Blog

Claude Cowork and Data Sovereignty: Where Your Files Actually Go

July 2026 · 6 min read · AI Strategy

A hand-drawn filing cabinet beside a shield with a terracotta tick, representing files kept under control
← Back to all posts

If your business handles client records, financial data, or anything covered by the Privacy Act, one question sits underneath every AI tool you consider: where does the data actually go? Claude Cowork runs on your desktop and touches real files in your folders, so the question is fair and deserves a plain answer. This is a practical guide to what happens to your files when you use Cowork, and how an Australian business should think about data residency without getting lost in vendor marketing.

What data sovereignty actually means for an Australian business

Data sovereignty is the idea that information is subject to the laws of the country where it is stored and processed. For an Australian company that raises two separate questions. The first is residency: which country do the servers sit in. The second, and the more important one, is control: who can access the data, under what legal process, and can you demonstrate that chain to a regulator or a client. People often collapse these into a single worry about the cloud, but they are different problems with different answers.

Most Australian obligations do not ban offshore processing. The Privacy Act's Australian Privacy Principle 8 permits cross-border disclosure as long as you take reasonable steps to ensure the overseas recipient handles the data consistently with the principles. APRA-regulated entities face stricter expectations under CPS 234 and the outsourcing standards, but even there the rule is about assessing and managing the risk, not avoiding offshore services outright. Knowing this shifts the conversation from is it in Australia to can we show we manage it properly.

Where your files sit when you run Cowork

Cowork runs as a desktop application. When you point it at a folder, it reads and writes files on your own computer. The files themselves live where they always have, on your machine or your company's synced drive. What travels off the device is the content Claude needs to reason about for a given task, sent to the model to generate a response, plus any actions the tool takes on your behalf.

That distinction matters. The tool is not quietly uploading your entire drive to a server. It sends the specific context a task requires. For a business the practical implications are:

  • Your files stay on your device or your existing storage; they are not copied wholesale to a third-party server.

  • Only the content relevant to a task is sent to the model to produce a response for that task.

  • You choose which folder Cowork can see, so a finance folder need not be exposed for a marketing job.

  • Under Anthropic's commercial terms, business inputs and outputs are not used to train the models by default.

None of that removes your responsibility, but it does mean the honest answer to where do my files go is this: they stay put, and a scoped slice of their content is processed to do the job you asked for.

The Privacy Act, APRA, and where the real obligations land

For most Australian SMBs the binding framework is the Privacy Act and the Notifiable Data Breaches scheme. Recent reforms lifted the maximum penalty for serious or repeated breaches to the greater of $50 million, three times the benefit obtained, or 30 percent of adjusted turnover. Those numbers target negligence and cover-ups, not businesses that made a considered decision about a well-run tool. The regulator cares whether you assessed the risk and wrote it down.

If you sit in financial services or health, or you handle particularly sensitive categories, the bar is higher and you should map the specific standard that applies, whether that is APRA CPS 234, AUSTRAC obligations, or a professional body's rules. For a Brisbane accounting practice or a Melbourne allied-health clinic the work is the same shape: identify the data, classify its sensitivity, and record why the tool you chose is appropriate for it.

Questions to ask before you put client files through any AI tool

The right questions are the same whether the tool is Claude, a spreadsheet plugin, or an offshore bookkeeping service. Before you connect any AI to real client data, get clear answers to these:

  • Which folders or systems can the tool actually see, and can I scope that down?

  • Is my input used to train the vendor's models, and can I switch that off in writing?

  • Where is the processing done, and does that trigger APP 8 cross-border obligations?

  • What is logged, who can read those logs, and how long are they kept?

  • If a client or regulator asks, can I produce a clear record of how their data was handled?

If a vendor cannot answer these in plain language, that is the finding. A tool that processes data offshore with clear documentation is often a safer choice than an Australian-hosted option with vague controls.

How we set this up for clients

We treat data sovereignty as a setup decision, not an afterthought. For a typical engagement we scope which folders Cowork can access, separate sensitive client data from general work, confirm the commercial terms in writing, and leave the business with a short record it can hand to a regulator or an anxious client. That documentation usually takes an afternoon and costs far less than the $45,000 or more that firms sometimes budget for a locked-down on-premise build they may not even need.

If you want a clear read on where your data goes and what your obligations are before rolling Claude out across the team, book a free brainstorm and we will map it with you.

Ready to move from AI pilot to production?

We help mid-market Australian businesses deploy AI automations that actually reach production and deliver measurable ROI.