Loading the catalogue…
Loading the catalogue…
Qwen (Tongyi Qianwen) is the AI model family developed by Alibaba Cloud's Tongyi Lab, headquartered in Hangzhou, China, under Alibaba Group. It is one of the world's largest open-weight model ecosystems, with hundreds of models released under Apache 2.0 or custom Qwen licences, but its most capable frontier models remain proprietary and hosted via Alibaba's API. For EU enterprises, the primary trust concerns are Alibaba's exposure to Chinese data sovereignty law (Data Security Law, PIPL) — which gives the Chinese state potential access to data held by Alibaba entities — the absence of a verified EU GDPR representative specifically for Qwen, and the lack of any confirmed GPAI Code of Practice signature, leaving EU AI Act compliance unverified at the creator level. Self-hosted open-weight deployments substantially mitigate data-residency risk.
Alibaba Cloud and Tongyi Lab are incorporated and primarily operate in China and are subject to China's Data Security Law, PIPL, and Cybersecurity Law, which can compel cooperation with Chinese government data requests. All hosted API data processed through Alibaba Cloud infrastructure carries this exposure regardless of EU data centre location.
No evidence Alibaba/Qwen has signed the EU AI Act GPAI Code of Practice (final version July 2025). As a provider of GPAI models placed on the EU market, Qwen is subject to GPAI obligations from August 2025; enforcement begins August 2026. Non-signatory status increases regulatory scrutiny risk.
Independent legal analysis (March 2025) found that the Qwen consumer product and model API lack a GDPR-required EU representative, meaning European data subjects may have no direct legal recourse against Qwen for data rights violations. International data transfers to China may be non-compliant with GDPR absent adequate safeguards at the Qwen-specific service layer.
KELA Cyber (January 2025) confirmed Qwen2.5-VL is susceptible to prompt injection, prefix injection, and classic jailbreak techniques (e.g. 'Grandma jailbreak') producing harmful outputs including malware generation instructions. Model alignment has verifiable weaknesses that require enterprise-level prompt hardening and output monitoring.
Alibaba Cloud US LLC (a US subsidiary) is subject to FTC oversight and explicitly states in its Privacy Policy it may disclose personal data in response to US national security or law enforcement requests. EU data routed through US-entity API services carries a partial US-law exposure in addition to Chinese-law exposure.
No public training data policy, copyright compliance framework, or opt-out mechanism for Qwen training data has been identified. This creates exposure under the EU AI Act's GPAI Copyright chapter and potential EU copyright law liability, particularly for EU-market deployments after August 2025.
Qwen received Chinese regulatory clearance before public launch (September 2023), indicating the models have been reviewed and approved by Chinese authorities. This implies the model may incorporate content restrictions and behaviours aligned with Chinese regulatory requirements, which may differ from EU standards.
Open-weight Qwen models have been modified by third parties to remove safety guardrails ('Liberated Qwen' by Abacus AI). While Alibaba's own releases include alignment training, the freely downloadable weights enable unconstrained fine-tuning. EU deployers self-hosting Qwen weights should implement their own safety layers.
Stav AI Act assessment
Editorial assessment, not legal advice. Stav's risk ratings, scores, and verdicts are our own analysis of publicly available information and may be incomplete or out of date. Verify independently before making compliance or procurement decisions.
The catalogue lists every family Stav knows about — including families we don’t yet host, so the picture stays authoritative.
Families served on Stav
Model compliance cards
Qwen publishes technical reports for each major model generation on arXiv, including architecture details, training methodology, and benchmark results. The Qwen2.5 and Qwen3 technical reports are among the most comprehensive in the open-weight model ecosystem.
Alibaba Cloud offers a dedicated EU deployment mode for its hosted Qwen API (Model Studio), with endpoint, data storage, and compute all restricted to Germany (Frankfurt), providing EU data residency for API-access customers.
Alibaba Cloud International maintains an actively updated Privacy Policy (January 2026) with an EEA/UK addendum, EU-US Data Privacy Framework certification, GDPR legal basis statements, account deletion, and data subject rights contact (intlcompliance@service.aliyun.com).
Alibaba Cloud holds the German C5 attestation (first non-German cloud provider to do so, December 2018), ISO 27001, and SOC 2 certifications for its cloud infrastructure, providing a baseline security assurance for Alibaba Cloud-hosted Qwen deployments.
Qwen has one of the largest open-weight AI model ecosystems globally, with over 200,000 community derivative models on HuggingFace, over 300 open-source model releases, and 700+ million total downloads as of late 2025. This scale implies wide peer review, community-identified issues, and broad deployment experience.
Qwen operates on a very active and predictable release cadence (major generation approximately annually, refinements monthly), with consistent Apache 2.0 licensing for most open-weight models. The consolidation of all Alibaba AI under the Qwen brand in 2026 signals long-term strategic commitment.
Privacy policy review
Creator profile
Qwen is the AI model division of Alibaba Cloud, headquartered in Hangzhou, China, and operated under Alibaba Group. Its open-weights models are widely used globally, with the majority released under Apache 2.0, making local self-hosted deployment legally straightforward for EU enterprises. The principal risk for regulated EU customers is not CLOUD Act exposure but rather PRC jurisdiction: Chinese Cybersecurity, Data Security, and National Intelligence laws create potential state-compelled access obligations that are structurally incompatible with GDPR's adequacy and transfer requirements — and Qwen's chat API routes data through Chinese-operated infrastructure. Additional governance concerns emerged in early 2026 when the team's founding technical lead and key researchers departed, raising near-term questions about model maintenance continuity and the lab's open-weights commitment.
Stav editorial summary
Stav compliance has not yet scored Qwen. Scores are published once the policy review and infrastructure assessment complete.
Findings
Citations gathered when the Compliance Curator last reviewed this creator’s public-facing documents. Grouped by source so the picture stays auditable.
“Beijing, China, May 9, 2024 - Alibaba Cloud, the digital technology and intelligence backbone of Alibaba Group, today announced a major milestone for ...”
“● ISO 27001 (Information Security Management) ● SOC 1/SOC 2/SOC 3 Reports ● Other global and industry-specific security attestations ... ● Customers c...”
Qwen (also known as Tongyi Qianwen, Chinese: 通义千问; pinyin: Tōngyì Qiānwèn) is a family of large language models developed by Alibaba Cloud.
Alibaba Cloud has its headquarters in Hangzhou, China.
In the EU deployment mode, both the endpoint and data storage are located in Germany (Frankfurt). Model inference compute resources are restricted to ...
Moreover, Chinese · tech giants such as Alibaba, Baidu, ByteDance, Huawei and Tencent have all released their own AI ... less likely to reflect EU reg...
From the European perspective, such international data transfer to China is illegal without a data protection framework that complies with the EU’s Ge...
Now, in a follow-up investigation, we have identified similar vulnerabilities in Alibaba’s newly released Qwen2.5-VL model.
Unified AI Brand: All large models and AI products are consolidated under the Qwen brand, with Tongyi Lab remaining the research entity. User Engageme...
This is the organization of Qwen, which refers to the large language model family built by Alibaba Cloud.
Beijing, China, May 9, 2024 - Alibaba Cloud, the digital technology and intelligence backbone of Alibaba Group, today announced a major milestone for ...
Later the same month, a company announcement revealed the formation of a new AI business unit, Alibaba Token Hub. The new unit will supervise AI-relat...
It is essential to state here that the goal of China’s data sovereignty laws is to protect the personal information of its residents and for National ...
The short answer is the concerns about the ability of the Chinese Communist Party to access the troves of data used to train the AI models and the use...
Most AI agents in 2025–2026 are built on general-purpose AI models provided by a small number of upstream suppliers (Anthropic, OpenAI, Deepseek, Qwen...
The AI Act rules on GPAI became effective in August 2025.
The European Data Protection Board cited Qwen in its March 2025 AI Privacy Risks & Mitigations document, indicating EU regulators are aware of and actively engaging with Qwen's presence in the EU market — a precondition for meaningful oversight.
Published safeguards & certifications
“Most AI agents in 2025–2026 are built on general-purpose AI models provided by a small number of upstream suppliers (Anthropic, OpenAI, Deepseek, Qwen...”
“The AI Act rules on GPAI became effective in August 2025. ”
“Later the same month, a company announcement revealed the formation of a new AI business unit, Alibaba Token Hub. The new unit will supervise AI-relat...”
“This is the organization of Qwen, which refers to the large language model family built by Alibaba Cloud. ”
“It is essential to state here that the goal of China’s data sovereignty laws is to protect the personal information of its residents and for National ...”
“However, “open weights” is not the same as OSI‑approved open source. Licenses vary: some Qwen2/2.5 models use a custom Qwen license, while many Qwen3 ...”
“The short answer is the concerns about the ability of the Chinese Communist Party to access the troves of data used to train the AI models and the use...”
“But now, just 24 hours after shipping the open source Qwen3.5 small model series—a release that drew public praise from Elon Musk for its "impressive ...”
As classified under Regulation (EU) 2024/1689.
Provider of GPAI model (general-purpose).
However, “open weights” is not the same as OSI‑approved open source. Licenses vary: some Qwen2/2.5 models use a custom Qwen license, while many Qwen3 ...
But now, just 24 hours after shipping the open source Qwen3.5 small model series—a release that drew public praise from Elon Musk for its "impressive ...
● ISO 27001 (Information Security Management) ● SOC 1/SOC 2/SOC 3 Reports ● Other global and industry-specific security attestations ... ● Customers c...