Skip to content

AI Governance

Apple just sued OpenAI for stealing its trade secrets. Here is what business owners should know about protecting their own.

On July 10, 2026, Apple filed a lawsuit against OpenAI, OpenAI's hardware subsidiary io Products, and two former Apple employees, alleging a sustained pattern of trade secret theft connected to OpenAI's unreleased consumer AI hardware device. The complaint, filed in the US District Court for the Northern District of California (Apple Inc. v. Liu et al., case 5:26-cv-07078), accuses OpenAI's Chief Hardware Officer Tang Tan, a 24-year Apple veteran who led product design for the iPhone and Apple Watch, and former Apple engineer Chang Liu of taking confidential product designs, engineering presentations, and supply chain information with them, and of using it to help build OpenAI's hardware business. Apple alleges the pattern runs deeper than two individuals: it says OpenAI coached departing Apple employees on how to evade exit security checks, and directed active job candidates still working at Apple to bring physical components to interviews for what the complaint calls 'show and tell' sessions. OpenAI's response, given to multiple outlets, was direct: 'We have no interest in other companies' trade secrets. We remain focused on building innovative technology that empowers people everywhere.' Nothing in the complaint has been proven in court, and this is Apple's account, filed as a legal allegation, not an established finding of fact. The direct answer for a business owner has nothing to do with picking a side. Apple's complaint states that roughly 400 of OpenAI's employees are former Apple staff. The mechanism described in the lawsuit, confidential information moving through people rather than through a technical breach, is a risk every business carries the moment a key employee leaves, whether they are headed to a trillion-dollar AI lab or a competitor two towns over.

By Fabio Rabelo · Founder, ATLACIS ·

What happened

Apple filed a 41-page complaint against OpenAI on July 10, 2026, in the US District Court for the Northern District of California. The lawsuit names OpenAI Foundation, OpenAI Group PBC, OpenAI's hardware subsidiary io Products, and two former Apple employees: Tang Yew Tan, now OpenAI's Chief Hardware Officer, and Chang Liu, a former senior Apple systems and electrical engineer. Apple alleges Liu kept a company-issued laptop after leaving, later exploited an authentication bug to access Apple's internal cloud storage, and downloaded dozens of confidential hardware-related files. Separately, Apple alleges Tan used Apple's internal project codenames during OpenAI recruiting interviews to draw out more confidential information from job candidates who were still Apple employees, asked some of them to bring 'actual parts', batteries, logic boards, and other components, to interviews for show-and-tell sessions, and circulated an Apple offboarding document to coach new OpenAI hires on how to evade Apple's exit security checks. Apple also alleges OpenAI approached one of Apple's manufacturing partners and asked it to demonstrate a proprietary metal finishing technique Apple says it invented, while leading the partner to believe Apple had authorized the disclosure. According to the complaint, Apple sent OpenAI a letter in February 2026 raising these concerns and received no response before filing suit. Apple is seeking damages and an injunction barring OpenAI from using the information. OpenAI has denied wrongdoing in public statements and had not filed a formal court response as of publication. Jony Ive, whose hardware startup io Products OpenAI acquired for a reported $6.5 billion, is not named as a defendant. The filing marks a sharp turn in a relationship that began in 2024, when Apple and OpenAI announced a partnership to bring ChatGPT into Siri and Apple Intelligence, a partnership that had already been reported as strained before this suit.

Why it matters for business owners

Most business owners will never sue a competitor over trade secrets, and most will never be sued. That is not the reason this story matters. The AI hiring market has been unusually aggressive for the past two years, with labs and hardware teams recruiting specialized talent directly from established companies at a pace that outstrips normal turnover. Apple's complaint states that roughly 400 of OpenAI's employees are former Apple staff. Whatever the outcome of the lawsuit, that number describes something true about the current environment: senior technical and product people are moving between companies faster than most businesses' internal controls were built to handle. When someone with deep knowledge of your product roadmap, supplier relationships, pricing, or undocumented processes leaves for a competitor, a client, or their own venture, the same exposure Apple describes exists at whatever scale your business operates at. Few small and medium-size businesses have any technical control that would catch a departing employee keeping a device, retaining access to a shared drive, or continuing to reach a customer list after their last day.

What owners should not misunderstand

This is a contested legal complaint, not a proven verdict. Every allegation described above is Apple's account, filed to open a lawsuit, and OpenAI disputes it. Courts, not press coverage, will determine what actually happened. Do not treat this as settled fact about OpenAI's conduct, and do not treat it as evidence that AI labs in general behave this way. It is a dispute between two specific companies with a business relationship that was already strained. It is also not a reason to avoid OpenAI's products for reasons unrelated to this case. Whether ChatGPT Enterprise or another OpenAI tool fits your business is a separate vendor evaluation question from a lawsuit about how a different product, OpenAI's unreleased hardware device, was allegedly developed. And it is not a reason to treat every departing employee as a threat. The useful lesson is narrower and more practical: most businesses have never tested whether their own offboarding process would catch what Apple alleges happened here, a retained device, a lingering system access path, and confidential information changing hands during a hiring conversation.

The operational lesson

Trade secret protection is treated by most businesses as a paperwork problem: a signed non-disclosure agreement, a line in the employee handbook, maybe a confidentiality clause in the offer letter. Apple's complaint is a reminder that paperwork does not stop someone from keeping a laptop or finding a way back into a system after they leave. The complaint alleges Apple sent OpenAI a letter in February 2026 raising its concerns and received no response for months. A letter is a request, not a control. Real protection is operational: access is revoked the moment employment ends, not at the end of the week; departing employees' devices, credentials, and cloud access are checked off a list that someone actually verifies, not just handed over as a form; and unusual access to sensitive systems is something your business would notice, not something that surfaces only if a lawsuit forces a review of the logs months or years later. Most businesses, regardless of size, have at least one gap in that chain today, and most have never checked.

What a serious business should do next

Start with what actually needs protecting: client data, supplier terms and pricing, workflow documentation, product or service roadmaps, and anything a competitor would pay to see. Map who currently has access to each of those, not who is supposed to have access according to a policy document written two years ago. Test your offboarding process on paper before you need it: when someone leaves, does access to every system, shared drive, cloud account, and physical device actually get revoked the same day, and who is responsible for confirming it happened? Check for stale access right now, not only at departure: former employees, contractors, or vendors who still have a working login somewhere are a more common gap than most owners expect. If your business relies on non-disclosure or non-compete agreements, know that enforceability varies significantly by state and by role. Talk to an employment attorney about what your specific agreements can and cannot practically stop, rather than assuming the signed document alone is the protection. And treat hiring conversations, both when your own people are being recruited elsewhere and when you interview candidates who currently work for a competitor, as a channel where confidential information can move in either direction, and set expectations with your team accordingly. For a broader look at mapping who and what can access your AI tools and business data, see the AI workflow audit guide.

The Atlacis view

Atlacis has no position on how the Apple-OpenAI lawsuit will resolve, and that outcome is not the point. What the complaint makes visible is a gap that exists in most businesses regardless of whether they ever touch AI hardware or compete for AI talent: confidential information is protected by trust and paperwork far more often than by an actual technical control that would catch it leaving. That gap gets more exposed, not less, as AI tools spread more of a business's workflows, client data, and internal knowledge across more systems and more people's hands. Atlacis helps owners map what actually needs protecting inside their business, who can currently reach it, and where the real gap sits between the policy on paper and what would happen if a key person walked out the door tomorrow, before that gap gets tested the hard way.

The short version

  • On July 10, 2026, Apple sued OpenAI, its hardware subsidiary io Products, and two former Apple employees, Tang Tan and Chang Liu, alleging a pattern of trade secret theft connected to OpenAI's unreleased consumer hardware device.
  • Apple alleges a former employee retained a company laptop and exploited an access bug after leaving, and that OpenAI's hardware chief used interviews with active Apple employees to extract further confidential information and coached departing staff on evading exit security checks. These are allegations in a filed complaint, not proven facts.
  • Apple's complaint states that roughly 400 of OpenAI's employees are former Apple staff, a scale that reflects how aggressive AI-era hiring has become across the industry, not just this one dispute.
  • Apple says it raised these concerns in a February 2026 letter to OpenAI and received no response for months. A letter is a request, not a control; real protection requires enforced technical and procedural safeguards.
  • Every business faces a smaller-scale version of this exposure when a key employee leaves. Most have never tested whether their own offboarding process would actually catch a retained device, lingering system access, or confidential information changing hands during a hiring conversation.
  • Map what needs protecting, verify offboarding actually revokes access immediately, check for stale access before someone leaves rather than after, and confirm with an employment attorney what your non-disclosure and non-compete agreements can practically enforce.
Tags:AI governancetrade secretsdata exposureemployee offboardingIP protectionAI hiringvendor dependencybusiness AIAI decision-makingAI risk
FAQ

Common questions

Does the Apple-OpenAI lawsuit mean I should avoid using OpenAI's products?
Not on the basis of this lawsuit alone. The complaint concerns how OpenAI's unreleased hardware device was allegedly developed, a separate question from whether tools like ChatGPT Enterprise fit your business today. Evaluate AI vendor tools on their own merits: data handling, cost, and fit for your workflow. This case is still contested and unresolved.
My business is small. Does a trade secret risk like this actually apply to me?
Yes, at a smaller scale. Any business with client data, pricing, supplier relationships, or documented workflows worth protecting faces the same underlying exposure when a key employee leaves for a competitor, a client, or their own venture. The controls that matter are not lawsuits, they are offboarding discipline: revoking access immediately, checking for stale access regularly, and knowing what a departing employee could realistically take with them.
Are non-disclosure agreements enough to protect my business's confidential information?
An NDA is a legal deterrent and a basis for a claim after the fact. It does not stop someone from keeping a device or retaining system access, which is part of what Apple alleges happened here. Enforceability of NDAs and non-competes also varies by state and role. Pair any agreement with operational controls: immediate access revocation, verified offboarding checklists, and periodic checks for accounts that should have been closed but were not.

Make better AI decisions, starting with one call.

Book a free AI Fit Call. We will tell you what to use, what to avoid, and where to start. No jargon, no pressure.