Has Anthropic Targeted Chinese Users? Is a New Era of AI-Driven Racial Discrimination Emerging?

07/02 2026 432

Artificial intelligence (AI) should transcend national boundaries, serving as a shared technological boon for all humanity, rather than fostering new forms of discrimination and division.

Technology knows no borders, and its applications should be unbiased.

As a leading AI company with the highest global revenue and valuation, Anthropic has vocally advocated for this principle.

The company once drew inspiration from the to propose the concepts of and , aiming to enhance the safety, harmlessness, and transparency of AI systems while minimizing bias and harmful behavior.

However, despite its lofty rhetoric, Anthropic's actions have fallen short.

According to reports from overseas platforms, Anthropic's Claude Code contains a hidden mechanism that automatically reads users' system time zones and checks proxy settings and custom API addresses for keywords associated with Chinese cloud providers, AI companies, and API proxy services.

Upon detecting a match, the program covertly modifies date characters in system prompts and implants user-imperceptible identifiers in requests sent to the server.

Subsequently, members of the Claude Code team publicly acknowledged these reports, stating that the measures were implemented in March of this year to prevent unauthorized resellers from abusing accounts and to guard against model distillation.

Following this labeling, discriminatory treatment may ensue, including unannounced account bans, covert monitoring, and differential risk control.

Such discriminatory labeling goes beyond the scope of normal commercial risk control and contradicts the company's fundamental claim of .

AI companies should abandon geopolitical biases and reaffirm their commitment to technological inclusivity. Anthropic, as a global leader in AI, should not deviate from this principle.

Following public outcry, Anthropic insiders attributed the discriminatory behavior to a .

However, the company has consistently avoided addressing core questions—such as why only China was subjected to separate screening rules, why monitoring lists were not disclosed, and why affected users were not compensated—instead opting to vaguely refer to that fail to conceal the deliberate differential treatment.

This monitoring system is specifically designed to target Chinese users with sophisticated and highly concealed techniques.

The first layer involves capturing time zones. The software actively reads the computer's system time zone and initiates special monitoring procedures upon identification. A legitimate, paying programmer may be presumed high-risk simply for being in China.

The second layer involves a built-in blacklist. The code contains an encrypted list of domains covering nearly all major Chinese AI companies and cloud computing platforms. Any user environment with related identifiers faces escalated risk levels, while domains of overseas counterparts are excluded from this list.

The third layer involves invisible labeling. The program automatically modifies text symbols sent to the server, discreetly distinguishing ordinary users from labeled Chinese users in the background.

The entire process occurs without pop-up notifications, user authorization, or mention in privacy agreements.

Paid accounts are banned without warning. Many developers who purchased monthly or yearly packages for personal learning and small project debugging were suddenly kicked offline, unable to appeal, with no refunds for remaining balances and projects forcibly interrupted.

Normal inquiries face frequent restrictions. Users who avoid bans notice that overseas accounts can fully output responses for the same requests, while theirs frequently trigger content blocking or output reduction.

Enterprise development incurs additional costs. Small and medium-sized enterprises, blacklisted due to their domains, cannot access services normally and must invest extra resources to build complex relay environments.

Most victims share a common trait: no confirmed violations. Their is simply being in China.

Anthropic might argue that enterprises have the right to protect copyrights and combat malicious scraping. Is that wrong?

No. But Anthropic's operations clearly blur the line between legitimate risk control and misconduct.

Like judicial systems, sentencing should be based on a suspect's illegal actions, not their gender, origin, region, ethnicity, caste, or nationality.

Normal corporate risk control should adhere to a basic principle—behavior-based metrics. Account bans must be traceable to violations (e.g., bulk registration, high-frequency scraping). Geography and time zones can only serve as supplementary references, not grounds for preemptive labeling. Users should not be tagged as high-risk before any violation occurs.

Anthropic's labeling actions reverse this logic and are inherently biased.

Its judgment sequence is: identify region first, assign high-risk status next, and impose strict monitoring last. This resembles a physical store singling out customers from specific regions for enhanced surveillance and consumption limits, regardless of their compliance with rules.

Moreover, legitimate risk control rules must be publicly disclosed, and user privacy data collection should require prior authorization. Anthropic, however, encrypts and obfuscates its monitoring code, hides identity watermarks throughout, and denies users both the right to know and the right to choose.

Anthropic adopts double standards for Chinese and foreign users, allegedly discriminating against Chinese users.

If screening rules were uniformly applied globally, there might be room for debate. However, the existing code explicitly differentiates: domains of European and U.S. tech companies are excluded from blacklists; overseas users triggering similar behaviors face much laxer penalties. One rule, two standards. Anthropic uses risk control as a pretext for differential treatment.

In fact, Anthropic's biases against Chinese companies and users are long-standing.

Anthropic wrote to U.S. senators and White House officials, accusing Alibaba's Qwen model of using 25,000 fake accounts to interact with Claude about 28.8 million times between April and June, attempting to distill Claude.

In February, Anthropic published a blog accusing three Chinese companies—DeepSeek, Kimi, and MiniMax—of distilling Claude.

In early 2023, Anthropic CEO Dario Amodei published a lengthy text publicly calling for strengthened chip export controls against China to maintain U.S. unipolar hegemony in the AI era, stating,

Anthropic's double standards and discriminatory behavior most harm users.

Paying users' legitimate consumption rights are unprotected.

Cross-border technological learning channels are artificially narrowed, with higher barriers to accessing resources compared to overseas peers.

When users realize their local time zones and corporate network information are covertly collected and uploaded, who dares to upload core code? This sense of insecurity is the most damaging invisible harm.

As the global AI leader, Anthropic's discrimination sets a harmful precedent. It opens a dangerous . If this model is tacitly accepted, other vendors may follow suit, classifying users by country or time zone. The global AI market will be artificially fragmented into closed blocks, undermining the alignment with human values.

Regarding global ethics in the AI era, UNESCO's outlines three core principles—fairness without discrimination, transparency and explainability, and inclusivity.

Anthropic's actions do the opposite—encoding national borders into code and letting AI actively divide people, exacerbating the digital divide and creating new divisions.

Privacy and legitimate risk control by AI companies are necessary, but all regulatory measures must adhere to bottom lines:

1. Judgment criteria must be based solely on users' actual violations, prohibiting preemptive geographical labeling.

2. All data collection must be fully disclosed to users beforehand and require their consent; covert background collection is strictly prohibited.

3. Uniform global control standards must be enforced, eliminating double standards targeting specific countries or regions.

4. Penalties must be traceable and appealable, with robust remediation mechanisms and compensation for innocent victims.

Since the incident fermented, Anthropic has only stated through staff that stronger risk control measures have been implemented and that the function was originally planned for removal; relevant PR changes have been merged, with a full rollback expected in the next release.

However, a mere rollback is insufficient. Anthropic needs a systematic correction:

1. Disclose relevant technical documents and undergo third-party independent audits to eliminate suspicions.

2. Publicly apologize to affected users, comprehensively review account bans, implement compensation, and establish a dedicated Chinese-language appeals channel.

3. Rebuild a global risk control system free of geographical bias and establish an independent ethics review department.

The industry must also act to foster a global consensus against discrimination:

1. Form industry conventions prohibiting clients from covertly collecting geographical information for user tiering.

2. Establish algorithmic fairness oversight mechanisms, conduct regular cross-reviews, and publicly report discriminatory practices within the industry.

3. Advocate for technological inclusivity, distinguishing national compliance requirements from self-imposed geographical barriers, and avoiding unfair practices under the guise of compliance.

4. Include covert geographical algorithm discrimination and unnotified silent data collection in violation penalties, setting algorithmic fairness thresholds for overseas AI firms.

In short, AI should embody fairness, not entrench biases.

Technology itself has no stance, but its coders harbor biases. When companies actively encode geopolitical divisions into programs, AI loses its neutral, inclusive essence. Anthropic has long touted Constitutional AI and alignment with humanity's common interests, yet its actions contradict these ideals.

National borders may divide geographic territories but should not fragment technological access. Risk control may constrain violations but cannot prejudge the character of entire groups. Artificial intelligence should truly transcend national borders, becoming a technological dividend shared by all humanity, rather than creating new forms of discrimination and opposition.

Solemnly declare: the copyright of this article belongs to the original author. The reprinted article is only for the purpose of spreading more information. If the author's information is marked incorrectly, please contact us immediately to modify or delete it. Thank you.