As soon as your company grows beyond the point where everyone else has the same personality type you do, you'd be amazed at how hard it is to run perfect herd over everyone else's ethics. Anyone who thinks that this sort of thing requires management approval from Google simply has no concept at all of how difficult it is to scale trust and supervision. Google is effectively a small country at this point.
Someday a YCombinator company is going to make front-page news after having tried to spread smallpox using dirty blankets, and someone is going to suggest that Paul Graham must have tacitly suggested it was a good idea, and they are going to be stupid.
Wow, the comments blaming Google for this are ridiculous.
I'm no Google apologist. But it was 20 edits from 2 people. We have no clue what their motivation was, but probably they were just being assholes.
If an asshole Google employee started trolling on HN, posting 20 obnoxious comments, and pg tracked the IP addresses back to the same IP address as this incident, do you think he should raise a stink and say that Google is trying to take down HN because it's a competitor of Google+?
Come on, that's ridiculous. Is this really the effort of Google? They have tens of thousands of employees, and hundreds of thousands of computers all over the world. Google attempted to poison an open source map using 2 employees and 20 edits? Come on. If they redirected 0.01% of their traffic to that website, they could probably keep them down indefinitely.
The one scary thing, however, is that if you do do something obnoxious, like get into a flame war with someone, or if you add some false information to wikipedia for whatever reason, and the owner of the website complains online about it, you could get fired, even if your comments were completely "anonymous". That to me is scarier than any of this other stuff.
Not everyone is blaming Google. However, many are rightly taking the position that Google has to be held responsible for actions of its contractors, which is a different thing. Google has taken the first steps, which is to sack those people. Next it has to undertake review of all the sites that these people accessed and make good any damage they caused.
So, if you visit HN from your place of employment, your employer should be held responsible for every single obnoxious act you make? Or if you go to Amazon.com and post a negative review on a book, the author should sue your employer?
That's ridiculous. You're basically arguing that all employers should strictly limit the websites that any employee visits, since the employer should be held accountable for their employees actions.
If the contractors did something against the terms of their employment and got fired, that's one thing. But to hold the employer responsible and say they should "make good" on the actions of their employees is wrong.
"whereas an employee acting in his or her own right rather than on the employer's business is undertaking a "frolic" and will not subject the employer to liability."
A Google contractor adding false information to OpenStreetMap is undertaking a "frolic", unless that was specifically his job at Google. If Google specifically told him to do it, then yes Google should be held liable, however, if the contractor is killing time and being an asshole while twiddling his thumbs, Google will not be held liable.
"Employers are vicariously liable, under the respondeat superior doctrine, for negligent acts or omissions by their employees in the course of employment (sometimes referred to as 'scope of employment')"
So the contract company, the actual employer of these people should be responsible from the sounds of it, not Google.
On the surface of it yes. However, there are cases where people who work as contractors are viewed as employees by the law.
Here's the reason why: these people work on Google's premises; Google probably dictates what time they have to show up for work; and generally tells them how to perform that work. I don't have the names of the legal cases where the precedents were set off the top of my head, but under those circumstances, the court has ruled that vicarious liability continues to apply.
I worked onsite for a large pharmaceutical company in their corporate HQ for 6 years, but never was considered any employee of that company. I couldn't access many services and perks of that company even though I was in their datacenter and on site every day for years. This was the point of hiring me via my consulting company was to move the liability, cost and responsibility to a 3rd party, which also seems to be the case here.
This can be a good or bad thing depending on the situation. The original company can show it is cheaper to use a contracting company, but also as seen in the Gulf oil spill, there can be a lot of finger pointing between companies on who is responsible for damage where when it comes time to deal with real problems.
In your case, any mistakes you make is unlikely to affect a third party. But should a third party be involved, they'll try to pin the blame on the pharma, not you, the pharma has the cash. In which case, they'll be arguing to the judge that the way you work makes you more like an employee than a contractor, even though you don't enjoy the benefits of being an employee.
At what point does liability end? I'm not talking about where current laws stand - I'm asking where you think it ought to end.
If the employee was acting without the knowledge of anyone, then sure, you can argue the case that the employee went rogue and the company should be shielded from liability.
But in the case of Mocality, it certainly looks like a concerted effort - someone from management surely knew about it, or perhaps even ordered it. The fact that Larry himself isn't aware/didn't approve seems rather moot. So the question is: how far up does it have to go before something is considered an act of the corporation?
There are some who are saying "yes, seriously" to the idea that Google overlords sanctioned this. I really don't buy that. It would be just as absurd to claim that they were double agents planted by competitors.
Now then, saying that Google owes some of these folks more than just an apology is perfectly reasonable in my view. I think they owe Mocality money for whatever business & reputation damage they suffered. OSM is said to have suffered about 20 troll edits from two people, if the article's update is to be believed. I'm not really sure how best to make that right, but maybe Google can go through the logs and help fix everything.
So let's see here. Google "contractors" in Kenya get caught stealing customers red-handed. Then "contractors" in India take over where they left off. They also start messing with OpenStreetMap.
And somehow, no one at Google had any idea? Oh, please. If this was Microsoft, you'd all be raising hell, but because it's Google everyone is talking about how great they are for dropping the contractors? I'm disappointed in you all.
These contractors are a full continent plus an ocean away from the Googleplex. It seems pretty plausible to me that nobody high on the totem pole had any idea about the particulars of what they were doing. I doubt they even know everything that the thousands of full-time employees who work right down the hall are doing.
Not that I'm taking side on this Google fiasco but distance is not an excuse in these days of distributed workspace and multi-national corporations. If distance is an acceptable excuse, BP didn't have to take responsibility for the oil spill happened in the Mexico Gulf since it's an ocean away in a different continent.
You seem to have taken my comment out of context. I didn't say distance excuses anything, just that it presents logistical challenges. The comment I was replying to suggested that Google had to have known, so I was explaining that, no, the higher-ups at Google very well might not have had a clue. This does not appear to have been a major campaign of great strategic importance to the company, it didn't involve a lot of people and it wasn't anomalously using any resources, so I have no trouble believing that it simply slipped under the radar. You might say that was negligence on Google's part, but I don't think you can call it malice.
"Not working on Google projects anymore" doesn't imply the same thing as "sacked" where I come from.
I think people want a better explanation then what we've seen so far. Vandalizing wikipedia for teh lawlz is one thing, vandalizing OSM with potentially dangerous things like switching one way streets is another kettle of fish. Especially when your employer (err employer's employer) runs a well known competitor.
I don't know how much more Google can do than not contract with them any longer, or make sure that "they are no longer working on projects". They aren't employees, they can't be sacked in the usual sense.
> Vandalizing wikipedia for teh lawlz is one thing
This actually pertains to a discussion I had with a friend, who recently informed me that he found out that doctors not only look things up on the Internet like the rest of us, they sometimes even use Wikipedia. So you could cause some serious damage there as well. Granted, if the doctors would STOP DOING THAT it wouldn't be an issue.
Good on Google for (apparently) taking appropriate corrective action in this case.
As comments at TheVerge note: this is the third notable instance of contractor misbehavior in very recent weeks for Google. Seems to me that the company needs to tighten up its contractor vetting and oversight markedly. This is a general outsourcing problem: delegating work to another entity means you've created a new obligation within your organization to oversee that work.
It's hardly new, and it's hardly specific to business. Apple, Dell, HP, Microsoft, and other are currently dealing with fallout from outsourced labor practices, particularly in China (Foxconn / Shenzhen), but also India and elsewhere. The US government has seen much criticism over its outsourced contracts. BP has had some disagreements with its contractors Cameron International, Andarko Petrolium (Mitsui Oil exploration), Weatherford International, Transocean, and Halliburton over fish-oiling services rendered.
What might be interesting would be to see a clever and distributed solution by Google. My expectations aren't high, but it's definitely a wicked problem and they'd be a good crew to tackle it.
1: If this is the case, Google have correctly identified the source and it turned out to be the same in both cases.
2: Mocality broke on Friday. The OSM incidents were reported Monday, and apparently had been ongoing for at least a few days prior. I'd say they're largely coincident.
3: It does take some time for a business to respond, especially where contractual issues are involved. I suspect in this case the OSM report was a final straw / accelerator in Google's decision process.
Speaking for myself, I used the term "apparently" as we've just got Google's report of their action, I haven't seen it verified elsewhere. Though I'd be inclined to believe their statement (lying at this point would be a Really Dumb Move[tm]).
Really, given the scale of operations, this is lightning action on Google's part.
As I noted, the problem here is that there are three incidents (two tied to the same contractor) of malfeasance in Google's name (if indirectly, through contractors, on Google's part). This speaks to shoddy practices, or in best light, considerable room for improvement.
The update to the article addresses items 1 & 3, claiming it's the same IP, but not the same people. Apparently two people made about 20 troll edits to OSM. They've been fired for abusing Google's network policies.
I'm not at all convinced that Google has reacted strongly enough here. From what I have seen in their response, they don't seem to be particularly interested in sending the message that screwing up whilst contracting for Google will have major penalties, not just for the contracted individual, but also for the organisation that they contracted through. I can understand that Google can't police these people themselves, but they need to send a message to all of their partners that the partner is expected to do this policing.
Hanlon's Razor: "Never attribute to malice that which is adequately explained by stupidity."
This seems to apply to several levels of this incident, up to and including this discussion of it.
Most, if not all, of the discussion here in both directions is speculation. It seems to me that it's still early. The Google detractors here will be much more persuasive, to me at least, if they come back in a few weeks and Google has still not issued a strong apology and full, detailed explanation.
> Hanlon's Razor: "Never attribute to malice that which is adequately explained by stupidity."
I can see why Occam's Razor should be accepted at face value, but Hanlon's appears to be just a just-so idea without any logical foundation other than appealing to certain human prejudices.
In any event, "Google detractors" can say whatever they want, but to claim that people running Google are "stupid" or that the company is governed by a mindset characterized by "stupidity" is really hard to swallow.
I think joebadmo means malice on Google's part. "Ignorance" is probably a better word than "stupidity" here. Basically, it's unlikely Google, the company, intentionally sanctioned the vandalism, but rather were unaware it was happening, and stopped doing business with the contractors when they found out.
It's not like they sweared on forums or watched porn. Vandalizing OSM is an effort-intensive task. You dont't do that because of lack of control. You do that because you were told to, or motivated to in any other way.
I don't see how they could do that accidentally; therefore we should seek why they did that; who knew what they were doing; and how it could happen at all.
What were their job? What were they brought in for?
Say I bring you in to help promote certain properties versus rivals X, Y and Z. Now pretend you lack a good sense of ethics. Think of a few obvious ways to help my product beat these other products. I'm sure you can come up with something plausible that's similarly lousy.
A company I worked for once hired a guy to help them build up a social media profile and agreed on a pay scheme similar to "$X for every 100 followers/friends". He followed every follow-back spammer he could find and got paid rather well for gaining about 20 actual readers. I guarantee you this was not what the company wanted, but it's easy to create perverse incentives if you're not careful.
But this is just the illustration of a high level management issue on a simpler level. As soon as there are some ultimate measurement tools in place the context is neglected an people focus on gaming up the numbers.
That's certainly plausible, but given everything we hear and know about Google screens its employees, is it indicative of a problem that their contractors pull off stuff like this, even if it wasn't condoned by Real Google Employees? If you hold your employees to high standards, why not hold your contractors to the same standards?
I couldn't repeat more a thing that you should have read while browsing thread:
It's a very peculiar kind of vandalism: sneaky, personally unrewarding and affecting a niche service. Trolls like to do bold, rewarding and big moves.
The trolls that you notice do big bold things; the bad trolls are the ones you notice.
Good trolling is a dead art; the single post that started a 400 message flame filled cross-posted thread that caused everyone to kill-file everyone else? You just don't get that anymore.
It is very easy to run into forum and post guro and yell obscenities.
Making long lasting subtle changes is hard. But that is why it's fun, for a small number of trolls.
(I should state that I don't think this is the case with the contractor; I think they're just stupid and misguided, and that Google needs to start thinking about how they provide oversight for this kind of stuff.)
I'm not sure, and I'm a Google fanboi, so don't just take my word, but this is just a theory: maybe the contractors had some kind of contract where they would get compensation for getting more users or for conversion. Something in that area.
Suppose that you're sales person tasked with selling the new enterprise Google Maps service, and paid at least partially on commission. In a number of calls your leads mention how they're switching to OSM instead. You get the bright idea that you could SHOW your client how OSM is inferior because it contains incorrect information. Maybe you even incorporate it into your call routine: Look up where the lead works, edit OSM near their location, during the call point out to them how OSM is wrong.
I don't know terrible many vandals who would enjoy breaking OSM (that not terrible many people use yet) of very distant lands by breaking it in subtle ways.
Vandals usually do bright, bold things. Deface, draw over, swear. What they did here speaks either sabotage or personal hatred. I guess there are particularly devious people, but why a sizable number of those would suddenly contract for google india?
This is simply not true. As someone who was very destructive growing up, I can tell you that it's fun to destroy things simply for the sake of destroying things. You may not understand it, but that's because you don't have that destructive tendency.
As I've mentioned in other comments, I've vandalized wikis before. I did it because it was funny to people standing around. It doesn't involve much imagination to see someone opening up OpenStreetMap, clicking "reverse direction of street", and then gathering up some nearby coworkers to show. "Hey guys, watch this! Reverse! Reverse!" "Hahah, 8th Avenue doesn't go that way! Hilarious!"
I simply don't think you understand what people are willing to do. I know many people who would play Wikipedia Jenga - you edit Wikipedia with bigger and more ridiculous edits and the person who gets the article reverted is the "loser". It's not ridiculous to assume that they could be playing a similar game with OSM, especially if they viewed it as "competitor".
I don't believe Google is stupid enough to advocate vandalizing an opponent's products.
Google definitely holds some of the blame here, and I'm glad to see that they've been completely transparent and apologetic with every instance of Contractor shadiness that's cropped up in the past couple of weeks.
But don't try to drop facts because it doesn't suit your argument. They were contractors working for Google. Saying anything less than that is dishonest. You could just as easily fall further down the slippery slope and condemn the entire human race for the actions of a couple of contractors, because the contractors were humans.
They were operating from within the Google network, while (presumably, otherwise they shouldn't be onsite) working for Google - hence the difference between being a contractor and an employee is pretty small.
We have contractors onsite where I work. If they did something bad (especially if it is in any way related to what we do, as in all those recent Google cases) I would say that we would be to blame to the same extent as if they were employed by us.
What Google should do, and probably should have done after the Kenyan thing, is terminate any and all contracts with the contracted firm.
Where does one draw the line? This feels a lot like group punishment: one member of the group does wrong, the whole group gets punished. Is that just? Should Google then proceed not to hire Indians again (assuming that was actually the contractor's nationality)?
Also, to all the folks implying malicious intent: What does Google stand to gain from sabotaging Open Street Maps? Especially after sponsoring it for some years in a row via Summer of Code and similar initiatives?
Yes, groups are routinely punished for actions of members. In the case of businesses, sometimes that means closing up shop, firing everyone, and sending the owners or bad actors to prison.
Google can gain by saying, look, our maps are more accurate. Of course, it would have taken an idiot to believe that would work, just like someone who believes that they can change history by editing Wikipedia articles. I suspect there is pretty much zero chance that someone higher up at Google would be that dumb. Then again, one of the co-founders of this company thought it was ok to break US law in regard to illegal pharmaceutical sales.
This has nothing to do with nationality. This has to do with vetting the quality and trustworthiness of those with access to Google's network, employee or otherwise. That is a pretty damn big deal in my opinion.
I would think that companies routinely end contracts with other businesses due to the actions of one or some of their employees. This is not group punishment, this is ending contracts with entities that misbehaves in serious ways in your name.
Of course Google should continue to use Indians at their discresion. Anything else would be group punishment.
Google doesn't stand to gain anything from sabotaging Open Streets Maps, but that does not mean that they are not responsible for sabotage in their name. That is not a contradiction.
We have to build a mental model of what's happening.
We have two at the moment:
First, that one or more than one of workers in Google in India for some reason had strange sort of hatred towards OSM, not caused by they working for Google, which caused them to vandalize OSM objects in certain cities located in different hemisphere.
Second, that they for reasons unknown were told to do that; Or the measure of their achievements could be influenced by OSM maps being worse; the profit has to be short-term and obvious for lower-level workers to fall for it.
First seems to be highly improbable; second seems just improbable :) Right now second wins.
Any other mental models?
Yeah, since contractors willfully, and without any prodding/directives/orders from their employers, like to spend their hours in labor-intensive tasks that just happen to be vandalizing their competitors' data.
I wonder, under what tasks were these hours billed by the contractor?
I don't know, I also don't know why Google would risk their reputation to reverse a few streets in OSM. I simply don't know. I'm not making any excuses for anyone, but I've seen fellow employees do ALL SORTS of stupid things that they thought were good for the product or company they were working for, and their manager let alone their hiring company certainly didn't know about it.
Fair point. It's also possible that maybe the contractors' manager knew or was complicit. I just find it difficult to believe that multiple such infractions (Mocality, OSM, fake Chrome reviews etc.) can all be blamed on rogue/stupid contractors, there are likely to be some rogue/stupid employees involved as well.
Is there any evidence Google is actually taking any action like so some Google-apologists are quick to claim?
Are there any official statements? Basically all a see after these incidents is Google only responding when being pressed by individual reporters, and even then only in very superficial terms.
Sweeping it under the rug seems to be a more appropriate description of Google's response to some extremely serious accusations. This isn't just a random act of drunken mischief by someone that just happens to be a Google employee. We're talking criminal activities undertaken by people being paid by Google, using Google's corporate infrastructure and aimed at Google's competitors.
Or perhaps, just perhaps, they are doing an internal investigation and avoiding any substantial press releases until they've completed their investigation. I know that's what I'd do when there's an army outside just waiting for a chance to sue.
You have no evidence that they condoned the operation, or that they're trying to cover it up. All you have is conjecture until there's more information available, and that's not useful at all.
But since we're in the land of conjecture, let's think about this: Google, a massive corporation generating huge profits, suddenly decides to scrape a Kenyan database piecemeal (rather than just sucking up the whole thing at once before starting, like an intelligent person would do), then engages telemarketers to fraudulently cold call a bunch of small businesses in the hopes of selling them web hosting.
Now, how much income do you suppose that would bring in? a few hundred thousand? Maybe a million if they're lucky? Would it even be worth a multinational's time and effort to cold-call selling websites, even if it were totally kosher? I doubt it. Add to that the negative press that a scam like this would bring when it's eventually exposed and it's well into the realm of ludicrous. Even if this were supposedly perpetrated by the most evilest nastiest company in the world, I'd have the same argument (money).
So, we're left with the next most likely possibility: a small number of people with internal access to Google's infrastructure, for whom a few hundred thousand to a million dollars worth of sales would be quite lucrative.
And if you were in Google's shoes, with this happening somewhere in your GIANT company, what would you do? If you answered "push out a press statement telling all right away", you'd be betraying a fundamental lack of understanding in how large corporations work. Their size makes them slow. Messages have to go up and down the chain of command. Investigations take days, weeks, sometimes even months. Bureaucracy, procedures, and legal issues hamper every step.
So put away your pitchfork and wait like everyone else.
Retarded comments by Google fanboys, saying that these contractors worked out of Google's control and hence, the company cannot be held responsible for their actions.
Please tell me one thing: why the hell would any contractor go out of his way to sabotage your competition?
This can happen only if the management has insinuated in a wink-wink, nod-nod way that vandalizing the competition might yield certain rewards.
And please, if this practice continues and everyone just sweeps it under the carpet as something 'contractors and not the company did', then soon we'll have an army of contractors hired by Samsung, MS, Facebook, et al going around planting bombs in competitors' HQs.
Someone has to own up. If my dog shits on your lawn, I still have to clean it up.
This is barely enough. Google now needs to make full reparations and find out exactly what was modified and return them to the correct values. The SysAdmins time on OSM is not free. Under tort, Google should be on the hook for malicious alteration of map data of its employees and contractors. Contractors or not, Google will have to exercise more oversight.
Perhaps someone can release a little utility that trawls through Apache logs called HasGoogleAlteredYourData?
I wonder if this was the result of unintended consequences of poorly designed incentives. May be - and this is just a wild hypothesis - Google's directive to the vendor was to improve their maps data and incentives were based on their data being better than OSMs. Which leads to some of the contractors realizing that it would be easier to be "better" than OSM by making OSM worse.
Google's Response: "The two people who made these changes were contractors acting on their own behalf while on the Google network. They are no longer working on Google projects."
This does not mean they were sacked. This does not mean Google were actively seeking to destroy OSM data. I'm pretty sure if they wanted to do that, they could do so without anyone finding out.
Two people, changing some OSM data (maliciously or otherwise), from their work PC's, is NOT newsworthy in my opinion. The original accusation, yes. If they provide more details of the attacks, definitely. This post however, is not.
I'm wondering why Google is so stupid to use their own IP address for these dirty jobs? I guess that's the real mistake the contractor was doing from Google's point of view. They were probably instructed to use random proxies around the world, but somehow this particular 'contractor' didn't manage to do that.
So you think the senior evil overlords at Google made a affirmative decision to deliberately sabotage OpenStreetMap to make it look bad in comparison to Google Maps. And that they instructed their agents to cover their tracks.
That's exactly what I'm thinking. I mean, I know corporate espionage exists, but really. If this was really your goal why traceable sabotage? Why not break the logical connectivity at big intersections so they render correctly but break navigation algorithms? Why not offset a city 100m to the south to break GPS matching? "Deleting main roads" from a traceable IP is just... dumb.
So you think a bunch of contractors got together to sabotage a competitor for shits and giggles?
This isn't writing like 'dick dick dick' on Snooki's WikiPedia page. No one vandalizes OSM data for fun. They do it if they have an incentive to do so. This incentive must have been provided by Google management.
Given that people vandalize crowd-source databases every day for shits and giggles; yes, pretty much exactly that. The linked message seems to imply that vandalism is a fairly routine thing even for OSM, so I'm not seeing where you get that "No one vandalizes OSM" bit from.
OK, I'll bite. I'm not "defending" anything really. This was bad behavior. I'm saying that asserting based on the existing evidence that this is some sort of "conspiracy" on the part of Google is, well, borderline insane. It just doesn't add up, sorry. The cost/benefit sides of the equation are all out of whack. The purported implementation is just plain dumb.
The only way to get to your "cannot be defended" conclusion is to start from a "I hate Google" position and color the evidence as you read it. So let me guess: you're an iOS nut, right? :)