A Supplier Found Your Trade Secret in Their AI Logs
Your supplier's engineer used an AI assistant to analyze the tolerance specification you shared last Tuesday. He pasted it in to speed up a procurement review — a ten-minute task instead of an hour. The analysis came back accurate and useful. The specification is now in a log on US cloud servers, subject to US federal law, potentially encoded in a model that a competitor's engineers will use to inform their own design process. Your NDA covers your supplier. It says nothing about the AI provider that ingested the data.
After the engineer finishes the analysis, the specification doesn't disappear from the AI system's infrastructure. Under the terms of service that govern most consumer and enterprise AI deployments, query content may be used to improve the model. Even when a DPA restricts training, the data flows to cloud infrastructure under the jurisdiction of US law — including the CLOUD Act of 2018, which lets federal agencies compel any American company to produce data stored anywhere in the world, without notifying the organization whose data it is.
---
The Mechanism Is Specific
Samsung's engineers pasted semiconductor source code, test sequences, and internal meeting notes into ChatGPT three times over a single month in April 2023. Bloomberg and TechRadar documented the incidents. OpenAI confirmed the data was permanently ingested. Samsung responded by banning ChatGPT internally. The ban arrived after the source code was already on external servers, encoded in infrastructure Samsung does not control and cannot audit. For a chipmaker where a single process innovation represents years of R&D, that sequence — paste, discover, ban — produces no recovery.
77% of employees paste company data into AI prompts, according to LayerX's 2025 Enterprise Browser Security Report. 82% do so from personal accounts that produce no organizational log and sit outside any DPA the employer has signed. In manufacturing supply chains, this figure applies to people who are not your employees — supplier engineers who work intimately with your specifications, process parameters, and design files. They have legitimate access to your most sensitive technical data. They are not subject to your AI governance policies.
Scale that number: a mid-size manufacturer working with 50 suppliers, each averaging 20 engineers who touch its technical data, represents 1,000 people processing that data with AI tools that have never been assessed. The NDA each supplier signed covers disclosure to third parties. It was written before large language models existed at enterprise scale. Courts will not read AI-specific provisions into contracts that don't contain them.
---
What the Legal Frameworks Say — and Don't Say
ITAR — the International Traffic in Arms Regulations — already applies to defense manufacturing supply chains. ITAR controls the export of defense articles and technical data. A specification pasted into a US cloud AI system by a supplier's engineer in Germany, routed through US infrastructure, potentially constitutes an unauthorized export under ITAR. The US Department of Justice has been actively prosecuting ITAR violations involving technical data on cloud infrastructure, with manufacturing firms as primary defendants. The supplier didn't intend to export controlled data. The AI query infrastructure exported it automatically.
NDA language written in 2019 almost certainly doesn't cover AI data processing. A confidentiality clause prohibiting disclosure to third parties is not read by courts to include disclosure to AI model training infrastructure — the clause addresses intentional disclosure to competitive parties, not incidental processing by software. The Defend Trade Secrets Act — the US federal law protecting trade secrets — requires that trade secret holders take "reasonable measures" to maintain secrecy. A manufacturer that shares specifications with suppliers without AI usage governance clauses may have difficulty demonstrating reasonable measures when those specifications appear in a competitor's product.
EU trade secret law — the Trade Secrets Directive (2016/943) — requires similar evidence of proportionate and reasonable secrecy measures. ISO 27001:2022's supplier relationship controls (A.5.19 and A.5.20) require organizations to assess supplier security practices and include security requirements in agreements. Neither control was designed with AI inference data in mind, and standard supplier security assessments do not ask what AI tools suppliers use with client data.
---
The Inverted Threat Model
Most IP protection programs focus on preventing employees from leaving with knowledge. Invert the threat model for the AI era. An engineer who leaves your organization with process knowledge in their head represents a bounded, detectable risk — you know they left, you can enforce the NDA, you can identify what they knew. An AI model trained on your process parameters encodes that knowledge in a form that is transferable instantly, at scale, to anyone using the same model. The traditional trade secret threat walks out the door. The AI-era threat never announces its departure.
Manufacturers who implemented internal AI bans while continuing to share specifications with ungoverned suppliers have addressed the wrong vector. Internal bans are visible and enforceable. Supplier AI usage is invisible and contractually ungoverned by most current NDA templates. A governance program that restricts AI internally but doesn't audit supplier AI is protecting one room while leaving the rest of the building unaddressed.
Supply chain exposure compounds in ways single-supplier NDAs cannot contain. A specification shared with one supplier reaches every AI tool used by that supplier's engineering team. Each AI system potentially encodes the specification in its training data. The trained capability is available to any user of that AI system — including users at competing organizations. The initial NDA breach, if it constitutes a breach at all, triggers a cascade that multiplies competitive exposure far beyond what the original specification sharing was intended to authorize.
---
Architecture Stops the Data Before It Leaves
Architecturally, the SIA Vault addresses the supply chain IP risk at the data flow level. Technical specifications, process parameters, and design files are stored in the manufacturer's controlled knowledge infrastructure. Supplier AI tools that operate within the sovereign environment can query and analyze that data. External AI systems — the tools a supplier's engineer would use through a personal account or a consumer AI subscription — cannot access the specification because it never leaves the Vault.
When a supplier engineer needs to analyze a specification, the analysis runs in a controlled environment where the data doesn't leave the manufacturer's perimeter. The output — the analysis, the recommendations — comes back. The specification stays in the Vault. The trade secret never entered any external infrastructure. There is nothing to log in an AI provider's training dataset because the query never reached an external provider.
---
Your NDA Covers the Supplier
The NDA covers the supplier. It doesn't cover the AI that read the specification.
Closing the exposure gap requires four specific actions in sequence. First: audit current supplier AI usage — which tools are supplier engineers using when they process your technical data, which of those tools have DPAs, which operate on infrastructure under your jurisdiction. Most manufacturers will find they don't know the answer and have no mechanism to find it. Second: update NDA templates with AI governance clauses — specific prohibitions on passing confidential data to external AI systems, specific requirements for AI tool disclosure, specific obligations around data deletion from AI training datasets. Third: implement sovereign collaboration environments for specifications above a defined sensitivity threshold — the specification lives in your infrastructure, the analysis happens in your environment, the supplier gets the output without the data leaving. Fourth: verify ITAR compliance specifically for defense supply chain data flows through AI — any specification subject to ITAR that has been processed through commercial cloud AI may already constitute an unauthorized export requiring voluntary disclosure.
None of this requires cutting off supplier relationships or banning AI in the supply chain. The objective is that your technical data is processed in environments you control, by tools subject to your governance requirements — the same standard that applies to your own employees' AI access.
---
The Competitive Window Is Shorter Than the Legal Cycle
Manufacturing innovation has a three-to-five year competitive advantage window before competing products appear. AI model training happens continuously. A specification that enters a cloud AI training dataset today can inform a competitor's design process within months, through a route that produces no discoverable IP chain and no litigation record. By the time a manufacturer recognizes the competitive impact, the legal mechanism — reverse engineering from AI-assisted design — may be impossible to prove.
Contractual coverage applies after a breach is discovered and proven. Architectural coverage prevents the breach from occurring. The NDA is necessary and insufficient. The Vault is what makes the specification actually sovereign.
---
The Sovereign Institute publishes the SIA (Sovereign Intelligence Architecture) standard. The SIA supply chain IP governance framework, including NDA AI addendum templates and sovereign collaboration environment specifications, is available at thesovereigninstitute.org.