Former Apple Employee Charged With Theft of Trade Secrets Related to Autonomous Car Project [Updated]

The United States Federal Bureau of Investigation this week charged former Apple employee Xiaolang Zhang with theft of trade secrets, according to documents filed with the Northern District Court of California.

Zhang was hired at Apple in December of 2015 to work on Project Titan, developing software and hardware for use in autonomous vehicles. Zhang specifically worked on Apple's Compute Team, designing and testing circuit boards to analyze sensor data.

appleintellectualpropertydocument

The intellectual property disclosure on one of the documents Zhang stole

He was provided with "broad access to secure and confidential internal databases" due to his position, which contained trade secrets and intellectual property for the autonomous driving project that he ultimately ended up stealing.

In April 2018, Zhang took family leave from Apple following the birth of his child, and during that time, he visited China. Shortly after, he told his supervisor at Apple he was leaving the company and moving to China to work for XMotors, a Chinese startup that also focuses on autonomous vehicle technology.

Zhang's supervisor felt that he had "been evasive" during the meeting, which led Apple's New Product Security Team to begin an investigation, looking into Zhang's historical network activity and analyzing his Apple devices, which were seized when he resigned.

Apple found that just prior to Zhang's departure, his network activity had "increased exponentially" compared to the prior two years he had worked at Apple. He accessed content that included prototypes and prototype requirements, which the court documents specify as power requirements, low voltage requirements, battery system, and drivetrain suspension mounts.

The majority of his activity consisted of both bulk searches and targeted downloading copious pages of information from various confidential database applications. The information contained within the downloading contained trade secret intellectual property, based on the level of Zhang's access within Apple's autonomous vehicle team.

A review of recorded footage at Apple indicated Zhang had visited the campus on the evening of Saturday, April 28, entering both Apple's autonomous vehicle software and hardware labs, which coincided with data download times, and he left with a box of hardware.

In a second interview with Apple's security team, Zhang admitted to taking both online data and hardware (a Linux server and circuit boards) from Apple during his paternity leave. He also admitted to AirDropping sensitive content from his own device to his wife's laptop.

All of Apple's evidence was relayed to the FBI after the company's Digital Forensic Investigations team discovered that at least 60 percent of the data Zhang had downloaded and transferred to his wife's computer was "highly problematic." The FBI, in the court filing, describes the information as "largely technical in nature, including engineering schematics, technical reference manuals, and technical reports."

Of interest, the filing also gives a glimpse into Apple's security protocols. To access sensitive projects like Titan, an employee must be logged into Apple's virtual private network and must be granted "disclosure," a status that can only be granted when an employee is sponsored by another employee who already has access to the project, with an administrator reviewing all requests. Approximately 5,000 Apple employees have access to data on Apple's autonomous driving efforts, with the databases Zhang accessed further restricted to approximately 2,700 "core employees."

When hired, Zhang signed an Intellectual Property Agreement and attended a mandatory in-person secrecy training session, which he violated. Zhang was interviewed by the FBI in late June, where he admitted to stealing the information, and he was later arrested attempting to leave to China on July 7.

For stealing Apple's trade secrets, Zhang is facing up to 10 years in prison and a $250,000 fine.

It's no surprise that Apple cracked down on Zhang. Shortly before Zhang's theft was discovered, Apple sent out a lengthy cautionary memo to employees warning them against leaking data to the media. In the letter, Apple said that in 2017, it caught 29 leakers, with 12 of those individuals being arrested and charged.

Update: Apple provided the following statement on the case to TechCrunch: "Apple takes confidentiality and the protection of our intellectual property very seriously. We're working with authorities on this matter and will do everything possible to make sure this individual and any other individuals involved are held accountable for their actions."

Update 2: XMotors said there is no indication that Zhang ever communicated any sensitive information from Apple to XMotors, according to Reuters. XMotors also said the firm had terminated Zhang and is supporting local authorities.

Update 3: On July 16, Zhang pled not guilty to the charges.

Top Rated Comments

JohnGrey Avatar
52 months ago
There's no way this wasn't a state-sponsored quid pro quo to give the Chinese company a leg up on automated vehicles. This will continue until there's a 100% punitive embargo on China, including their strategic staples like pork, requiring them to deliver full economic compensation for theft of intellectual property and complete monitored compliance with WTO regulation. Until that happens, this is equivalent to letting banks make tens of billions in fraudulent instruments and then fining them a few million in damages. Their investors don't care about the public and brand cost so long as the penalties are a tiny fraction of profits. China doesn't care either because, at the moment, the benefits outweigh the cost.
Score: 36 Votes (Like | Disagree)
Apple_Robert Avatar
52 months ago
Glad to see Apple found out and took swift action. Hope he gets the maximum sentence.
Score: 34 Votes (Like | Disagree)
AZREOSpecialist Avatar
52 months ago
This is how propaganda and disinformation work...

There's no way this wasn't a state-sponsored quid pro quo to give the Chinese company a leg up on automated vehicles.
Step 1: State an unprovable assumption that is designed to make the reader angry.

This will continue until there's a 100% punitive embargo on China, including their strategic staples like pork, requiring them to deliver full economic compensation for theft of intellectual property and complete monitored compliance with WTO regulation.
Step 2: State a second, unprovable assumption based on the first, unprovable assumption, along with a list of retaliatory responses that mirror a current political position that the author is attempting to justify.

Step 3: Try to get a blogger somewhere to focus on the unprovable assumptions and other inaccuracies as a way to justify a political stance, then peddle that blog to a large propaganda outlet like Fox News as a way to legitimize the misinformation.

You forgot Step 3. Maybe you're still working on that?

Yes, folks, this is how it's done.
Score: 33 Votes (Like | Disagree)
Crzyrio Avatar
52 months ago
You'd think that huge amounts of data access would be a red flag for their security people, especially at off hours.
There is no such thing as off hours in Silicon Valley :P
Score: 29 Votes (Like | Disagree)
Blackstick Avatar
52 months ago
He took the “great artists steal” thought to the next level.
Score: 21 Votes (Like | Disagree)
Mikey44 Avatar
52 months ago
Well... I think this confirms that they were working on a car.
Score: 17 Votes (Like | Disagree)

Popular Stories

macbook air m2

Exclusive: Apple Plans to Launch MacBook Air With M2 Chip on July 15

Wednesday June 29, 2022 5:23 pm PDT by
The redesigned MacBook Air with the all-new M2 Apple silicon chip will be available for customers starting Friday, July 15, MacRumors has learned from a retail source. The new MacBook Air was announced and previewed during WWDC earlier this month, with Apple stating availability will begin in July. The MacBook Air features a redesigned body that is thinner and lighter than the previous...
Mac Studio IO

Apple Begins Selling Refurbished Mac Studio Models

Thursday June 30, 2022 7:42 pm PDT by
Apple today began selling refurbished Mac Studio models for the first time in the United States, Canada, and select European countries, such as Belgium, Germany, Ireland, Spain, Switzerland, the Netherlands, and the United Kingdom. In the United States, two refurbished Mac Studio configurations are currently available, including one with the M1 Max chip (10-core CPU and 24-core GPU) for...
top stories 2jul2022

Top Stories: M2 MacBook Air Release Date, New HomePod Rumor, and More

Saturday July 2, 2022 6:00 am PDT by
The M2 MacBook Pro has started making its way into customers' hands and we're learning more about how it performs in a variety of situations, but all eyes are really on the upcoming M2 MacBook Air which has seen a complete redesign and should be arriving in a couple of weeks. Other top stories this week included a host of product rumors including additional M2 and even M3 Macs, an updated...
original iphone 2007

15 Years Ago Today, the iPhone Went On Sale

Wednesday June 29, 2022 4:43 am PDT by
Fifteen years ago to this day, the iPhone, the revolutionary device presented to the world by the late Steve Jobs, officially went on sale. The first iPhone was announced by Steve Jobs on January 9, 2007, and went on sale on June 29, 2007. "An iPod, a phone, an internet mobile communicator... these are not three separate devices," Jobs famously said. "Today, Apple is going to reinvent the...
rootbug

Major macOS High Sierra Bug Allows Full Admin Access Without Password - How to Fix [Updated]

Tuesday November 28, 2017 12:33 pm PST by
There appears to be a serious bug in macOS High Sierra that enables the root superuser on a Mac with a blank password and no security check. The bug, discovered by developer Lemi Ergin, lets anyone log into an admin account using the username "root" with no password. This works when attempting to access an administrator's account on an unlocked Mac, and it also provides access at the login...