• United States



Christopher Burgess
Contributing Writer

Apple means business when protecting intellectual property

News Analysis
May 04, 20184 mins
AppleData and Information SecurityDLP Software

Apple takes the protection of intellectual property very seriously. In 2017, it says 27 people were caught and 12 arrested for revealing inside information.

Over the past few years, we’ve witnessed numerous cases of intellectual property theft (IP theft) involving a number of Silicon Valley companies. Apple was among them, with the company catching 27 individuals leaking/sharing internal information during 2017. All of them lost their jobs, and 12 were arrested. Here’s a look at a few of the incidents.

Apple intellectual property leaks

Inadvertent disclosure

In October 2017, an Apple engineer found himself out of a job after he brought his daughter to work and she filmed the then prototype iPhone X. The engineer’s daughter posted a video of her experience accompanying dad to the office, and it included the embargoed phone. The dad was asked to leave Apple’s employ. His daughter made a subsequent video where she implored others to pay attention to rules and don’t make the same mistake she made, which cost her father his job.

Criminal intent?

Similarly, in 2010, an engineer took the iPhone 4 out to dinner and lost the phone. The individual was invited out the door when the device was ultimately shared with the public. Also in 2010, several Apple employees in China were found guilty of having stolen Apple information and peddling it before the official release of a number of devices.

Openness is good, except when it isn’t

Then there is the instance when Apple source code found its way into Github earlier in 2018. How did the iBoot source code find its way to Github? An intern shared the code with five friends who were active in iPhone jailbreak groups. Clearly a case of “When employee access exceeds trust, IP goes missing.

Pay attention — IP is your responsibility to protect

To that end, in mid-April Apple sent about an internal memo (full text provided below via Bloomberg). The memo admonished employees to remember that their livelihood depends on the company being competitive and the intellectual property of the company protected.

An unidentified Apple employee was “caught and fired” after having leaked internal confidential information. “One person betrayed their trust.”  The emphasis on the trust provided by Apple to their insiders is recurring — as is the fact that employees are breaking that trust, reminding all of the Github leak.

The memo also embraces the need for vigilance with social network engagement — admonishing employees not to overshare information and be alert for attempts to elicit information.

Apple memo:

Last month, Apple caught and fired the employee responsible for leaking details from an internal, confidential meeting about Apple’s software roadmap. Hundreds of software engineers were in attendance, and thousands more within the organization received details of its proceedings. One person betrayed their trust.

The employee who leaked the meeting to a reporter later told Apple investigators that he did it because he thought he wouldn’t be discovered. But people who leak — whether they’re Apple employees, contractors or suppliers — do get caught and they’re getting caught faster than ever.

In many cases, leakers don’t set out to leak. Instead, people who work for Apple are often targeted by press, analysts and bloggers who befriend them on professional and social networks like LinkedIn, Twitter and Facebook and begin to pry for information. While it may seem flattering to be approached, it’s important to remember that you’re getting played. The success of these outsiders is measured by obtaining Apple’s secrets from you and making them public. A scoop about an unreleased Apple product can generate massive traffic for a publication and financially benefit the blogger or reporter who broke it. But the Apple employee who leaks has everything to lose.

The impact of a leak goes far beyond the people who work on a project.

Leaking Apple’s work undermines everyone at Apple and the years they’ve invested in creating Apple products. “Thousands of people work tirelessly for months to deliver each major software release,” says UIKit lead Josh Shaffer, whose team’s work was part of the iOS 11 leak last fall. “Seeing it leak is devastating for all of us.”

Apple has been consistently hard-nosed about protecting their IP. And hard-nosed is exactly what every entity should be when it comes to protecting their intellectual property from IP theft. Even when the theft was inadvertent. In the above examples, the employees who put the IP at risk or exposed the IP.

For those who choose to leak company information, you can do it. But you will be held both responsible and accountable for leaking the information.

Christopher Burgess
Contributing Writer

Christopher Burgess is a writer, speaker and commentator on security issues. He is a former senior security advisor to Cisco, and has also been a CEO/COO with various startups in the data and security spaces. He served 30+ years within the CIA which awarded him the Distinguished Career Intelligence Medal upon his retirement. Cisco gave him a stetson and a bottle of single-barrel Jack upon his retirement. Christopher co-authored the book, “Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century”. He also founded the non-profit, Senior Online Safety.

More from this author