Leaked Apple memo details efforts to stop leaks

By

Apple Park1
Apple is cracking down on leaks.
Photo: Duncan Sinfield

Apple issued a stern warning to employees this week about leaking confidential information to the media.

In a leaked memo detailing Apple’s efforts to stop leaks, the company says it caught 29 leakers in 2017. Of those caught, 12 were arrested. Apple told employees they are “getting played” by journalists and bloggers that approach them with flattery in exchange for information.

Apple had one of its worst leaks ever in 2017 after an employee sent out a link to the gold master copy of iOS 11 before it was released. The software contained a number of details about the iPhone X and HomePod before they came out. The memo obtained by Bloomberg reveals the employee was quickly discovered and fired.

Not only could employees be fired for leaking info, Apple says it could make it very hard for them to get hired by other companies. The memo, posted to Apple’s internal site, says that leaks can hurt sales and give competitors a head start on matching features.

Here’s the full Apple leaks memo:

Last month, Apple caught and fired the employee responsible for leaking details from an internal, confidential meeting about Apple’s software roadmap. Hundreds of software engineers were in attendance, and thousands more within the organization received details of its proceedings. One person betrayed their trust.

The employee who leaked the meeting to a reporter later told Apple investigators that he did it because he thought he wouldn’t be discovered. But people who leak — whether they’re Apple employees, contractors or suppliers — do get caught and they’re getting caught faster than ever.

In many cases, leakers don’t set out to leak. Instead, people who work for Apple are often targeted by press, analysts and bloggers who befriend them on professional and social networks like LinkedIn, Twitter and Facebook and begin to pry for information. While it may seem flattering to be approached, it’s important to remember that you’re getting played. The success of these outsiders is measured by obtaining Apple’s secrets from you and making them public. A scoop about an unreleased Apple product can generate massive traffic for a publication and financially benefit the blogger or reporter who broke it. But the Apple employee who leaks has everything to lose.

The impact of a leak goes far beyond the people who work on a project.

Leaking Apple’s work undermines everyone at Apple and the years they’ve invested in creating Apple products. “Thousands of people work tirelessly for months to deliver each major software release,” says UIKit lead Josh Shaffer, whose team’s work was part of the iOS 11 leak last fall. “Seeing it leak is devastating for all of us.”

The impact of a leak goes beyond the people who work on a particular project — it’s felt throughout the company. Leaked information about a new product can negatively impact sales of the current model; give rival companies more time to begin on a competitive response; and lead to fewer sales of that new product when it arrives. “We want the chance to tell our customers why the product is great, and not have that done poorly by someone else,” says Greg Joswiak of Product Marketing.

Investments by Apple have had an enormous impact on the company’s ability to identify and catch leakers. Just before last September’s special event, an employee leaked a link to the gold master of iOS 11 to the press, again believing he wouldn’t be caught. The unreleased OS detailed soon-to-be-announced software and hardware including iPhone X. Within days, the leaker was identified through an internal investigation and fired. Global Security’s digital forensics also helped catch several employees who were feeding confidential details about new products including iPhone X, iPad Pro and AirPods to a blogger at 9to5Mac.

Leakers in the supply chain are getting caught, too. Global Security has worked hand-in-hand with suppliers to prevent theft of Apple’s intellectual property as well as to identify individuals who try to exceed their access. They’ve also partnered with suppliers to identify vulnerabilities — both physical and technological — and ensure their security levels meet or exceed Apple’s expectations. These programs have nearly eliminated the theft of prototypes and products from factories, caught leakers and prevented many others from leaking in the first place.

Leakers do not simply lose their jobs at Apple. In some cases, they face jail time and massive fines for network intrusion and theft of trade secrets both classified as federal crimes. In 2017, Apple caught 29 leakers. 12 of those were arrested. Among those were Apple employees, contractors and some partners in Apple’s supply chain. These people not only lose their jobs, they can face extreme difficulty finding employment elsewhere. “The potential criminal consequences of leaking are real,” says Tom Moyer of Global Security, “and that can become part of your personal and professional identity forever.”

While they carry serious consequences, leaks are completely avoidable. They are the result of a decision by someone who may not have considered the impact of their actions. “Everyone comes to Apple to do the best work of their lives — work that matters and contributes to what all 135,000 people in this company are doing together,” says Joswiak. “The best way to honor those contributions is by not leaking.”