cd /news/ai-policy/the-bad-apple-problem · home topics ai-policy article
[ARTICLE · art-57489] src=thediff.co ↗ pub= topic=ai-policy verified=true sentiment=↓ negative

The Bad Apple Problem

Apple filed a lawsuit accusing former employees of leaking trade secrets to OpenAI, alleging they exploited a bug to access Apple's network and bragged about it. The complaint claims OpenAI's hardware business is built on stolen Apple intellectual property.

read17 min views1 publishedJul 13, 2026
The Bad Apple Problem
Image: Thediff (auto-discovered)

In this issue:

  • The Bad Apple Problem—When someone at a company gets credibly accused of some very bad behavior, it raises the question of how tolerated that behavior is. But the topology of naughtiness means that you can often find a misleadingly rich sample in specific places.
  • Attribution—The closer a marketing channel is to conversions, the more tempting it is to steal credit for those conversions.
  • Market Efficiency—Does passive investing make active investors' jobs harder? Or have active investors just gotten better?
  • Anarcho-Capitalist War—It's very hard to fight a modern war without a centralized government, but governments can learn from market signals.
  • Technical Factors—One of many AI bets is also an N-of-1 bet on lots of different factors.
  • Collateral—Financial engineering, accounting, and cheese.

Talk to this post with Read.Haus.

The Bad Apple Problem #

From time to time, one company will accuse another of poaching its people mostly to steal its intellectual property. These are legally tricky arguments, because there are things that look proprietary within some specialized field, but are actually table stakes there, and you might have literally a few dozen people who can definitely answer this, all of whom know each other and have conflicts of interest. And then some things that strike a layperson as pretty trivial might turn out to be a trick that only an expert could have invented, and that made enough money to pay for that expert's lifetime compensation and then some. Meanwhile, arguing this entails revealing something about the tricks in question: a company's willingness to go to court is, in some sense, inversely correlated with the value of what they're going to court over. The fact that information can be arbitrarily expensive to create and roughly free to copy has all sorts of complicated economic consequences. So it's usually easier to find circumstantial evidence. You don't want the topic to be what they stole if you can talk about how obvious it is that they stole something. Which Apple was able to do quite well in the suit it filed on Friday, accusing multiple former Apple employees of leaking secrets to OpenAI. The main person they accuse:

  • Didn't return their company computer after quitting.
  • Used it to log back into Apple's network, exploiting "a rare, previously unknown authentication bug to access Apple’s shared network folders," and also logged into Apple's network using the device of another Apple employee who still worked there.
  • Joked about it and bragged about it electronically, to someone with an Apple-issued device. (He also suggested communicating on some other medium, but Apple's complaint ominously notes that "To the extent they have not destroyed or concealed this evidence, it will be revealed through discovery.")[1] - Told other former colleagues at Apple how to do the same, coached them on leaking confidential information, and even suggested that they bring prototypes of equipment to job interviews.

It's just very helpful, in litigation, to have someone who says: "I did it, I think that's funny, here's how you can do it and not get caught," and then got caught. And then they throw in:

This is the tip of the iceberg. Apple lacks visibility into what’s been happening behind closed doors at OpenAI, where such misconduct is normalized and exemplified by leadership. This much is clear, however: at every level, from members of its Technical Staff to its Chief Hardware Officer, and in coordination with business partners, OpenAI has been stealing Apple’s trade secrets and confidential information. As a natural result, OpenAI’s nascent hardware business now rests on the shakiest of foundations, rotten to its core by its illegal reliance on misappropriated trade secrets

Which is pretty damning! Apple has a strong moral and legal case here. They also have a business case: they're well aware that hardware companies that hire Jony Ive have an above-average shot at creating one or more of the products that define a category of consumer hardware, and they're also fond of the shock-and-awe approach of introducing a new product that has features competitors will scramble to replicate. So they obviously don't want OpenAI to be able to launch the same thing a few months later, but on a meta level, it's in their interest to cripple OpenAI's ability to do the same thing to them, i.e. develop some hardware product so good that everything else gets compared to it, and it sets the minimum feature requirements in its category.

So Apple's incentive was probably to wait a bit, see how much incriminating information they could get, and then sue in a way that makes cheating look completely pervasive, so OpenAI will struggle to raise money, license sensitive hardware IP, or hire even from outside of Apple. If Apple has the choice between catching one person stealing company files, or waiting until there's an established pattern, they'll wait.

But it's often easy to overestimate how pervasive some behavior is within a large organization by zooming in on one team. People who don't adhere to some social norm have a way of finding each other—the existence of the illegal drug business implies that customers are better at finding dealers than cops are, political dissidents tend to find other political dissidents, and the givers and recipients of bribes and kickbacks seem to find each other, too. [2] And while crime doesn't pay that well, breaking the rules in some situation where other people are following them can scale

reallywell.

A team that's filching designs and manufacturing techniques from their best competitor is going to look really productive, which is compatible with both a culture where this goes right to the top and a culture where they're taking advantage of the assumption that there's no way anyone would do that.

[3]But there's also a cultural difference to keep in mind. Apple is quite secretive; a Quora comment years ago claimed that you sign an NDA about a fake project code name in order to get permission to sign an NDA that references the real code name. They're willing to use litigation to pursue their interests: they literally sued their ex-CEO for stealing trade secrets (though that was a long time ago, and that secretiveness and willingness to throw white-collar elbows has a lot to do with the fact that the CEO they sued came back to run the show). Social norms vary based on how enforceable they are, and in much of the tech industry, the combination of transferable skills, dense social networks, and the absence of noncompetes means that the default assumption is that people, and the ideas in their heads, are mobile. The harder it is to enforce a rule, the less likely that rule is to even be applied. [4] The result is that NDAs have more theoretical legal force than practical effect on behavior. As Apple demonstrates, a different equilibrium is possible, but, as this lawsuit demonstrates, that equilibrium creates some incredible temptations. Apple basically designed an organization that would generate as many valuable secrets as possible, which, unfortunately, created an incentive to steal them.

That culture gap also creates a what-the-hell effect, where, once you've violated some technical provision of your NDA, you go a lot further. It's not uncommon for people to say a little bit more than they're supposed to about their earlier work—not wholesale leaking of trade secrets, just "Oh, we tried that, and it didn't work," or something relatively innocuous. And if someone's used to a completely airlocked, need-to-know-basis, multi-layered-NDA organization, they might decide, with a healthy dose of motivated reasoning, that the alternative is total anarchy. Apple wouldn't pay lawyers to draft so many elaborate contracts if they didn't think people would violate them. Therefore: people violate them. Therefore: I will violate them. This is not at all advisable as a line of thinking, and at its most charitable involves heavy outsourcing of important moral judgments. But it's a real phenomenon that gets people into trouble (typically in their freshman year of college) when they see that the rules have been relaxed and conclude that all rules have been abolished.

Internally, companies can sometimes have a surprisingly wide range of acceptable behavior. There are companies that mostly play it straight and have a few high-profile problem employees. And then there are cases like Enron, where multiple billion-dollar franchises were created by their clearly-talented alumni, even though the company was net-crooked. [5] It's just hard to avoid this kind of variance, and as with many reputational issues, as a company gets bigger, its goal is to reduce the variance in all of this: a big company captures all of the downside from breaking the rules, but proportionately less of the upside. While there's still variance within companies, a lot of it takes the form of compliance

scrupulosity. Eventually, and painfully, companies get too big and boring to run into a scandal like this. And it is very much a scandal! Unless Apple is actively fabricating things, they have ample evidence of a culture of intellectual property theft, at one department of an indirect competitor. But that's exactly the kind of problem growing companies can miss: if their norms take a while to catch up to their current size, then the faster they grow, the more likely—and less representative—it is that something like this will slip through.

Incidentally, one of the best measures of how good a company is at compliance is to see how long it takes after you send a message suggesting talking on some other platform before you get a brusque call from the compliance department telling you to step away from your machine before explaining exactly what you were up to. Saying "let's chat about this on Signal" is slightly more suspicious than saying "In our capacity as employees of this company, let's commit the following felony..."

↩︎These markets don't always clear. The famous case is rentahitman.com, a parody site that tries very hard to be clear that it's a parody site and that will periodically forward an email to law enforcement. Presumably the more serious criminals do more business face-to-face.↩︎The Diffhas made this point a few times in the context of spam, but it works in other contexts, too: a scalable way to abuse some system will create statistical regularities. Withdrawing $100,000 in cash is going to raise eyebrows and your bank and get reported, but if you decide to be clever and do it in $9,000 increments, you're probably not going to get to $100k. You'd think that this would be pretty easy to figure out—surely as soon as someone floated the reporting threshold, it was the first question they got! And yet,even people with extensive legal experiencehave been tripped up by this.↩︎One way you can this is in the history of taxation. If the early US had tried to impose an income tax—good luck! If transactions don't necessarily leave a record and sometimes happen in-kind—not just barter, but farmhands and servants being paid partly in room and board—collecting taxes is a nightmare. Better to focus on tariffs, because there are only so many places to unload cargo, and they can be monitored, and ships and shipments are valuable enough to leave some kind of paper trail for auditing.

↩︎An imprecise, binary measurement: after the fact, a company was net-honest if they managed to paper up early inconsistencies long enough that the books eventually balanced and everything was fine: they did an amount of lying that was, in retrospect, credit expansion, but they didn't default. That company is still a little fraudy, but not a fraud. And companies can outgrow this: some of today's upstanding neoclouds used to be in the trickier business of mining crypto, i.e. giving investors restricted to the equity market access to crypto. Or there's Luckin Coffee, which was faking sales at what turned out to be a pretty good coffee business that didn't need to fake things, not to mention the various now-respectable businesses (Cheniere, Texas Instruments, WPP) that went public by doing a reverse-merger with some company that had minimal business operations and whose main asset was an exchange listing.

↩︎ You're on the free list for * The Diff*. Last week, paying subscribers read about

the ghost-in-the-finite-state-machine design pattern, an increasingly common way software products integrate AI($);

[thoughts on momentum and going on tilt](https://www.thediff.co/archive/nomentum/)($); and

[the question of when we'll get an art form unique to AI rather than AI-enabled scaling of existing forms](https://www.thediff.co/archive/has-ai-art-been-tried/)($). Upgrade today for full access.

[Upgrade Today](#/portal/signup)

Diff Jobs

Companies in the Diff network are actively looking for talent. See a sampling of current open roles below:

  • Series A, ex-Navy defense firm building AI-enabled drone defense systems is looking for an electrical engineer with range: schematic design, electrical simulation, printed circuit board (PCB) design, and firmware development in high performance languages (C++, Rust, etc.) If you’re interested in power and control systems for mission critical technology, this is for you. (Austin, TX)
  • A startup building a new financial market within a multi-trillion dollar asset class is looking for a data scientist with commercial financial experience. (if you’ve been an investor but are newer to the data side, that’s great too.) (NYC)
  • Lightspeed-backed team building the engineering services firm of the future is looking for founding members of technical staff excited about working alongside civil engineers to translate their domain expertise into the operating system that powers the next era of great American infrastructure. If you’re an engineer with strong product intuition, who's energized by access to users, and excited by the prospect of transforming how we design and construct our built world with frontier AI, this is for you. (NYC, SF or Remote)
  • AI Transformation firm with an ambition to build an economic world model to run swathes of the private, unstructured economy is looking for FDEs, Platform Engineers, and business generalists who understand how to solve problems.
  • Well-funded, frontier AI neolab working on video pretraining and computer action models as the path to general intelligence is looking for researchers who are excited about creating machines that learn from experience, not text. Ideally you have zero-to-one pre-training experience and/or are a high-slope generalist who’s frustrated that the big labs aren't doing this. (SF)

Even if you don't see an exact match for your skills and interests right now, we're happy to talk early so we can let you know if a good opportunity comes up.

If you’re at a company that's looking for talent, we should talk! Diff Jobs works with companies across fintech, hard tech, consumer software, enterprise software, and other areas—any company where finding unusually effective people is a top priority. And: we're now actively deploying capital into early-stage companies through Anomaly. Our focus is on defense, logistics, robotics, and energy. If you'd like to chat, please reach out.

Elsewhere #

Attribution

On the topic of how vague some of the moral boundaries in business can be (but also how clear it can be that someone has transgressed them!): Phia, a startup founded by Phoebe Gates (as in, daughter of Bill) has been accused of sneakily taking credit for purchases via cookie stuffing. Basically, users of her company's browser extension could see discount codes on products, but also if they bought something from a site that offered such discounts, the extension would try to open a new tab that would give Phia credit for driving the referral. Affiliate marketing is in one sense perfectly incentive-aligned, in that it only pays for marketing that directly drives sales. In another sense, it's misaligned because that creates a huge incentive to capture credit. (The fact that it's a better fit for a company that doesn't have any independent source of distribution, such as brand loyalty, gives a sense for where this model works best.) Affiliate marketers are constantly pushing the limits of this: more than a decade ago, this was the short thesis for RetailMeNot ($, WSJ): they were getting credit for sales that they hadn't actually driven. In the RetailMeNot case, it was more a matter of SEO and market inefficiencies: people would start buying products, search for coupons, and find RetailMeNot's, giving the company credit for transactions that were going to happen anyway. This case is more aggressive, with the company directly taking credit. And it's less clear what they'll do about it: Phia's response references "a subset of users," which could refer to anything from a small fraction of users who were part of a small A/B test, but could also refer to every single Phia user who made a purchase over the time period when the attribution hijacking was happening. Affiliate marketing is partly a business of figuring out how to get the most customers for someone, and partly a business of figuring out just how well you can get away with taking credit for the customers they would have gotten anyway. That's directionally true of every kind of marketing, but affiliate is the one for which the incentives are most skewed.

Market Efficiency

A recent paper argued that the shift from active to passive management does, as passive skeptics have long argued, distort performance (a shift from active to passive entails selling what active investors tend to like and buying more of what they underweight). But there's an argument against that, which is that active investors' returns have gotten worse as the field of active investors has been winnowed ($, FT). A nice synthesis of this is that one hit to big, long only investors' returns over time has been the rise of shorter-term funds that specialize in predicting how big funds will change their opinions over the next few weeks or months. For fast-money funds to earn their fees, they need to predict when a big investor will make a big trade and stick with it. In one sense, this adds more liquidity around just the names that a big investor might be most likely to change their mind about. But in another sense, it's another case of some kind of alpha being mostly captured by the liquidity provider.

Anarcho-Capitalist War

I once read a fun economics essay on how an anarcho-capitalist system might handle a war, and while I remain unconvinced that anarcho-capitalism is the best way to do that, it was thought-provoking. As transaction costs evolve, the ways in which military action can follow market incentives evolve unpredictably: this essay on why Ukraine has been so successful notes that they use a market-like system for allocating drones: their confirmed kills can be redeemed for new equipment, ensuring that it's in the hands of whoever is using it most effectively.

Technical Factors

Shares of SK Hynix are up 173% so far this year, including a 15% drop for the Korea-listed shares overnight. A pretty big swing for a megacap! But it's also a noisy one, because there's more than one SK Hynix trade: there's the AI bet that's driven the stock so far this year, but there's also a bet on a) how much more valuable the company is with a US listing, and b) what the long-run gap between the US and Korea-listed stock will be. The Diff has argued before that a US-listed version is more valuable, since the US has deeper capital markets and more of the sentiment-changing flow of news and opinion happens during US trading hours; the future gets built on Pacific time and then analyzed on Eastern time, but people with market-facing jobs show up to the office early, and West Coast workers roll in a little later so the coasts are pretty synchronized. There are plenty of suggestive precedents for how listing on a new exchange affects prices, but fewer where this coincided with a massive run in the stock.

Collateral

An Italian dairy has borrowed €10m backed by aging cheese. This is one of the most natural financing arrangements imaginable: a dairy is probably better at managing cheese than managing a big balance sheet, but if they have to age their inventory before selling it, they'll have a lot on their balance sheet. This deal is partly the result of a change in Italy's regulations that allows companies that borrow this way to move the asset and liability off their balance sheet. Which actually makes economic sense, too: companies should generally try to specialize at some particular pace; they can think in terms of shifts, quarters, years, decades, etc., but their key decisions tend to get made at one of those resolutions. If they can separate two very different ones&dmash;the manufacturing and sale from the much slower-moving aging process—it's a case of financial markets enabling specialization, and of accounting that reflects quirky features of reality.

── more in #ai-policy 4 stories · sorted by recency
── more on @apple 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/the-bad-apple-proble…] indexed:0 read:17min 2026-07-13 ·