A couple of things come to mind -
1. Such an event is not really uncommon. There was news a few years back about an AMD employee taking sensitive documents to NVidia, and were sued as well. But most people are a bit smarter about it. I'm not condoning what this person did, but it is extremely difficult to stop a person from stealing information if they are careful not leaving an obvious digital trail. I believe most people just take pictures using a personal camera. Laborious, yes, but virtually impossible to find out or prove without resorting to actual spying. All the company can see is you opened those files in succession. I'm no lawyer, but I assume that if you have legitimate access to them, I really doubt they they can sue you for opening the files for review.
2. Agreeing to spy is obviously immoral and dumb in itself, but let's leave that aside for a second. Just looking at how the person went about it was another level of dumb. The person downloaded stuff to a flash drive. How could a person working at a high tech company not know that anything you do on a work computer is always logged. Even in regular departures, in many companies if anyone working at a level with access to sensitive information leaves, their work computer is always scanned by IT to review what was done in recent weeks. In this case not only was the person working at Apple, which is sensitive to leaks and extremely security conscious, he had to have known the circumstances of his departure will raise flags. Telling your employer you are leaving the country for taking care of parents, and then resigning while out of the country without the regular notice period will be seen as suspicious by any company, let alone Apple. And then there are the online searches. I'm assuming the person did those incriminating searches from their work computer, which is also another dumb thing to do. No way could have Apple known he performed those searches if he did those on a personal device on his home network. Anyone will any small modicum of paranoia will use a VPN, while incognito and on their personal device while on their personal network. Very difficult to find what a person searched without a warrant (if not impossible). Thirdly, I assume they communicated with Oppo on a company provided phone, or a personal phone where they accepted the company's security certificate to get company email etc., which gives them access to your communication. I cannot see how else could have Apple had access to personal communication.
3. The sad part of this affair is that it might impact regular honest Chinese descent workers looking for a job in high tech.