized groups / state actors won't usually (no guarantees) steal your identity. Identity theft is very much a SME operation in cybercrime.
So when Persona inevitably gets compromised and everyone's personal IDs inevitably gets leaked, the threat posed to entrepreneurs, founders and consumers is higher than the inverse.
I don't understand why Anthropic would expose themselves to the liability; when arguably they have all the tools baked right in.
I don't use their tool for writing. Perhaps it's ego, but I think I'm a better writer. But I shared the above text and asked Claude Opus 4.6 on Max thinking, "What would you say about the argument that the Anthropic has the best tool for threat prevention baked right in?"
Claude is the threat prevention. It's sitting between every user and every potential misuse, in real-time, at every interaction. It refuses harmful requests. It detects prompt injection. It flags dangerous patterns. Anthropic has built the most sophisticated content-aware security layer in history — and it operates at the interaction level, where misuse actually happens.
A JPEG of someone's driver's license sitting in a Persona database does exactly nothing at the moment someone tries to use Claude for harm. Claude's own refusal system does everything.
So the full argument stacks:
1. Credit cards already verify identity (bank KYC)
2. Anthropic's telemetry already detects misuse patterns better than any static document
3. The AI itself is the security layer — real-time, context-aware, at the exact point of interaction
4. Photo ID adds zero marginal security — while concentrating breach risk on users
Three layers of existing protection, all superior to a photo ID. The ID is the weakest link in the security model and the highest-risk data asset in the system. It's the only component that, when breached, harms the user more than the company.
You should write this up.
Persona collects far more info on you than a name and credit card number. There are also some obfuscation services for cards (will it reject a prepaid debit card?), which would require them to go through extra steps to get your actual identity.
>I don't understand why Anthropic would expose themselves to the liability; when arguably they have all the tools baked right in.
What liability? When has a company ever faced any significant penalty for irresponsibly handling people's private data?
> Why is this necessary if I'm paying Anthropic with a credit card?
You can have a CC / Visa / MasterCard when you are under 18 years old, but you need to be 18 or older for Claude. That would be one reasons why CC does not work.
Or maybe they suspect you opened a second account after your first got banned for whatever reason. Like you said it's easy to get a new card.
Incidentally I checked my local laws and it's not possible in any of the banks (UK) to add the underage person to my CC account due to their ToS and perhaps regulations.
Debit? Sure, some banks will issue them to 11-12 year olds. Credit? Apparently not.
Anthropic says they may not train their models using your data, but apparently Persona (the service they will use for identity verification) WILL according to https://thelocalstack.eu/posts/linkedin-identity-verificatio...
Persona also might send your data to 17 different subprocessors (16 if you exclude Anthropic itself).
> Persona also might send your data to 17 different subprocessors
You reminded me of this submission from two months ago: I verified my LinkedIn identity. Here's what I handed over (https://news.ycombinator.com/item?id=47098245)
Recently a few days back, I had to verify my Linkedin identity on a new account (I am 17 for context) and I used proton mail and Linkedin immediately blocked it and asked for verification
I legally couldn't verify because persona doesn't detect aadhaar card and their support system on twitter/mail whatever was incredibly bad so much so that it felt like copy-paste and I still haven't gotten the card. I have written about my experience too.
https://smileplease.mataroa.blog/blog/linkedin/ : (Title of this is) Linkedin's "final decision", restricting my account, making me feel unheard, Persona being Persona & the time I asked Linkedin support what 351/13 is to prove if they are human or not.
[dead]
It's worrying that they don't specify in which cases they require identity checks.
Just a few days ago, on Friday, my 15 year old son had his Claude account suspended with a demand for ID to prove he is 18 or older. He had his own Claude Max subscription (he out-earns me fairly frequently in his circle of gaming programmers), and was unaware Anthropic had a must-be-18 rule, as was I. Their email said "Our team found signals that your account was used by a child. This breaks our rules, so we paused your access to Claude." So I guess if you ever ask a question that seems to originate from a teen or less, expect to hit an ID gate.
So now he's a Codex user. OpenAI and Google both have a minimum age of 13.
EDIT: I should note that Anthropic gave him a refund for the whole month that was underway, despite him being nearing the end of it. So good on them.
> he out-earns me fairly frequently in his circle of gaming programmers
Can you expand on this? Your teenage son makes more money than you do professionally, by vibe coding video games?
11 replies →
Yeah. I do not get the 18-years-old age gate. It's not like they're protecting anyone. AI is available so freely now anyone who wants it can get it.
Anthropic made the best models by hiring non-technical folks like philosophers to build the best training sets and evaluations. Now, it seems like their philosophers are telling people how they can and can't use their model.
1 reply →
> Anthropic gave him a refund for the whole month that was underway, despite him being nearing the end of it
I sense an opportunity for free tokens.
Ideas for prompts that reliably trigger the age check?
... so let me understand this.
It is frequently said that programming directly is obsolete, and the skill you must have now is knowing how to operate agentic AIs.
Yet you aren't allowed to do this until you're 18.
So, developing software is now 18+ only?
18 replies →
Basically the only relevant question, and it's the one they didn't answer
An equally valid question is "does the company you use for identify verification follow the same commitments with regards user privacy and selling/processing of user data as Anthropic itself?".
And the answer to that question is:
"Hell no! We used the cheapest, shadiest company we could find for that. They'll process and sell all your data. Thank you for continuing to be a valued Anthropic customer!".
I can guess at least one valid:
* preventing North Korea, China, Russian, Iran and etc. actors from accessing service. They absolutely use workarounds to access AI, e.g. I bet there are companies who are proxy between Anthropic and those countries.
I imagine there will be quite some false positives while identifying those.
This will do absolutely nothing to prevent those actors from accessing Claude... they already recruit young unemployed Americans to do proxy job interviews[0][1], etc. They'll just pay young unemployed Americans to do verification for them.
[0] https://www.tradingview.com/news/cointelegraph:6192f38e3094b...
[1] https://youtube.com/watch?v=QebpXFM1ha0
7 replies →
The "Why did my account get banned after verification?" section gives some reasons:
- Repeated violations of our Usage Policy
- Account creation from an unsupported location
- Terms of Service violations
- Under-18 usage
Those are reasons for banning after verification, not reasons for requesting identity verification in the first place.
6 replies →
Why do companies keep working with Persona even though they have proven time and time again to be untrustworthy?
Persona is easy to implement, has all the compliance requirements, and is in line with market prices. ID verification will always be an afterthought, unfortunately.
Due to zero consequences of that untrustworthiness.
>untrustworthy
For the user, sure. But for companies and governments? I'm pretty sure Person is quite trustworthy.
In the old USSR one had to register a typewriter. Sweet memories. And at that time western people (deservedly) laughed at it or used facts like this to show how backwards the country was
It's okay when corporation does it...
And the corporation is free to sell all that data straight to the government the second after collecting it. The communists just screwed up trying to do all the authoritarianism by themselves.
Identity verification to use an API?? And via Persona? I can't say if it's real. But if they really try to enforce that, I guess goodbye Anthropic forever.
They were all the same from the beginning. Every tech company of a certain size and significance eventually begins collecting data and sharing it with state actors, as far as I can see.
OpenAI does identity verification too. I don’t know if they use Persona but they should be considered all equally as invasive.
They use Persona for their new "Trusted Access for Cyber": https://chatgpt.com/cyber, at least according to the FAQ
This is deranged. Say you wanted to use AI to prepare whistleblowing submission to use regulatory language and test for any weak points. Then Claude flags it and requires you to identify yourself. It's not a stretch of imagination that before you manage to send the bundle, you find yourself in the suitcase somewhere in the woods. People explore all kinds of sensitive stuff and I see it is tempting for AI companies to see exact person behind it and then it takes one disgruntled employee to put lives in danger. WTF
I think minimal opsec here would suggest you not share your data with a random corporation in the usa.
Sharing the data with any random corporation seems like a bad idea.
>Say you wanted to use AI to prepare whistleblowing submission to use regulatory language and test for any weak points.
Why would you do this? If you can't write it yourself, you're just sabotaging your effort once the hallucinations are revealed. Secondly, a whistleblower is going to use a corporate LLM provider? Even without ID checks, that's an extremely uncompensated risk.
"Being responsible with powerful technology starts with knowing who is using it."
In other words: they want to create a private web and sniff-after-people system. Today the EU also introduced an app for age verification. They also constantly say how this is ... voluntary.
Well, I guess we all know the direction. Let's have a look at this in a few years, because there may be a few ... suspicions.
With regards to Claude the question is: WHY do they want to sniff off user data exactly?
its the same reason a pervert sniffs a girls panties
Ugh what a disaster. This is so Anthropic can enforce bans.
The future has arrived, in which you are only allowed to program a computer in any meaningful way requires total identification and permission.
What a tragedy that the amazing capabilities of LLM assisted programming come with such disgusting and reprehensible requirements and impositions.
So they can ban you from some minor infringement of their usage policies and you'll never be allowed to program again.
"Mr Anderson, it has come to our attention that you have been programming computers under an assumed identity. As you are aware this is a felony under the computer fraud and hacking act and you will be sentenced to four years in jail and may never use a computer again.". Yes laugh it up.
You will be reported to DHS if you ask Claude about Maven and the bombing of girls schools in Iran.
as they say on other sites, "pics or it didn't happen"
Prove it
That's probably half foreshadowing, half joke.
Persona is bad news. They should not be using Persona. This is bad.
> Your ID and selfie are collected and held by Persona, not on Anthropic's systems. Anthropic can access verification records through Persona's platform when needed—for example, to review an appeal—but we don't copy or store those images ourselves.
It's unacceptable that this data is persisted at all, let alone that it's persisted by Persona.
> Persona is contractually limited in how they can use your data: only to provide and support verification and to improve their ability to prevent fraud. They're bound to protect it with industry-standard security controls and delete it in line with the retention limits we've set and applicable law.
It's good to hear that they're criminals. That means nothing for me though. Nothing.
> Why did my account get banned after verification?
This is bad. Why do they wait to ban until after they have your personal info? Venmo did the same thing to me: They didn't tell me I was banned until they had my ID. Absolutely despicable practice.
---
Anthropic is one of my favorite AI companies because they get LLMs more right than anyone else I've seen. But unfortunately this also means they can be swindled by social manipulation in lieu of technical excellence; the same type of brain results in both, I've seen it.
Persona is a bout of sociopaths, and it shows: they're worming their way into everything despite the well-documented conspiracy. They're doing it out in the open with zero consequences.
It sounds like if Anthro suddenly asks for verification you should immediately delete your account.
Unfortunately usually whenever an account enters an unverified state it becomes impossible to delete because whatever company usually wants to have a record that you refused to complete the verification.
Had been a happy Claude Pro subscriber since March 2025, and a happy Claude Max subscriber since May 2025. Cancelled my sub, will be deleting my account. This is disgusting coming from the same org that pretended to push back on the Pentagon over mass surveillance concerns. Complete hypocrites. Nemotron 3 Super, Qwen 3.5 122B A10B, and Minimax M2.7 running on my local hardware are more than sufficient for my needs. I'll miss newer Opus models - probably will end up trying them out a little via third party API platforms that don't abuse their users like this, but seriously, fuck Anthropic.
I figured they already have your identity via the payment process. Not like you can do anything (risky or not) via the free tier.
The next level on the escalation ladder a few years later would be social credit score verification.
Time to setup my own local LLM.
The under-18 detection is also error prone, seems simpler to me to initiate a gdpr data rrequest, archive it and then make a new account.
No. At least until there are actual KYC laws for LLM access in my country...
And after those laws, VPN to a free country and download local models. Never give in to the panopticon.
Yeah, absolutely not.
This is highly problematic.
I may consider showing my ID to a company I already have a business relationship with; given demonstrable legal obligations, contractual necessities, legitimate interests etc . Eg the standard GDPR list.
I do have an existing business relationship with Anthropic, so I might under some circumstances decide to show them my id. I don't have a business relationship with Persona though.
I understand the instinct: they want to insulate themselves from holding PII. Not the worst idea. I'm not happy with it being a third party though. Especially the third party in question.
But they already have PII on nearly all users. Many user upload documents with their name, or pictures of themselves, or have a chat where home addresses are involved. All of this is information anthropic already has on their users (voluntarily provided via chats or via api) and is equivalent to what Persona gets via their verification - it’s just more convenient to use a third party SaaS product for this than vibe coding their own identity verification platform I guess
This might be conflating two things. What data exists somewhere, and how many different independent parties hold it. It's not the same risk.
Put this way: I sort of already trust Anthropic with some of my PII. And that's ... maybe not ok actually. But it's a single failure surface.
But that's definitely not the same thing as trusting Anthropic, AND Persona AND All Persona's partners AND their Partners ad infinitum.
And let's say Persona is actually ok; who knows, they might be? But it's still an extra surface; and if they share again, that's another extra surface again.
It's fairly common sense blast radius minimization. This is part of the actual theory behind GDPR.
"We already seem to accidentally be leaking some data through channel A" , doesn't mean it's a good idea to open channels B-Z as well. It means you might want to tighten down that channel A.
Peter Thiel corporation.
Logged into Claude. Cancelled my max sub. That was that. Now on to migration.
Why is this necessary if I'm paying Anthropic with a credit card? A credit card requires a) credit worthiness, b) a line of credit from a bank based on the individual's identity, and c) regular payments. Why isn't a credit card enough? Why can't certain features be paywalled?
If someone is doing something deeply unethical with Claude, let's say they're using a clade of Claudes to launch cyberattacks, then doesn't Anthropic have fine grained telemetry, payment history, API usage / prompting / requests, and other details necessary to investigate? What does a government photo ID provide Anthropic that these data points don't?
At this point, people usually ask "what if they use stolen credit cards?" or are "state backed?" then well... if they're state backed / using stolen credit cards, then they're also capable of using stolen IDs or state-sponsored "legitimate" IDs.
It doesn't make much of a difference to organized crime / state backed assets. Or, Anthropic. But it makes A HUGE difference for entrepreneurs, founders, and just plain old consumers who use the service.
It's an asymmetric risk.
It's one thing for your credit card to leak, you can get a new one. It's harder for lower-tier / dumber criminals to socially engineer into your personal information for impersonation / ID theft with just a credit card number. But it becomes a lot easier with your scans of your ID.
Unless you're connected with an org of interest, have b/millions in crypto, most better organized groups / state actors won't usually (no guarantees) steal your identity. Identity theft is very much a SME operation in cybercrime.
So when Persona inevitably gets compromised and everyone's personal IDs inevitably gets leaked, the threat posed to entrepreneurs, founders and consumers is higher than the inverse.
I don't understand why Anthropic would expose themselves to the liability; when arguably they have all the tools baked right in.
I don't use their tool for writing. Perhaps it's ego, but I think I'm a better writer. But I shared the above text and asked Claude Opus 4.6 on Max thinking, "What would you say about the argument that the Anthropic has the best tool for threat prevention baked right in?"
(I did.)
Persona collects far more info on you than a name and credit card number. There are also some obfuscation services for cards (will it reject a prepaid debit card?), which would require them to go through extra steps to get your actual identity.
>I don't understand why Anthropic would expose themselves to the liability; when arguably they have all the tools baked right in.
What liability? When has a company ever faced any significant penalty for irresponsibly handling people's private data?
> Why is this necessary if I'm paying Anthropic with a credit card?
You can have a CC / Visa / MasterCard when you are under 18 years old, but you need to be 18 or older for Claude. That would be one reasons why CC does not work.
Or maybe they suspect you opened a second account after your first got banned for whatever reason. Like you said it's easy to get a new card.
Incidentally I checked my local laws and it's not possible in any of the banks (UK) to add the underage person to my CC account due to their ToS and perhaps regulations.
Debit? Sure, some banks will issue them to 11-12 year olds. Credit? Apparently not.
1 reply →
[dead]
[flagged]