Apple Inc. warned employees to stop leaking internal information on future plans and raised the specter of potential legal action and criminal charges, one of the most-aggressive moves by the world’s largest technology company to control information about its activities.
The Cupertino, California-based company said in a lengthy memo posted to its internal blog that it “caught 29 leakers,” last year and noted that 12 of those were arrested. “These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere,” Apple added. The company declined to comment on Friday.
Apple outlined situations in which information was leaked to the media, including a meeting earlier this year where Apple’s software engineering head Craig Federighi told employees that some planned iPhone software features would be delayed. Apple also cited a yet-to-be-released software package that revealed details about the unreleased iPhone X and new Apple Watch.
Facebook executive Sheryl Sandberg last week talked about her disappointment with leakers. In 2016, Google fired an employee after the person shared internal posts criticizing an executive. The employee filed a lawsuit claiming their speech was protected under California law.
In messages to staff, tech companies sometimes conflate conversations employees are allowed to have, such as complaining about working conditions, with sharing trade secrets, said Chris Baker, an attorney with Baker Curtis and Schwartz, PC, who represents the fired Googler. “The overall broad definition of confidential information makes it so employees don’t say anything, even about issues they’re allowed to talk about,” he said. “That’s problematic.”
Apple is notoriously secretive about its product development. In 2012, Chief Executive Officer Tim Cook pledged to double down on keeping the company’s work under wraps. Despite that, the media has continued to report news on the firm to satisfy demand for information on a company that’s become a crucial part of investment portfolios, many of which support public retirement funds for teachers and other essential workers.
In 2017, Apple held a confidential meeting with employees in another bid to stop leaks. Since then, publications, including Bloomberg News, published details about the iPhone X, a new Apple TV video-streaming box, a new Apple Watch with LTE, the company’s upcoming augmented-reality headset, new iPad models, software enhancements, and details about the upcoming iPhones and AirPods headphones.
Here’s the memo:
Last month, Apple caught and fired the employee responsible for leaking details from an internal, confidential meeting about Apple’s software roadmap. Hundreds of software engineers were in attendance, and thousands more within the organization received details of its proceedings. One person betrayed their trust.
The employee who leaked the meeting to a reporter later told Apple investigators that he did it because he thought he wouldn’t be discovered. But people who leak — whether they’re Apple employees, contractors or suppliers — do get caught and they’re getting caught faster than ever.
In many cases, leakers don’t set out to leak. Instead, people who work for Apple are often targeted by press, analysts and bloggers who befriend them on professional and social networks like LinkedIn, Twitter and Facebook and begin to pry for information. While it may seem flattering to be approached, it’s important to remember that you’re getting played. The success of these outsiders is measured by obtaining Apple’s secrets from you and making them public. A scoop about an unreleased Apple product can generate massive traffic for a publication and financially benefit the blogger or reporter who broke it. But the Apple employee who leaks has everything to lose.
The impact of a leak goes far beyond the people who work on a project.
Leaking Apple’s work undermines everyone at Apple and the years they’ve invested in creating Apple products. “Thousands of people work tirelessly for months to deliver each major software release,” says UIKit lead Josh Shaffer, whose team’s work was part of the iOS 11 leak last fall. “Seeing it leak is devastating for all of us.”
The impact of a leak goes beyond the people who work on a particular project — it’s felt throughout the company. Leaked information about a new product can negatively impact sales of the current model; give rival companies more time to begin on a competitive response; and lead to fewer sales of that new product when it arrives. “We want the chance to tell our customers why the product is great, and not have that done poorly by someone else,” says Greg Joswiak of Product Marketing.
Investments by Apple have had an enormous impact on the company’s ability to identify and catch leakers. Just before last September’s special event, an employee leaked a link to the gold master of iOS 11 to the press, again believing he wouldn’t be caught. The unreleased OS detailed soon-to-be-announced software and hardware including iPhone X. Within days, the leaker was identified through an internal investigation and fired. Global Security’s digital forensics also helped catch several employees who were feeding confidential details about new products including iPhone X, iPad Pro and AirPods to a blogger at 9to5Mac.
Leakers in the supply chain are getting caught, too. Global Security has worked hand-in-hand with suppliers to prevent theft of Apple’s intellectual property as well as to identify individuals who try to exceed their access. They’ve also partnered with suppliers to identify vulnerabilities — both physical and technological — and ensure their security levels meet or exceed Apple’s expectations. These programs have nearly eliminated the theft of prototypes and products from factories, caught leakers and prevented many others from leaking in the first place.
Leakers do not simply lose their jobs at Apple. In some cases, they face jail time and massive fines for network intrusion and theft of trade secrets both classified as federal crimes. In 2017, Apple caught 29 leakers. 12 of those were arrested. Among those were Apple employees, contractors and some partners in Apple’s supply chain. These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere. “The potential criminal consequences of leaking are real,” says Tom Moyer of Global Security, “and that can become part of your personal and professional identity forever.”
While they carry serious consequences, leaks are completely avoidable. They are the result of a decision by someone who may not have considered the impact of their actions. “Everyone comes to Apple to do the best work of their lives — work that matters and contributes to what all 135,000 people in this company are doing together,” says Joswiak. “The best way to honor those contributions is by not leaking.”
— With assistance by Mark Bergen, and Sarah Frier