Anthropic: Chinese Users Unauthorised After China AI Security Warning
- tech360.tv

- 1 day ago
- 3 min read
US artificial intelligence organisation Anthropic stated that users in China, who were advised to uninstall its Claude Code product, were never authorised to use it. This response followed Beijing's public warnings regarding security "backdoor" risks within the software.

This company statement was issued after a cybersecurity platform, managed by China's Ministry of Industry and Information Technology, publicly indicated Anthropic's agentic coding tool presented a significant risk to Chinese users. This adds to the ongoing technological competition between the US and China concerning artificial intelligence.
And, according to a post on China's National Vulnerability Database's WeChat account, Claude Code incorporates an integrated monitoring mechanism. This mechanism could allow sensitive user information to be transmitted to a remote server without explicit user consent.
Anthropic recently confirmed it had embedded hidden code within Claude Code. This was done to track user locations, an effort to prevent the illicit "distillation" of its models, a common industry practice.
The Chinese cybersecurity platform's warning specifically concerned Claude Code versions 2.1.91 to 2.1.196, which were available over a period of months. Anthropic has since made newer product versions available.
But, the platform advised devs who had installed these affected versions to immediately uninstall them or upgrade to a secure, updated version that lacks the problematic code. Users were also told to tighten control over external access permissions, stopping unauthorised sensitive data transmission.
An Anthropic spokesperson, when asked about Beijing's warning, reiterated that the organisation's usage policy has consistently barred access by users based in China. This position clarifies the company's stance on its operational reach.
Despite this stated policy, Claude Code maintains considerable popularity within Chinese developer communities. Official figures for this usage are unavailable, as Anthropic has not officially offered the tool in China, including Hong Kong.
So, in recent months, Anthropic has accused several major Chinese tech organisations of distilling its models. These firms include DeepSeek, MiniMax, and Alibaba Group Holding, a practice involving using large AI model outputs to train smaller ones.
Alibaba previously imposed a firm wide ban on its employees using Claude Code. This decision cited security "backdoor" risks, as detailed in an internal notice reviewed by the South China Morning Post.
Cai Peng, a partner based in Beijing at Zhong Lun specialising in cybersecurity, said the negative reaction against Anthropic in China was not surprising. He noted the undisclosed tracking mechanism presented a "direct and unacceptable security risk" for any Chinese enterprise using the tool.
And, this risk is compounded by Anthropic's perceived "adversarial" attitude towards China. Consequently, Cai suggested that more Chinese firms, especially leading tech giants, could cease using Claude Code.
Ben Hu, a member of the Hong Kong China Network Security Association, remarked that advanced AI security matters should no longer be viewed solely through a traditional cybersecurity perspective. These issues increasingly connect with export controls and national security concerns.
He stated that Chinese companies will be required to evaluate AI suppliers not merely as conventional software vendors. They must consider them as strategic supply chain providers whose dependability could be affected by geopolitical shifts and national security considerations.
Anthropic states Claude Code access by China-based users is unauthorised.
China's Ministry of Industry and Information Technology warned of security "backdoor" risks in the software.
Anthropic confirmed embedding tracking code to prevent model distillation.
Alibaba Group Holding had issued a company-wide ban on its employees using Claude Code.
Cybersecurity experts suggest AI supplier evaluations must include geopolitical and national security factors.
Source: SCMP


