Skip to content

Apple v. OpenAI: What It Means for You Using ChatGPT at Work

Apple just sued OpenAI over alleged trade secret theft. Here's the practical playbook: audit your ChatGPT usage before your employer does it for you.

8 min readBeginner

The #1 mistake people are making with the Apple v. OpenAI story that dropped today: reading it as celebrity gossip between two tech giants. It’s not. It’s a warning shot to every knowledge worker who’s ever pasted something “just to summarize this real quick” into ChatGPT.

The lawsuit landed July 10 in the Northern District of California, and the internet has spent the day arguing about Jony Ive and Sam Altman. Fine. But if you use AI at work – and you do – the more useful question is: if my employer ran the same investigation Apple just ran, would my ChatGPT history make me look like Chang Liu? That’s what this tutorial is for.

What actually happened (in one paragraph, then we move on)

Apple filed suit Friday against OpenAI over alleged trade secret theft and breach of contract, saying the misconduct was directed by OpenAI’s senior leadership, including Chief Hardware Officer Tang Tan. The two named individuals are Tan and former Apple engineer Chang Liu. Per the July 2026 filing, over 400 former Apple employees now work at OpenAI – the suit isn’t about the hiring itself, it’s about what allegedly walked out the door with them. Liu is accused of downloading dozens of confidential hardware files, including technical specifications, engineering presentations, and proprietary data for unreleased products. Read the full complaint via 9to5Mac if you want the details. We’re here for the takeaway.

The core concept: your prompts are evidence

Here’s the thing tutorials on “how to use ChatGPT at work” almost never mention. When you type into an AI tool, you’re not just talking to a model – you’re creating a discoverable record. Apple didn’t need to hack anyone’s laptop to build this case. They pulled internal messages, exit-interview trails, and (per the filing) documents shared between colleagues. If a similar dispute ever involved you, your ChatGPT history is a subpoena target.

The legal backbone here is the Defend Trade Secrets Act. The DTSA requires that information not be “generally known or readily ascertainable” to qualify as a trade secret – and what constitutes “reasonable efforts” to maintain secrecy gets murky fast when AI tools are involved (Global IP & Tech Law Blog, August 2025). A confidentiality agreement written before 2023 almost certainly says nothing about generative AI. Translation: if you paste your employer’s roadmap into a consumer chatbot, you may have just helped destroy the very legal protection that made it a secret.

That’s the actual lesson buried Currently, news.

The 5-step audit to run on yourself this weekend

Don’t wait for HR to send a memo. This sweep takes 20 minutes.

  1. Check which account you’ve been using. Personal ChatGPT and work ChatGPT are legally different universes. By default, ChatGPT Business, Enterprise, Edu, and the API Platform don’t train on customer data (confirmed in OpenAI’s Enterprise Privacy documentation). Consumer accounts – Free, Plus, Pro – are opt-out, meaning training is on until you flip it off.
  2. Flip the training toggle if you’re on a consumer plan. Your Profile > Settings > Data Controls > “Improve the model for everyone” > switch off. Applies to new conversations only – not retroactive.
  3. Search your chat history for anything you shouldn’t have shared. Client names, unreleased product names, source code, contract terms, salary figures, roadmap dates. Export via Settings > Data Controls > Export data. Then read it like your general counsel would.
  4. Delete what shouldn’t exist – but understand what “delete” means. See the pitfalls section below; it’s uglier than it sounds.
  5. Move sensitive work to an approved tool. If your company has ChatGPT Enterprise, use it. If not, ask. If they say no, don’t use AI for that work – that’s a policy answer, not a technical one.

Pro tip: If your workplace uses ChatGPT Enterprise, assume admins can see everything. OpenAI’s Enterprise Compliance API provides logs of all conversations and custom GPT interactions. That’s a feature, not a bug – and it’s exactly how large employers will investigate the kind of behavior described in Apple’s complaint.

Three pitfalls that trip up smart people

The official privacy page reads clean. Reality is messier.

Trap #1 – The thumbs-up booby trap. You’ve turned off training. ChatGPT gives you a great answer and you hit 👍. Turns out – and almost no guide mentions this – giving feedback re-opts that entire conversation into training. One click undoes the toggle. The OpenAI Help Center states: “Even if you have opted out of training, if you choose to provide feedback, the entire conversation associated with that feedback may be used to train our models.”

Trap #2 – “Temporary Chat” isn’t temporary. The UI makes it sound like Snapchat for AI. The docs are clear, but the interface buries it: temporary sessions don’t appear in your history and aren’t used for training, but the content still sits on OpenAI’s servers for 30 days for abuse detection (as of July 2026). Thirty days. Subpoenable.

Trap #3 – “Deleted” doesn’t always mean deleted. This is the ugliest one. In May 2025, a federal judge ordered OpenAI to preserve every ChatGPT conversation – including ones users had already deleted – pending the NYT v. OpenAI litigation. The preservation order was lifted in late September 2025, and OpenAI resumed normal deletion practices after that. But conversations from the April-September 2025 window remain in secure storage pending the ongoing case (per Bloomberg Law reporting). If you typed something sensitive during that window and hit delete, it’s still there.

Think about that for a second.

Consumer vs. enterprise: what the table actually means

People asked all day whether they should switch AI tools. Short answer: the risk isn’t specific to OpenAI. It applies to any consumer cloud AI product where you haven’t read the data policy. The meaningful split isn’t between vendors – it’s between consumer and enterprise tiers of the same product.

Plan type Trained on by default? Retention baseline
ChatGPT Free / Plus / Pro (personal) Yes, unless opted out Indefinite until you delete + 30 days
ChatGPT Team / Business / Enterprise No Custom policy set by workspace owner (as of July 2026 – check your org’s settings)
OpenAI API (standard) No 30 days, then removed unless legally required to retain (as of July 2026)
OpenAI API with Zero Data Retention No Not logged

The pattern: paying more buys you contractual promises, not stronger cryptography. The data still passes through their servers. The difference is what they’ve agreed in writing not to do with it. That distinction is legally huge and technically small.

What to actually do Monday morning

Three concrete moves that cost nothing:

  • Ask your manager or IT team, in writing, which AI tools are approved for which data classes. Get the answer in email. That email is your defense if anything ever gets weird.
  • If you’ve been using a personal ChatGPT account for work stuff, stop today. Not “soon.” Today.
  • Before you paste something, ask yourself: would I paste this into a Slack channel with 400 strangers? If no, don’t paste it into an AI you don’t control.

FAQ

Does turning off training make me safe?

No. It stops future conversations from feeding the model. Doesn’t delete anything already shared, doesn’t override company policy or NDA obligations, and doesn’t protect you from the thumbs-up trap described above.

What if I already pasted something sensitive months ago – am I in trouble?

Probably not, for most people. But the Apple filing shows companies build these cases from internal messages on your employer’s systems – not from an OpenAI leak. The risk is usually on your side of the fence. If something is genuinely worrying, talk to a lawyer before talking to HR. And if the content was shared between April and September 2025, be aware that “deleted” chats from that period may still exist (see Trap #3).

Isn’t this just tech news? Why should I care about a lawsuit between two companies?

Because the legal argument at the center of it – that trade secret protection depends on “reasonable measures” to keep information confidential – applies to your employer too, not just Apple. Every time an employee pastes proprietary information into an unapproved tool, the company’s legal position weakens. That’s not speculation; it’s how the DTSA works. The Apple case is going to become the template other companies cite when writing AI acceptable-use policies. Based on the pattern after every major IP case in tech, expect stricter AI policies at your workplace within the next six months – and expect those policies to ask specifically what you’ve been doing on personal accounts.

Next step: Open ChatGPT right now. Settings > Data Controls. Look at what’s toggled on. Fix it. Then export your chat history and skim it. Twenty minutes today saves an awkward conversation later.