Pular para o conteúdo principal
Close
Security

Apple vs OpenAI: Trade Secrets, the Auth Bug, and the Lawsuit That May Redefine IP in AI

Gabriel Ferraresi· CEO | Tech86July 11, 20264 min
securityappleopenaitrade-secretsiamzero-trustdlpip

June 2024, WWDC. Apple and OpenAI on the same stage. ChatGPT enters Siri as a supplementary response engine in iOS 18. Zero dollars exchanged. An anonymous executive summarized: "OpenAI needs to take a leap of faith and trust us." Billions in projected revenue. All promise. Two years later, the promise became a lawsuit. We followed case 5:26-cv-07078 and the signal is clear: what looked like a commercial disagreement had a deeper layer — and that layer is a security architecture lesson for any company with critical IP.

The crack: from exclusive partner to one option among many

The crack came slowly, then fast. The integration got buried behind friction. In January 2026, Apple closed with Google Gemini, reported at approximately $1 billion per year, for the new Siri. At WWDC in June 2026, iOS 27 introduced Extensions, allowing rival models to be installed. OpenAI became one option among many.

What looked like a commercial disagreement had a deeper layer. OpenAI was building hardware. According to the complaint, more than 400 former Apple employees now work at OpenAI. One of them is Tang Yew Tan, 24 years at Apple as VP of Product Design, now Chief Hardware Officer at OpenAI. The accusation describes interviews as extraction vectors: candidates brought physical prototypes and multilayer logic boards. OpenAI requested Technical Deep Dive on work done at Apple. Tan used codenames of internal projects to map unannounced products. The allegations are from a complaint, not adjudicated.

The triggering event: an authentication bug and a thousand pages

The triggering event was an authentication bug. According to the complaint, Chang Liu, an electrical engineer at Apple for eight years, left on January 22, 2026. On February 9, he discovered he still had access to Apple's repository via an authentication bug. He downloaded more than a thousand pages of technical documents. He wrote LOL upon realizing the access. In February, Apple contacted OpenAI. OpenAI never responded.

We stop here. The bug that let Liu download a thousand pages was not an accident. It was the absence of architecture that assumes that every access, even from an insider, needs to be verified. An engineer who left should have had every session, token, and credential revoked on offboarding. The repository should have required reauthentication. DLP should have alerted on mass download. None of that happened — and a thousand pages walked out.

The lawsuit: Defend Trade Secrets Act and breach of contract

On July 10, 2026, Apple sued. Case 5:26-cv-07078, Northern District of California. Basis: Defend Trade Secrets Act and breach of contract. The complaint alleges that OpenAI's hardware is "rotten to its core." According to Mark Lemley of Stanford, there is potential for a very large case. According to Camilla Hrdy of Rutgers, most trade secret cases in AI involve software, not hardware — which makes this one unusual. The allegations are from a complaint, not adjudicated.

What this means for those with critical IP and engineers leaving for competitors. Protection starts before departure. IAM with least privilege that revokes access on offboarding. Zero Trust that treats every request as untrusted. DLP that detects mass downloads. At Tech86, this architecture lives in Security and Compliance with AI-SPM, AI Engineering and Security with sovereign inference on-prem, and the Secret Guardian in Elite DeepTech.

The architecture lesson: revocation is policy, not luck

The Apple vs OpenAI case is not about OpenAI. It is about the absence of architecture that assumes that every access, even from an insider, needs to be verified. Access revocation cannot depend on an authentication bug working. It has to depend on policy. When revocation is policy, the bug does not matter — the session already has no permission. When revocation depends on the bug working, a single defect turns into a thousand-page exfiltration.

We repeat: you cannot patch an architecture problem. The bug that let Liu download a thousand pages was not a missing feature — it was the absence of offboarding tests that simulate user departure and verify that every session is invalidated. Authentication without an offboarding test is incomplete architecture. IAM without least privilege is open access with a fancy name. Zero Trust without continuous verification is a VPN with a new name. DLP without mass-download alerting is a log nobody reads.

Conclusion: protection starts before departure

Trade secret protection does not start when the engineer leaves. It starts when they join. IAM with least privilege from day one. Zero Trust that treats every request as untrusted. DLP that detects mass downloads. Authentication audits that test offboarding the way they test login. Separation of IP access from employment status — revocation must be policy, not depend on a bug working.

The bug that let Liu download a thousand pages was not an accident. It was the absence of architecture that assumes that every access, even from an insider, needs to be verified. At Tech86, we help companies build that architecture before the lawsuit arrives — because after the lawsuit, the cost is billions and the damage is already done.

Need expert guidance?

Schedule a consultation with our specialists.

IP Protection and Zero Trust for Engineering

Frequently Asked Questions

On July 10, 2026, Apple sued OpenAI in case 5:26-cv-07078, Northern District of California. The basis: Defend Trade Secrets Act and breach of contract. According to the complaint, more than 400 former Apple employees now work at OpenAI, and one of them, Chang Liu, downloaded more than a thousand pages of technical documents after discovering he still had repository access via an authentication bug. The allegations are from a complaint, not adjudicated.

According to the complaint, Tang Yew Tan spent 24 years at Apple as VP of Product Design and is now Chief Hardware Officer at OpenAI. The accusation describes interviews as extraction vectors: candidates brought physical prototypes and multilayer logic boards, and OpenAI requested Technical Deep Dive on work done at Apple. Tan allegedly used codenames of internal projects to map unannounced products. The allegations are from a complaint, not adjudicated.

According to the complaint, Chang Liu, an electrical engineer at Apple for eight years, left on January 22, 2026. On February 9, he discovered he still had repository access via an authentication bug. He downloaded more than a thousand pages of technical documents and wrote LOL upon realizing the access. In February, Apple contacted OpenAI, which never responded. The allegations are from a complaint, not adjudicated.

According to Camilla Hrdy of Rutgers, most trade secret cases in AI involve software, not hardware. The Apple vs OpenAI case is unusual because it concerns hardware — physical prototypes, multilayer logic boards, and unannounced products. According to Mark Lemley of Stanford, there is potential for a very large case. The allegations are from a complaint, not adjudicated.

Protection starts before departure. IAM with least privilege that revokes access on offboarding. Zero Trust that treats every request as untrusted, even from insiders. DLP that detects mass downloads and blocks them. Authentication audits for bugs that retain access after departure. Separation of IP access from employment status — revocation must be policy, not depend on a bug working.

Blog — Get in Touch

Have a question about our articles or services? Our team is ready to help.

Schedule a Meeting

Book a time slot.

Schedule Now

Email

Send us a message.

[email protected]

WhatsApp

Quick conversation.

Address

Avenida Paulista, 1636 - São Paulo - SP - 01310-200

Tech86 Specialist

Online now

Hello! How can we help scale your business today?

Tech86 Engineering

We Value Your Privacy

We use cookies and similar technologies to optimize your experience, analyze site traffic, and personalize content. By clicking "Accept All", you agree to the use of all cookies. Read our Privacy Policy.