New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Former Apple Employee Charged With Theft of Trade Secrets Related to Autonomous Car Project [Updated]

The United States Federal Bureau of Investigation this week charged former Apple employee Xiaolang Zhang with theft of trade secrets, according to documents filed with the Northern District Court of California.

Zhang was hired at Apple in December of 2015 to work on Project Titan, developing software and hardware for use in autonomous vehicles. Zhang specifically worked on Apple's Compute Team, designing and testing circuit boards to analyze sensor data.

The intellectual property disclosure on one of the documents Zhang stole

He was provided with "broad access to secure and confidential internal databases" due to his position, which contained trade secrets and intellectual property for the autonomous driving project that he ultimately ended up stealing.

In April 2018, Zhang took family leave from Apple following the birth of his child, and during that time, he visited China. Shortly after, he told his supervisor at Apple he was leaving the company and moving to China to work for XMotors, a Chinese startup that also focuses on autonomous vehicle technology.

Zhang's supervisor felt that he had "been evasive" during the meeting, which led Apple's New Product Security Team to begin an investigation, looking into Zhang's historical network activity and analyzing his Apple devices, which were seized when he resigned.

Apple found that just prior to Zhang's departure, his network activity had "increased exponentially" compared to the prior two years he had worked at Apple. He accessed content that included prototypes and prototype requirements, which the court documents specify as power requirements, low voltage requirements, battery system, and drivetrain suspension mounts.
The majority of his activity consisted of both bulk searches and targeted downloading copious pages of information from various confidential database applications. The information contained within the downloading contained trade secret intellectual property, based on the level of Zhang's access within Apple's autonomous vehicle team.
A review of recorded footage at Apple indicated Zhang had visited the campus on the evening of Saturday, April 28, entering both Apple's autonomous vehicle software and hardware labs, which coincided with data download times, and he left with a box of hardware.

In a second interview with Apple's security team, Zhang admitted to taking both online data and hardware (a Linux server and circuit boards) from Apple during his paternity leave. He also admitted to AirDropping sensitive content from his own device to his wife's laptop.

All of Apple's evidence was relayed to the FBI after the company's Digital Forensic Investigations team discovered that at least 60 percent of the data Zhang had downloaded and transferred to his wife's computer was "highly problematic." The FBI, in the court filing, describes the information as "largely technical in nature, including engineering schematics, technical reference manuals, and technical reports."

Of interest, the filing also gives a glimpse into Apple's security protocols. To access sensitive projects like Titan, an employee must be logged into Apple's virtual private network and must be granted "disclosure," a status that can only be granted when an employee is sponsored by another employee who already has access to the project, with an administrator reviewing all requests. Approximately 5,000 Apple employees have access to data on Apple's autonomous driving efforts, with the databases Zhang accessed further restricted to approximately 2,700 "core employees."

When hired, Zhang signed an Intellectual Property Agreement and attended a mandatory in-person secrecy training session, which he violated. Zhang was interviewed by the FBI in late June, where he admitted to stealing the information, and he was later arrested attempting to leave to China on July 7.

For stealing Apple's trade secrets, Zhang is facing up to 10 years in prison and a $250,000 fine.

It's no surprise that Apple cracked down on Zhang. Shortly before Zhang's theft was discovered, Apple sent out a lengthy cautionary memo to employees warning them against leaking data to the media. In the letter, Apple said that in 2017, it caught 29 leakers, with 12 of those individuals being arrested and charged.

Update: Apple provided the following statement on the case to TechCrunch: "Apple takes confidentiality and the protection of our intellectual property very seriously. We're working with authorities on this matter and will do everything possible to make sure this individual and any other individuals involved are held accountable for their actions."

Update 2: XMotors said there is no indication that Zhang ever communicated any sensitive information from Apple to XMotors, according to Reuters. XMotors also said the firm had terminated Zhang and is supporting local authorities.

Update 3: On July 16, Zhang pled not guilty to the charges.

USA v. Xiaolang Zhang by MacRumors on Scribd



Top Rated Comments

(View all)

10 weeks ago
There's no way this wasn't a state-sponsored quid pro quo to give the Chinese company a leg up on automated vehicles. This will continue until there's a 100% punitive embargo on China, including their strategic staples like pork, requiring them to deliver full economic compensation for theft of intellectual property and complete monitored compliance with WTO regulation. Until that happens, this is equivalent to letting banks make tens of billions in fraudulent instruments and then fining them a few million in damages. Their investors don't care about the public and brand cost so long as the penalties are a tiny fraction of profits. China doesn't care either because, at the moment, the benefits outweigh the cost.
Rating: 36 Votes
10 weeks ago
Glad to see Apple found out and took swift action. Hope he gets the maximum sentence.
Rating: 34 Votes
10 weeks ago
This is how propaganda and disinformation work...

There's no way this wasn't a state-sponsored quid pro quo to give the Chinese company a leg up on automated vehicles.


Step 1: State an unprovable assumption that is designed to make the reader angry.

This will continue until there's a 100% punitive embargo on China, including their strategic staples like pork, requiring them to deliver full economic compensation for theft of intellectual property and complete monitored compliance with WTO regulation.


Step 2: State a second, unprovable assumption based on the first, unprovable assumption, along with a list of retaliatory responses that mirror a current political position that the author is attempting to justify.

Step 3: Try to get a blogger somewhere to focus on the unprovable assumptions and other inaccuracies as a way to justify a political stance, then peddle that blog to a large propaganda outlet like Fox News as a way to legitimize the misinformation.

You forgot Step 3. Maybe you're still working on that?

Yes, folks, this is how it's done.
Rating: 33 Votes
10 weeks ago

You'd think that huge amounts of data access would be a red flag for their security people, especially at off hours.


There is no such thing as off hours in Silicon Valley :P
Rating: 29 Votes
10 weeks ago
He took the “great artists steal” thought to the next level.
Rating: 21 Votes
10 weeks ago
Well... I think this confirms that they were working on a car.
Rating: 17 Votes
10 weeks ago
I wonder what the ... charge ... is. :D
Rating: 14 Votes
10 weeks ago
I have worked in US tech companies that had teams in China, and leading work that needed to be original in order for us to claim license/patent on it. I found countless times that my colleagues in China submitted content, signed that it was their original work, and I was suspicious by how well written it was. A quick Google search found word for word plagiarism of the material.

After many discussions and getting to know these Chinese colleagues, I learned that as part of a socialist country, they were trained from birth that no one owned any property and so the notion of copying some intellectual property was incomprehensible. They simply operated on the principal that property was community owned so anyone in the community could take it and use it... and anything they created could also be taken and used by anyone else.

Obviously in this case the guy was breaking laws and should have the full extent of the law thrown at him, but we need to understand what we are dealing with when dealing with anything in China. Its not "fair" to trade with someone who is trying to steal your property.
Rating: 14 Votes
10 weeks ago

Wow, you're with real empathy! We are talking about a human here not a dead product! Amazing how things are being worshipped and humans are being used these days! What a greedy world!

Yes…a human who stole extremely valuable internal information, potentially providing it to a competing foreign company, and will most likely receive quite a hefty punishment for it in fines and/or jail time.

Don’t want to go to jail for a long time? Don’t do things that, if you’re caught, will result in your going to jail for a long time.
Rating: 14 Votes
10 weeks ago

All of this actually makes Apple look like the devil - all smiles and empathy pretends to the public but in reality, they come across as pure evil if any of their staff go out of line. Must be a pretty horrible place to work in all honesty!

Jeez, you’re really sticking up for this alleged criminal. Maybe you should join his defense team.

Anyway, I know multiple people in the Bay Area working for Apple. Some have been at Apple for years. I figure if it was “pretty horrible,” they’d have jumped to other companies by now. Certainly good candidates to do so!
Rating: 11 Votes

[ Read All Comments ]