Alibaba Blacklists Anthropic's Claude Code Over Hidden Tracking Mechanisms
Alibaba Blacklists Claude Code Over Hidden Tracking Mechanisms
Alibaba Group Holding has declared Anthropic's software development assistant, Claude Code, as a high-risk tool containing security vulnerabilities, officially banning its workforce from using the platform starting July 10, 2026. The decision, communicated through an internal memo, follows revelations that the programming assistant was equipped with covert tracking mechanisms. Security researchers recently exposed these features on platforms like Reddit and GitHub, revealing that the tool inspected local environments for timezone and proxy data to identify users based in China or linked to Chinese artificial intelligence laboratories.
Although Anthropic officially bars Chinese entities and their foreign-owned subsidiaries from accessing its models, Claude Code has remained popular among programmers in China who bypass these restrictions. The discovery of hidden code that inserts unique identifiers into user prompts and transmits telemetry back to Anthropic's servers triggered immediate pushback from the developer community and prompted Alibaba to enforce the workplace ban.
Anthropic Frames Tracking as Defense Against Model Theft
In response to the backlash, Anthropic defended the telemetry features as a protective measure against intellectual property theft and unauthorized access. Thariq Shihipar, an engineer at Anthropic, clarified on X that the tracking system was an experimental feature deployed in March 2026. According to Shihipar, the experiment was designed to detect account abuse by unauthorized resellers and to prevent model distillation, and the company has committed to rolling back the tracking system.
The controversy arises shortly after Anthropic formally accused Alibaba of executing the largest known model distillation attack against its infrastructure. In a letter, Anthropic alleged that the Chinese e-commerce and technology giant illicitly extracted capabilities from Claude to accelerate its own development toward matching Anthropic's advanced Mythos Preview model. This friction highlights a growing technical conflict where security defenses and data-gathering techniques are viewed as hostile surveillance by the opposing party.
The Rise of Domestic Tools and the Reality of AI Supply Chain Risk
In light of the ban, Alibaba has instructed its software developers to transition to Qoder, the company's proprietary in-house coding platform. This shift highlights a broader geopolitical decoupling in artificial intelligence tools. Lizzi Lee, a fellow at the Asia Society Policy Institute's Centre for China Analysis, noted that major Chinese technology firms would inevitably reject American development utilities capable of detecting proxy usage or identifying Chinese users within their internal networks.
Beyond the immediate geopolitical friction, the incident highlights a fundamental shift in how enterprises must govern artificial intelligence. Industry analysts point out that modern coding assistants are no longer simple productivity add-ons that merely answer queries. Because these tools actively integrate into developer workflows, read source code, interact with development environments, and modify files, they represent critical production dependencies that introduce significant software supply chain risks, requiring strict governance over what they can see and modify.
The rapid transition of AI coding assistants from simple productivity helpers into active telemetry probes reveals that the next major battleground for corporate security will not be external firewalls, but the very tools developers use to build their software.
This digest was compiled from:
- https://techcrunch.com/2026/07/04/alibaba-reportedly-bans-employees-from-using-claude-code
- https://www.linkedin.com/posts/guillaume-belisle-80371b126_ai-coding-tools-are-no-longer-harmless-productivity-activity-7479008985774194688-S1ws
- https://www.scmp.com/tech/big-tech/article/3359375/alibaba-bans-staff-using-claude-code-over-anthropic-spyware-concerns
- https://www.facebook.com/Reuters/posts/alibaba-to-ban-employees-from-using-anthropics-coding-tool-source-saysclick-the-/1596853718972021
- https://x.com/AIStockSavvy/status/2073052494792434132
Share this digest
People Also Ask
- Anthropic Debuts Claude Science and Launches Internal Drug Discovery Initiative for Neglected Diseases
Anthropic has launched Claude Science, an AI workbench for researchers, alongside its own preclinical drug discovery program targeting neglected diseases.
- Regulatory Hurdles and Technical Trade-offs Shape the Global Return of Claude Fable 5
Anthropic has redeployed Claude Fable 5 globally with stricter security filters following a temporary suspension of its models due to US export controls.
- US Government Lifts AI Export Controls on Anthropic Fable 5 and Mythos 5 Models
The Trump administration has lifted strict export controls on Anthropic's Claude Fable 5 and Mythos 5 models after a weekslong national security dispute.
Share your thoughts
Reactions, corrections, or insights — all welcome.
