ZEROCK

Departing-Employee Tech Outflow, Lessons from Apple v. OpenAI: What Companies Can Do Now, Assuming You Can't Fully Prevent It

Published2026-07-11濱本 隆太

In July 2026, Apple sued OpenAI and two former employees for trade-secret misappropriation. It looks like a textbook case of departing employees carrying secrets to a competitor. We organize the lawsuit factually and, on the premise that preventing exfiltration by departing employees entirely is hard, present the security measures, contract reviews, employee education, and hiring cautions companies can take now—without falling into discrimination.

Departing-Employee Tech Outflow, Lessons from Apple v. OpenAI: What Companies Can Do Now, Assuming You Can't Fully Prevent It
シェア

Hello, this is Hamamoto from TIMEWELL.

In July 2026, news that stirred the tech industry arrived. Apple sued OpenAI and two former Apple employees for trade-secret misappropriation. A departed employee carried confidential information to the competitor they moved to. From the complaint's headline alone, it looks like a textbook tech-outflow case.

But there's something I want to pin down first. This is Apple's allegation in the complaint; a court has not found it to be fact. The lawsuit has only just begun, and nothing about the outcome is decided. So in this piece, too, I'll treat Apple's allegations as allegations. On that basis, using this case as an entry point, I want to think about exfiltration by departing employees—a problem that can happen at any company. To state the conclusion first: preventing it entirely is hard. That is exactly why there's meaning in shrinking the harm and stacking up the measures you can take starting now. If you're wondering about the current state of your data management, check your footing first with our AI readiness check.

What Apple v. OpenAI "alleges"

Start with what's objectively verifiable. On July 10, 2026, Apple filed suit in the San Jose Division of the US District Court for the Northern District of California. The case number is 5:26-cv-07078. The defendants are former Apple engineer Chang Liu; Tang Yew Tan, a former Apple VP of product design now serving as OpenAI's head of hardware; OpenAI's affiliated entities; and IO Products, Jony Ive's hardware company that OpenAI acquired. The causes of action are trade-secret misappropriation and breach of contract, and Apple demands a jury trial[^1].

From here it's Apple's allegations. Per the complaint, Liu did not comply with exit security procedures, did not return his loaned laptop, and—exploiting the fact that he could still access Apple's network after departure—downloaded dozens of confidential files such as unreleased products and technical specifications. As for Tan, the allegations include summoning current Apple employees to job interviews, having them bring "actual parts" like batteries and logic boards to draw out secrets, and coaching prospective departees on how to circumvent exit procedures[^2]. Again, these are what Apple states in the complaint, not proven facts. OpenAI has responded that it has "no interest in other companies' trade secrets"[^3].

There's a reason I keep distinguishing fact from allegation this insistently. Talk of tech outflow tends to slide into the assertion "that company stole it." But asserting that in a pending case is risky. What we should learn is not the conclusion of who was at fault, but the structure of the method—what "entrances" Apple alleges were exploited. A laptop not returned at exit, access rights still alive after departure, information drawn out through interviews. Here are the points every company should address.

Struggling with AI adoption?

We have prepared materials covering ZEROCK case studies and implementation methods.

Exfiltration by departing employees never stops

This kind of case is by no means rare. And judicially proven cases keep piling up.

Emblematic is the case of Anthony Levandowski over autonomous driving. In the midst of preparing to spin off from Google's Waymo, he downloaded thousands of confidential autonomous-driving files to a personal computer, and later moved to Uber. He was convicted of trade-secret theft in 2020 and sentenced to 18 months; the judge called it "the biggest trade-secret crime I have ever seen." It also drew attention when President Trump later pardoned him[^4]. There's also the case of Xiaolang Zhang, arrested by the FBI at San Jose Airport just before a trip to China, right after giving notice of a move from Apple's autonomous-driving unit to a China-affiliated company. He was alleged to have taken circuit-board schematics and others, and a prison sentence was finalized in 2024[^5].

These cases share a common pattern. Access secrets in bulk around the time you decide to leave, copy to personal devices or cloud, and depart the country. The method is almost identical. That's why countermeasures can be standardized too. Japan's Unfair Competition Prevention Act also protects trade secrets under three requirements—secrecy management, usefulness, and non-public status—and sets penalties for wrongful exfiltration of up to 10 years' imprisonment or a fine of up to 20 million yen for individuals, up to 500 million yen for corporations, and up to 1 billion yen where abroad is involved. The revision effective April 2024 also arranged court jurisdiction for cases where a Japanese company's trade secret is infringed abroad[^6]. The legal defenses are steadily thickening.

Handle the "China" factor accurately

Here I'll touch on a point that comes up in many economic-security discussions. Chinese-affiliated talent and China's legal system are often invoked as origins of tech outflow. I'll write this carefully, as fact.

From the institutional side, there's the framework of China's National Intelligence Law. Its Article 7 provides that all organizations and citizens shall cooperate with national intelligence work in accordance with law, and Article 14 that intelligence agencies may request cooperation from relevant organizations and citizens[^7]. It is a fact that leverage exists whereby even talent abroad could be asked to cooperate through the home country's system. Indeed, among economic-espionage cases with finalized convictions, some found involvement with China's talent programs.

But we must not make a leap from here. The same National Intelligence Law also has a caveat to respect human rights and lawfulness, and its effective reach is debated even among experts. And above all, the idea that "a certain nationality means a spy" is factually wrong and discriminatory. The US "China Initiative," launched in 2018 against Chinese tech outflow, drew criticism for unfairly profiling Asian—especially Chinese—researchers and was formally ended in 2022[^8]. Even the well-known case of a Harvard professor: what he was convicted of was false statements about ties to a talent program and tax offenses—not espionage or trade-secret theft[^8]. Institutional risk and judicially proven individual cases must be considered strictly separately. The focus a company should take is not a person's nationality but the "facts that should be disclosed"—conflicts of interest, side jobs, ties to foreign governments or competitors, prior confidentiality obligations. Keeping this line is what separates effective countermeasures from illegal, counterproductive discrimination.

What you can do now, assuming you can't fully prevent it

So, concretely, what to do. As a premise, no system prevents exfiltration by departing employees 100 percent, because you can't erase the knowledge in a person's head. The aim is to shrink the scope of harm and make exfiltration easier to detect and prove. Let me organize it into three layers.

Technically, first narrow access. With least privilege and need-to-know, limit what each person can touch to what the job requires. This alone shrinks the radius of harm an insider can cause. On top of that, deploy DLP (data loss prevention) to detect exfiltration of confidential data, catching "different-from-usual" moves like bulk downloads, copies to personal cloud, and auto-forwarding email settings. And the moment a departure or transfer is decided, immediately review that person's access rights and raise the monitoring priority. At exit, reliably recover loaned devices and preserve access logs. The unreturned PC and post-departure access Apple alleged read exactly as an example of this control breaking down.

On contracts, put in place NDAs and assignment clauses for employee inventions and intellectual property. But for non-compete obligations, note that enforceability differs greatly by country and region. In Japan, they're valid only within the bounds of reasonableness—period, geography, compensating measures, and so on. In California, they're void in principle, and a 2024 legal revision further entrenched their unenforceability. Even the nationwide non-compete ban rule the Federal Trade Commission put forward was struck down in court[^9]. "We have a non-compete, so we're safe" cannot be said, at least in the US. That's why it's realistic to combine multiple contracts—non-solicitation clauses, pledges not to bring in a prior employer's trade secrets, and so on.

On HR and education, conduct careful onboarding and offboarding interviews at entry and exit, and rigorously apply an exit-procedure checklist. Trade secrets aren't legally protected just by saying "this is important." Only by restricting access and marking them as confidential is the "secrecy management" required by the Unfair Competition Prevention Act recognized. In employee education, convey concretely what is confidential and what results exfiltration invites. And hiring due diligence should, as noted, focus not on nationality but on disclosure of conflicts of interest and obligations. Rigorously practicing clean hiring—not bringing in a prior employer's secrets—protects your company and avoids importing the seeds of the next dispute.

"Designed so it can't be taken" and "designed so taking it leaves a trail"

Laying all this out, I feel the root is a single idea. Stop relying on individuals' goodwill and attention, and design things so exfiltration is hard in the first place and leaves a trail if attempted. You grasp who can access which information, and the record remains. That state itself is the most reliable guard against insider risk.

Our enterprise AI, ZEROCK, was designed to handle data on domestic servers in Japan while letting you control who can use which information. Control the knowledge, keep access on record. This works not only against external attacks but against exfiltration from within. Of course, it's not a matter of installing a tool and it's solved. Only by defending in layers—contracts, education, and even the hiring entrance—does departing-employee risk fall to a realistic level. On leaks via physical routes, I've written in detail in the article on physical security of USB and cables, and on where devices' and AI services' data goes, in the article on data sovereignty. Reading them alongside will give you a grasp of tech outflow from entrance to exit.

How Apple v. OpenAI ultimately resolves, we don't yet know. But what this case presses on us is homework: before blaming the other side, re-examine whether your own information is designed to be hard to take. You can't fully prevent it. Accepting that premise, stack up what you can do now, one by one. That, plain as it is, is a reliable tech-outflow countermeasure. If you'd like to discuss how to lower your own insider risk, reach out through an individual consultation.


References

[^1]: Apple Inc. v. Liu, et al. (Case No. 5:26-cv-07078, US District Court for the Northern District of California, San Jose Division, filed July 10, 2026). Defendants: Chang Liu, Tang Yew Tan, OpenAI Foundation (f/k/a OpenAI, Inc.), OpenAI Group PBC, IO Products, LLC. Causes of action: trade-secret misappropriation and breach of contract, jury trial demanded. CourtListener docket. https://www.courtlistener.com/docket/73602437/apple-inc-v-liu/ [^2]: What Apple alleges in the complaint (Chang Liu's unreturned loaned PC and download of confidential files via post-departure access; Tang Yew Tan drawing out secrets through job interviews, etc.). All are Apple's allegations, not facts found by a court. CNBC (July 10, 2026). https://www.cnbc.com/2026/07/10/apple-openai-lawsuit-trade-secrets.html [^3]: OpenAI's response ("no interest in other companies' trade secrets") and the point that Jony Ive and Sam Altman are not among the defendants. 9to5Mac (July 10, 2026). https://9to5mac.com/2026/07/10/openai-responds-to-apples-trade-secret-theft-lawsuit/ [^4]: The trade-secret theft case of Anthony Levandowski (from Google's Waymo, later to Uber; convicted 2020, 18 months' imprisonment; presidential pardon in 2021). US Department of Justice. https://www.justice.gov/usao-ndca/pr/former-uber-executive-sentenced-18-months-jail-trade-secret-theft-google [^5]: The trade-secret theft case of Xiaolang Zhang (attempting to move from Apple's autonomous-driving unit to a China-affiliated XMotors company; arrested 2018, prison sentence 2024). US Department of Justice. https://www.justice.gov/usao-ndca/pr/former-apple-employee-indicted-theft-trade-secrets [^6]: The three requirements for trade secrets under Japan's Unfair Competition Prevention Act (secrecy management, usefulness, non-public status), penalties, and the 2023 revision (effective April 1, 2024; arranging international court jurisdiction, etc.). METI, "Trade Secrets." https://www.meti.go.jp/policy/economy/chizai/chiteki/trade-secret.html [^7]: China's National Intelligence Law (2017), Article 7 (duty to cooperate) and Article 14 (authority to request cooperation). China Law Translate (English). https://www.chinalawtranslate.com/en/national-intelligence-law-of-the-p-r-c-2017/ [^8]: The end of the US DOJ "China Initiative" in February 2022 amid criticism of racial profiling, and the point that the Harvard professor's conviction was for false statements and tax offenses, not espionage or trade-secret theft. NPR (February 23, 2022) and the US DOJ. https://www.npr.org/2022/02/23/1082593735/justice-department-china-initiative [^9]: Limits on the enforceability of non-compete obligations (California voids them in principle, entrenched by 2024's SB699/AB1076; the FTC's nationwide non-compete ban rule was struck down in court in 2024). WilmerHale commentary. https://www.wilmerhale.com/en/insights/publications/20250815-post-mortem-on-the-ftcs-blocked-non-compete-rule

Ready to optimize your workflows with AI?

Take our free 3-minute assessment to evaluate your AI readiness across strategy, data, and talent.

Share this article if you found it useful

シェア

Newsletter

Get the latest AI and DX insights delivered weekly

Your email will only be used for newsletter delivery.

無料診断ツール

あなたのAIリテラシー、診断してみませんか?

5分で分かるAIリテラシー診断。活用レベルからセキュリティ意識まで、7つの観点で評価します。

Learn More About ZEROCK

Discover the features and case studies for ZEROCK.

Related Articles