Claude Code apparently uses code to detect Chinese users: Is this fine?

Is Anthropic a dystopian company? After the AI giant confirmed it has been using hidden code in Claude Code to detect Chinese users – purportedly to prevent distillation attempts by Chinese AI labs – that’s a question worth asking. But the answer is a big fat no, it seems.
-
A Redditor claims Anthropic has embedded undisclosed detection logic in Claude Code to specifically target users in China and check whether they’re affiliated with a Chinese AI lab.
-
But the company has been quite public about its attempts to prevent Chinese AI labs from illegally extracting capabilities from Claude models.
-
In the world of AI, a technique where a less capable AI model is trained on the outputs of a more advanced one is called “distillation.”
A Redditor has been making waves online after claiming they discovered that Anthropic has embedded undisclosed detection logic in Claude Code to specifically target users in China and check whether they’re affiliated with a Chinese AI lab.
In a Reddit post called “Anthropic embedded spyware in Claude Code – and attempted to hide it from you,” the user “LegitMichel777” further states that Anthropic attempted to obfuscate the code within the Claude Code binary.
They claim to have reverse-engineered Claude Code while attempting to restore a disabled remote control feature. What they found during the process was an “extremely suspicious” obfuscated code silently present in Claude Code’s version 2.1.91, released in April.
Anthropic using steganography
The code, the Redditor claims, performs a multi-factor check whenever a proxy is detected, reading the system’s timezone to see if it matches Asia/Shanghai or Asia/Urumqi and additionally checking the proxy URL against a hardcoded list of Chinese domains and known Chinese AI lab hostnames.
Check if your data has been leaked
The Reddit user is particularly unhappy with Anthropic’s alleged secrecy. Indeed, the company seems to be using steganography, a technique designed to make data collection invisible.
“The fact that Anthropic covertly transmits information about your system and proxy settings without your knowledge or consent is a fundamental violation of user trust,” said “LegitMichel777.”
Some industry watchers are claiming the discovery is scandalous. One of them is Arnaud Bertrand, a French entrepreneur usually heavily quoted by Chinese state media.
On X, Bertrand furiously claims: “Anthropic yet again confirmed as the most dystopian tech company out there.”
“Imagine the outcry if they’d done the same thing with Jews or Blacks: a piece of code that detects if a user is Jewish or Black and immediately reports him back to headquarters on that basis, covertly,” he further points out.
The original Reddit post author, though, shies away from such stretching comparisons and claims they simply want transparency from Anthropic.
“Given the trust that developers place in Claude Code, I think it’s important to call for more transparency from Anthropic. While IP protection is reasonable, it should not come at the cost of embedding what amounts to spyware on every developer’s system,” the post reads.
“Never go full rabbit hole”
Transparency is not something Anthropic is lacking, though – at least in this particular case.
When an X account called “International Cyber Digest” shared the Redditor’s claims, an Anthropic employee calmly replied: “Hi, this is an experiment we launched in March that was meant to prevent account abuse from unauthorized resellers and protect against distillation.”
The company has been quite public about its attempts to prevent Chinese AI labs – now claiming to have created AI tools just as good as Mythos – from illegally extracting capabilities from Claude models.
This month, Anthropic sent a letter to the US Senate Banking Committee leaders and said that Alibaba, the Chinese tech giant, and its AI lab Qwen used nearly 25,000 fraudulent accounts and generated 28.8 million exchanges with Claude in an apparent effort to siphon the model’s capabilities.
In the world of AI, a technique where a less capable AI model is trained on the outputs of a more advanced one is called “distillation.”
That’s why the Cybernews research team says the whole story is a nothing burger: “It’s more about catching Deepseek or other Chinese AI companies that use Claude to dump data or fine-tune their own models.”
Anthropic’s privacy policy explicitly states that the company collects the kind of data the Redditor is writing about. This, of course, kills off the whole “covert” angle.
Fellow Reddit users seem to agree and are laughing off the suggestion that Anthropic has embedded spyware inside Claude Code.
“It is not spyware, not malware, it’s a quite simple anti-distillation method based on network settings (system-wide) which are available for read to pretty much any software installed on your computer that requires a network connection,” one user said.
“I understand that the rabbit hole can be quite exciting, but you went full rabbit hole, never go full rabbit hole.”
Finally, Anthropic’s privacy policy explicitly states that the company collects the kind of data the Redditor is writing about. This, of course, kills off the whole “covert” angle.
Unlock more exclusive Cybernews content on YouTube.