Case Overview
A U.S. federal jury in San Francisco convicted former Google software engineer Linwei Ding of stealing confidential AI supercomputer data and providing it to Chinese technology companies. The trial, lasting 11 days, resulted in seven counts of economic espionage and seven counts of trade secret theft.
How the Theft Was Executed
Between May 2022 and April 2023, Ding downloaded more than 2,000 pages of internal AI‑related documents and uploaded them to his personal Google Cloud account. He maintained undisclosed affiliations with two China‑based firms, even negotiating a Chief Technology Officer role at one of them.
- Did not disclose foreign affiliations or travel to China.
- Asked a colleague to scan his entrance badge to make it appear he remained in the U.S.
- Used personal cloud storage to exfiltrate data, bypassing Google’s monitoring tools.
Legal Outcomes
Each of the 14 counts carries a potential sentence of 10–15 years. While convictions have been handed down, sentencing has not yet been announced.
Implications for Corporate Security
The case highlights several emerging risks for organizations that develop or host advanced AI systems:
- Insider threats targeting high‑value AI assets.
- Use of personal cloud accounts to evade corporate data‑loss‑prevention (DLP) controls.
- Undisclosed foreign affiliations that can facilitate economic espionage.
Recommendations for CISOs
To mitigate similar threats, security leaders should consider the following actions:
- Implement strict DLP policies that monitor uploads to personal cloud services.
- Require regular disclosure of external affiliations and foreign travel for employees with privileged AI access.
- Deploy behavior‑analytics tools to detect anomalous data‑access patterns.
- Conduct periodic insider‑threat training focused on AI and high‑performance computing environments.
- Establish a “zero‑trust” data‑access model that limits the amount of data any single user can retrieve.