What happened
In March 2023, Samsung’s semiconductor division allowed engineers to use ChatGPT to help with their work. Within about twenty days, sensitive company data left the building three separate times, each through an ordinary, well-intentioned request.
In one case, an engineer pasted source code from an internal semiconductor database into ChatGPT to ask for help fixing an error. In another, an employee submitted code related to equipment used on the production line. In a third, someone fed in a recording of a confidential internal meeting, converted to text, and asked the chatbot to turn it into minutes. None of these were malicious. They were the kind of small efficiency that an AI assistant invites. But each one sent proprietary information to a third party’s servers, where, by Samsung’s own concern, it could be retained and might surface in future answers to other users.
The problem with submitting data to a service like this is that you cannot un-submit it. There is no recall. By May 2023, Samsung had banned the use of external generative AI tools on company-owned devices and internal networks, and warned that staff who breached the policy could be dismissed. The leaked material stayed where it had gone.
What an auditable version would have shown
After an incident like this, leadership needs to answer a specific question: what, exactly, left, and how much of it. Samsung knew of three incidents because they came to light internally. What it could not easily know was whether those three were the only three, because nothing was systematically recording what staff were sending out and where.
An auditable version would record, at the point data leaves the organisation, what category of information it was, where it was going, and on whose action. The aim is not to read over everyone’s shoulder, but to make the boundary itself legible: to be able to say, with evidence, how many times sensitive code or confidential documents were sent to an external model, and to catch the pattern as it happens rather than after the third time it makes the news.
Where the gap was
The gap was that confidential information could leave the trust boundary with nothing standing in its way and nothing keeping a record that it had.
An EgressGate is the control for precisely this: it runs where data would leave, classifies whether the content is sensitive, and checks whether the destination is inside the trust boundary. Source code from an internal database, bound for a public chatbot, is sensitive data crossing the boundary, and the gate’s job is to stop it, or at least to record and flag it. A ConductRecord then preserves each of those decisions, so the organisation can measure the exposure instead of discovering it.
Samsung had a policy written in words, arrived at after the fact. What it lacked beforehand was a control at the boundary and a record of what crossed it.
What governance should have looked like
The lesson of Samsung is not “ban the tools”. Banning generative AI outright is a blunt response that mostly drives the same behaviour onto personal phones, where there is even less oversight. The better answer is to govern the boundary.
Sensitive categories of data, source code, customer records, confidential documents, should be recognised at the point they would leave, and either blocked from going to external models or allowed only through sanctioned, recorded channels. The crossings that do happen should be logged, so the organisation can see its own exposure and act on it early. A company that governs egress this way can let its engineers use AI assistants safely and still answer, with evidence, what has left and what has not. A company that relies on a policy memo finds out the limits of memos the next time someone pastes in the wrong thing.
The reference implementation of EgressGate and ConductRecord is open source. It lives at github.com/saffronandindia/headlights-oss, Apache 2.0 licensed and free to install. The repository is public now.
Sources
- Samsung bans ChatGPT and other generative AI use by staff after leak (Bloomberg)
- Samsung threatens to fire employees that leak data to ChatGPT (Fortune)
- ChatGPT implicated in Samsung data leak of source code and meeting notes (AI Incident Database, Incident 768)