A joint investigation by the Guardian and the International Consortium of Investigative Journalists has exposed a far-reaching Chinese government campaign to pressure a former official living abroad into returning home, allegedly enlisting Alibaba co-founder Jack Ma in the effort and deploying tools ranging from recorded phone calls to Interpol red notices. Separately, a European Union cybersecurity body flagged OpenAI’s removal of accounts that misused ChatGPT for surveillance and influence operations, a disclosure that adds a technological dimension to wider concerns about state-linked extraterritorial coercion. Taken together, these developments highlight how concerns about transnational pressure tactics and the misuse of generative AI are increasingly intersecting, raising hard questions for governments and tech companies worldwide.
Jack Ma Drawn Into Pressure Campaign
The investigation, part of the ICIJ’s broader China Targets project, details how Chinese authorities apparently recruited one of the country’s most recognizable business figures to help bring a former official back under Beijing’s control. According to reporting from the collaboration, the campaign relied on recorded calls and alleged coercion directed at the target, who was living outside China. The involvement of Ma, whose own relationship with Chinese regulators has been turbulent since Alibaba faced a crackdown beginning in late 2020, signals that even billionaire entrepreneurs are not insulated from being pressed into service when the state pursues fugitives or dissidents abroad.
The campaign also leveraged formal legal channels, including Interpol red notices, to apply international pressure on the target. Red notices are not arrest warrants, but they request that law enforcement worldwide locate and provisionally detain a named individual. Critics of China’s use of these mechanisms have long argued that Beijing exploits Interpol’s system to pursue political targets rather than genuine criminal suspects. The combination of personal pressure through Ma and institutional pressure through Interpol illustrates a hybrid strategy: private influence and public legal tools working in tandem to close off safe havens for people who have fallen out of favor with the Chinese Communist Party.
ChatGPT Misuse Flagged by EU Cyber Body
In a separate but thematically connected development, the Computer Emergency Response Team for the EU Institutions published its Cyber Brief 25-03 earlier this year, which cited OpenAI’s decision to ban accounts that had misused ChatGPT for surveillance and influence campaigns. The brief treated OpenAI’s threat reports as credible enough to include in an official institutional threat-intelligence product, giving the account removals a layer of governmental validation that goes beyond a corporate press release. CERT-EU’s inclusion of the ChatGPT misuse data in a formal briefing distributed to EU institutions means that European policymakers are actively tracking how generative AI platforms can be weaponized by state-linked actors.
The specific accounts removed by OpenAI were tied to operations that used ChatGPT to assist with surveillance-related tasks and to shape online narratives, though publicly available details about the exact nature of the actors’ interactions with the platform remain limited. No primary records from OpenAI detailing the specific ChatGPT sessions have been released, and the CERT-EU brief functions as a secondary summary of the company’s enforcement actions. That gap matters: without granular transparency about what prompts were entered and what outputs were generated, outside analysts cannot fully assess how effective AI tools have become as instruments of state coercion. Still, the fact that a major EU cybersecurity body found the evidence serious enough to flag in a threat-intelligence product suggests the misuse was not trivial.
How AI Amplifies Extraterritorial Coercion
What stands out in the broader picture is the technological overlay described in recent threat reporting alongside more traditional accounts of Chinese government pressure campaigns. Previous reporting on Beijing’s “Fox Hunt” and “Sky Net” operations documented agents physically traveling to foreign countries to confront targets, sometimes threatening family members still in China. The potential addition of AI-powered tools to such toolkits could represent a qualitative shift, according to the kinds of misuse highlighted in threat reporting. A generative language model can draft persuasive messages in multiple languages, research a target’s legal vulnerabilities in a foreign jurisdiction, or simulate conversational strategies for recorded calls, all at a speed and scale that human operatives alone cannot match. The European Commission has separately moved to bolster cyber crisis coordination, a sign that policymakers see AI-enabled threats as a growing priority that demands institutional responses beyond individual company enforcement.
Most coverage of AI misuse focuses on disinformation or election interference, but the Chinese intimidation case points to a less discussed application: using large language models as operational support for coercive state campaigns against specific individuals. If an operator can use a generative AI tool to draft messaging, generate call scripts, or analyze a target’s public online presence for pressure points, the barrier to running these operations could drop significantly. That is the practical reader-level concern here. Anyone living abroad who has crossed a government with the resources and willingness to deploy these tools faces a threat environment that is evolving faster than the legal frameworks designed to protect them.
Elite Networks and State Power Converge
The reported involvement of Jack Ma adds a dimension that purely technological analysis misses. Beijing’s willingness to draw in a figure of Ma’s global profile suggests that the Chinese state views its wealthiest private citizens not as independent actors but as assets that can be activated when needed. Ma’s apparent cooperation, as described in the Guardian’s reporting, complicates the narrative that his regulatory troubles were simply about antitrust enforcement. Instead, it raises the possibility that high-profile business figures who have been disciplined by the state may face ongoing expectations to demonstrate loyalty, including by participating in sensitive political or legal campaigns that extend far beyond China’s borders.
This convergence of elite business networks and state security goals also has implications for foreign governments and companies that partner with Chinese firms. When a globally known entrepreneur can be drawn into a covert pressure operation, foreign counterparts must consider whether their Chinese partners could be subject to similar demands. That risk calculus is not limited to technology or finance; it extends to cultural, academic, and philanthropic collaborations. For individuals who rely on Chinese-linked institutions for employment or visas, the prospect that those institutions could be quietly repurposed as instruments of state pressure adds another layer of vulnerability that is difficult to mitigate.
Policy, Platforms and Individual Defences
The emerging picture is of a multi-layered ecosystem in which state actors, technology platforms and private elites all play roles, sometimes willingly and sometimes under duress. On the governance side, EU institutions are beginning to treat AI-enabled coercion as part of a broader cyber and information-security challenge, as reflected in CERT-EU’s decision to elevate OpenAI’s enforcement actions into official threat intelligence. Yet there remains a gap between recognizing the problem and building concrete protections for individuals targeted by foreign governments. Stronger safeguards around the use of tools like Interpol red notices, including more rigorous human-rights vetting and avenues for appeal, are one obvious starting point.
Platforms that provide generative AI services face their own dilemmas. OpenAI’s removal of accounts tied to surveillance and influence work demonstrates that companies can detect and disrupt some abuses, but the opacity around specific prompts and outputs limits public understanding of how these systems are actually being weaponized. For potential targets, practical defences are fragmented: they range from seeking legal advice in host countries to improving digital hygiene and, where possible, building support networks through independent media and civil-society groups. Readers who want sustained coverage of these dynamics can turn to outlets that prioritize investigative work on transnational repression, support their journalism through options such as membership and contributions, and engage more deeply by creating reader accounts or even exploring career opportunities in watchdog journalism. Ultimately, confronting the fusion of AI tools with state-backed intimidation will require not just technical fixes, but sustained public attention to how power operates across borders and platforms.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
