Anthropic removes hidden feature from Claude Code after controversy

Le brief IA que les pros lisent chaque soir
Les 7 actus IA du jour, décryptées en 5 min. Gratuit.
Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.
Choisis ton rythme
Gratuit · Pas de spam · Désabonnement en 1 clic
Anthropic Removes Hidden Feature from Claude Code After Controversy
Claude Code Secretly Monitored Chinese Users
Anthropic has decided to remove a hidden surveillance feature from its coding tool Claude Code after it sparked outrage on social media. A post on Reddit by user LegitMichel777 first revealed this feature. According to the post, Claude Code had been secretly checking since version 2.1.91, released on April 2, 2026, whether users with an active proxy were located in China, by checking for a Chinese URL or being connected to a Chinese AI lab.
Hidden Signals Buried in the System
Data was transmitted through slight changes in the system prompt, a form of steganography. Claude Code compared the system's time zone with "Asia/Shanghai" or "Asia/Urumqi" and scanned the proxy URL for Chinese domains and AI labs. Based on the results, the software altered the date format and subtly replaced the apostrophe character in the phrase "Today's date is." Users could not see the difference, but Anthropic could read it instantly.
According to LegitMichel777, Anthropic had also obscured the code using XOR encryption with the key 91, preventing it from being displayed in a simple text snippet. The release notes for version 2.1.91 made no mention of this check.
The discoverer described the hidden transmission of system and proxy data without user consent as a "fundamental violation of user trust." Given that Claude Code has full access to the file system and shell, this could open the door to all sorts of abuses, ranging from remote control to data exfiltration. He also argued that the check is trivial to bypass for experienced attackers, questioning its usefulness.
Anthropic Calls It an Experiment
Anthropic employee Thariq Shihipar, who works on the Claude Code team, described the feature on X as "an experiment we launched in March, aimed at preventing account abuse by unauthorized resellers and protecting against distillation." The team had since implemented more robust protections: "The team has put in place stronger mitigations since then, and we actually intended to remove this for some time." They had merged the corresponding pull request: "We have merged the PR and this should be completely undone in tomorrow's release."
Anthropic does not offer its models in China for national security reasons. However, many Chinese developers access Claude via foreign phone numbers and credit cards. Anthropic had previously accused DeepSeek, Moonshot AI, MiniMax, and Alibaba of using outputs from the Claude model without permission to train their own language models.
Brief IA — L'actualité IA en français
L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.