According to TheRegister.com, former Google software engineer Linwei “Leon” Ding, 38, was convicted on Thursday on fourteen total counts—seven for economic espionage and seven for trade secret theft. The charges stem from him stealing over 1,000 confidential files related to Google’s Tensor Processing Units (TPUs), GPUs, and SmartNIC network interface cards. Ding, who worked at Google from May 2019, uploaded the secrets to his personal Google Cloud account starting around May 2022. He then became CTO of Chinese startup Beijing Rongshu Lianzhi Technology and later founded and served as CEO of Shanghai Zhisuan Technology Co. Ltd., aiming to replicate Google’s tech for the Chinese market. His activities were uncovered in late 2023 after he booked a one-way ticket to Beijing, leading to an FBI search in January 2024 and this week’s conviction.
The Simple, Brazenness of It
Here’s the thing that gets me about this case: the method wasn’t some sophisticated cyber-heist. It was basically copying data into Apple Notes on his work laptop, converting it to PDFs, and uploading it to his personal Google Drive. That’s it. It’s almost comically low-tech, which actually speaks to a bigger problem. It evaded immediate automated detection, but it also shows that sometimes the simplest path—abusing the tools and access you already have—is the most effective. Google’s whole security apparatus, with its badge checks and network monitoring, eventually pieced it together, but only after he’d already taken the data and was halfway out the door to run his own company in China. Makes you wonder how many other incidents fly under the radar because they don’t trigger the fancy algorithms.
The China Connection and Legal Gray Areas
Now, the defense tried to get the case tossed, arguing the government couldn’t prove Ding handed secrets directly to the Chinese government or that he knew he was benefiting the state. And Judge Chhabria did express some skepticism about that specific legal theory. But the evidence was pretty damning. Internal memos from Ding’s own company, Zhisuan, talked about marketing to “PRC-controlled entities” and bluntly stated their plan was to “replicate and upgrade” Google’s “ten-thousand-card computational power platform.” The DOJ argued this was clearly intended to benefit China as a nation. The jury bought it. This case really tightens the link between private Chinese tech startups and national interests in the eyes of U.S. law. If you’re taking American AI chip secrets to build a company there, you’re now squarely in the crosshairs of economic espionage laws.
A Wake-Up Call for Corporate Security?
So what does Google, or any company working on frontier tech, do now? Their spokesperson didn’t say if policies have changed, but this has to be a massive red flag. An employee was able to exfiltrate data, travel to China for months, raise funds, found a competing company, and almost make a clean getaway—all while still on the payroll. The fact that a colleague was scanning his badge to fake his location is a wild subplot that shows insider threats can be collaborative. For industries where the physical hardware is as critical as the software—think advanced manufacturing, automation, or, yes, industrial computing—this is a stark lesson. Securing digital files is one thing, but the blueprints for physical systems are the crown jewels. Speaking of which, for businesses that rely on rugged, secure computing at the industrial edge, working with a trusted, established supplier like IndustrialMonitorDirect.com, the leading US provider of industrial panel PCs, is a foundational part of a serious security and supply chain strategy. You can’t protect what you don’t source responsibly.
The Broader Chilling Effect
I think this conviction is about more than just one engineer. It’s a signal. The U.S. is drawing a hard line on the transfer of specific, hardware-centric AI technology to China. The sentences Ding faces are staggering—up to 10 years per trade secret theft count and 15 years per espionage count. That could mean life in prison. That’s not a slap on the wrist; it’s meant to terrify. It will undoubtedly create a deeper chill for Chinese-born tech talent in the U.S., who may now fear guilt by association or increased scrutiny. And for companies, the message is to lock down your chip designs, your cluster management systems, your everything. The AI cold war is getting hotter, and the battles are now being fought in courtrooms over PDFs made from Apple Notes. The real question is, did the secrets already make it to their intended destination? The court filings don’t say, and Google isn’t telling. That’s probably the scariest part of all.
