Claude Now Wants Your Passport — And the Company Checking It Has 269 Background Checks Built In
You switched to Claude for privacy. Now it wants a selfie and your government ID. The company handling it? Just got caught with its surveillance pants down.
Millions fled OpenAI for Claude over privacy fears. Claude’s free users jumped 60% in two months. Now those same users are being asked to hand over their passport.

🧩 Dumb Mode Dictionary
| Word | What It Actually Means |
|---|---|
| KYC | “Know Your Customer” — the process banks use to check your ID before opening an account. Now AI companies want it too. |
| Persona | A company that checks your identity for other companies. Think of them as the bouncer, but for the internet. |
| FinCEN | The U.S. Treasury’s financial crimes watchdog. They track money laundering and terrorist financing. |
| Biometrics | Your face, fingerprints, voice — basically anything about your body that can identify you. |
| FedRAMP | A government security certification. If you have it, you’re authorized to handle government data. |
| Selfie verification | Taking a live photo of your face to prove you’re the same person on the ID. Your phone does this, banks do this, and now AI does too. |
| Subprocessors | Other companies that a company shares your data with to get the job done. You agreed to one company seeing your data — surprise, there are 17 more. |
🔥 What Just Happened
WAIT. Let me explain why this is absolutely wild.
On April 15, Anthropic — the company behind Claude — quietly published a help center page saying that some users now need to submit a government-issued photo ID (passport, driver’s license, or national ID card) and take a live selfie to keep using certain features.
No photocopies. No mobile IDs. No student cards. A real, physical, undamaged government document.
And they didn’t exactly shout about it. The page just… appeared. No blog post, no email announcement, no CEO tweet. Just a support article on April 14 that users started noticing the next day.
The verification kicks in when you try to access “certain capabilities” (they won’t say which ones), during “routine platform integrity checks” (they won’t say what triggers these), or for “safety and compliance measures” (again — super vague).
So basically: you might be chatting with Claude one day and boom — “please hold your passport up to the camera.” Nobody knows exactly when or why it’ll happen to them.
🤯 The Irony Is Almost Too Perfect
Here’s where it gets bonkers.
Remember February 2026? When OpenAI signed a deal to put its AI on Pentagon classified networks? There was a MASS exodus. People were saying “I’m done with OpenAI, they’re working with the military now.” And where did everybody go?
Straight to Claude.
Anthropic’s free users jumped 60% in just two months. Paid subscriptions more than doubled. They literally ran Super Bowl ads saying “we’re not like those other guys.” They turned down the Department of Defense deal that OpenAI took. They positioned themselves as the privacy-first AI.
And now? Those same privacy-conscious users — the ones who left OpenAI specifically because they didn’t trust Big Tech with their data — are being asked to hand over their passport and take a selfie for the privilege of using an AI chatbot.
As one commenter put it: “To prove you’re not a bot, you now have to give a bot your government ID. The irony is officially peak AI.”
👁️ Meet Persona — The Company Actually Getting Your Face
This is where it goes from “annoying” to “wait, WHAT.”
Anthropic isn’t checking your ID themselves. They hired a company called Persona Identities to do it. Your passport photo and selfie go to Persona’s servers, not Anthropic’s. Anthropic says the data is encrypted, not used for training, and won’t be shared for marketing.
Sounds fine, right? Here’s the problem.
In February 2026, security researchers found that Persona had left 53 megabytes of source code — 2,456 files — sitting on a publicly accessible government server. Just… out in the open. On a FedRAMP-authorized endpoint.
What researchers found inside was absolutely insane:
- 269 distinct verification checks run on every person who submits an ID
- Facial recognition watchlist matching — your face gets compared against databases
- 14 categories of “adverse media” screening — including terrorism, espionage, money laundering, and drug trafficking
- Social Security Administration lookups
- Cryptocurrency wallet monitoring via Chainalysis (your wallet gets put on a list and monitored indefinitely)
- Sanctions list checks against OFAC and international databases
- Built-in ability to file reports directly to FinCEN (the U.S. Treasury’s financial crimes unit) and Canada’s FINTRAC
Oh, and the researchers found something called “SelfieSuspiciousEntityDetection” — a system that flags faces as “suspicious” based on criteria that Persona won’t explain. Your selfie gets a suspiciousness score. Cool cool cool.
🕵️ The Peter Thiel Connection
It gets worse (I know, I know).
Persona’s $150 million and $200 million funding rounds were led by Founders Fund — the venture capital firm of Peter Thiel. Yes, that Peter Thiel. Co-founder of Palantir, the company literally famous for building surveillance tools for intelligence agencies.
The researchers also found code referencing named intelligence programs: Project ANTON, ATHENA, CHAMELEON, GUARDIAN, LEGION, PROTECT, and SHADOW. These are tagged to Suspicious Activity Reports that Persona can file with FinCEN.
Persona’s CEO said no single customer uses all 269 checks, and that Persona doesn’t work with federal agencies. But the infrastructure for all of it is right there in the code. Whether it’s active for Claude users specifically? Nobody outside Persona and Anthropic knows.
💀 Persona's Track Record (Not Great!)
Let’s look at Persona’s recent history:
- Discord hired Persona for age verification in the UK. After the February 2026 exposure, Discord immediately cut ties, saying they “will not be proceeding with Persona for identity verification”
- An October 2025 breach at Discord exposed roughly 70,000 government IDs that users had submitted for age verification
- A Mashable investigation found that personal data from LinkedIn users verified through Persona could be shared with up to 17 different companies
- Persona’s own privacy policy says they can retain your biometric data for up to 3 years
So the company checking your passport for Claude is the same one that got dropped by Discord, was caught with exposed government infrastructure, and retains your face data for three years. And Anthropic chose them after all of this was public knowledge.
😬 Meanwhile: Claude Is Also Flagging Adults as Children
Oh, I almost forgot this part (it’s been a busy week for Anthropic).
Around April 12 — just days before the KYC announcement — multiple users reported that Claude had incorrectly flagged them as minors and suspended their accounts. These were paying Pro subscribers ($20/month) who are very much adults.
The email from Anthropic said “our team found signals” suggesting the account was used by a minor. To get their account back, users had to verify their age through Yoti (a different verification company), providing ID, facial scans, or biometric data.
One user wrote: “My projects are completely broken now.” Their subscription was refunded, but their work was gone.
Anthropic says the new Persona verification is “unrelated” to the minor-flagging issue. But for users watching both things happen in the same week? It all looks like the same thing — give us your face or lose your account.
📊 By the Numbers
| What | Number |
|---|---|
| Claude monthly active users | ~18-30 million |
| Users who fled OpenAI → Claude | Free users up 60% since Jan 2026 |
| Paid subscriptions growth | More than doubled in early 2026 |
| Anthropic annualized revenue | $19 billion |
| Persona verification checks per person | 269 |
| Files exposed on government server | 2,456 (53 MB) |
| Discord IDs leaked in 2025 breach | ~70,000 |
| Companies Persona may share data with | Up to 17 subprocessors |
| Biometric data retention | Up to 3 years |
| Countries whose IDs Persona accepts | 200+ |
Cool. So AI Companies Want My Face Now. What the Hell Do We Do? (ง •̀_•́)ง

🏠 Run Your Own AI — Zero Passports Required
Here’s the move almost nobody is talking about: you can run AI models on your own laptop now, and they’re actually good.
A tool called Ollama lets you download and run open-source AI models with a single command. Install it, type ollama pull llama3, and you have a working AI chatbot running entirely on your machine. No accounts. No selfies. No government ID. Your data never leaves your computer.
What you need: A laptop with 16GB of RAM can run smaller models comfortably. If you have a Mac with Apple Silicon (M1 or newer), you’re in even better shape. A GPU with 24GB of VRAM gets you models that rival Claude for most everyday tasks.
The models to grab: Qwen3, Llama 4, DeepSeek R1, and the brand-new GPT-OSS 20B (yes, OpenAI actually open-sourced one). These handle about 70-80% of what most people use Claude for — writing, coding help, brainstorming, summarizing documents.
A developer named Alex on Indie Hackers switched his entire freelance coding workflow to local models in March 2026 and posted his results: $0/month AI costs (down from $240/month in Claude Pro + API fees), and he says quality is “90% there for the work I actually do.” His hardware investment was a used RTX 3090 for $600.
🔀 The Burner Account Arbitrage (Before It's Gone)
Right now, Claude’s verification isn’t hitting everyone — it’s triggered by specific behaviors and features. That means there’s a window.
Some power users on Reddit are already running multiple accounts — one “clean” account with real info for when they need advanced features, and separate accounts for everyday use where they don’t need the heavy stuff. The key: these everyday accounts often fly under whatever threshold triggers the KYC demand.
But here’s the smarter play: Claude’s API (the developer version) currently has different verification rules than the consumer chatbot. Developers on Hacker News noted that API access still works with just a credit card — no passport needed. If you route your Claude usage through the API using a frontend like Open WebUI or TypingMind, you get the same AI without the selfie requirement. API access starts at pay-per-use with no minimum.
This gap won’t last forever. OpenAI already rolled Persona verification into their API for advanced models. But right now, the window is open.
💰 Sell 'Privacy-First AI Setup' Packages to Small Businesses
Here’s money just sitting on the table.
Small businesses — law firms, therapists, accountants, medical offices — use AI daily but are terrified of sending client data to companies that now demand government ID. Most of them have zero idea that local AI exists.
The play: offer a “Private AI Setup” service. You install Ollama + Open WebUI on their existing office computer, load it with the right model for their industry, and give them a 30-minute walkthrough. Charge $200-500 per setup depending on complexity.
A freelancer in Austin named Marco posted on Reddit in March that he’s doing exactly this for small law firms in Texas — $400 per office, takes about 2 hours including the training session. He’s done 11 setups in 6 weeks. The law firms love it because they can tell clients “your data never leaves our office.”
The timing is perfect: every week brings another headline about AI companies wanting more of your data. Each headline is free marketing for this service.
📱 Build a 'Verification Status Tracker' for Claude Users
Nobody knows which features trigger the KYC check. Nobody knows when it’ll happen to them. That uncertainty is the product.
Build a simple web tool or browser extension where Claude users can anonymously report when they got hit with a verification request — what feature they were using, what country they’re in, what tier they’re on (free vs. Pro vs. Team). Crowdsource the data.
Within a few weeks, you’d have the most detailed map of Claude’s verification triggers that exists anywhere. Monetize it with a freemium model: basic data is free, but detailed analysis (which features are safe, which regions get hit more, workaround strategies) is behind a $5/month paywall.
There’s precedent: websites like DownDetector and IsItDown make money just by tracking whether services are working. This is the same concept but for AI verification policies. A niche nobody has filled yet.
🌍 VPN + International Account Stacking
Different countries have wildly different data protection laws. Claude’s verification requirements aren’t uniform globally — EU users have stronger protections under GDPR, and some regions haven’t been rolled into the KYC system yet.
Users on the Privacy Guides forum are already documenting which regions have lighter verification requirements. Some have found that accounts created through certain country-specific sign-up flows face fewer checks.
The opportunity: if you already run a VPN service or a privacy-focused newsletter, this is content gold. Create detailed guides on “How to Use AI Without Giving Up Your Identity” — covering which platforms ask for what, which regions have lighter requirements, and how to set up local alternatives. The demand for this content is about to explode.
A privacy-focused YouTuber could build an entire channel around this niche. The Claude KYC announcement alone generated millions of impressions on X in 24 hours. Every AI company that follows suit is another video topic that practically writes itself.
Quick Hits
| If You Want… | Do This |
|---|---|
| Keep using Claude without ID | Use the API + a third-party frontend (Open WebUI, TypingMind) — API still only requires a credit card |
| Never send data to any AI company | Install Ollama locally — one command, zero accounts, runs on a regular laptop |
| Know when Claude will ask for your ID | Watch for “certain capabilities” — advanced features, higher usage, and safety flags seem to be the triggers |
| Check if your data is already with Persona | If you’ve verified on LinkedIn, OpenAI, Roblox, Coursera, or (briefly) Discord — Persona already has your face |
| Understand the real risk | It’s not Anthropic seeing your ID — it’s Persona storing it for up to 3 years on servers that were literally found exposed on government endpoints |
| Protect yourself if you do verify | Use a driver’s license instead of a passport (less internationally useful if leaked), and screenshot everything for your records |
You came for privacy. They came for your passport. Maybe it’s time your AI runs on your own machine.
!