This is not a simple corporate dispute.
When I published in the AI News section the report on Anthropic’s accusations against Chinese laboratories for conducting large-scale model distillation campaigns targeting Claude, I immediately understood that the story was not merely technical.
It was structural.
The numbers are striking — 24,000 fraudulent accounts and more than 16 million interactions. But the numbers are not the core issue.
The core issue is this: artificial intelligence is beginning to spy on itself.
And that changes the logic of power.
What is “model distillation,” really?
Before drawing conclusions, we must understand the concept.
In machine learning, model distillation is a technique in which a smaller model — known as the student model — learns by imitating the outputs of a larger, more complex system — the teacher model.
Instead of training directly on massive raw datasets, the student model is trained to reproduce the response patterns of the advanced model.
In itself, the technique is neither illegal nor unethical. It is commonly used internally for model compression and efficiency improvements.
The controversy arises when distillation is used externally, without authorization, to reconstruct proprietary capabilities by systematically extracting behaviour through millions of targeted queries.
The code is not copied.
The intelligence is.
And in the era of foundation models, operational intelligence is strategic leverage.
This is no longer ordinary competition
Anthropic has argued that these campaigns may have bypassed the embedded safety mechanisms integrated into Claude. Those safeguards are not cosmetic filters; they are structural constraints designed to prevent harmful or destabilizing applications.
If a model is reconstructed solely from outputs but without inheriting its full architecture of restrictions and governance layers, the result may be functionally powerful — but less restrained.
At that point, the issue stops being commercial.
We are dealing with cognitive infrastructure.
Advanced models now influence education, finance, enterprise automation, strategic analysis, and potentially state-level decision systems.
When that infrastructure can be replicated without the same framework of accountability, the balance shifts.
A convergence of warnings
What caught my attention was not only Anthropic’s accusation.
OpenAI and Google have issued similar warnings regarding attempts to clone proprietary logic and extract advanced capabilities.
When multiple leading AI developers point toward the same pattern, this is not corporate anxiety.
It is a systemic signal.
And it coincides with the rapid rise of Chinese open-source models gaining global traction as lower-cost alternatives to Western proprietary systems.
The public narrative speaks of democratization.
But I cannot ignore the geopolitical dimension.
A new form of espionage
During the Cold War, espionage focused on nuclear secrets and industrial blueprints.
Today, espionage is behavioural.
No hardware is stolen.
Model behaviour is reconstructed.
No laboratories are infiltrated physically.
Millions of structured interactions are generated to map the internal logic of a system.
This is a form of extraction that leaves few immediate fingerprints, yet gradually erodes technological frontiers.
And what makes it particularly unsettling is how difficult it is to regulate.
The “narrow window”
Anthropic referred to a “narrow window” to address the problem.
That phrase matters.
Every technological revolution produces temporary asymmetries. If unauthorized distillation allows advanced capabilities to be replicated rapidly, technological advantages flatten.
This is not merely an intellectual property debate.
It is a question of technological sovereignty.
It is about global equilibrium.
My conclusion
I do not see this as an isolated controversy.
I see it as the beginning of a distinct phase in the Fourth Industrial Revolution — a phase in which models do not merely compete; they observe, imitate, and reconstruct one another.
Artificial intelligence begins to spy on itself.
And when power can be distilled, replicated, and redistributed at this speed, the question is no longer who leads.
The question is who can contain the consequences.
Sources
AI News section, iabyesteban.com.
Anthropic. (2026). Detecting and Preventing Distillation Attacks.
Reuters. (2026). Chinese companies used Claude to improve own models, Anthropic says.
Computing UK. (2026). Chinese firms used distillation to copy Claude.
