Robots Atlas>ROBOTS ATLAS
Artificial Intelligence

Alibaba bans Claude Code: spyware or abuse prevention?

Alibaba bans Claude Code: spyware or abuse prevention?

Alibaba is banning Claude Code — Anthropic's AI-powered coding assistant — from its workplace starting July 10, 2026, and directing employees to switch to its own internal tool called Qoder. Reports emerged on July 3–4 from Reuters and Morningstar, with Anthropic's own staff partially confirming the technical background on X.

Key takeaways

  • Alibaba classifies Claude Code as high-risk software and bans it effective July 10, 2026
  • Anthropic admitted it deployed a mechanism in March 2026 to identify Chinese users of Claude Code
  • The mechanism was meant to block unauthorized resellers and prevent distillation of Claude's outputs
  • Anthropic rolled back the mechanism after it was publicly exposed, describing it as an experiment
  • Alibaba is redirecting employees to its internal Qoder tool

The mechanism that lit the fuse

The immediate cause of the ban was a late June 2026 Reddit post in which users reported discovering code in Claude Code that actively identified and tracked Chinese users of the tool. Thariq Shihipar from Anthropic confirmed the mechanism in a post on X:

Hi, this is an experiment we launched in March that was meant to prevent account abuse from unauthorized resellers and protect against distillation. The team has landed stronger mitigations since then and we've actually been meaning to take this down for a while. We merged the PR and this should be fully rolled back in tomorrow's release.

Thariq Shihipar, Anthropic, June 30, 2026

Anthropic's explanation points to two business problems the mechanism was meant to address. The first is unauthorized resellers bypassing Anthropic's geographic restrictions. The second is distillation — the practice of training AI models on the outputs of other models. Anthropic prohibits this in its terms of service, and the Chinese AI market is particularly active in this area, as shown by last year's case where Alibaba allegedly used 25,000 accounts to harvest data from 28.8 million conversations with Claude, per Anthropic's lawsuit.

Geopolitical context of a corporate ban

Anthropic already prohibits Chinese companies and entities controlled by Chinese corporations from using its models, consistent with US AI export control policy. The Financial Times reported that Anthropic had been actively working to close loopholes allowing Chinese users to access Claude.

Alibaba's ban operates on two levels simultaneously. On one hand, it is a defensive response to a real data security risk — the mechanism, even if designed to protect Alibaba, effectively collected data on who was using the tool inside the Chinese company and when. On the other hand, it fits a broader trend of isolating China's technology sector from Western AI tools. Similar decisions regarding other Western AI services have appeared at several Chinese corporations before.

Claude Code vs. Qoder

Claude Code, released by Anthropic in early 2025, became one of the more popular AI-assisted coding tools — alongside GitHub Copilot and Cursor. The tool enables terminal-based work, repository analysis, and autonomous multi-step programming tasks. Its popularity in developer communities was clear, and the suspected backdoor damaged Anthropic's brand regardless of intent.

Qoder, Alibaba's internal tool, is set to take over its functions within the company. There is limited public information about Qoder's capabilities, but the decision signals Alibaba's readiness to build autonomous solutions rather than depend on Western tools — particularly following last year's legal dispute with Anthropic.

Why this matters

The Claude Code–Alibaba episode exposes the growing friction between software security, AI geopolitics, and corporate trust. Anthropic's mechanism — even if justified internally as abuse protection — crossed a line that globally deployed developer tools should not cross: collecting information about users' geographic identity without their knowledge.

Regardless of intent, the existence of such a mechanism hidden in code used by tens of thousands of developers sets a precedent. Other AI companies may now face questions about whether similar mechanisms are active in their products. This will accelerate the trend toward locally controlled alternatives in corporate environments with high security requirements.

For Anthropic, the reputational damage is significant — especially for a company that has built its brand around safety and responsibility. The mechanism was rolled back only after public disclosure, which effectively reinforced the narrative that it was intentional.

What's next

  • Alibaba formally implements the Claude Code ban on July 10, 2026 — other Chinese tech companies may make similar decisions in the same timeframe
  • Anthropic announced the tracking mechanism rollback in the July 1, 2026 release — independent verification remains in the hands of external auditors and the open-source community examining Claude Code
  • Corporate IT departments in markets with export restrictions are expected to tighten AI tool security reviews

Sources

Share this article