Anthropic Removes Secret Tracker from Claude Code After Exposure
Anthropic removed a tracker secretly monitoring Claude Code users in China after a security researcher exposed the hidden code.

Claude Code After Exposure">
Anthropic quickly removed a tracker secretly monitoring Claude Code users in China after a security researcher exposed the hidden code and condemned the spyware-like tracking as a “serious breach of user trust.” Last week, a web developer known as “Thereallo” was researching privacy issues in Claude Code and was shocked to find that the AI firm was using “prompt steganography” to hide code that tracks Chinese users “in plain sight.” This code wasn’t malicious, but it was sending information to Anthropic that most users wouldn’t detect, relying on shorthand markers to quietly flag users’ timezone, proxy, and potential connection to Chinese AI labs that Anthropic has accused of distillation attacks. On X, Anthropic engineer Thariq Shihipar confirmed that the tracker was added to Claude Code as an “experiment” in March. According to Shihipar, the code “was meant to prevent account abuse from unauthorized resellers and protect against distillation.” Regarding the former, The Washington Post found unauthorized retailers have sold access to free models for $1 a month, and pro subscriptions that can cost $100 monthly sell for "as little as $12." Why this matters: The removal of the secret tracker from Claude Code highlights the tension between AI companies' need to protect their services from abuse and users' expectations of privacy.
This incident raises questions about the boundaries of acceptable tracking practices and the transparency required for AI companies to maintain user trust. For developers and businesses, this serves as a reminder to scrutinize the code and terms of service of AI tools to ensure compliance with their own security and privacy standards. As AI services become increasingly integral to various industries, the implications of such tracking practices on consumer trust and regulatory scrutiny will continue to grow.
The incident also underscores the challenges AI companies face in balancing security measures with user privacy, particularly in regions with heightened concerns about data surveillance.
Source: Ars Technica