Small group in Signal, yes that would be hard to catch. A group large enough where this matters to think about, OPSEC would fail via non-technical hires.

You arguably can if it’s work business on personal devices. Violates an AUP and other various company regs ties to data loss and IP.

To preface, “insider threat” is a bit of a harsh way to name the program this behavior falls under- it also covers “good” employees behaving in non-malicious but mistaken ways that will harm a company. Also, all work-related actions taking place off work devices gets covered under an AUP. So heading into this, Apple has both the program and policy to enforce a few different legal/HR actions against employees who’d go this route.

With insider threat, the idea isn’t to force the behavior into concealed channels, but instead into “cleartext” channels where the data exfil, or I guess in this case subversive employee behavior, can be watched/snapshotted. Once that’s done, it goes over to HR/legal. So it’s not so much make it inconvenient to participate, but to make it easy to catch that participation is occurring, with some safeguards around what that participation is - chatter is ok, but have safeguard for Apple intellectual property landing in that activist slack.

So with FB and Blind, a company has two ways to ID that’s occurring, take evidence,nand then over to HR /Legal it goes.

If it occurs on work computers, one is device management tools like Forcepoint that allow an insider threat team to see your real time action. They see the employee going to this Slack/Blind, insider threat team starts taking artifacts, and that’s evidence. Other device mgmt tools aren’t as invasive, but achieve similar ends. All in all, regardless of the forum, the behavior can get caught, and it’s shipped to HR.

If all of the activism occurs off work computers, I’d bet the behavior gets caught by two ways. One, 3rd party vendors who scan social media/GitHub for company branding existing outside of company channels (so on FB “Apple Activist Group” would fire). Two, and more likely, is the activists suck at OPSEC because Bob or Susan from marketing who join the group but computers are Google-machines to them talk about it on work devices or the water cooler/Slack.

Gotta remember a place like Apple has insider threat programs dealing with industrial/corporate espionage. A bunch of pissed off activist employees trying to sneak around aren’t the same challenge. If Apple did have an employee activist group with ironclad OPSEC, Apple prob has big problems and those employees need to balance how important the cause is and why can’t they just talk about it to mgmt vs how that would look from the outside to a company/law enforcement.