It has been three years since Samsung engineers pasted internal semiconductor source code into ChatGPT in April 2023. Reports at the time described three separate paste events, including semiconductor equipment measurement code and internal meeting transcripts. Samsung imposed a temporary ban on generative AI tools in May 2023, then later moved to a more familiar policy: use approved tools only. Almost nothing has changed at the industry level.
What would have to be true for this not to keep happening to your company?
The Samsung incident was not a one-off
The Samsung case still matters for a simple reason. It was the first widely reported corporate AI trade-secret leak, and it exposed a control gap most security teams still have.
An engineer trying to debug code pasted proprietary logic into a public LLM. Another employee shared internal meeting material. A third submitted code tied to semiconductor process work.
Different users. Different tasks. Same failure mode: sensitive material left the browser and landed in an external model endpoint because nothing stopped it.
That is not a training issue. It is not a policy wording issue. It is a systems-design issue.
Back in 2023, many teams could plausibly say prompt-layer controls were immature. Traditional DLP watched email, endpoints, and sanctioned SaaS. It did little when an employee copied 200 lines of source code into ChatGPT, Copilot, Gemini, or Claude inside a browser tab. In 2026, that excuse has expired.
The legal standard is moving against you
If your business depends on proprietary code, product plans, models, pricing, or deal documents, the relevant question is no longer whether an employee might paste them into an LLM. They will. The question is whether you took reasonable steps before it happened.
In the EU, Trade Secrets Directive (EU) 2016/943 Article 4(2) turns on whether the holder took steps under the circumstances to keep the information secret. Courts do not need science fiction here. If your engineers regularly use browser-based AI tools and you have no control at the prompt layer, your claim that the material was protected starts to look thin. By 2026, failing to deploy prompt-layer controls increasingly fails the reasonableness test.
In Korea, the analysis is not kinder. PIPA Article 28 requires safeguards for personal information handling. PIPA Article 28-2 addresses overseas transfer. If an employee pastes code, customer data, or meeting notes into a US-hosted LLM, that is a transfer event by most readings.
Sometimes the payload is "just code." Sometimes that code contains names, credentials, customer identifiers, comments copied from tickets, or data extracts left in test files. Security teams know how this goes.
The legal risk is not confined to privacy. Trade secret status can be damaged by weak controls. Confidentiality obligations in customer contracts can be breached. Privilege can be put at risk in legal and diligence workflows. If you need a concrete legal example on the privilege side, this breakdown of law firm privilege waiver risks with ChatGPT is worth your time.
The leak types that keep showing up
Since 2023, the public examples have fallen into recurring categories.
First, source code. Samsung is still the reference case because the leaked material reportedly included semiconductor-related source code and measurement logic. This is the easiest leak to rationalise internally. The engineer is under deadline. The model gives decent debugging help. The paste happens in ten seconds.
Optimize this CUDA kernel for memory bandwidth: [200 lines of proprietary inference engine code]Second, internal financials. Companies have learned the hard way that staff paste forecast decks, board material, pricing notes, and restructuring scenarios into LLMs for summarisation and translation. That creates confidentiality risk immediately.
Translate these board meeting minutes for our German subsidiary — keep the discussion of the Q3 layoff scenarios intact.Third, M&A material. Due diligence reports, integration plans, target-company analyses, and deal models now get fed into public models by strategy teams, corp dev, bankers, consultants, and outside counsel. Public reporting since 2023 has made clear that sensitive deal material does find its way into these tools.
Summarise this technical due diligence report on TargetCo — list the integration risks.These are not edge cases. In real audits, these categories show up quickly because they map to the highest-value work your people do under time pressure.
What changed since 2023, and what did not
One thing changed. The market now has browser-layer controls that can inspect prompts before they leave the device, classify risk, block high-risk pastes, and log redacted events for review. That capability barely existed when Samsung happened.
One thing did not. Most companies still rely on policy plus vendor settings plus a little wishful thinking.
That stack is not enough.
Vendor admin controls help if everyone uses the approved tenant, every workflow stays inside managed tools, and nobody pastes sensitive content into an unsanctioned tab. That is not how real teams work.
Engineers compare outputs across tools. Consultants use client environments and personal browsers. Execs forward material to themselves and ask for a quick summary at 11:40 p.m. The browser is still the choke point, whether your procurement team likes it or not.
This is why CASB does not save you from prompt leakage. Different problem. Different control surface.
Structural changes that would prevent the next Samsung
Priority one: inspect and stop prompts in the browser before submission.
You need a control that sees what a user is about to paste into ChatGPT, Copilot, Gemini, or Claude and can block source code, financial data, deal documents, credentials, and regulated data before transmission. Not after upload. Before. Logging the redacted event matters too, because you need evidence without storing the raw secret again.
Priority two: define approved AI use by data class, not by tool list.
"Use approved tools only" sounds responsible and usually collapses on contact with reality. Your policy should say what may never be pasted into any external model, what may be used only in enterprise tenants with contractual controls, and what is acceptable with monitoring. Source code repositories, board minutes, and target-company diligence should be classified explicitly.
Priority three: make incident response assume prompt leakage will happen.
If a developer or consultant sends confidential material to an external model, your response clock starts immediately. You need containment steps, legal review, vendor escalation, and a decision tree for notification. Trade secret and privacy analysis move fast when data crossed borders. If you need the operational version, start with the 72-hour AI incident response playbook.
The point is not to ban useful tools and pray. That was the 2023 move. It did not hold then, and it does not hold now.
The point is to close the structural gap that made the Samsung incident possible in the first place.
Three years on, the facts are plain. Employees paste secrets into LLMs. Article 4(2) of Directive 2016/943 expects reasonable steps. Korea PIPA Article 28 and Article 28-2 make cross-border handling hard to ignore. Browser-layer prompt DLP now exists. "We didn't have the tools" is no longer a defense.
Find out what your engineers and consultants are pasting today; a 7-day Prytive audit puts the data on the table.