Three Engineers, One Data Pipeline: The Google Trade Secrets Case and the Security Theater We Keep Funding
United States – February 23, 2026 – Three Silicon Valley engineers allegedly siphoned Google secrets to Iran, and the real scandal is the system that made it easy.
The courthouse air always smells like bleach and denial. Fluorescent light. Stale coffee. Printer paper stacking up like receipts nobody wants to sign. In the glass-walled boardrooms that built Silicon Valley, executives keep chanting the same hymn: trust us with everything.
This week, federal prosecutors snapped that hymn in half.
Three Silicon Valley engineers indicted over alleged Google trade-secret theft tied to Iran
Federal prosecutors say a grand jury indicted three San Jose engineers: Samaneh Ghandali, her sister Soroor Ghandali, and Samaneh’s husband Mohammadjavad Khosravi. The charges include conspiracy to commit trade secret theft, theft and attempted theft of trade secrets, and obstruction of official proceedings. Prosecutors allege they used jobs at major mobile-processor companies to pull confidential files, move them through unauthorized platforms and personal devices, and transfer some materials to Iran. They were arrested and appeared in federal court in San Jose. If convictions land, the maximum penalties can stack into decades.
Google says it detected suspicious transfers, revoked access in August 2023, and fired Samaneh Ghandali in September 2023 after internal monitoring flagged the activity. The indictment also alleges cleanup efforts: false affidavits, destroyed records, searches about deleting messages, and the low-tech workaround that still beats a lot of “controls”: photographing a screen because logs cannot tattle on a camera roll the same way.
Prosecutors also allege that before a December 2023 trip to Iran, Samaneh Ghandali photographed trade-secret material displayed on Khosravi’s work computer. While in Iran, a device linked to her accessed the images, and Khosravi accessed additional company trade-secret information. If you are looking for the plot, it is sitting right there in metadata.
Translation: “trade secrets” means the rules of the money machine
Translation: in a case like this, “trade secrets” is not a cute recipe card. It is intellectual property that decides who gets to gatekeep the next decade of compute: chip design, cryptography, processor security, hardware security architecture.
We are told, constantly, that the private sector will guard the crown jewels better than the public sector ever could. Here is the daylight version: the crown jewels live in a workplace. Workplaces have people. People have incentives, pressure, fatigue, ideology, greed, desperation. Pick your cocktail.
And the irony is brutal. This is allegedly about security and cryptography-related information. Yet the alleged methods include moving hundreds of files through third-party platforms and bypassing monitoring with literal photographs. If your security model collapses when someone uses a phone camera, what you have is compliance cosplay.
Here is the mechanism: speed-first culture makes soft targets
Here is the mechanism: Big Tech concentrates power, treats security like a cost center, and sells the illusion of airtight control. Real security is friction. Real security says no. Real security breaks deadlines and irritates executives. So security gets “balanced” against “business needs” until it becomes a slide in a quarterly meeting.
That is why this case is bigger than three defendants. It is a diagram: enormous internal access, massive document ecosystems, and a reflex to keep the assembly line moving. When something goes wrong, companies point to “bad actors” like the system was not designed to grant broad access in the first place.
Follow the money: panic is a product
Follow the money: when cases like this hit the wires, the same ecosystem lines up at the committee hearing microphones. Contractors. Compliance vendors. “Insider threat” software. Security consultancies with glossy PDFs. The pitch is always the same: buy more tools, expand workplace surveillance. The price tag grows. The accountability does not.
The quiet part is that Big Tech wants it both ways: maximal internal openness when it accelerates product development, maximal internal policing when it protects the brand. Privatize the gains. Socialize the costs. If there is a breach, it is an employee problem. If there is a monopoly profit stream, it is an innovation miracle.
We should let the courts do their work. We should also stop confusing prosecution with prevention. Prevention is regulation, antitrust, audits that bite, real standards with penalties, and workers with the power to say no when management tries to turn safety into a shortcut. If you want fewer scandals, you do not just prosecute the leak. You change the machine that rewards the leak.