Hacker News new | past | comments | ask | show | jobs | submit login
Engineer says Google fired her for notifying co-workers of right to organize (nbcnews.com)
743 points by danso 36 days ago | hide | past | web | favorite | 715 comments



> Kathryn Spiers, who worked as a security engineer, updated an internal Chrome browser extension so that each time Google employees visited the website of IRI Consultants — the Troy, Michigan, firm that Google hired this year amid a groundswell of labor activism at the company — they would see a pop-up message that read: “Googlers have the right to participate in protected concerted activities.”

So basically, the Google employee added arbitrary javascript to an internal chrome extension used by Google employees that triggered a popup when employees visited a specific website.

And Google fires her with the reasoning:

> “We dismissed an employee who abused privileged access to modify an internal security tool,” a Google spokeswoman said in a statement, adding that it was “a serious violation.”

I'm not at all opposed to Google employees organizing. But injecting javascript into an employer's internal chrome extension does seem like something that warrants some type of action by Google in response...


I agreed with this at first, but according to her medium post ( https://medium.com/@ksspiers/google-fires-another-worker-for... )

"Part of my job was to write browser notifications so that my coworkers can be automatically notified of employee guidelines and company policies while they surf the web"

If this is true and her job is literally to create javascript notifications of company policy, then I think it's entirely reasonable what she did considering it IS company policy (well, law really) that you have a right to organize.

Link to the popup: https://miro.medium.com/max/2000/0*1BTVYLTvuHiJVvp_.jpg


The extension is intended to inform Googlers of applications that are not approved for corp data, not just generic "employee guidelines and company policies." This is so you don't e.g. upload PII into a random unsecured S3 bucket.

Yes, it's company policy, but this is more like running into a meeting and then interrupting it so you can start reciting NLRB policy than it is posting a flyer. Worse, it misappropriates a security tool in order to do that. And when it comes to intentional actions that violate or undermine security, Google, like most companies, takes a pretty hard line.

Disclosing that I'm a Googler, and speaking only on my own behalf, with no connection to anyone involved except the fact that the extension is running on my browser.


>Yes, it's company policy, but this is more like running into a meeting and then interrupting it so you can start reciting NLRB policy than it is posting a flyer.

True, but it seems kind of shady to come down harder on an employee based on the content of the interruption, and that content notifying of the right to organize.

Like, imagine there's a documentation page for http cookies. Consider two scenarios:

A) Rogue employee adds to the bottom of the page: "Cookies are also delicious treats given as a reward on the internet."

B) Rogue employee adds to the bottom of the page: "Employees reading this are reminded of their right to organize under NLRA."

Let's say that in scenario A, an employee would typically get a written warning, and in B, you always got fired. In that case, I think it would be fair for B to say -- at least in common speech -- "I got fired for notifying employees of their right to organize."

This is true, even though there is a general policy of not adding non-topical messages to doc pages, because the punishment never escalates to firing unless it's something like scenario B. (In a legal context rather than common speech I don't know enough to say whether it would be legal.)


I'm sympathetic to this. But the fact that it's a security tool being misused is what I think made for the very harsh reaction. Two scenarios:

A) Rogue employee messages a bunch of internal email lists about having the right to organize

B) Rogue employee configures a security extension to issue a popup saying "Happy Birthday Sundar!" every time an employee visits google.com on June 10.

I am confident that A) wouldn't result in any formal adverse action (they'd mostly get a pile of nasty responses about spamming internal lists), and I am confident that B) would at the least earn the employee a reprimand and plausibly get them fired.


> I am confident that B) would at the least earn the employee a reprimand and plausibly get them fired.

Yikes! That sounds like a dangerous place to work. If an employee with legitimate, assigned access to such a tool makes a change through normal procedures (not bypassing required code review or anything) and it's still a fireable mistake - well, I'm glad I don't work there.


So, let's walk through the reasoning here.

Data is simultaneously Google's greatest strength and its biggest liability. If an employee uploads data to a not-known-to-be-secure third party, it can literally cost Google billions of dollars depending on the data locality. Or, it could plausibly cause a severe security breach (if e.g. an employee uploads a security token into a third party decoder).

And so the security team builds an extension in order to very loudly alert employees when they're on one of these known-to-be dangerous domains. And, as it happens, the implementation of the loud popups could make it a general browser notification platform whenever an employee visits a particular domain.

Is it a good idea for teams to start using it as a general notification platform?

No, not on any level. On top of being annoying for employees, it breaks the security UX. When someone sees one of these popups, they know they're important and that they should be very wary of whatever they're doing. But if it starts being a popup that can be triggered by anyone in the company who can convince themselves that they're providing value by sending out the popup, people start ignoring it. And there's no going back at that point, because employees have been trained to ignore the popup because of it staying stupid shit like "Happy Birthday Sundar!" and "Read these NLRB rights!" and "You can go grab a burger at the cafe today!" Everyone's been made worse off, and the original security problem has come back.


I'm not disputing that, but that still really doesn't seem like a fireable offense. I'm objecting to the fact that she got fired for it after (presumably) making the change through appropriate channels. There are always appropriate channels to roll back a good-faith change, too.

If you could concisely and cogently explain why this change is a bad idea in an HN comment, surely someone can do that in response to the change, revert it, and move on. If it's SOP for Google to fire people who make well-intentioned changes that have the side effect of alert fatigue, then one, I don't want to work there, and two, I would expect to see a lot more firings.

And surely they could explain the problem, revert it, and move on without calling her into a conference room and grilling her about who else she's organizing with. That makes it seem like it's about the content of the notification, not the alert fatigue.


Even in california, it's the companies choice what a "fireable" offense is, not the employee, nor what social media thinks "seems fireable". If you violate any company policy, or even if google does not think you are performing, you can quite legally be fired. There is very little chance of any recourse.

Don't misunderstand, it's not that I'm really trying to defend google. This is to serve as a reality check and warning to those who don't understand the rules of employment. And I'm guessing the Engineer in question understood the risk full well.


> Even in california, it's the companies choice what a "fireable" offense is, not the employee, nor what social media thinks "seems fireable". If you violate any company policy, or even if google does not think you are performing, you can quite legally be fired. There is very little chance of any recourse.

I don't disagree with that either. I'm just saying that, if this is the company's choice of fireable offense if the company actually considers it normal to exercise the right to dismiss an employee (which they legally do have) for this sort of mistake, I'm glad I don't work there.

As I mentioned in another comment, I recently did something at work that you could spin in an equally sinister way, if you want. My company would be within its rights to fire me for it. My employer would be within its rights to fire me for sneezing at the wrong time, or even for no reason at all. I choose to continue working at this company because I trust that, despite their legal ability, they have no intention of actually doing so. If I ever lost that trust, I would leave.

(In fact, my employer and Google's also have very similar employment agreements about ownership of outside IP / personal open source, but I had reasons to trust my employer to act more reasonably than Google, which was part of why I chose my current employer when deciding about it and Google. In practice that trust has turned out to be well-placed, and there's now a thread on the front page about how Google loves to follow the letter of the employment agreement and arbitrarily deny IARC requests.)


You obviously didn't read her blog post where she stated the following:

"This kind of code change happens all the time. We frequently add things to make our jobs easier or even to just share hobbies or interests. For example, someone changed the default desktop wallpaper during the walkout last year so that the Linux penguin was holding a protest sign. The company has never reacted aggressively in response to a notification such as this in the past. It’s always been a celebrated part of the culture."


No, the kind of code change she committed has never happened before. A change in desktop wallpaper is not the same as a change in a security extension.

The fact that other employees have participated in pro-employee activism and not been disciplined speaks to that. Some things are fine, some things are not. Abusing security software is not.


Sharing a cute desktop background is inappropriate but it's only a picture on a background, misusing an internal security mechanism for your own pet activism when visiting a harmless website is a totally different tier of unprofessionalism.

Do you activism in your personal time. Don't use important company resources used to protect employees from harm to push your slogans. Regardless if those slogans are legally legitimate statements in a normal context, like handing out a leaflet on the edge of the property.


> internal security mechanism

Correction: an internal message display tool.

> for your own pet activism

> push your slogans

Correction: a warning not to break federal labor law, which Google is actually required to provide.

https://miro.medium.com/max/2000/0*1BTVYLTvuHiJVvp_.jpg

> Do you activism in your personal time.

This is about Google. Apparently their company culture has been the opposite, and they have commonly had lots of political discussions on company time using company resources.


> Correction: an internal message display tool.

For the millionth time, it was not a general message display tool. It is a security tool to flag domains that run the risk of data leakage and malware. Trying to hijack a security extension to turn it into a general messaging platform is both stupid and bad for security.


>Correction: a warning not to break federal labor law, which Google is actually required to provide.

Labor law requires that those notices be posted somewhere in a prominent place employees are likely to see. They definitely don't require them to be posted in arbitrary places at any employee's choice.


She was protecting employees from harm. Illegally interfering with protected concerted activity hurts the company, and an employee doing so is likely to get fired quite legitimately.

(Furthermore, the laws about protected concerted activity specifically permit you to do your activism at work, not just on your own time.)


The homepage of a law firm was harming employees requiring a security/privacy tool to be hijacked to have pro-union activism messaging?

Jeez, politics really does make people go funny in the head. As long as it's "their guy" everything is on the table to sidestep logic.


Agreed -- so under my rubric, if Google were consistently firing people for all off-topic messages slipped into the security UX, then that would be a non-political firing. But if they came down harder on "oh don't forget NLRB" than "Happy Birthday, Sundar", then that seems political and "fired for notifying co-workers..." seems accurate.

(I don't know enough of the history of Google's firings and this kind of violation to know either way.)


Slipping off-topic messages into a security system just seems like such a ridiculously stupid thing to do that I'd be surprised if it's ever happened before at Google before.


It doesn't matter if it's "political" or not. It's completely 100% google management's choice whether the punishment for a serious (or tiny) rule infraction is anything from no action at all to firing. There is no rule that says it has to be consistent either.

You can't fire a worker for organizing, or on the basis of sex, race, etc. But you CAN fire whoever you want for breaking even the most minor rules or even just poor performance. And the choice can be as politically motivated as google likes, doesn't change a thing.


No, courts are run by humans and patched the "pretense" hack a long time ago.


It's not a pretense when she broke a serious rule. Whether or not she claims she didn't, google has determined she did. So therefore it's clearly not retaliation. That's the default position. Now, there would be a high burden of proof for her to claim it was a conspiracy and it really was related to union organizing. That she did not in fact violate a rule (based on googles own interpretation). Good luck! Unless she finds some incriminating emails or gets an executive to give extremely damaging testimony, she's toast.


It is definitely a pretense when rules are selectively enforced. You seem to think it’s the courts’ first rodeo.


No, history has shown about 95% of the time employers prevail in actions like this. The burden of proof is really high for the employee, and the company has plenty of money for lawyers. It can simply run out the clock too. So yeah, 23 years from now after the ex-engineer spends 2.6 million on legal fees, she might win her job back and lost wages.

Furthermore, google has a really easy time with "selective enforcement" They can show that people violating security rules and abusing administrative rights are always fired. Now, she can argue she didn't do this, but because of the nature of our legal system, it will be extremely hard to explain. I main, disgruntled employee abusing security? Whoever heard of such a thing. The civil judge will probably help google refer her to the FBI!


Saying that selective enforcement is hard to prove is different from saying it doesn't matter, which you were originally claiming, and which is what I was disputing.

>They can show that people violating security rules and abusing administrative rights are always fired.

Yes, that agrees with what I was saying: if every message thusly inserted resulted in a firing, then it would not be fair to say she got fired "for notifying employees of their right to organize".


You are making plenty of assumptions here.


It's incredible watching tech people in this thread assert that she wasn't fired for union agitation but if she was, that's okay too because she should have known not to be "inflammatory."


We don't have all info on this though. Maybe there were more to it. If not, it follows US workplace culture and is unfortunate.


I could see something like (B) happening because Google used to have a lot of April Fools jokes. But it would go through code review, so the team would know about it. Doing it through hacking would be something else.


> True, but it seems kind of shady to come down harder on an employee based on the content of the interruption

If you hijack the company's PR to inject your own personal opinion I'm pretty sure you'd be fired from any company.


Confirming this. The extension says it's for information security and privacy policy.


This is what I suspected and thanks for confirming this. The fact that she wrote that her job is to notify the employees "of employee guidelines and company policies" and chose to withhold the critical bit that it was specifically security policies she was responsible for looks like a deliberate attempt to mislead.

I totally support googlers' right to unionize but it seems that some employees are in an all-out war with the company and think that all is fair in that war. I can't say I support that.


"this is more like running into a meeting and then interrupting it so you can start reciting NLRB policy than it is posting a flyer"

How is this like "running into a meeting"?? Do Googlers visit the IRI website every day? Is this pop-up really a distraction to core work for engineering?

Your party line here makes the change sound like Nest shutting down the house [1] but according to the evidence it looks more like that recruiting thing that gives you a pop-up for google.com/foobar when you enter certain search queries.

[1] https://www.youtube.com/watch?v=BpsMkLaEiOY


In her account, she says,

> For example, someone changed the default desktop wallpaper during the walkout last year so that the Linux penguin was holding a protest sign. The company has never reacted aggressively in response to a notification such as this in the past. It’s always been a celebrated part of the culture.

Is this accurate? If it's culturally acceptable to change everyone's desktop wallpaper (including of those who were anti-protest) to a pro-protest image, it seems reasonable that this falls in the lines of culturally acceptable too.


Thanks for this. With stories like this it's always hard as an outsider to really discern what's going on.


It sounds like you are saying SilasX was misinterpreting the policy or taking it a step too far.

That was my question, her job literally to make extensions to inform employees on policies but I was doubting that it was to make any and all notifications but only a specific set of policies like, limit personal browsing activities, or that the computer is the property of google and you consent to blah blah by it’s use.

It’s clear to me that this employee knew this was more of a political notification and took matters into their own hands.


Really?

So if I hire you to email out my monthly company statement it’s reasonable that you add some of your own thoughts to said email.


It wasn't her thoughts it was company policy, or to be specific it's required by law that this notice to be posted in the workplace.

It's was her personal judgment that it should be posted in a chrome add-on rather than only by poster like is typical in most workplaces. But assuming her job was to maintain an add-on that informs employees of company policy, and assuming her job typically lets her act with personal judgment, yeah I think that's perfectly reasonable

In fact, you can find further support of her action from the NLRB FAQ:

https://www.nlrb.gov/resources/faq/elections/are-there-any-c...

"The employer is also required to distribute the notice electronically to unit employees if it customarily communicates with employees in the unit electronically, either by email, by posting on an employer intranet site, or both"

Again, it's her judgment to add the notification (which links to the Google intranet posting of the NLRB poster), but considering that Google customarily informs employees of policy via notifications in this add-on, and she is in charge of maintaining said add-on, it doesn't seem like an unreasonable judgment to add this notification


Being in charge of the infrastructure does not mean you are in charge of the content.

Those are well defined roles. Specially in a company of that size.

She didn’t just make a judgement call. She went way outside her role imo.


I don't really know enough to agree or disagree with you.

She claims she's in a role to make judgment calls on adding content - and that this was reinforced by her previous stellar performance reviews, which made her confident in her judgment - but I don't personally have enough info to know if that's the truth. She very well could be stretching the truth that maybe every other addition she's made was under the direction of HR or product, in which case she is definitely out of line here - it would take the input of a Googler on her team to know for sure.


Googlers are encouraged---well, in the past, have been encouraged---to consider themselves capable of making judgement calls like this one.

That having been said, this would still be considered an unusual call to have made. But had I been on the receiving end of this message, I suspect I'd have found it annoying unless she remembered to suppress it after first display---if she had, I wouldn't have been bothered by it.


Part of being encouraged to exercise personal judgment is being responsible enough to participate in the consequences. Judgment with no/few personal consequences is reserved for children and legislators.


Getting fired is encouragement to you? Why would anyone input any value if having no platform to excercise judgement calls? 2/3 of typical decisions are either wrong or neutral..


The consequences to something like this should not to be fired. It is a CL rollback and a blameless postmortem.


Ethically it’s wrong and it’s a violation of the trust put into IT workers. It wasn’t a judgement call it was a personal choice.


> She didn’t just make a judgement call. She went way outside her role imo.

That's not so much a matter of opinion as of what her role is, exactly. I don't know. Do you?


The article says she's a security engineer. It would be pretty unlikely for a security engineer's job to include messaging employees about HR rules. It sounds more like this engineer modified a security tool to spam a bunch of coworkers with pro-union popups.


And if the outcome of a trial produces otherwise, would you be willing to retract such baseless claims?


True, but the optics are terrible on this one. They should have seen this one coming and promoted her instead. They also should stop trying to prevent googlers from unionizing. The google of today is not the google of 15 years ago that's for sure.

While they're at it, they should stop bending (and probably breaking) export controls regarding China, and stop doing immoral DoD and ICE projects.

And heck, why not implement a process by which all private contracts are approved by a company-wide vote? Including the guy that sweeps the floor. Oh, afraid that employees will leak the details of the project? There's always NDAs, but if you are so concerned about leaks, maybe that's not a project you should be doing then.


Um, there's already a process whereby private contracts, as well as all other company business is approved by a vote. It's called the shareholder meeting.

Now understandably the janitor has provided a lot less capital than deeply invested shareholder, so their votes are uniformly weighted according to their share of ownership.

I'm guessing the engineer might own about 1/10,000,000th or so of the company if she has a healthy 401K. So as long as she can convince 10,000 or so other employees and 49.91% of the rest of shareholders to go along...


| And heck, why not implement a process by which all private contracts are approved by a company-wide vote?

Wait, what? How would this work? Who would take a Google bid seriously if, after awarding them the contract, they turn around and have to ask the employee population for permission to proceed?

The big issue I see with a lot of discussion around this issue is not a lot of thought is put into the practicality of running a large business concern. Stuff that works when it's two guys and a server does not (can not) fly when you have a large group of people to manage.


Committing crimes, even just omitting required notices, falls outside of management discretion. At-will doesn't apply.


This is inaccurate for internal tools.


> Being in charge of the infrastructure does not mean you are in charge of the content.

Whether or not it was her job has absolutely nothing to do with whether or not it was protected activity.


> It wasn't her thoughts it was company policy, or to be specific it's required by law that this notice to be posted in the workplace.

Unless she was asked to do it by management, it was her thoughts. As much as the title makes this seem like David v Goliath this is really just employer v disgruntled former employee.

No matter your thoughts on "its required by law... Blah blah blah" it's not up to her to enforce the law on behalf of an employer. Google has the right to post or not, statements of its choosing. In fact it's absolutely within Google's right to ignore this law, doesn't mean there won't be consequences but it they can do it.

This is so cut and dry I'm surprised she found a lawyer willing to take the case. It's staggering there's even a discussion ok HN about this.


Engineers at Google are not drones. They do not exist to only do exactly what their boss asks. If engineers did do that, they'd never get promoted there. Google's management can't have it both ways.


> It wasn't her thoughts it was company policy

FTA, your personal assertion is quite wrong. Her line of work was security and at most she was tasked with posting content regarding privacy and security concerns regarding non-Google tools and services.

Her personal political views and opinions don't pass off as InfoSec topics.


Not sure that notifying people of the law is actually "your own thoughts".


How? If I am instructed to email an update notifying our users about new terms of service whenever they are changed, and I add an addendum, "Don't forget, you have 3 days after the old terms of service expire on order to return old devices..." The company has every right to fire me.


If those thoughts are factual and relevant to the topic at hand, it... does seem like it's reasonable?

She's an engineer, not someone working a type pool.


Only because you brought it up, someone in the typing pool likely has more education and experience:

https://www.linkedin.com/in/kathryn-spiers-1b3048a1/

By any measure she's not an engineer.


She's got a CompTia Security+ certification. That is not a trivial amount of specialist education. You certainly aren't expected to have a college degree to be an "engineer" if that's the thrust of your argument.

Tbh it sounds like other ulterior motives are clouding your judgement here. She seems like exactly the sort of engineer who would benefit from unionization and while I might need it less, I fully support her and I'm disappointed in Google for firing her.

As I've said elsewhere, these sham reasons for firing folks adjacent to union activity are opening up the company to massive liability and imo the board and shareholders should hold more people accountable.


A CompTia Security+ cert is actually pretty trivial. It's complete regurgitation, and not even of industry standard best practices, but of CompTia defined "best" practices. It's the lowest and most basic tech cert you can get. It certainly isn't evidence of any engineering discipline.

The board and shareholders will have to decide whether this action was, or was not, in their best interests. But history has shown that Wall Street would generally agree with this one. It's certainly not a "massive" liability. Should the employee prevail, years from now, in a wrongful termination suit the cost to google will be trivial compared to the employee.

That's why other companies often flagrantly intentionally ignore NLRB protections. It's a very limited civil liability with a very high burden of proof on the employee.


> It's the lowest and most basic tech cert you can get.

As opposed to... what? Do college degrees promise engineering discipline? Surely not. Many successful engineers have nothing more than a high school diploma and industry experience.

This has clearly gone into sexist territory now. She's a she, and therefore her experience and education is going to be audited by arbitrary and increasingly vague standards to make sure she's considered valueless.

> It certainly isn't evidence of any engineering discipline.

There is literally no credential that does this. It's a ridiculous standard to offer forward. Engineering discipline is a property of teams and organizations. On an individual level there is no distinct standard of it.

You are moving the goalposts outside the stadium.

> It's certainly not a "massive" liability. Should the employee prevail, years from now, in a wrongful termination suit the cost to google will be trivial compared to the employee.

I disagree. With the rash of these firings, we may start to see a collective lawsuit. Should systemic problems be found, Google is in genuine danger of both large fines (both the left and right in the US and other countries are eager to give Google a black eye for perceived wrongs) and of severe reputational damage putting it at a competitive hiring disadvantage.

> It's a very limited civil liability with a very high burden of proof on the employee.

Right up until you get enough claimants for various collective actions, I agree this is the sad case for American enforcement.


OK, I have to rebut some of this. I have no axe to grind about whether the engineer is male, female, trans, white, black, whatever. Fact is that when I wrote this I didn't know she was a female. Don't care.

How insane to claim that simple negativity toward a member of a protected group is an -ism. I'm not saying she isn't an engineer because of ANYTHING related to her sex.

She's getting raked over the coals because what she did was stupid and shows incredibly bad judgement. To imply that this is less bad, or maybe we shouldn't discuss it, or maybe we'd have a different opinion if she was not female is itself far more sexist.

I fully support non-degreed engineers. Yes, I agree there is no litmus test for "Engineer".

I'm clearly stating that a CompTIA+ is not sufficient to call someone an engineer. Regurgitating questionable facts does not make you an engineer. I didn't move the goalpost. But I can recognize something that isn't one.

She screwed up bad, because if there is ever any collective action, her case won't be in on it. She gave google an ironclad excuse to be fired. I'm not even arguing right vs. wrong but the way employment lawsuits work, she has zero chance.


> How insane to claim that simple negativity toward a member of a protected group is an -ism. I'm not saying she isn't an engineer because of ANYTHING related to her sex.

If the only way we can distinguish your actions from sexism is via your internal state, you have a problem larger than this conversation and you should expect pushback.

> I'm clearly stating that a CompTIA+ is not sufficient to call someone an engineer. Regurgitating questionable facts does not make you an engineer. I didn't move the goalpost. But I can recognize something that isn't one.

But just before this you said there isn't a clear test. So really, it's just your feelings.

> Yes, I agree there is no litmus test for "Engineer".

This is more arbitrary goal setting to gatekeep a word. The debate is not if she is somehow an amazing engineer or a mediocre engineer, a well trained engineer or a rushed training job, well paid or not. No, that's not the debate.

The debate is, "was she given an engineering position in which she had autonomy to make changes and when she made changes a union buster didn't like, she was fired in retaliation.

If her job was strictly to type things that were handed to her in a field, this might technically evade the law. But that's obviously not her job.

You're obviously eager to categorize her as a not-engineer because (despite protestations) you're obviously eager to shut down any pro-unionization messages, even legally protected ones.

> She screwed up bad, because if there is ever any collective action, her case won't be in on it. She gave google an ironclad excuse to be fired.

I don't think this is true. She acted within her job capacity. She wrote a true and (importantly) legally protected statement. It was in a system that was specifically mean to advise workers about rights, options and obligations.

And unless she was already being evaluated for poor performance, even a single infraction is an extremely rare circumstance for dismissal in modern corporate America.


I think you're missing the larger point. It's mostly the large companies and those in power that create these rules. I'm not siding with either side here, but simply saying that "the rules are the rules" is not enough if the rules themselves are wrong.

If we want to make it harder for unions to organize, then she was rightly fired. But ff she was fired for union organizing and we want to protect that activity, then she was wrongfully fired.


I don't disagree, but you're talking about right/wrong from a moral standpoint, one that many people probably agree with, but it's not an absolute.

The right and wrong I was talking about was with respect to the existing rules, policies, and ethics. And if you do believe these rules are morally wrong, then you change them from within the system.

The upside is there are multiple opportunities to do this without also getting fired. There are also opportunities to do as much union organizing as you like without getting fired. The Thanksgiving four played a very dangerous game, as did this individual, and they got the expected result.

Unfortunately, the other result is that if you want to find examples of blatantly illegal union busting, I'm sure they are out there but these are not them. This smacks of agitation and activism for it's own sake.


> you have a problem larger than this conversation and you should expect pushback

Why is that? Please give an example of what I said that is sexist or any other -ist.

> So really, it's just your feelings.

No, it's perfectly reasonable to object to points that were made that don't support the argument. I'm only stating that CompTIA+ does not provide evidence that you are an engineer because of the nature of the certification.

> You're obviously eager to categorize her as a not-engineer

I didn't categorize here as either way. Someone else did, I just object to assuming that a job title or a cert makes you one. It doesn't. I don't think it even matters to the argument at hand either.

> you're obviously eager to shut down any pro-unionization messages, even legally protected ones

I'm not. I'm neutral to whether googler's want a union or not since I don't have to work there and have no interest at all in google's future direction. I'm eager to inject some reality into some very dangerous idealism before more people think they will stand up to the man without understanding the not-so-nice realities.

It's well and good, from the safety of the narrative of her supporters to say things like "she had autonomy to make changes". But engineer or not, she doesn't have that kind of autonomy. No employee really does, including directors. And it's up to her to prove she did. For example: can she show her manager approved this specific action in writing? Who asked her to do this? It looks a lot different when google shows up to a hearing with logs, rules, job descriptions, and her manager's manager having not approved the labor message, corporate security policies, and on and on. Then she shows up with, "but I thought it was OK because I did other stuff similar before, but it didn't involve labor notices. Yes, I had no actual authorization, but I was trusted as an engineer". People need to think adversarially, not just "Oh the NLRB will magically protect me". Because it can't if they don't follow the rules to the letter, and even then only partially.

A company in google's position is just waiting for people to do what she did: combine legal organizing with breaking a verifiable rule. Something with proof, like security logs. Great! now they have plausible reason to make someone an example. Now - do you see why I think it was stoopid?


> Why is that? Please give an example of what I said that is sexist or any other -ist.

Because you are specifically supporting a narrative that declines to grant an arbitrary status to a woman even as you argue that there is no clear delineation of that status. You "know it when you see it" is a hell of a thing to say as you make a pronouncement about someone's termination from a job.

What's more, looking over the history of this thread, you've substantially changed your message depending on how forcefully people reply to you. You've gone from saying that she cannot be an engineer because she has no credentials (which you first try to claim is required, "That IS why (engineers are credentialed and regulated)." https://news.ycombinator.com/item?id=21822286); and eventually move to saying you're a fiat arbiter of: "[I] can recognize something that isn't one." (https://news.ycombinator.com/item?id=21832089)

It's crystal clear you're not having a discussion. You're trying to push a narrative. You're writing anything you think you can get away with, and trusting the thread depth cutoffs of HN to hide that part of the thread.

> No, it's perfectly reasonable to object to points that were made that don't support the argument. I'm only stating that CompTIA+ does not provide evidence that you are an engineer because of the nature of the certification.

The assertion earlier was that she was untrained. She is clearly not.

> I'm not. I'm neutral to whether googler's want a union or not since I don't have to work there and have no interest at all in google's future direction.

This isn't really the question and I don't know why you think this statement is relevant. The question is "should people be fired for talking about unionization." Clearly, you now that some Googlers are friendly to unionization in at least some aspects of the workplace. You're reading a story about one right now.

> I'm eager to inject some reality into some very dangerous idealism before more people think they will stand up to the man without understanding the not-so-nice realities.

Oh? And those not-so-nice realities seem to be that you'll cheerfully throw in with discrediting a woman.

> But engineer or not, she doesn't have that kind of autonomy. No employee really does, including directors.

No technical organization I've ever encountered has to go and get every action stamped and filed by their manager to avoid being fired. That's so far beyond the norm I'm wondering if you've ever been a manager or run your own company.

Quite the contrary, Management has to constantly document directives in writing and carefully apply messages to employees because there is substantial legal risk in just letting managers do whatever they feel like.

> and her manager's manager having not approved the labor message, corporate security policies, and on and on. Then she shows up with, "but I thought it was OK because I did other stuff similar before, but it didn't involve labor notices. Yes, I had no actual authorization, but I was trusted as an engineer". People need to think adversarially, not just "Oh the NLRB will magically protect me". Because it can't if they don't follow the rules to the letter, and even then only partially.

"Thinking adversarially" is at this point collective action. As I've said, Google is making a stronger and stronger case for all its employees that they need to consider a defensive unionization strategy.

> A company in google's position is just waiting for people to do what she did: combine legal organizing with breaking a verifiable rule

If she goes to court, they're going to have to prove there was a rule in place and that it was communicated to her. We'll see then.


> Because you are specifically supporting a narrative that declines to grant an arbitrary status to a woman

I'm supporting a narrative that declines to grant an arbitrary status to a PERSON based on a tech certification.

It is NOT sexist to say that CompTIA+ is insufficient evidence to be called an engineer. Not even CompTIA+ would say that. And I'm not pushing a narrative - you are pushing the narrative that if someone starts questioning a position, they must be sexist.

I don't think I'm changing my message - it's based on replying to the conversation. I'm not even saying she's not an engineer, just that people need to stop conflating tech certs with engineering. In many of these comments I'm still referring to her as an engineer, so now I'm not a sexist right? Good. Got it.

> technical organization I've ever encountered has to go and get every action stamped and filed by their manager to avoid being fired.

Yep, no engineer can or will get every action stamped and approved by management. They are expected to work independently. However, if you ABUSE that independence to bite the hand of your employer, you have absolutely no expectation of top cover. So if you are planning to do something dangerous like this, you better make sure you have it in writing that it was authorized. Because the burden of proof is now on you to show it was. Furthermore, if you go into a legal setting with your argument that engineers always act autonomously, you just sound like a bunch of cowboys to the bureaucrats that get to decide this.

If and when this goes to court, I agree we will see. But it won't. Of course that will be months and years from now either way.

Until then, if the goal was to inform her co-workers that it was safe to discuss union organizing without fear of reprisal, how's she doing at that?


> I don't think I'm changing my message - it's based on replying to the conversation. I'm not even saying she's not an engineer, just that people need to stop conflating tech certs with engineering. In many of these comments I'm still referring to her as an engineer, so now I'm not a sexist right? Good.

You're definitely still saying and have been saying you believe she's not an engineer.

> However, if you ABUSE that independence to bite the hand of your employer, you have absolutely no expectation of top cover.

Again, your bias shows. If your employer is treating you well, why would talking about unionization be threatening? These conversations are happening precisely because people claim to be seeing abusive parts of the system and are looking for recourse.

Is that biting the hand of your employer? You clearly think so. Would that folks like you were more active in demanding action the collective action by corporate CEOs to illegally fix wages. Sadly, folks seem content to shrug and smile and pretend that's the right of their minders.

> Furthermore, if you go into a legal setting with your argument that engineers always act autonomously, you just sound like a bunch of cowboys to the bureaucrats that get to decide this.

No, but the idea that summary dismissal is normal for a simple message not approved by management on a legally protected subject is hogwash. I think you know this, but you'd prefer it's not so.

Thank you for the conversation. Goodbye.


> You're definitely still saying and have been saying you believe she's not an engineer.

I never said that, nor do I necessarily believe that. I replied to someone else in a one-liner which was to put forward a possible reason other people were questioning it.

> Again, your bias shows. If your employer is treating you well, why would talking about unionization be threatening?

Talking about unionizing is not threatening to me, or my company (which has a union), but it's pretty clearly very threatening to your company. You should be cognizant and careful about that.

> Is that biting the hand of your employer? You clearly think so.

What I think is that google and every other sufficiently large company will think so. It would be naive to think because your company has some zippy slogan like "don't be evil" (now retired) that they are somehow different.

It's interesting, btw., how you believe to know what I think based on not at all what I say. Novel way to run an argument.

> Would that folks like you were more active in demanding action the collective action by corporate CEOs to illegally fix wages. Sadly, folks seem content to shrug and smile and pretend that's the right of their minders.

There's a right and a wrong way to take action. Getting youself fired doesn't seem smart, but it could be a nice martyr move if you don't need the income.

If you are engineers, then you are not just wage slaves. You are independent people and can take - or leave - your employment at will. If you don't like company X, I'd suggest it's far better to simply leave.

Your problem is a bad employer, so you add a union, now you have two problems: a still bad employer and a union full of politicians.

So, I've enjoyed your interesting thought processes, and I leave you with this advice:

- read, carefully, the rights granted by the NLRB. Stick strictly and safely within them.

https://www.nlrb.gov/rights-we-protect/whats-law/employees/i...

- for example, do you notice that it gives you the right to talk and distribute literature outside working areas (such as breakrooms or parking lots)? Do you notice how modifying a browser security extension isn't on that list? Nor is doxing your co-workers?

- don't use company time or resources to do it! A) it could easily be construed as not-protected and B) obvious opsec reasons

- martyrs for the cause might energize the base but they scare off those with mortgages.

- be mindful of who has your back:

January 2019, google pushes to overturn Purple Communications - https://onlabor.org/google-to-nlrb-shut-down-employee-email-...

December 2019, NLRB overturns Purple Communications - https://www.nlrb.gov/news-outreach/news-story/board-restores...

Tootles!


> By any measure she's not an engineer.

Please explain why she's not an engineer; and please take care to include discussion of why anyone is an arbiter of the "engineer" title in a field which is largely unregulated and not credentialed.

Otherwise the most charitable reading of your comment is something like "ticmasta thinks security engineers are not real engineers," and the less charitable reading is something like "ticmasta claims this person is not an engineer because she is a woman," which is incredibly juvenile and misogynistic. It has no place on this forum.


> in a field which is largely unregulated and not credentialed.

That IS why (engineers are credentialed and regulated).

And where you got misogynistic is a mystery - simply using someones pronoun of choice in conjunction with something negative isn't implying anything.


Not software/devops/security engineers in the US, as I’m sure you’re aware. You and I can claim to be software “engineers” in the US and no one can reasonably tell us we’re wrong. And the domain of conversation is restricted to the US, because that’s where she worked.

The misogyny comes from the fact that this tends to only come up whenever a woman engineer is in the news. Nobody comments on HN threads saying “but he isn’t even an engineer”.


These are not equivalents: Scripter -> Coder -> Developer -> Software Engineer


But she is a credentialed security engineer, so I guess you agree the criticism that she's not a qualified engineer is wrong.


[flagged]


We've banned this account for breaking the site guidelines and ignoring our request to stop.

Doing this will get your main account banned as well, so please don't.


It would be more like that employee emailing a company statement you didn’t want people to be aware of.


Was she hired to only add things other people told her to add?

Or was she hired to add things she considered relevant?


That's a good question, I don't know, but she claims the latter.

In her Medium post she claims that "Part of what makes me a great fit for Google is that the company is always telling us to take initiative to deliver high impact work." and also that she received stellar (4/5, 4/5, 5/5, where 5/5 is apparently top 2%) performance reviews, which reinforced her view that she should act on her judgment.


If she really was "a great fit for Google" then she'd have realized the obvious fact that her naive attempt to fulfill an NRLB regulatory requirement would be something that should be checked with Google's legal department so a lawyer specialized in labor regulation can confirm that doing what she planned would actually meet the regulatory requirement as well as confirm this requirement wasn't already met in another way.

For example, did her design record sufficient analytics for regulatory compliance reporting? If a regulated company can't verify they did it correctly, it didn't happen. Did it distinguish between contractors, part-time and full-time employees? How did it handle employees outside the U.S.? By IP address or did it look up their country of residence in HR records? What about interns? Did it count these different populations correctly or was it at risk of over-reporting and getting the company fined? Did her design meet the requirements for Spanish-speaking ESL employees based in the U.S. Did her design read-out the text for blind and vision-impaired employees or did it initiate notification via an alternate channel?

In my opinion, she's being extremely disingenuous with her claims.


A little of the former and a little of the latter, most likely. However, that doesn't mean her judgment r.e. what is relevant is immune to review. And if it's sufficiently incorrect, consequences like what happened shouldn't be surprising.


These are stiff consequences for the violation in question for Google.

Individual employees publicly embarrassing the company (https://mobile.twitter.com/jweise/status/491788092710199297?...) or accidentally disrupting the network fabric and costing the company $X in missed revenue don't get fired for first offense. The way this was handled seems unusual, suggesting either there's a piece of the puzzle we internet pundits aren't holding or Google has changed its tolerance policy for honest mistakes.


Depending on what the cause is it might be different. If someone makes a reasonable mistake, like pushes something to production that they should not, then you could argue that there are not enough checks and it is not something you should get fired for. You should change the process.

If someone deliberately goes around those checks to push something anyway then it could be a fire-able offense.


I'd disagree. Another post shows stellar performance reviews, so if this is considered a mistake, it should be remedied and she should be reprimanded. Outright firing seems heavy handed


My take on this is that she was trying to ruffle feathers, and she succeeded. I suspect her firing took into account that intent. Putting myself in the shoes of whoever decided, I can only think that factor would have weighed heavily against her.

She might be naive enough to believe that this was actually protected concerted activity, but I don't think so. I'm not sure I think firing her was the right play, but I also don't have all the information. I will say that I don't think this outcome should surprise her. It should definitely been one of the likely outcomes she modeled when deciding to submit that code.


This firing has created a small storm of bad PR for Google, and I'd be willing to bet it's created a large storm of bad feeling among Google employees. (Although a smaller matter, using "security violation" as a spurious reasoning for the firing probably also slightly downgrades the credibility of the company's internal security efforts.)

So if her goal was to cause disruption at Google, it sounds like management just gave her a major assist. Like a Falcon Heavy's worth of assist.


The article quotes a law professor who says that it probably is protected activity, so I'm not sure "naive" is the correct word.


The analogy Prof. Dubal uses is not apt. They seem to believe that the extension was some kind of public notice board where anybody could post something, but that is not what it is. Since they did not have sufficient context, I would be disinclined to trust their judgment on this issue.

Also, FWIW, this may provide some interesting reading: https://www.hg.org/legal-articles/are-employers-required-to-...


As a level 3 software engineer, the latter (with oversight, which it would appear was in place here. A change like this one doesn't hit the live codebase without at least one other engineer signing off on it).


I think GP is saying that since 'right to organize' is in the company policy, then adding this seems right in line with the job.

If, indeed, this was not in the company policy, and it is indeed the employee's opinion, then yes, termination is apt.


Yes, really. How about the converse: what if Google used it's ability to control employees' email to send messages on their behalf arguing against unionization?

Part of the right of free speech is correctness of attribution. Trying to speak as someone else, using someone else's communication channels isn't speech, it's fraud.

And I say that as (at least within the spectrum of folks on this site) a full on pinko commie unionizer. If this is the truth of the story, this just wasn't OK, and was a very reasonable firing offense.


Workers need to be willing to break the law in order to win victories against the people that make the laws. Employers aren't even the law, this is such a small thing and is defensible. I don't see a reason to side with Google at all, if they really vociferously disagreed, they could ask her to remove the notification.


> "Workers need to be willing to break the law in order to win victories against the people that make the laws..."

Like most of the general public, I have no desire to associate with criminals. If you build your union on a foundation of illegal acts, there's no reason for anyone to believe you'll stop once it gets fully established. Existing unions in the United States provide ample proof of that.


When workers organize and attempt to make demands greater than than the bosses are willing accede to, the bosses call in the police, private security, and depending on the political climate, right wing street fighters to start cracking heads. For a famous example of a dual power situation consider the 1934 Minneapolis teamsters' strike.

https://teamster.org/about/teamster-history/1934


Even setting aside the obvious "Two wrongs do not make a right" response, if you have to cite history from 3/4 of a century ago, well...good luck persuading people with that. On the other hand, the public can easily find news stories of major corruption and criminal involvement by unions for each of the past few decades.

(Oh, and by the way, the Teamsters, whose site you linked to, figure prominently in quite a number of those news stories. There really isn't a better example I can think of of why "Workers need to be willing to break the law in order to win victories against the people that make the laws..." goes down a bad path than them. The Wikipedia article for them contains the word "corrupt" 31 times.)


Ok boomer.


> "Ok boomer."

That's the cleverest counterargument you could manage?

I choose to interpret that, as most readers will, as conceding to my arguments.


> Workers need to be willing to break the law in order to win victories against the people that make the laws.

Not if they want to win, they don't. Anarchism won nothing at the turn of the century. Organized (note the adjective!) Labor broke through when it became a political movement with representation in government.


Asserting rights you don't have means breaking the law by definition, and it has always been that way - from civil rights movement to the revolution.


Sorry, what? They have the right to unionize. The whole issue at hand is that the employee put a notice of that legal right into an employer tool. What rights do these people not have that you're thinking of?

Look, the point here is that if you want to win a unionization fight (which is a legal victory, it will happen in courts and with contracts) you have to fight using legal tools. Pulling anarchist tricks like this just makes you feel better, it does nothing but make management's position stronger.


I mean sure, my comment was far too pompous, but calling this anarchism is silly.

If we leave rhetoric aside, what she's done is the equivalent of sending a leaflet or putting up a poster on company property. That's not strictly 'proper', but life does not happen in courtrooms. You actually have talk to people, let them know what's happening, organise, etc. Courtroom is where the fight is settled in it's last stages.


You should comply with laws that are justifiable and not with laws that are unjustifiable and represent petty authoritarianism. The working class can tell the difference. I 100% agree that organized resistance is key. Individualized resistance just earns a beat down.

I disagree that only rights granted by courts are effective in winning labor struggles. Strikes, legal or not, are required for advancing labor's cause.

This worker was attempting to organize her colleagues in an extremely tame way. There was no property damage. We should show our unadulterated support to embolden the working class.


I don't get it. Who is that "someone else"?


You're right. It literally links to (what appears to be) an internal company document. go/nlrbnotice


Just because it's a go link doesn't make it an internal document. A go link is just a shortened url. You can make a go link point to a non-internal web page.


>It also included a link to a list of employee rights and protections that Google agreed to post as part of a settlement with the National Labor Relations Board this year.[0]

But in this case it appears to be a link to an internal notice.

[0]: https://www.bloomberg.com/news/articles/2019-12-17/another-g...


Yeah, the go/ is a shortener for goto.google.com/, and is the main way of sharing links internally.


She said "So when I heard that Google had hired a union busting firm and started illegally retaliating against my coworkers, I decided to make sure that my coworkers knew about the posting."

This was purely a Moral decision on her part and not reasonable in my opinion to tag it as part of her job. She was not happy with how google was retaliating against her co-workers (right or wrong) and she took action using her own judgement. She did this not because this was part of her job but because she wanted to get back at google for their behavior (again right or wrong, thats not the point here).


I guess the question is did she add a company policy or guideline by adding what she added? I wouldn't classify a union drive as a company policy.

Some may think a union drive is a company function. From what I remember about my experience with unions is you are allowed to put up notices in the employee breakroom that is done by the union rep who is voted in within each shop.

I would say what she did was more along the lines of blasting the union notice over speakers to everyone who entered the cafe.



"National Labor Relations Board is requiring Google to post a list of employee rights at its headquarters".

Requiring Google to post a list at hq doesn't cover other locations and/or browser notification when visiting certain sites.


I know but I was trying to answer your question

> did she add a company policy or guideline by adding what she added? I wouldn't classify a union drive as a company policy.

The answer is that it's a policy that must be posted (just not necesarily there). It wasn't a union drive.


>her job is literally to create javascript notifications of company policy,

I think there is a reasonable difference between security notifications and other corporate policies.

Were non-security notifications in scope for their job or the tool used?


Good question. I have no idea. Her specific wording is "employee guidelines and company policies" which is quite vague.


Her job was to notify people of company policy. Injecting messages based on her personal politics raises red flags. This time she sent a benign message, but what might she do when googlers ultimately don't unionize? What might she do the next time there's a policy she disagrees with?

Google has provided places for people to discuss things. When she didn't think that was good enough she chose to make unapproved code changes that went against corporate direction.

Personally, I'm against unionizing any software company, especially google. Unions were created to prevent systemic abuse of people that were seen as easily replaceable. If you think a recent college graduate making 120k+ that has been provided almost ridiculous perks and freedom unheard of in most of the industry is being abused when they could easily leave Google and expect to receive a similarly paid position virtually anywhere purely because they used to work at Google, then there's no helping you.

Google employees have more rights than at most companies, they can even spend up to 20% of their day working on personal projects and Google won't claim ownership. If they think they need a union when dealing with such a reasonable employer,then those fresh out of college lottery winners need a serious reality check. Let's talk about unionizing Amazon fulfillment centers where they frequently let people go because taking a bathroom break means missing your quota. Let's talk about unionizing virtually any company before we demand labor unions for the most highly privileged group of people in the world.


After reading both of these statements, idk I feel the grey area is large enough that it didn't necessarily justify firing but also I don't blame Google for doing so. Ugh.


from her blog:

> This kind of code change happens all the time.

we have all been there.

i think she knew she wasn't following proper procedure. even if it's done "all the time".


if proper procedure isn't enforced, especially if others are routinely encouraged not to follow it, then it isn't proper procedure.


This is very reminiscent of laws regarding jury nullification, and how the practice may be legal, but in some jurisdictions / cases it can be illegal to inform a jury of that fact.


That's because it's not legal. It's a violation of the jury's duty to render a verdict based on the law and the facts presented. Stating an intention to vote a certain way without respect to the law and facts is grounds for removal from the jury. See https://www.law.cornell.edu/wex/jury_nullification and the referenced court case.


It's a violation of the jury's duty to render a verdict based on the law and the facts presented.

Who assigned the jury that duty? And when did that happen?

Per http://law2.umkc.edu/faculty/projects/ftrials/zenger/nullifi... and other sources that I have seen, the understanding of the law when the Constitution was written was that juries should judge both the law and the facts. The view that they should not judge the law only arose decades later in the late 1800s. The fact that the legal profession today sees jurors as having a duty to NOT judge the law I see as undermining the intent of having jury trials in the first place.

The understanding of jury trials when the Constitution was written was that juries had a right and obligation to judge both the law and the facts. The first laws


However, jury verdicts of acquittal are unassailable even where the verdict is inconsistent with the weight of the evidence and instruction of the law.


IMO the problem was putting the pop up on the IRI consultants website. She wasn’t protecting anyone or informing anyone of policy, she was being inflammatory and I don’t see it as a stretch for G to say she abused her position to inject that message.


It's inflammatory for Google to retain an anti-labor union cracking firm.


Perhaps. But that doesn’t make her action any less so.

She’s not a victim. She made a choice (which I personally agree with and find admirable) but the firing seems justifiable.


It's justifiable because that's where the discourse is. If the discourse shifts, Google would be in a tough spot.


No. Just no. She absolutely violated what her job was.


> Part of my job was to write browser notifications so that my coworkers can be automatically notified of employee guidelines and company policies while they surf the web

She needs to understand this power isn't her own to wield.

And the risk of people abusing power to advance their personal agenda is NOT something that would get passed easily once discovered.


It's so disingenuous to call out employees advancing their agenda when the corporations themselves are constantly abusing their power to advance their agenda.

> And the risk of people abusing power to advance their personal agenda is NOT something that would get passed easily once discovered.

Yes, it is. It get discovered all the time and no one gives a sh*t about it.


Um, not disingenuous. See, the company isn't funded nor owned nor managed by its employees. So it's not "abuse" and it is completely legitimate, even a mandate, and a fiduciary duty that compels companies advance their agenda. A corporation MUST take these kinds of actions, it isn't even legal for them not to, let alone abuse.

Conversely, an employee's agenda can be left at home, please, if they agree to be employed. The "Engineer" is lucky she isn't brought up on misuse of computing system charges.

I don't like companies that invade employees and customers outside-of-work freedoms. Just as I don't like employees that abuse and undermine the relationship that they freely entered with their employers. If you don't like it - quit and go work somewhere else. Then become activist.


As a Googler, it's not only her power to wield, it's her job description to make discerning calls.


> make discerning calls

about stuff that will breach company security, not to alert people of dangerous opinions. The latter is not hers to decide.


Individual Googlers inadvertantly violating the law opens the company up to risk of legal discovery processes and is therefore a beach of company security.


In my mind this is the hinge or the crux of the issue. If it was her job to create and inject JavaScript notifications of company policy and they fired her for doing that then shame on Google. Actually, it would be more than just shame on Google. If this is true, then I would say Google is not a safe place to work for anybody. Which is why I find it hard to believe that this was actually in her job description and or that there is more context that we are missing; that the premise of the argument is misleading.

"Part of my job was to write browser notifications so that my coworkers can be automatically notified of employee guidelines and company policies while they surf the web."

-With regard to what exactly? Context matters, if the browser notifications she was creating were only supposed to pertain to surfing the web then I think we can safely say she overstepped her bounds.

"So when I heard that Google had hired a union busting firm and started illegally retaliating against my coworkers, I decided to make sure that my coworkers knew about the posting."

-Again, it depends on what exactly her job was, but this seems to suggest she had motivation outside the bounds of her job description for doing what she did.

I don’t disagree with what she did. In fact, I think it’s kind of great. However, that doesn’t mean Google didn’t have a right to fire her for it.


Unfortunately, I'm leaning toward the other interpretation these days: Google management does not want their software engineers unionized but doesn't have experience to know how to deal with it legally, so they've hired strikebreaking lawyers and given them a lot of leeway on firing calls.


Certainly bold and perhaps ill-advised, but I would hardly characterize this as "injection"

> Spiers told NBC News that she was inspired to create a digital notification because “a poster in the cafeteria is not the best way of reaching the majority of Googlers.”

> The message included a link to a statement that the NLRB required the company to post for employees following the settlement of a complaint that was filed against Google in 2016.

> Spiers, 21, said she went through the standard approval process, which requires two co-workers to greenlight changes, before updating the Chrome browser extension. Another source at Google familiar with the update approval process confirmed to NBC news that those two approvals are standard practice for a browser extension update.


Prefixing this by saying I am not siding with Google (since people make assumptions). The standard approval process sounds like most merge review processes on any engineering team. There's a sort of assumed good-faith for this process. The fact that 2 coworkers were fine with your change doesn't mean it was made in good-faith and was within the bounds of normal types of changes.

Any engineer with the freedom to make changes without manager approval knows that adding features or making major changes isn't not the sort of thing you just do on your own. You'd go through another process for that.

So I don't buy this argument at all. This was a knowing violation. That does not, however, mean that they punishment was warranted, I don't think that it was.


Yeah let's be real, if she programmed a popup to appear over twitter with a message like "Don't slack off dummy UwU" and or something equally ill informed she would have been rebuked at worst.

To say that it wasn't the union overtones that got her fired is naive.


I know 0 large companies who would tolerate what you just described from a security team member.


She’s young and probably a bit naive. I think it’s absolutely a reprimand-worthy offence, and I certainly understand that a security engineer maybe shouldn’t inject code like she did, but that’s why there are reviewers, but they ok’d it. I don’t think it’s something she should have been fired over. I made dumb mistakes early in my career too, after all.

Should she have done it? No, absolutely not. Not like that anyway. Should she have been reprimanded? Yes definitely. Should she have been fired? I don’t think so personally, not for a first time mistake at least (we don’t know if she did other things previously or not, of course)


Different viewing angle needed but Google does similar stuff themselves, e.g:

    On Google.com if you present a Vivaldi user agent and arrive via a redirect, the search text box will be misaligned
    On Google Docs if you present a Vivaldi user agent you will receive a warning

https://vivaldi.com/de/blog/user-agent-changes/


The problem is, she insisted to the world (and presumably to Google as well) that she did nothing wrong here. This is a pretty minor thing to fire someone over - but what other option does a company have, when someone makes it clear that they refuse to behave properly?


Whether or not she behaved properly is what I assume to be contested here.


> but what other option does a company have, when someone makes it clear that they refuse to behave properly?

You could tell them to stop instead of firing them after the first offense.


How are you supposed to trust someone to follow the rules in the future if they won’t even acknowledge they broke them?


How can you expect anyone to be anything but defensive of their actions when you essentially fire them on the spot?


Probably a bit naive?

Security tools, and especially extensions that run with full browser access, are in an exceptionally trusted position. Employees who can inject code into arbitrary websites can in effect get administrator access to anything in the company, as Google is run almost entirely off of web apps of various kinds. It's actually hard to get more trusted than that: without a doubt this woman effectively had a greater level of access than Sundar Pichai or other senior executives.

If there's one thing you don't screw around with in any firm, its mis-using administrator access. Mis-use here means doing things that aren't related to your job description. You just don't do it! What she did would be like a logs engineer deleting internal access logs to cover up activity by political allies, or a GMail engineer spying on conversations between executives. It's complete madness to think you can abuse such a high level of trust in such a direct way and get away with it!

I used to have a certain type of Google account system administrator access. The way I used it was watched very closely, and deservedly so. Eventually it was removed because Google built better security systems that could restrict employee access more, and in my team were happy about this (for one, it meant we were less likely to be hacking targets). The idea of anyone abusing this sort of access for political reasons was unthinkable.

I honestly can't believe people here are defending this kind of behaviour. If Googlers feel it's OK to abuse root@chrome for unionisation related purposes, what else might they start doing? What about people perceived as 'bad'? Google needs to explain what happened here pronto, because apparently she was able to get this change through code review? So she had internal allies who approved her abuse of access? That is tremendously worrying.

Google is very rapidly burning the trust it requires for its business models to function. How can anyone trust the firm when 21 year old activists are able to manipulate Chrome for political causes and Google's own security procedures are unable to stop them?


This is reprimanding for the content of the message, not the scope of the code which would have actual security implications. Furthermore, it is a warning about not violating an actual company policy. This is not far off from the scope this pop-up tool is designed for. While it is clear that this was done as a response to google hiring this firm to dissuade folks from organizing, I could argue that it could be done to warn managers not to use the firms presence as permission to violate a specific policy + law. IANAL but this seems like extremely grey legal area. For example, this could be aimed at managers to remind them that even though this firm is hired, they cannot enforce a ban on organization according to that specific policy in the handbook. I think that's an appropriate use IMO, it would save the company some serious money and headache if it stopped a manager from illegally retaliating against organization.

I would not characterize this as evidence that this person is a security risk. It takes existing culture of google, including past incidents like changing the default desktop wallpaper for a protest that was happening, etc.

Also if this is true it is totally insane. Sounds like intimidation tactics to stop exactly what the pop-up warned against.

> They also dragged me into three separate interrogations with very little warning each time. I was interrogated about separate other organizing activities, and asked (eight times) if I had an intention to disrupt the workplace. The interrogations were extremely aggressive and illegal. They wouldn’t let me consult with anyone, including a lawyer, and relentlessly pressured me to incriminate myself and any coworkers I had talked to about exercising my rights at work.


I think you're assuming it's related to the message content, but that's not what Google are saying and it's not how corporations work in my experience. How you do something matters a great deal in any large bureaucracy. If Spiers wanted to remind people they could unionise there are communication systems that exist for people to talk to each other on their own initiative without approval, systems like email or even memegen.

Modifying the behaviour of people's web browsers isn't a channel intended for employees to push personal messages to each other and this should have been really obvious to her. She and her colleagues were trusted with a tremendous amount of power which could be readily abused (see my other comment on this thread), and the expectation was clear that it'd be used only within the bounds of what her management asked her to do, namely corporate security.

When she went outside those bounds and started using her immense technical privileges in ad-hoc ways, and (worse) making arguments like "I got a colleague to approve a code review so it was OK" she gave an extremely clear demonstration that management simply couldn't trust her. It's not about unionisation. It's about someone with the power to steal cookies from her own colleagues going rogue and deciding her own personal political priorities matter more than company policies she had agreed to follow.


People do similar things quite often at Google and I haven't heard any of them getting fired before.


Security team members modifying their tools that are deployed to a large number of employees for fun ?


Only sort of related, but one time some of the YouTube engineering team made a code change to kill off usage of Internet Explorer 6 by bypassing the usual code screening process to circumvent management. Their boss reprimanded them but eventually got in on it, without going through the appropriate channels. Then the Docs team saw the banner they showed YouTube users, thought they had actually received approval from management and used it as evidence to convince their managers to implement their own banner (who would have normally refused).

All they received was a small rebuke. In fact, management praised the team for the end result of decimating IE6 usage, as intended.

Then one of the architects of the scheme blogged about it in retrospect years later.

https://blog.chriszacharias.com/a-conspiracy-to-kill-ie6


There is a reason I am specifically talking about security team members.


They got lucky with positive press before they were discovered. The article you link to notes:

> If this went at all wrong, a number of us would surely be fired.


It was a configuration change so there were no dangers adding it, so she being a security engineer isn't relevant. The right punishment would be to tell her what channels she can use to send union messages and tell her to just do security related popups in the future. If she continued sending messages like this then fire her, but it is dumb that she got fired over something that would take literally 5 minutes to fix.


Configuration is code. Many an outage has been caused by a bad configuration push.


Configuration which consists of an url and a message to display on said url is not that kind of configuration push.


It's extremely relevant I will reiterate I know literally 0 large companies where this would be tolerated from a security team member.


Google did tolerate exactly the same kind of behavior from the internal OS distribution team before, you could argue that security is even more important there than in a browser plugin.


I am not a Googler but I reiterate I know exactly 0 CSOs that would tolerate this. You providing an example outside of security team kindah reinforces my point.


The internal OS distribution team is a security team. They ensure that the OS everyone at Google works on and run their code on is secure.


They report to CSO ? Would be pretty unusual again not a googler but normally that would not be part of security team


Google has a lot of security teams since they do all of their infra themselves. The people who push security patches to peoples OS's is a security team, and they used that channel to push a message similar to this.


Part of the job was writing precisely that sort of pop-ups.


No, part of the job was to write pop-ups related to _security_ not to random things.

This was absolutely off limits.


from an outsider perspective i can say that to me This is a security tool and it should show popup for restricted sites and/or flagged sites. if its intent was a general notification extension like office emails etc , nobody would have cared. But since it is a security tool even if your action is not malicious the expectation of security only updates is breached, which is what i believe is the core issue. More so the employee is a security engineer, the fact that this is most likely something they would be aware of and proceeded to do this change anyway is something which is extreme-ly worrying. It raises all sorts of questions like how safe is google infrastructure from rouge employees and how does this affect data collected by google and handled by googlers.


> "Yeah let's be real, if she programmed a popup to appear over twitter with a message like "Don't slack off dummy UwU" and or something equally ill informed she would have been rebuked at worst."

What? Granted, I've only worked for large businesses but that would be grounds for immediate termination at any company I've ever worked at.


From her description of her job position it seems like programming a popup to appear over twitter with a message like "Don't slack off dummy UwU" was exactly what Google wanted her to do in her job.

> As a security engineer who worked on the Chrome browser’s use within Google, Spiers wrote browser notifications so that employees could be automatically notified of the company’s policies and guidelines as they browse the internet. Spiers said that engineers regularly implement such code changes to make their jobs easier and share personal interests.

But programming a popup to appear over a union busting law firm website with a message that such and such law exists was not.

> Spiers wrote a few lines of code that created a pop-up message asserting Google employees’ labor rights whenever her co-workers visited the consulting firm’s website or Google’s community guidelines. The message reads: "Googlers have the right to participate in protected concerted activities." The pop-up would have been visible to anyone at Google. > https://www.vice.com/en_us/article/jgexe8/google-fired-an-en...


I agree that "Don't slack off dummy" would have earned a rebuke, but I wouldn't be surprised if any controversial political activist message would have been grounds for termination, especially with Google's new policy regarding political activism in the workplace. She would likely have been rebuked if she had just posted a flyer in the cafeteria, but she modified an internal tool.


> The fact that 2 coworkers were fine with your change doesn't mean it was made in good-faith

The standard for whether a company is legally allowed to fire an employee for organizing isn't whether their action is in "good faith", but whether their action is concerted. The fact that it passed code review is therefore critical evidence.


IANAL, but California is an at-will state. Again, IANAL, but my educated understanding is that you can fire someone for any reason as long as the reason is not illegal. Lastly, IANAL.


But IANAL firing some one for telling their co-workers about their right to unionize is an illegal reason to fire someone. I'm not completely convinced that's what happened here but still


Technology makes a lot of these good intentioned laws hard to interpret. You cannot be fired for telling your co-workers that they are allowed to unionize. What if you work for a call center, commandeered an auto-dialer, and called every co-worker in the company with the same message? What about a popup on every page of an internal company website? Is someone allowed to stand up in the middle of the office with a megaphone and tell everyone they can unionize?


> What if you work for a call center, commandeered an auto-dialer, and called every co-worker in the company with the same message?

The law already covers situations like this, in terms of whether or not employees are allowed to use the internal technology tools of their employers in order to organize.


So what does the law say?


Organizing is protected by law. Firing for organizing is intimidation.


Yep, that's what's contested here and is unclear.


Is using whatever mechanism is available to you, including company privileges, in order to organize perfected by law? As a customer support person, would you be able to add "you have the right to sue Google," simply because they did have the right, and I felt like it? Am I allowed to write a script that helps draft automated verbiage to assist you in suing Google?


Right, but retaliation for engaging in a concerted labor effort is specifically an illegal reason to fire someone.


> Prefixing this by saying I am not siding with Google (since people make assumptions).

Prefixing this by saying I'm not making an assumption about who you're siding with, but offering my opinion on the argument you're using.

> The standard approval process sounds like most merge review processes on any engineering team. There's a sort of assumed good-faith for this process. The fact that 2 coworkers were fine with your change doesn't mean it was made in good-faith and was within the bounds of normal types of changes.

Other people have already argued about whether what she added to the extension is in line with the purpose of the extension and whether it was within her purview.

Regardless of that, I would like to point out that we're not hearing that these two coworkers -- or anyone else involved in the process -- have been fired. Only Spiers. If the concern is really about the security and the trust, why is one person singled out?


She went through the corporate approved process with her changes. Her only mistake here is being pro union while Google is decidedly anti-union and pro-worker-abuse.


I don't know how this works where you are, but when I'm asked to review code for someone, that's exactly what I do but also only what I do - I don't ask them if they have a design document for the change or approval from the features team. It's not my job to verify that.


They approved the code that implemented the feature, but I doubt they were responsible for approving the feature to begin with.


Yikes make room for someone who wants to do the job


I have to agree. I'm all for unionization in our industry to improve employee leverage and even more open compensation sharing to help drive comp up... but this is a step too far. Pushing your message in this fashion is clearly irresponsible no matter how "by-the-book" it is.

With that said, the organization and orchestration problem for movements is a very real problem (finding the correct people and disseminating information). This is something businesses are well aware of and they use that to their advantage.


It's an even harder problem when the employer is firing people for trying to organize.

Change the words in the message, and I can't imagine it being anything but a reprimand, at worst. This is a message to other employees that organizing gets you fired.


> There's a sort of assumed good-faith for this process.

I don't understand why two people sign off changes if they assume the person making the changes isn't going to make errors or be "malicious". And I'm not sure why two people sign off changes instead of just one. There's a well understood problem when you have more than one person inspecting product - they both assume the other person is competent and will catch anything they've missed, and they each do a lighter inspection.


>And I'm not sure why two people sign off changes instead of just one.

Because more eyes catch more bugs. I work in a time like this where we have 2 or even 3 people review stuff; it's extremely common for one engineer to miss stuff that another one catches. It's particularly notable I think with junior vs. senior engineers: I think you really need at least one senior engineer reviewing everything before a merge, but you don't want to keep junior engineers out of the process because then they'll never learn. With trivial tickets, however, you can relax this rule and just have one person review before a merge.


> Because more eyes catch more bugs.

But for product inspection we have pretty good evidence, from millions of human hours of factory work, that it's a bit more complicated.

X makes a widget, and sends it for inspection by Y and Z. Y has a look, but assumes Z will catch anything that Y misses. But Z also assumes that Y will catch anything that Z misses.

You end up with two people doing a superficial inspection and missing problems.

Of course, that's only if they're doing the same inspection twice. If they have different and clearly defined inspection roles the two inspector problem doesn't apply.


If you need 2 approvals at Google, then usually 1 is for readability in a specific language. I.e. one of the reviewers is understood to mostly be looking at code style and not domain logic.

In my experience, you more often get the other phenomena where all reviewers (and some other people who get automatically CC'd) dogpile the review and you potentially have too many comments. Or someone ignores the review and it never gets approved. Cursory reviews were basically never a problem.


Technically it worked so the approvals would have gone through. These people would not have direct insight into her business objectives or intent.


[flagged]


No, it really depends. It's easy to overlook stuff on a merge request. I'd interview both of the reviewers, and with them look at the actual MR and see what they were looking at, and ask them how they missed this and why they thought it was OK to merge.

I've seen some pretty glaring stuff get through a review process, particularly with junior engineers.


Everywhere I've worked, "signing off" on the changes just meant we were OK with the technical implementation. Unless you were junior, you were trusted to have approval for the purpose of the change.

A change like this, which was linking to an official policy document, wouldn't have raised any eyebrows.


I think the punishment is warranted for the fact that it is an internal security tool. I don't know of any large company that would allow this kind of code commit without that level of punishment being taken. She was trying to be sincere in her actions but comes off as completely naive that what she was doing was a serious violation. I don't see her winning this to any degree and at 21 it will be a big learning lesson.


That just means the code was made to quality standards, not that the she had authority to make that kind of feature modification without approval. In a less technical analogy, just because you have a right to put up flyers doesn't mean you have the right to use the company paper and printers to make them.


Let me preface this by saying I think what she posted is true, employees have a right to unionize.

That said, it seems kind of strange, if this was a better way to post something than the cafeteria, that she added it to the union buster's site, though. Wouldn't only execs and management hiring the union busters go there? Seems like it was a way to argue back with the execs who hired the union busters by essentially defacing the union busters site?

She probably pissed off a high level exec who hired the union busters in the first place and was fired by their order. She was making all the management who visited their site see her notice, and some management obviously support the union busters since they hired them in the first place...


It's still worth discussing if their reaction warranted the offense. Would they have fired her had she added a pop-up on Earth Day encouraging employees to recycle? Or would she have received a slap on the wrist for that. In other words, how much of what she was advocating was part of the decision to fire?


The particular popup looks pretty official and scary as security popups should.

And portrays that Google management is endorsing this instead of a grassroots poster.

IMHO this is at minimum a misrepresentation case. And I would be pretty pissed if it was used for Earth day. Don't mess around with crying wolf.

Working for Google.


> The particular popup looks pretty official and scary

It's warning of a legal obligation. Is that not enough of an "endorsement"? And it only pops up if you visit the website of a consulting firm that some say has breached these obligations in the past. It's hard to think of a better way of targeting this warning.


Based on what I'm reading here, firing somebody that early in their career is cold and Google deserves all the criticism it is getting lately for basically being a combination of tone deaf, insensitive, overreacting (or shall we call it panicking?), and biased to doing things most of their own people would simply characterize as "the wrong thing". In jurisdictions outside the US, this kind of random act of corporatism could end up being very expensive. Firing people without good reason is a not a thing that holds up in court and this looks like it doesn't stand much scrutiny.

Also, this seems like it is policy rather than an isolated incident. I'd suggest fixing it by maybe correcting people up the food chain. Google is a long way away from their don't be evil motto when they were young, naive, and producing lots of cool new products and services because they weren't held back by corporate idiotism and political correctness.


Does it matter? If she used Google resources in a manner not company-approved, and if labor law doesn't recognize using a resource like that as a protected communications channel, like they would a company break room announcement board, why should Google be subject to a neutrality test? I support unionization, but I don't see what legal ground she has to stand on here.


The firing might hold in court, but to be frank there is no way she would get fired over something like this if it was not related to unionization or other anti corporate messages. Google is typically very lenient on harmless offences like this which is why the firing is a surprise.


>Google is typically very lenient on harmless offences

I know somehow who got fired from Google for taking a half gallon on milk home, because it was late and he didn't feel like swinging by the grocery store.


That is a good question. Is this a fireable offense regardless of the content? If not, what kind of content is fireable, subject matter that is political, religious, vulgar, or offensive?

Putting this into an internal tool does seem unprofessional in my opinion. Why bite the hand that feeds you?


Why bite the hand that feeds you?

Why the struggle, why the strain? Why make trouble, why make scenes? Why go against the grain, why swim upstream? It ain't, it ain't, it ain't no use You're bound, you're bound, you're bound to lose What's done, what's done, what's done is done That's the way the river runs

So why get wet? Why break a sweat? Why waste your precious breath? Why beat your handsome brow? Nothing changes, nothing changes, nothing changes Anyhow


i get the sentiment here, but i think i prefer machiavelli's way of phrasing it: do not strike your opponent a blow they will recover from.


I like this. Where is it from?

In response to it: You can't apply this to everything, you need to pick you battles. There might be better means to an end.


Unionising is a pretty good means to improve your working conditions though.


Does Google not have enough vegan options in the free cafe?


Why are you mentioning veganism in a conversation about unionizing?


The parent comment said:

> Unionising is a pretty good means to improve your working conditions though.

Google has some of the best, if not the best working conditions out of nearly any job for the rank and file employee.


> I like this. Where is it from?

It appears to be from: https://en.wikipedia.org/wiki/Hadestown_(musical)

It looks like it's sung in the voice of the Fates from Greek mythology.


It's from Hadestown by Anais Mitchell. Amazing album.


>Why bite the hand that feeds you?

I would say that better you would ask , was this the right time to bite the hand? Because there are good reasons to do it, like if uber self driving cars developers would have done something instead of disabling safety features and lick the hand that feeds them.


I assume that she was an at-will employee, and this does not fall under the rubric of 'protected activities', so they can fire her for any activity.


Exactly. What if the pop-up just said “not using disposable cups helps the environment”, or “the Holocaust happened”. Or even something like “Trump is a bigot”. Would she have got the sack? This is the true question. She was just stating a fact...


> Or would she have received a slap on the wrist for that.

Or would she have received a pat on the back, given that she went through the Standard Procedure for adding a feature to the browser plug-in?


Sounds like she went through standard procedure to add code, but the feature was not sanctioned by management....

i.e. if you work on a payment system, add you add code to siphon sub-cent rounding "errors" to a "settlement" account, said code may pass review (because it looks legit to code reviewers), but I bet management would be pissed at the change if not prior approved.


So do nothing until management orders it, is that how they want it now? This is what they'll get!


Not cool to equate a notification of rights, to a crime (theft).


If you further read the article, she went through the standard approval process for changes. She did it by the book. That's hardly "injecting code".


> Spiers, 21, said she went through the standard approval process, which requires two co-workers to greenlight changes, before updating the Chrome browser extension

That sounds like code review approvals, not actual project/management approval of the 'feature'.

We have the same: Cannot commit any code change unless 2 other team members have reviewed it. That has nothing to do with having actual project/management approval for the change.


I'd agree, it sounds a lot like a code review, but at Google that was also the approval standard for deploying such an extension.

I don't really see how Google could be in the right here though. If they have an internal program for creating alerts/extensions for specific websites, and Spiers followed the normal procedure for adding such an extension, there doesn't seem to be a problem. The only problem is Google being anti-union, and retaliating against someone for quietly promoting unions in line with existing policies seems a lot like illegal retaliation.


You added your personal code to a browser extension..

I can't see how google is in the wrong. Unless google allows anyone to change this extension for personal reasons and they only flagged her. Could someone change it to let everyone know they are selling cookies or accepting donations to their church.


From what I understand this is actually how google communicates policies and the like via their employees, for which it is legally required to notify such employees via electronic medium if electronic medium is the primary communiation factor. This is based off of the engineer's medium article though.


That's not how Google works. She mentions in the Gizmodo article that she had ownership over these files, which isn't given out casually. Creating these policy notifications would have been a core part of her work.


Right, but her job was to advise about company policies, not her own personal politics.

It's incredibly obvious this was a violation of her fiduciary duty.


The tool was for privacy and security, not advocacy right? Sounds like she abused her position as a security engineer.


If indeed the extensions were only for security/privacy notifications, I would categorize what Speier did more as off-topic. That would be maybe something deserving of a correction not outright termination.

The fact that the message was about employee labor rights means that Google might be in a precarious legal position


How on earth is being notified of your legal rights "advocacy"?


So this individual could have posted the 2nd Amendment in there and it wouldn't be advocacy? /s


I think the difference is that Google is a lot less likely to infringe on employees' right to bear arms than they are their right to organize, especially given that this message literally appeared on a website of a firm Google hired specifically to suppress organization


Is a sarcastic response a good faith argument?

I have a poster here in my home office that was mailed to me by my employer's HR department. It advises me of all my rights under state and federal labor laws: equal opportunity, workplace safety, minimum wage, etc. In my mind, it is not at all inappropriate to advise employees of their rights. In fact, the only reason I have this poster is because state and federal labor laws require such notices. Those laws and those requirements are written in the blood of all the serfs, children, and laborers who couldn't earn living wages or who were forced to work at a tender age or who were injured due to corporate malfeasance. The freedom of association is likewise recognized as a right inherent to all people, and its protections were likewise bought with blood. We should all be reminded of our rights and the reasons we safeguard them. An employer who tries to interfere with its employees' freedom of association only seeks to exploit them. If it treated its employees well, it wouldn't need to worry about organized labor—and its employees wouldn't need to organize in the first place.


It might help a lot if someone leaked the internal repository for this extension... sorry I meant, if Google voluntarily shared the repository for this extension, so that we could see what it was commonly used for.


> but at Google that was also the approval standard for deploying such an extension.

If Google allows any team member to freely push changes without formal change request, it has to be implied that changes must comply with the scope of the project, company policies, professional standards, etc.

In any case, my point would stand: It does not sound like she had actual project/management approval.

To play devil's advocate, the 'approval' she got does not absolve her (if we suppose that she did something wrong), it just means that the coworkers who approved the change are also in hot water.


>but at Google that was also the approval standard for deploying such an extension...I don't really see how Google could be in the right here though.

I don't see how Google isn't in the right here. The approval process for this security tool was designed to minimize red-tape and maximize contributions because the goal was security, and the assumption was that the lax process wouldn't be abused. The clear intent of the tool is not to push the political agenda. It was there to warn about security-related issues while browsing. She abused the process and deserved to be reprimanded.

Here's an example .. like most companies we have a wiki that anybody can edit. The intent is to get contributions from everybody around product-related issues (e.g. debugging a particular problem, how to configure the product for a specific use-case). Nobody polices usage of this wiki, and the wiki has no specific access controls to bar any individual from editing any page. Certainly though if someone started putting in notes at the top of some of the pages to push a political agenda that would be an abuse of the process, wouldn't you say?


> Certainly though if someone started putting in notes at the top of some of the pages to push a political agenda that would be an abuse of the process, wouldn't you say?

Just to be clear: the message she communicated wasn't about some divisive social issue, it was warning employees to not break federal labor law.

https://miro.medium.com/max/2000/0*1BTVYLTvuHiJVvp_.jpg


>Just to be clear

Then be clear. We both know what she was doing, why be obtuse?

This was an activist power-play. Every article that is written about this lists the action as activism. Again, why pretend otherwise?

But if you want more clarification: it's not her job as a SECURITY ENGINEER to send warnings about federal statue compliance through a security tool. I also have yet to have anybody demonstrate that Google was breaking any federal law, and I highly doubt they would. They have entire departments that deal with legal complience.

And you linked to a labour consulting company website, which I take is where this actvist decided to helpfully issue threats to senior management through the security tool she was tasked with maintaining so they think twice about contracting them.

This is a such a clear violation on her part that I am flabbergasted that you would actually defend the move. She deserved to be fired for her arrogant stunt. You don't get to dictate compliance policy (as an early 20-something tech-sister, who knows nothing) to a company employing 50,000 people.


> This was an activist power-play. Every article that is written about this lists the action as activism. Again, why pretend otherwise?

When you use the words like activist and activism you evoke images of people pushing for new things that are politically decisive in some way.

The message she got fired over was expressed pretty settled interpretation of federal labor law that Google recently agreed to disseminate. It's like calling it an "activist power play" to remind the government of the First Amendment when if it tried to censor something or other. It's a stretch.

If anyone's being activist, it's the people who are trying to treat the expression of those rights as some kind of inappropriate activism.

> I also have yet to have anybody demonstrate that Google was breaking any federal law, and I highly doubt they would. They have entire departments that deal with legal complience.

Why do you "highly doubt" Google would break the law? In the past they've broken federal law in pretty obvious ways over labor practices.

https://www.theguardian.com/technology/2014/apr/24/apple-goo...

They've also been forced to display the list of rights in question as part of a settlement with the NLRB:

https://www.cnbc.com/2019/09/13/googles-settlement-on-speech...

Apparently that list is what the notification in question linked to.

> And you linked to a labour consulting company website, which I take is where this actvist decided to helpfully issue threats to senior management through the security tool she was tasked with maintaining so they think twice about contracting them.

I linked to a screenshot of the message we're actually discussing. You can see the so-called "threat" yourself:

> go/nlrbnotice Policy

> Do not violate go/nlrbnotice. Googlers have the right to participate in protected concerted activities.

> View Policy

> This is a such a clear violation on her part that I am flabbergasted that you would actually defend the move.

Black people sitting at lunch counters was once "such a clear violation" of corporate policy, too, but it was pretty defensible, no? Sometimes you have to take a broader view of something than whether it violated policy or not.

I'm not saying this action is fully equivalent to a lunch-counter sit-in, however I do think Google's reaction here was unsupportably harsh. The worst they should have done was issue a reprimand. I'm also "flabbergasted" by the over-the-top condemnation of this engineer's actions.


>When you use the words like activist and activism you evoke images of people pushing for new things that are politically decisive in some way.

Because that's what you are when you co-opt an internal tool to put up messaging over the web page of the consulting group that works with your employer. She knew what she was doing. She knew it was a political statement. She may even have even wanted to be martyred.

>The message she got fired over was expressed pretty settled interpretation of federal labor law.

She didn't get fired for her message even though you're trying to spin it that way. The medium matters here. You don't get to co-opt internal tools to post your interpretation of federal labor law, or to send a message to the management team, or whatever else her motivations were. That's why she got fired.

>What are you talking about? I linked to a screenshot of the message we're actually discussing. You can see the so called "threat" yourself:

I know exactly what she did. She made a political statement about a labour consulting group (that they can or do infringe on federal law) and that was directed at least partly at executive management (who else is going to work with IRI Consultants and browse their page). This was a purposeful activist power-play.

The gaslighting that you're engaging in is offputting. This kind of thing would have gotten her fired from pretty much every company in the country and for good reason - she's untrustworthy and cannot seperate her job as a Security Engineer from her activism, and I'm sorry you can't see that.

>Black people sitting at lunch counters was once "such a clear violation" of corporate policy, too, but it was pretty defensible, no?

She's not a black person during Jim Crow era. She's not oppressed, and it's offputing that you would even make that comparison. She's a bay-area engineer who was making a very good salary and betrayed the trust that her position entitled her to.

>I'm not saying this action is fully equivalent to a lunch-counter sit-in,

I hope not because that would be insane.

>The worst they should have done was issue a reprimand.

That's your opinion. I think she deserved termination. You don't want this kind of person on your security team. You cannot trust her to seperate activism from work.

And it is interesting that you can claim that she did nothing wrong, and at the same time understand why she should be reprimended.


> You don't get to co-opt internal tools to post your interpretation of federal labor law, or to send a message to the management team, or whatever else her motivations were. That's why she got fired.

> This kind of thing would have gotten her fired from pretty much every company in the country and for good reason - she's untrustworthy and cannot seperate her job as a Security Engineer from her activism, and I'm sorry you can't see that.

What Google-specific support do you have for this, than post-hoc rationalizations based on her firing? Every indication I've seen has told me that Google has developed a very unique corporate culture, which makes inferences from "every company in the country" suspect.

I can definitely see your position (which approximately seems to be: a worker's primary moral obligation is to serve his employers to their satisfaction during his employment. Assertion of his own rights on work time with work resources is a severe moral violation as it puts the workers' interest above the employers'.), I just disagree.

> She's not a black person during Jim Crow era. She's not oppressed, and it's offputing that you would even make that comparison. She's a bay-area engineer who was making a very good salary and betrayed the trust that her position entitled her to.

I'd say she is oppressed, just in a different, less-severe way than black people during the Jim Crow era.

> And it is interesting that you can claim that she did nothing wrong, and at the same time understand why she should be reprimended.

Really? I thought it was pretty widely understood that morality and law are not the same. You can have immoral things that are legal, and moral things that are illegal. Corporate policy is a weak kind of law that has even less claim to respect than federal and state law.


>What Google-specific support do you have for this, than post-hoc rationalizations based on her firing?

That's not post-hoc rationalization. That's the stated reason. That's also clearly the reason if you take an inventory of the facts on hand.

>Every indication I've seen has told me that Google has developed a very unique corporate culture

Yes, "unique" just like every snowflake is unique. And "Unique corporate culture" doesn't mean you can do whatever you want, as James Damore found out. And yes, her actions (not anybody elses) led to her termination, as would have been the case in every other company.

>I can definitely see your position (which approximately seems to be: a worker's primary moral obligation is to serve his employers to their satisfaction during his employment. Assertion of his own rights on work time with work resources is a severe moral violation as it puts the workers' interest above the employers'.)

That's not my position and I don't appreciate this distortion.

And no, she's not a moral arbiter of Google. She doesn't have the right to assert her interpretation of law and morality on the entire corporation. Maybe she thinks she was doing a moral action (though I would argue her action is narcissim and attention-seeking), but Google employs tens of thousands of people across the world, with different religions and politics and beliefs. You don't get to co-opt internal tools to advocate for Jesus Christ as your saviour (and what could be more moral than saving people from eternal damnation) just because you think that's the moral action.

>I'd say she is oppressed, just in a different, less-severe way than black people during the Jim Crow era.

Talk about an understatement of the century. She's as much oppressed as a grounded teenager, which, you're right, on the oppression scale is "less-severe way than black people during the Jim Crow era".


> That's not post-hoc rationalization. That's the stated reason. That's also clearly the reason if you take an inventory of the facts on hand.

The stated reason can obviously be a post-hoc rationalization. It's entirely possible that she crossed a line her employer drew after the fact.

> That's not my position and I don't appreciate this distortion.

Well, if you could clarify, that would be great. It's clear to me that there's some moral component to your position, given your language:

>>> she's untrustworthy

>>> [she] betrayed the trust that her position entitled her to.

> She doesn't have the right to assert her interpretation of law and morality on the entire corporation.

(I should note that it's not her interpretation, it is the law.)

> I would argue her action is narcissim and attention-seeking

I does sound like you feel that her overriding moral obligation was to serve her employers to their satisfaction, and that it was a strong moral violation to take a fairly anodyne action that caused her employers some discomfort. No money was lost, no security systems breached, no confidential data exposed. The only thing that happened was a few people saw a required legal notice that her employers would rather have people forget about.


Did you read what the extension is for?


For anyone else who didn't get that far the first time:

> Spiers' pop-up message was inserted into a tool that notifies employees of privacy and security concerns about using non-Google tools and services, like warning employees not to upload proprietary information to Dropbox, Spiers said. The tool is managed by the platform security team, for which Spiers worked for almost two years as a security engineer.

So, seems like the bulletin was pretty far outside the intended function and should have required more than a code review. I wonder what will happen to the people who accepted the patch?


Exactly what does union activism have to do with security and privacy of potentially dangerous websites?

I’m surprised how many people are jumping through hoops to defend this sort of thing.


If the message was "I baked cookies, come by my office if you'd like to try some" do you think this person would similarly be fired? A person that was recently promoted, was designated as a high performer, (and I have nothing to back this up but seemed strategically recruited since they did not fit the google mould as a high school drop out?)

I think a reasonable reaction would be to remove the message from the extension, put in place a better review process, better training and possibly some minor negative comments at review time.


> If the message was "I baked cookies, come by my office if you'd like to try some" do you think this person would similarly be fired?

No, but I think they'd similarly be fired if they had written an anti-union popup. (Indeed, if someone wrote an anti-union popup and weren't fired for it, I expect that would itself have made the news as a "Google hates unions" story.)


> "If the message was "I baked cookies, come by my office if you'd like to try some" do you think this person would similarly be fired? "

Yes, immediately and for cause. Internal business apps at large companies are not your personal playground.


>If the message was "I baked cookies, come by my office if you'd like to try some" do you think this person would similarly be fired?

Yes I do. 100%.

>put in place a better review process,

This is your solution? The process was intentionally lax so that you wouldn't have too much red-tape when soliciting contributions. The assumption was that this wouldn't be abused by your Security engineers(!!). Your solution to this is to make the process more onerous because one individual couldn't behave like an adult? How about you keep the process as is and you fire the individual who couldn't differentiate activism from security work.


That extension is not limited to privacy and security concerns. One of the sites the extension warns about is Dropbox, and few people would seriously describe Dropbox as inherently insecure or as violating privacy. What is true is that some interactions with Dropbox may be in breach of other existing policies that Googlers must follow, such as wrt. proprietary information and the like. Googlers are also required not to violate labor law.


Dropbox has total access to your unencrypted files. That 100% fits the criteria. Especially in regards to file-access between potentially competing megacorps.

Again with the jumping through hoops...


> Dropbox has total access to your unencrypted files.

The application maybe, depending on how you set it up. Not the website itself.


And I’m sure the law firms homepage wasn’t turning people who visit it into antiunion drones either. What’s your point?


I did but I still have to say it sure sounds like a code review process she went through, not a new feature addition she went through. Although generally I wouldn't approve code unless I could figure out what feature it was related to so I also think huh, maybe it was okay by Google's inner processes - the workings of which I a not informed of.


The extension was specifically designed to notify Google employees about problematic reliance on non-Google services. Seems like her warning fits that use case. How is "warning about Dropbox" any different from "warning about X management consulting firm"?

Edit: Her warning literally said: "Do not violate NLRB notice. Googlers have the right to participate in protected concerted activities." (see screenshot in article, bottom right.) This is something that Google is already obligated to acknowledge under labor law. They're simply shooting the messenger.


[flagged]


This comment breaks the site guidelines against insinuations of astroturfing. Would you please review them and stick to the rules when posting here?

Comments having divided opinions on a divisive topic is the most common thing on the internet. There's no need to torture Occam.

https://news.ycombinator.com/newsguidelines.html


I'm sane, and don't want to join a union (I'm not against them in general; there are certainly fields where they make sense). I don't know if your question was serious, but in case it was: I don't feel like my employer is a rival or an enemy; I feel like they are a partner in our mutual goal to make a lot of money. I've never worked at Google, but I've worked at similarly famous large companies, making several times more than any reasonable person would think the average programmer was worth.

To the extent that unions would make the company able to make profit less efficiently, for example by making it harder to fire poor employees, it would have been against my own interests.

I also totally never felt that there was a power imbalance between me and my employer. I got to work whenever I wanted, worked on whatever I wanted, left whenever I wanted, and when I got burned out and started disliking the job, I quite easily found a job somewhere else. Again, probably different for non-software-engineers, but it's not hard to understand why many of us feel no draw to unions.


> I don't feel like my employer is a rival or an enemy; I feel like they are a partner in our mutual goal to make a lot of money [...] it's not hard to understand why many of us feel no draw to unions.

It's hard for me to understand when you look at other similar industries. We're not talking about blue collar unions here: we're talking about white collar unions. They're very different.

Take Hollywood as an example. You have incredibly wealthy individuals who are all members of unions. Kevin Feige makes Disney billions of dollars, but he still pays his PGA dues.

The purpose of unions like the WGA, PGA, DGA, SAG, and Equity aren't to "make it harder to fire poor employees" - they're to provide equal protection to all members regardless of whether they're making millions upon millions of dollars or just getting started in the industry.

Sometimes I feel people in tech forget there is a highly skilled, highly unionized industry just a few hundred miles south of Silicon Valley that seems to be doing OK. Is it perfect? No, definitely not. Is the film industry better to work in with the unions than without? Almost certainly yes.


I'm very pro-labor union, but life as an actor or screenwriter is considerably more precarious. Each job you get lasts only as long as the movie you're currently working on does. Once the movie's done, you're out of a job again. A SWE doesn't experience the same level of chaos, unless they're freelancing.


Maybe not much more. The era of spending your life at a company is long gone, and the role of a distinguished senior engineer over 50 is evaporating. And the number of people who have been screwed out of their options on HN have been too numerous to count.

Yet demand for software engineers are higher than ever. It seems like market forces should counteract these issues, however SV is impervious to these issues.


Well, let me turn the question around. Imagine I was a generally happy mid-level software engineer, making $400k/yr at Google. How would a union help me?


By giving you greater control and direction over the nature of the company, the kind of work they do, and who they work with, to check executive power from engaging in short-sighted or immoral behavior, to provide you with an alternate route for addressing workplace discrimination or harassment, just to begin.


A union doesn't give me, personally, any control or direction or checks on executive power. Union leaders have those powers. And it's not obvious to me why the union leaders would be any more aligned with my interests than management is.


Those union leaders are hopefully elected by employees (otherwise, how do they get to be leaders?) so you can align the union leadership with your interests by voting for someone whom you trust to represent you. Of course you don't need that if management is also elected, but I don't know of any company that does that.


It's not about whether I trust the leaders. Even if they're trustworthy, their job is to work for what's best for the union as a whole, and that's often going to be different than what's best for me. As anyone who's worked in big companies can attest, there are all sorts of ways that facially universal policies can have disproportionate impact on specific people or teams.


Aren't those industry wide unions whose main purpose is to set wage floors because there are so many people desperately trying to get into the industry that without them, employee conditions would be terrible for those just starting out? I don't think that is a problem for programmers and it is way different than a company specific union.

If you want to start an industry wide programmer union, by all means, start one and then try and get people to join it. I'd love to hear what benefits you think I would get by joining an industry wide programmer union.


They specifically made that illegal with Taft-Hartley because of the political power available to workers by allowing it. Most labor parties in Europe actually arose out of these unions, for example.

The WGA was grandfathered in with the law, but you’re not allowed in the US to create sector wide programmers union. It is cool to imagine what you could accomplish with sector-wide software strikes though.


Hollywood might not be the best example of unions' effectiveness, given the revelations of the Me Too movement.

Have you considered using the AMA or similar in your examples instead?


What, the fact that Hollywood highlighted a society wide problem should be counted against it? Or do you honestly think that sexual harassment by exploiting power imbalance only happens in Los Angeles?


I'm saying protection against having to have sex with your boss to get work is MVP worker protection.

And so if someone wants to convince people how effective unions are at worker protection, Hollywood's unions aren't the most convincing example.


Well those industries are not comparable. One random example - our flexibility to change jobs in IT is almost unheard-of. We can literally spin the globe and go work almost anywhere. The only hurdles are immigration rules and possible language barrier. Most of Hollywood jobs would struggle in most places.

Another personal view - as somebody from Europe, I really don't feel any need for any unions. I am not trembling from fear that I will get fired. If I will, there will be good reasons (my poor performance or employer getting into financial troubles). For me, that's a good trade-off for extra pay and interesting work. When I was consulting, I had nano-fraction of current job security, but again it was offset by salary. Again, fair deal for me and for employer too.

Another reason - anytime I even remotely interfered with Union people in my previous jobs, they literally reeked of internal politic games, keeping their comfy jobs as safe as possible. You get this kind of folks in any company, even in my current one, although we don't have unions. They try different ways (ie managing pension fund or other 'political' positions that require little work but add friction to firing process). Needless to say they are never stellar performance workers.

This all obviously doesn't say anything about Google or generally SV culture, my experience is local to 3 European states only, and cca 6 companies.

We in IT are vastly overpaid compared to any other engineering degree holders. Not complaining, but its a fact. Just talk to other engineering folks. High salaries and positions can be achieved quickly, not over 30 years of gradual rise of staying within same company.

If/once market saturates and salaries go down significantly, there might be more need for unions. But most folks are not there I think.


>I don't feel like my employer is a rival or an enemy; I feel like they are a partner in our mutual goal to make a lot of money.

It's hard to concevive of a more asymmetrical partnership, and a partnership in which one party uses all their power, legally and socially, to increase the intensity and duration of work, and dictates the method in which it is done.

evan_ 36 days ago [flagged]

> I feel like they are a partner in our mutual goal to make a lot of money.

Your employer doesn’t feel that way.


Of course they do. They wouldn't hire you otherwise.


They hire you to make money off your labour, and pay you less than you make them, none of that involves "partnership".


"They" organise the workforce and find/reach a market for said labour. Is your assertion that this has no value?

Understand: I make no claim that malevolently exploitative companies don't exist; of course they do.

But your position seems to be that any company that makes any profit is malevolently exploitative.


So what?


> It feels like a lot of astro-turfing going on here. Why would any sane person be against unions?

Going to work without a union is like going to court without a lawyer. Are there incompetent lawyers? Does it cost money to hire a lawyer? Of course, but that doesn't mean it isn't a stupid idea to try to represent yourself pro se.

Unfortunately, workers in the US have been the subject to the equivalent of a fifty year propaganda campaign bankrolled by prosecutors (business owners) to convince people they're really better off if they represent themselves in court pro se (without a union). The sad thing is the campaign has worked surprisingly well.

Dropping the analogy, I think many tech workers are treated relatively well for now by employers. Sort of like a well-treated personal assistant to the boss, who is comfortable and has their small privileges compared to those in the factory floor, and therefore feels like they're more like a boss than a worker, even though that's not at all the case.

The startup ecosystem has also encouraged tech workers to think of themselves as future bosses rather than present-day workers, so they favor the policies they imagine their hypothetical future selves benefiting from, even though it hurts themselves and their friends today.


If you want that metaphor, going to court with a union is more like having one lawyer trying to get the best deal for 5 of his clients, even if one is innocent and the other 4 guilty, he would decide instead for a plea deal where all 5 do minimal time. 4 get better off, 1 is fucked and can't really do anything about it.


> having one lawyer trying to get the best deal for 5 of his clients, even if one is innocent and the other 4 guilty

That's stretching the analogy too far, and adding biasing details to force the impression that unions are bad.

Here's another analogy:

Going to work without a union is like going to war without any military organization. If your enemy is well-organized, how smart is it for you and your fellow soldiers to attack individually in an uncoordinated way without any overall strategy?


re: lawyer one. I am not biased and I am not against unions, but I live in a country where as some others mentioned, they are basically political tools for some small group (or in public unions, actual political parties). I am pro-union, but I believe that outliers or top-performers will be fucked in a union world. (And low performers will be safer). I make about 7-8 times the average salary for my country, and 5 times the average salary for a senior software developer. This is due to my years of developing connections and the fact I deliver quickly and well. From my experience with unions, I might even be at the top of the scale in their 'grades' but I would never be able to get to the multipliers I am making if I didn't have the power to negotiate my contracts myself. Sure it sucks for others that don't have this possibility, but I won't sacrifice myself for that.

That is perhaps a better analogy indeed, but still lacks a bit since each 'soldier' has different goals and capabilities, which may be curtained by if they organise. And the 'enemy' still requires you to cooperate with them at the end, to come to their side and help them achieve their goals, which again, would probably mean you would be fucked if you were fighting alongside, and midway decided that the 'enemy' was actually right and you wanted to work with them.


I understand and agree with many of those points. I think that if software engineers unionize, there should be a lot of innovation and experimentation in union structure and practices to address them.

The other thing is that I see a lot of criticism of some practice or other of some particular union inflated into a critique of unionization in general. I object to that because 1) it often echos management's anti-union propaganda talking points, and 2) it denies the possibly to innovate in the area of worker organization. I think there's a lot of value for workers in worker organization, even for high performers, and I think that needs to be the focus.


> Why would any sane person be against unions?

I have no horse in this race. But as a counterpoint, pretty much everything in New York is more expensive due to heavy unionisation, particularly around construction and public services.


There's a lot of other reasons stuff is expensive in NY. Europe is heavily unionized and somehow they still manage to build subways at a lot less than $1 billion per mile.


Unions are a big, big reason stuff is SO expensive in NY. They have to have 4 times as many employees doing construction as in Europe, for instance.

Europe doesn't have this problem because they have good unions. We can't have those in America. I really don't know why, but that's just how it is.


This a perfect example of grass being greener on the other side of the fence ;) In some European countries I know of, unions are solely responsible for forcing the government hands into things like keeping around and subsidising beyond any sense and belief a dirty energy sources (coal mines and power plants for example) resulting in air quality killing more people than car accidents every year. Those unions won't stop at anything and are ready to and have in past organising violent riots on streets, until everyone around surrenders to their demands.


My understanding is that the if-anything-heavier-unionized EU isn't experiencing the same rapid growth in (especially public) construction costs as the US has been for some time—still faster than inflation, but lower than would be explained by just PPP adjustments or COL vs. the US. Unions may not be helping but there's something else causing runaway cost growth in US public sector construction, in particular.


Could also be because of its density and GDP. Are there “cheap” alpha cities?

https://financesonline.com/10-wealthiest-cities-in-the-world...


https://nypost.com/2018/08/25/why-nyc-is-priciest-city-in-th...

Construction in NYC is far more expensive than anywhere else in the world, largely because of union contracts.


This is an incredibly bold claim, can you cite this?


Here is one article talking about subway construction costs in NY.

https://www.nytimes.com/2017/12/28/nyregion/new-york-subway-...

It's not just unions, but here is a taste:

There are “nippers” to watch material being moved around and “hog house tenders” to supervise the break room. Each crane must have an “oiler,” a relic of a time when they needed frequent lubrication. Standby electricians and plumbers are to be on hand at all times, as is at least one “master mechanic.” Generators and elevators must have their own operators, even though they are automatic. An extra person is required to be present for all concrete pumping, steam fitting, sheet metal work and other tasks.

In New York, “underground construction employs approximately four times the number of personnel as in similar jobs in Asia, Australia, or Europe,” according to an internal report by Arup, a consulting firm that worked on the Second Avenue subway and many similar projects around the world.


The "oiler" thing sounds stupid, sure, and overstaffing in general is a fair concern. But, devil's advocate, how much time and money would be wasted if an essential machine broke and there wasn't a mechanic standing around ready to spring into action? How many people would be seriously or fatally injured in a year without a helper on those "An extra person is required..." tasks?

I don't know the answers. Some of them legitimately may be useless sinecures, but it's worth keeping in mind that what looks like redundant waste is sometimes an important guard against some kind of failure. Just because it isn't always used doesn't mean that it's not worthwhile.


==it's worth keeping in mind that what looks like redundant waste is sometimes an important guard against some kind of failure. Just because it isn't always used doesn't mean that it's not worthwhile.==

Even more likely is that the redundancy exists because of something bad that happened in the past. That is how most regulation comes into existence.


The article directly compares the NY subway project to a french one, and finds that it was cheaper and had a quarter of the staffing. So since we've established time and money is not being wasted by not employing 4x the people, all you have to do is check and see if French public construction is more dangerous than the US, and you'll know if elevator operators and underground break room guards are important safety roles.

In the public sector, unions and engineering firms/management contractors are not at odds as they are in the private sector, they collaborate to rip off the public.


I think if there's a money saving argument, you wouldn't need to put that in the union contract.

Companies will want to save money and you don't need to force them to save money.

It's clearly a "job saving" argument and not a "money saving" one.


If you live in a country where unions are very powerful, like mine, you realize that their power need to be kept in check along with every other power.

Unions at least in my country are all about political power, and little about workers' rights. The major ones are composed of mostly retirees from an era and a work modus operandi that is no longer the case there.

They argue for a model that is equal for everyone - yes, everyone equal at the bottom. They insist that every contract should be handled mostly at the national level (for political bargaining power) and discourage local agreements between unions and employers.

Also the public transportation seems to enjoy the "special" privilege of having a strike (not necessarily for workers' rights) at least once every month, "by chance" almost always on a Monday or a Friday.

Oh, and when an acquaintance of mine tried to get a union to help her file her retirement papers, they basically left her to her own devices (she was a retiree, no longer a worker, so "tough luck") and she had to fix the many problems that emerged by herself.

If we need unions, they need to be nothing like the one I hear about every day in the news.

EDIT: And for this reason I also refuse to take part in any union (last time someone wanted to do so, all I heard were "marches" and "strikes": people, it's not the 1970s anymore).


I strongly oppose public unions.

Unions are good for private companies, as there is a balance of powers - if the owners pay employees too little, employees quit, whereas if the employees protest too much, the company doesn't sell anything - both scenarios lead to collapse / bankrupcy, so both sides are motivated to cooperate and find a compromise.

In public services, there is no such balance - the state isn't constrained by market forces, and it won't collapse no matter how much employees protest. In addition, state employment usually comes with other benefits (e.g. job & pension security), so really the employees shouldn't be complaining and holding the whole country hostage.


"...The very nature and purposes of Government make it impossible for administrative officials to represent fully or to bind the employer in mutual discussions with Government employee organizations. The employer is the whole people, who speak by means of laws enacted by their representatives in Congress. Accordingly, administrative officials and employees alike are governed and guided, and in many instances restricted, by laws which establish policies, procedures, or rules in personnel matters."

-FDR Letter on the Resolution of Federation of Federal Employees Against Strikes in Federal Service

I think we've seen this play out in how public unions now dominate policy discussions putting the public good as an often secondary consideration.


Why would any sane person be against unions?

Because they, like any other organization, tend to become corrupt and exercise their power to the benefit of the "party insiders", at the expense of the everyday member. And I, for one, don't feel any need to have my pay rate negotiated based on some group average or least common denominator. And union dues.

I personally fully support the right of people to bargain collectively, but being a member of a union is not something I'm particularly interested in.


>> Why would any sane person be against unions?

> Because they, like any other organization, tend to become corrupt and exercise their power to the benefit of the "party insiders", at the expense of the everyday member. And I, for one, don't feel any need to have my pay rate negotiated based on some group average or least common denominator. And union dues.

Going to work without a union is like going to court without a lawyer. Are there incompetent lawyers? Does it cost money to hire a lawyer? Of course, but that doesn't mean it isn't a stupid idea to try to represent yourself pro se.

I'd join a union if one were available to me, then I'd work in it to make sure it was well-run and effective.


The problem with your point of view is that it applies equally to the companies that hire you, and they have very little incentive to be on your side.


Sure, but why add one more variable to the equation? Eschew additional complexity. As long as I live in a "right to work" state and there is plenty of demand for the kind of work I do, I'd rather deal with companies on a one-to-one basis. If company treats me unfairly, I quit and go somewhere else.

And while the company may not be "on your side", companies are still bound by market forces, on both sides of the equation. You can't compete (for now!) without people, and if you constantly run your best people off by mistreating them, you aren't going to be very successful in the long run.


If that was actually true, employee abuse would be essentially non existent, especially in large successful companies, and unions would have little reason to exist.

Its not true.


> Its not true.

Real life isn't that simple. These things aren't binary, "it's true" or "it's false". There is a continuum along which things vary. The extent to which companies are compelled by market forces to treat their employees well is obviously something that varies by sector / geography / profession / etc.

I'm not saying that nobody is justified in joining a union, or that unions have no reason to exist. I'm just saying that relative to my combination of the above factors, I do not find any appeal in the idea of joining a union, when you balance it against the associated negatives.


There are examples of bad unions. Police unions protect the "bad apples" that kill people with no consequences. Teacher unions protect teachers at the expense of students and education as a whole. Unions are designed to protect the weakest link which many people with highly sought-after skills feel is not in their best interests.


I love unions but what she did was kinda crazy don’t you think?


A lot of "sane" folks are skeptical of unions. Well well-run unions can certainly have a positive impact, unions also have a long history of protecting incompetent workers at the expense of competent ones, and they are particularly harmful for younger workers. When I was in college, the unions on campus successfully pressured the school to cut back on student hiring because the students typically made less than older workers, which meant less for union dues. A lot of kids on financial aid had a harder time finding work on campus because of this, and work off campus was not plentiful.


No, it feels like wilful cognitive dissonance where you all seem to think having two coworkers of no real managerial importance signing off on your company-wide political statement is somehow 'by the book' and everyone else is just a shill, ignorant and somehow didn't read this press release for this poor, poor person who knew exactly what would happen.

EDIT: Let's read the second paragraph of the article again:

"each time Google employees visited the website of IRI Consultants — the Troy, Michigan, firm that Google hired this year amid a groundswell of labor activism at the company"

You see that phrase 'labor activism'? This is the exact cognitive dissonance I am describing here. You want to pretend activism isn't political, that an employee planting a message on the website of a company affiliated with their employer related to this political subject is totally innocent and not a politically charged message. Just 'totally telling you your rights' and nothing more than that. That's intellectually dishonest.


It's not a "political" statement, it's a notice of Googlers' existing obligations under labor law and pursuant to a NLRB settlement. She was indeed correct to warn any Googlers who might interact with the external consulting firm about those obligations.


It's an odd world we live in where factual information about legal rights is dismissed as a "political statement".

As others have said, if she'd abused her access to insert, say, a pithy pop-up about recycling on Earth Day, she would have received a slap on the wrist at the very worst. This isn't about changing the code without authorization. This is about a message Google doesn't want employees to hear.


The biggest reason is because union laws would force other people to join the union, if it got established.

I believe that you should be able to join whatever professional organization that you want.

But the moment that you try and force me to join that professional organization, with legal provisions that would cause me to lose my job if I refuse, is the moment that I go to war against you.

I will retaliate. I will fight back. Because I no longer have any sympathy for you, if you are going to cause me to lose my job because I refused to join your special club.


You can be against her actions and for unions.

To me this sounds like someone snuck a PR that does questionable things into the code base.

Sure you can say that's a failing of the PR process, but it doesn't mean putting up the PR in the first place shouldn't be punishable.

"Following the process" doesn't absolve you from the fact you initiated the process with questionable intents.

Honestly, I would not want to work with someone who'd do that, and would be surprised if that wasn't a fireable offense.

I value the fact I don't have to scour PRs for covert (or honestly, even overt) attempts to stick political messages into our codebase.


Literal decades of highly-funded propaganda by business interests to manufacture this consensus, for starters, Taft-Hartley banning sector-wide bargaining to render unionizing as company-level adversarialism vs. a broader fight for worker security and rights, the purging of leftists from the labor movement with Red Scare postwar...


Unions are are one of the largest political forces in a lot of areas.


Not compared to business interests and certainly nowhere near comparable to their political force in European democracies where sector wide bargaining isn’t banned.


Let me explain this to you very simply. If you are making significantly more than someone of your work experience length, you probably don't want a union. most of them put in rules that align pay with seniority, seniority being very stupidly defined as length of time in career.


Social engineering isn't better than other forms of hacking.


Seems like they need to rethink the book. I'm not sure a Googley culture of permissiveness can exist at the kind of scale that they have now, and with the competing activist factions that they have cultivated.


If they really fired her for just this bagatelle, it speaks more against Google.

I don't know why there is this pervasive desire to strangle developers. This is a pretty recent phenomena in my opinion and certainly nothing close to a requirement to develop great software.

If I were an employee at Google, actions such as this would let me seriously consider to look for other work. The requirement for the code review for internal tools already seems awefully restrictive.


Google needs to choose between two evils here:

Give employees power / freedom and fire fast if you do stupid things.

Stricter regulations/ checks so they cannot mess up hard in the first place. At the cost of slower pace and less risks taken.

Google has historically been the former. And it comes with people doing stupid things and getting fired. Just the world is not used for huge companies to keep operating in such mode.

I applaud Google for keeping being open and not enforcing processes. The rest of the world will grow up eventually.


True that the former strategy requires more responsibility from employees. In larger companies you have more opportunity for your behavior not being penalized, so many companies increase strictness of processes.

But I fail to see how the employee in question did something that justifies firing her. Maybe there are other factors involved, but I certainly think that people opting for getting rid of her only on the basis of publicly available information shouldn't have any form of responsibility for staff to be honest.


Google's open culture wasn't designed to be robust against internal activists trying to leak, spam political messages, and incite dissatisfaction everywhere. Google's open culture assumed good faith, and that's gone now.


>The requirement for the code review for internal tools already seems awefully restrictive.

How on earth is that restrictive? Having code review for any important code should be normal at any company. Just because the tool is internal doesn't mean it's trivial and any engineer (especially a 21-year-old: how is she even an employee and not an intern at that age?) should be able to merge anything in willy-nilly.


Why wouldn't she be an employee at 21? 21 is three years into legal adulthood. The idea of being an intern at 21 is degrading. They're adults. Treat them like adults, not children.


Maybe this is news to you, but engineers typically have to go to college and get a degree before they can work as a software engineer. That typically takes 4 years, starting at age 18, which is when most people graduate high school. A 21-year-old working as an "engineer" at a company is typically an intern.

So to answer your inane question, she wouldn't be an employee because she's not old enough to have graduated college yet. And that's just to get a BS degree; lots of engineers these days (esp. at top-tier companies like Google) get an MS degree before they enter the workforce full-time.

I'm rather appalled that I have to spell this out here on this forum.


Getting a degree is largely unnecessary in the present time, and a substantial volume of people skip that step, especially in large companies like Google that are constantly buying others.


>Spiers, 21, said she went through the standard approval process, which requires two co-workers to greenlight changes, before updating the Chrome browser extension.

Yeah. I don't think so. The tool in question is an internal security tool, not a communication tool to get her message out. The two engineers who signed off on this should also be reprimanded. This is a clear abuse of a process meant to take in security-related contributions without too much red-tape.

And you want a separation of concerns here. You don't want a tool created for security to push the political agenda of some activists.

And she literally says the only reason for her change was because she wanted to get the word out because posters aren't effective enough: "Spiers told NBC News that she was inspired to create a digital notification because “a poster in the cafeteria is not the best way of reaching the majority of Googlers.”" ... yeah. Sorry posters aren't effective enough for you, you can't do that.


When a cop pulls speeders but strongly focuses on one demographic group, even though each pull is justified in that the one pulled was violating the law, the pattern that emerges shows a greater level of injustice and the actual reasoning used is quite different than the stated reasoning because the stated reasoning is not consistently being applied.

In this particular case, does Google consistently apply the stated reasoning? Google says it does, the engineer says they don't. Do we just trust Google despite a very long history of corporations taking illegal or unacceptable actions against employees engaging in similar actions, or do we let it go before a court to be decided?


That justice isn't equally applied doesn't excuse the perpetrator.

If you're speeding over the limit and the cops pull you over, you still deserve the fine, simply because that's the law. This doesn't mean that the cops themselves are innocent of any wrongdoing, but the two issues are separate.

And of course civil disobedience can be justified if the law or its application are unjust, but using it as an excuse after the fact is lame.


>That justice isn't equally applied doesn't excuse the perpetrator.

If you can prove it isn't being applied fairly it can result in rewards that more than cancel out any such penalty. Such discrimination cases can be hard to prove but can result in significant rewards magnitudes greater than the ticket fine.


> injecting javascript into an employer's internal chrome extension

The purpose of the extension is to serve site-specific pop-ups. Spiers added a pop-up to an existing pop-up tool using existing, precedented processes.

The analogy to a poster in a cafeteria, which is explicitly protected by federal law, passes a first-order smell test.


Is this a precedent that Google or any company wants to have, though? Engineers with access to company-wide tools or extensions can put political or divisive content into them?

This is more than just a "poster in the cafe" because of the reach and invasiveness of the approach.

Disclaimer: I work for Google, speaking for myself only.


> Is this a precedent that Google or any company wants to have, though?

Google is free to pull the tool or change the documented process. (I admit, the process seems lax.) Instead, they fired the employee. That’s an aggressive response.

> the reach and invasiveness of the approach

It’s a pop-up generated when one visits the site of the “firm that Google hired this year amid a groundswell of labor activism at the company”. That sounds like a reasonable scope.

Again, using a tool whose entire purpose is to serve site-specific pop-ups.

[1] https://www.nbcnews.com/news/all/security-engineer-says-goog...


These popups are security popups, the ones you would get from your antivirus/firewall and carry a certain Management endorsement weight.

It's not a free for all space to put random messages into.


> random messages into

Federally-protected content isn’t random speech.

There are reasonable arguments on both sides. Looking forward to seeing them play out at the NLRB and in the courts.

The only solid takeaway at this time is, if you think this is black-and-white, you’re missing salient detail.


Random speech doesn't become any less random just because it is federally protected. On the contrary, it actually becomes less federally protected if it is random, because federal protection of speech requires specific time, place, and manner.


"federal protection of speech requires specific time, place, and manner."

I'm actually ignorant on the specific time/place/manner of protection for organizing. Can you educate me?


At a broader level, federally protected speech in the US isn't absolute; the Supreme Court has ruled a number of times that restrictions can be placed on organizing protests, such as you can't protest in the middle of a busy freeway at rush hour blocking traffic and use "my right to protest is federally protected" as an excuse. There's more info here [1] (PDF warning; go to page 9).

More specifically to unionizing, employees are allowed to discuss unions but employers are allowed to place some restrictions on when/where such discussions can take place. From the NLRB [2]:

> Working time is for work, so your employer may maintain and enforce non-discriminatory rules limiting solicitation and distribution, except that your employer cannot prohibit you from talking about or soliciting for a union during non-work time, such as before or after work or during break times; or from distributing union literature during non-work time, in non-work areas, such as parking lots or break rooms.

1: https://fas.org/sgp/crs/misc/95-815.pdf

2: https://www.nlrb.gov/rights-we-protect/whats-law/employees/i...


I think it's less about Management endorsement and more about notification blindness.

If you start adding wholly unrelated messages into the security warnings, people start ignoring them. We've seen the same with medical systems where doctors and nurses ignore the important pop ups because so many are just interruptions.


> The analogy to a poster in a cafeteria, which is explicitly protected by federal law, passes a first-order smell test.

This doesn't feel like the right analogy. She (ab)used her access after all. A better one IMO would be a cafeteria worker sneaking in a leaflet among the napkins. Definitely feels less innocent.


> But injecting javascript

Come now. It's a browser extension, it's written in JavaScript, and knowingly installed by employees. No "injecting" went on here, let's not try to make this sound more nefarious than it was (not very). Fireable? Perhaps. But not because of a security concern.

(edit: reading more, it's clear that the only thing that makes this "fireable" in google's view is that it promotes union organizing that they oppose. Any other such message would probably not cause firing unless it caused a PR problem, and perhaps not even then.)


> So basically, the Google employee added arbitrary javascript to an internal chrome extension used by Google employees that triggered a popup when employees visited a specific website.

This is actually false (it's not listed in the article, so I wouldn't expect you to know). It was a config file containing URL patterns and plain text messages. Most messages were things like: "please don't upload random company files to dropbox.com/upload".

So my take is that this employee's job responsibilities probably involved notifying sending these types of notifications. However I'd actually agree that there was some "abuse" because letting someone know they are about to upload a file to dropbox is pretty different than using it as a forum to remind people that organizing is a protected activity. I wouldn't fire someone over that because despite them being in the wrong, it doesn't seem malicious.


> So basically, the Google employee added arbitrary javascript

This is a little disingenuous. She's a software engineer who works on this extension. "Injecting arbitrary JavaScript" is her job.

If she bypassed code review, introduced a vulnerability, abused a known weakness to violate policy (e.g. logged into an account with signing keys to deploy manually when it's usually automated), etc. then you'd have a case. If she did her job and followed all policies about review and the only question is the content of the notification, then the way she sent it is an unfair criticism. It reeks of CFAA-style stretching of the truth about authorized access, and we as hackers shouldn't stand for it.

I wrote a command-line tool at work to automatically add a bunch of party parrots to a Slack message. This tool runs with your personal credentials, and web-scrapes your Slack access token in order to run. As a normal UNIX tool it also has access to your homedir etc. The credentials it uses can also read your private Slack DMs, access data that you can get to but I am legally forbidden from seeing, etc. - but it does none of those things. I installed it to a bin directory in everyone's path, without code review, because we have a system that explicitly allows this and it is often useful. Our security team raised a general ticket to the effect of, hm, maybe code review should be required before you stick code in everyone's PATH. Nobody is thinking of firing me for "injecting arbitrary Python" or "stealing credentials" or anything because nothing I did was against either policy or convention, even though you can make it sound horrid if you choose.


Indeed. And there are a ton of comments here saying it's OK because "she went through the standard approval process, which requires two co-workers to greenlight changes."

But that doesn't mean it was OK. It just means the co-workers might have greenlit it without taking a close look, or were misled as to what they were approving, or that they were approving it because the code was correct technically, and approval isn't about judging the code's product purpose.

If this tool was NOT meant to be used as the equivalent of "posters on the wall" and she modified it, regardless of co-worker code approval, it DOES seem to be an abuse of privileges.

If her manager had given her the OK, then she's in the right. Otherwise, I have a hard time seeing how this isn't abuse of one's position.


Unless managers are authorizing all changes, employees must assume their own judgement. Thus not firing offence.


Almost irrespective of the website that it was triggered on, it represents a huge waste of her time, as well as that of the hapless employees forced to click through her automatically-created popups.

It also weaponizes the internal browser to advocate for political causes.

It shows such stunningly bad judgement that they are entirely justified in firing her.


IMHO its absurd to think stating a law/fact is advocating a political cause, unless you consider the law a political cause? In which case, wow.


I mean, I know I'd be highly annoyed if I got a "Don't post copyrighted material" popup every time I visited Stack Overflow. It's the law, but it doesn't mean I want an addon nagging me about my legal obligations.

In the same way, I know I have a right to vote, but I definitely felt it was annoying when I had a coworker who would regularly spam us to remind us to vote. It's not necessarily Political, but it's advocacy. I only have so much mental bandwidth - hijacking it to have my read a message of your choosing is cause advocacy whether I agree with it or not.

Advocating a certain level of involvement/mindfulness of specific issues is political - Most of the difference between folks in the same party/ideology is just in if they think about or prioritize certain issues over others. Do you care more about Union Rights or the Environment? International Wars or domestic policing? Pushing people towards one over the other is political even if they already agree with you on the underlying issue.


Perhaps I'm misunderstanding you, but it sounds like you're saying telling people facts about reality they should know is advocacy, and advocacy is somehow inherently political? By extension of this logic teaching children math is a political act.


So, teaching anything is certainly advocacy in the literal sense. Your math teacher is an advocate for you learning math, and the importance of math. I wouldn't say that's political advocacy, because most people would agree that the rules and facts around of algebra generally aren't something that's commonly debated by governments.

That said, if I was taking a world history class, and my teacher spent the whole class for a year exclusively going over US war atrocities and rights abuses, I think you could argue that would be political, even if it was all factual and correct. They chose to present a set of facts that leads people towards a specific ideology and worldview that influences how they observe politics and the government.

Telling people truths can still be political. Having a popup at work, or a chat message, that informed me of a political candidate's policy positions would be "telling people facts about reality they should know", but is definitely political advocacy. Just because that candidate happens to be in favor of workers rights, or union power, or parental leave, doesn't mean that it's now a relevant work topic.

In a perfect world, everyone would know all their rights and all the laws that are relevant to them, but most people don't. Trying to impose that I take time at work to inform myself about them is thus innately political advocacy. That's not to say that it's a bad thing - I appreciate folks who remind people to vote/registration deadlines, or post informative information about relevant local laws, but it doesn't mean it's not political advocacy to do so when you're doing it in a targeted manner.

It's possible to both think that what this person did was political activism, and to believe that it probably shouldn't have been punished this hard.


Sure, but the question is, would they react this way if the injected content was something else?


So.... this is interesting. The answer is if they are strict authoritarians and go by the book, yes. There is no leeway. If they are flexible and are open to interpretation and intent then no... but then that leaves them open to risk.

Because of that most companies over time become very strict and unforgiving.


The trope that says "asking for rules to be enforced in a sane and human manner leads to authoritarianism" is a pretty recognizable form of bullshit.


That's the most important question, and there's a pretty good case to be made for "yes". It's a severe error in judgment for a security engineer to co-opt an security notification system in order to spread personal messages. Not only is it spam, it desensitizes users to real warnings. (Imagine an email from Google where the subject is "SECURITY ISSUE WITH YOUR ACCOUNT" and the content is an ad for a Pixel). I probably would have given a strong warning rather than firing, but it's not unreasonable to be especially strict when dealing with security matters.


So Security isn't a career move and this wasn't to stifle unionization at all?


> So basically, the Google employee added arbitrary javascript to an internal chrome extension used by Google employees that triggered a popup when employees visited a specific website.

No, the "so basically" is the employee added another URL & a string to a map of URLs & strings in an existing extension.

The extension already existed. It already showed notifications on various URLs. She didn't create that part.


This is a mischaracterization, if you read what the extension is used for: Showing popups when people visit certain sites. For example, popping up a notice to remind users not to upload Google data to Dropbox when they visit Dropbox.

So no, she wouldn't have "added arbitrary JavaScript". She would've added an additional message and triggering website to an existing script.


What would be the cheapest-approved mechanism of presenting this legally mandated notice to employees? Remembering this isn’t just a generic legal requirement but a specific demand imposed on Google at this point in time.


The management is giving each other high fives now. As they no doubt strategize their plan from the comfort of their boardroom, they know this activist's personality will become the face of effort to collectively bargain.

Despite news articles mentioning walkouts themed on identity politics and out of court sexual assault allegations - those are narrow and not representative of the collective: a small, but vocal clique demanding VIP treatment at the expense of everything else. As for the feelings of those not fitting those characteristics? Do they not have their own personal and professional struggles, ambitions to cooperate and rise in the organization and live a happy life with a family?

It's a perfect distraction from the worker's struggle for union representation.

In order to form a union, you need votes. Google's management knows enduring the most radical and loud is a small price compared to having a union to ensure everyone is treated fair.

Cater to the whims of radicals rather than focusing on common ground == no plurality. Union busted, mission accomplished. https://www.nlrb.gov/rights-we-protect/whats-law/employees/i...


I think there's a piece that some people are overlooking. There are very specific statutory protections about when, where, and how you have a right to organize.

Things that would likely require legal review and Google has the budget to test the waters of at this point.

The last clause in the link below pertains to this scenario, I think, which may bite Google. Or it may not because it all depends on case law and what union leadership is willing to push back on (which could take years to sort out via legal proceedings)

Really, at the end of the day all Google has to risk via this kind of behavior is some lawyer time, setting precedent, and potentially being required to post a notice if they end up losing.

Source: https://www.nlrb.gov/rights-we-protect/whats-law/employees/i...

> Working time is for work, so your employer may maintain and enforce non-discriminatory rules limiting solicitation and distribution, except that your employer cannot prohibit you from talking about or soliciting for a union during non-work time, such as before or after work or during break times; or from distributing union literature during non-work time, in non-work areas, such as parking lots or break rooms. Also, restrictions on your efforts to communicate with co-workers cannot be discriminatory. For example, your employer cannot prohibit you from talking about the union during working time if it permits you to talk about other non-work-related matters during working time.


This isn't how extension development works? The APIs for calling the notify methods already exist. Depending on how their tools work the diff could have been

1. A list of one website on which to notify

2. The static content to display on that website in a predefined (provided by the browser) popup context.

While I grant what you're saying is possible given the dev's access rights, it's not required for the functionality described in the article.


Wouldn't she have had to make a pull request? Since when can't a developer make a controlled change to code?


Yes, and needed the approval of two reviewers, which she got.


The concerning thing is she seems to call out that employees have the right to “concerted activities” which means Google sung only opposed to unionization efforts but to any “concerted action” by their employees.

Even so much as organizing could be viewed as a threat by Google’s management.


Spiers, 21, said she went through the standard approval process, which requires two co-workers to greenlight changes, before updating the Chrome browser extension.


Spiers wasn't fired for adding code, Spiers was fired for using a pop-up and that simply isn't the Google way.


Should have been an AMP page.


This isn't the first time either. Just before the walkout, a group of employees force-changed everyone's desktop background to an advertisement for the walkout. That particular change, while obnoxious, was harmless --- but that change could have been anything, including very difficult to detect spyware. It's essential that company-wide code and configuration changes occur only with official approval and process. Emotional and activism do not constute reasons to bypass this process.


Is that true? Amazing if so. I had not heard this before.


She mentioned it herself in the Medium post

> This kind of code change happens all the time. We frequently add things to make our jobs easier or even to just share hobbies or interests. For example, someone changed the default desktop wallpaper during the walkout last year so that the Linux penguin was holding a protest sign. The company has never reacted aggressively in response to a notification such as this in the past. It’s always been a celebrated part of the culture

https://medium.com/@ksspiers/google-fires-another-worker-for...


Yikes. That is straight up black hat shit. What ever happened to posters and bullhorns?


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: