The United States Federal Bureau of Investigation this week charged former Apple employee Xiaolang Zhang with theft of trade secrets, according to documents filed with the Northern District Court of California.
Zhang was hired at Apple in December of 2015 to work on Project Titan, developing software and hardware for use in autonomous vehicles. Zhang specifically worked on Apple’s Compute Team, designing and testing circuit boards to analyze sensor data.
The intellectual property disclosure on one of the documents Zhang stole
He was provided with “broad access to secure and confidential internal databases” due to his position, which contained trade secrets and intellectual property for the autonomous driving project that he ultimately ended up stealing.
In April 2018, Zhang took family leave from Apple following the birth of his child, and during that time, he visited China. Shortly after, he told his supervisor at Apple he was leaving the company and moving to China to work for XMotors, a Chinese startup that also focuses on autonomous vehicle technology.
Zhang’s supervisor felt that he had “been evasive” during the meeting, which led Apple’s New Product Security Team to begin an investigation, looking into Zhang’s historical network activity and analyzing his Apple devices, which were seized when he resigned.
Apple found that just prior to Zhang’s departure, his network activity had “increased exponentially” compared to the prior two years he had worked at Apple. He accessed content that included prototypes and prototype requirements, which the court documents specify as power requirements, low voltage requirements, battery system, and drivetrain suspension mounts.
The majority of his activity consisted of both bulk searches and targeted downloading copious pages of information from various confidential database applications. The information contained within the downloading contained trade secret intellectual property, based on the level of Zhang’s access within Apple’s autonomous vehicle team.
A review of recorded footage at Apple indicated Zhang had visited the campus on the evening of Saturday, April 28, entering both Apple’s autonomous vehicle software and hardware labs, which coincided with data download times, and he left with a box of hardware.
In a second interview with Apple’s security team, Zhang admitted to taking both online data and hardware (a Linux server and circuit boards) from Apple during his paternity leave. He also admitted to AirDropping sensitive content from his own device to his wife’s laptop.
All of Apple’s evidence was relayed to the FBI after the company’s Digital Forensic Investigations team discovered that at least 60 percent of the data Zhang had downloaded and transferred to his wife’s computer was “highly problematic.” The FBI, in the court filing, describes the information as “largely technical in nature, including engineering schematics, technical reference manuals, and technical reports.”
Of interest, the filing also gives a glimpse into Apple’s security protocols. To access sensitive projects like Titan, an employee must be logged into Apple’s virtual private network and must be granted “disclosure,” a status that can only be granted when an employee is sponsored by another employee who already has access to the project, with an administrator reviewing all requests. Approximately 5,000 Apple employees have access to data on Apple’s autonomous driving efforts, with the databases Zhang accessed further restricted to approximately 2,700 “core employees.”
When hired, Zhang signed an Intellectual Property Agreement and attended a mandatory in-person secrecy training session, which he violated. Zhang was interviewed by the FBI in late June, where he admitted to stealing the information, and he was later arrested attempting to leave to China on July 7.
For stealing Apple’s trade secrets, Zhang is facing up to 10 years in prison and a $250,000 fine.
It’s no surprise that Apple cracked down on Zhang. Shortly before Zhang’s theft was discovered, Apple sent out a lengthy cautionary memo to employees warning them against leaking data to the media. In the letter, Apple said that in 2017, it caught 29 leakers, with 12 of those individuals being arrested and charged.