Anthropic has come under scrutiny after a security researcher exposed a hidden tracker in its Claude Code that monitored users in China. This revelation has raised significant concerns regarding user privacy and trust.
Discovery of the Tracker
The tracker was uncovered by a web developer known as Thereallo, who was investigating privacy issues related to Claude Code. The code employed a technique called prompt steganography to discreetly collect data on users, including their timezone and potential connections to Chinese AI labs. Although the code was not classified as malicious, it operated without user awareness, leading to accusations of a breach of trust.
Anthropic’s Justification
In response to the backlash, Anthropic engineer Thariq Shihipar confirmed that the tracker was implemented as an experiment in March, aimed at preventing account abuse and protecting against distillation attacks. Unauthorized resellers have been selling access to Claude Code at significantly reduced prices, prompting the need for such measures. Shihipar stated that the company had intended to remove the tracker for some time, citing improved mitigations.
Regulatory and Competitive Landscape
The incident has drawn attention to the competitive pressures faced by US firms like Anthropic in light of rapid advancements by Chinese AI companies. Reports indicate that Chinese firms have been able to replicate US model capabilities within months. In particular, a recent model from Zhipu AI outperformed Anthropic’s Claude Opus 4.8 in identifying computer vulnerabilities.
As a response to these competitive threats, Anthropic has called for the US government to take stronger actions against distillation attacks, which they argue undermine national security and AI safety standards. This aligns with sentiments expressed by Senator Tim Scott, who emphasized the need for clear export control policies to protect US technological advantages.
Implications for User Trust and Business Strategy
The tracker incident poses a significant risk to user trust, a critical factor for companies operating in the AI space. As noted by Thereallo, the decision to implement such tracking without transparency contradicts the trust that developers expect from AI tools. The potential for increased scrutiny on Claude’s surveillance capabilities could lead to a reevaluation of user engagement strategies.
Furthermore, the situation has prompted Alibaba to ban its employees from using Claude Code, citing security concerns stemming from the tracker. This decision reflects the broader implications of compliance and legal risks that companies may face when utilizing AI tools that could be perceived as invasive.
As the landscape evolves, Anthropic’s ability to maintain user trust while navigating competitive pressures and regulatory scrutiny will be crucial for its long-term viability.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.








