Did you not read the part where she did, where she followed the process by the book and it was approved? Or did you just have your mind made up to decide to side with Google instead?
This was the process: "the standard approval process, which requires two co-workers to greenlight changes"
In my company, I could put in travel orders to let me go to and from Hawaii on the company dime, have a vacation, and have my supervisor approve (which is following the standard process), but doing that should get me in a lot of trouble and/or fired.
Sorry, but could you clarify what you would be fired for in your hypothetical situation? Presumably, it's not automatically against company policy to expense a trip to Hawaii.
And your supervisor knew of your intent to deceive the company when they made the approval? And if so, why would they make the approval unless they too wanted to be fired?
Sorry to be pedantic about a hypothetical, but I think it's necessary to consider the specifics of the actual case. Assuming this process involves something akin to a codebase commit, where the contents of the approved change can be clearly seen by the approvers, it raises the question of what sanctions her colleagues faced if Spiers' violation was so severe as to result in near immediate termination.
(because obviously, in your hypothetical situation, your supervisor would be fired if they knowingly approved a deceptive work expense)
If your supervisor knew that you were taking the trip to vacation, why would they approve it?
If the supervisor did not know, then your analogy is flawed. There was no information asymmetry between Spiers and her reviewers - they knew what the change did and they approved it.
No, to follow the analogy: The supervisor trusted that person to only put in requests that are actually work-related. Just because the process says "supervisor approves" doesn't mean that it absolves the subordinate of responsibility.
So in this case process was followed, yeah. But trust was broken, and it only stands to reason that Google would fire this employee because of it. All other stuff is secondary and pollutes the discussion.
Because adding harmless code and stealing plane tickets, hotel fare, and maybe a rental car are the same thing.
How do you think old-school labor organizing went down? Do you think the bosses stood there smiling as employees handed out flyers at lunch? Google shouldn't have a say in how employees unionize. They have every reason, literally EVERY SINGLE REASON to sabotage it at every stage to make it as ineffective as possible.
If it was a code review, it would judge code quality and similar things. Not whether that change is in Google's interest. I guess if she was a product owner and added this feature, she would have been fired as well, despite following the process. She just acted against the company's interest.
This isn't a cut-and-dry issue. The internal tool was purportedly used to alert about privacy and security issues on external websites. But the message sent to users was not privacy or security related.
Of course Google is right. She happened to get two coworkers to approve what she was doing.
If I got a manager who I was friends with to approve my purchase of a fully decked out $53K Mac Pro so I could finally use Slack at a decent speed when I am working from home, wouldn’t you think there was something fishy?
Since you can’t spend 53000 dollars on a Mac laptop last I checked, yes! However the whole purpose of a managerial hierarchy is to establish a responsibility chain so at very least I would expect the manager to also get fired.
Google doesn’t care about these antics. They, like all employers, don’t want their employees to have meaningful bargaining power.
Well, there have been plenty of stories about toxic managers in tech companies. If your manager said it was okay to hit on your coworker does that absolve your responsibility to have good judgement?
And as far as having “bargaining power” they are tech workers at Google. If they have even a modicum of skills they have the ultimate power - they can walk away and get another job.
Heck, I’ve worked at a bunch of no name companies over 20 years and even I can walk out of the office and have another job in two weeks and this is nowhere near the west coast.
A single employee walking away has no power to change the status quo at google. A lot of them, however, do. That's what google and all employers wants to crush before it has a chance to coalesce.
Why is that? You can't just get code review / deployment approval. You need to have approval that a certain feature or process is wanted / needed for the system. My guess is the sec engineer in this story did not get approval for this feature in the first place, she just went ahead and changed the code.
What if this change allowed passwords to be captured in plain text? Browsing history? Surely those are fire-able offenses? So how is this situation any different?
So if she escalated her privileges and bypassed the approval process, yes, of course that should merit severe punishment. But that's not what happened, according to Spiers.
Giving her the benefit of the doubt for the sake of argument, you'd agree there's a huge difference between adding malicious phishing code to a company tool, versus displaying a text notification that doesn't fit the tool's original intent?
The text in question read, “Googlers have the right to participate in protected concerted activities.”, which is arguably different than the usual privacy/security warnings that the tool was intended for. But is it a fireable offense, versus an offense that warrants reprimand?
To put it another way, I think very few people would be bothered by Spiers being fired if the text notification she added were "Heil Hitler!". But that kind of content is fireable for a number of reasons. Whereas Spiers note about union rights, while inappropriate for the given plugin, is not patently against Google policy, and (again, assuming it's just a text notification) did not endanger the company.
If an employee tries to set fire to company equipment, they should be fired. If they draw a swastika on a bathroom stall, they should be fired. If they post up a pro-labor pamphlet in a bathroom stall, where it's against company policy to post any materials (regardless of content), should they be fired or reprimanded?
All these 10x developers terrified they'd have to make a reasonable wage like the rest of us serfs.
*By the way, that's very much sarcasm since a well organized union doesn't need to cap wages at any level. It's just the argument that keeps getting put forward and I get sick of it.
In this case, the people who approved it should be fired as co-conspirators. The sanctity of the software that runs on employee's hardware should never be violated.
Even if she followed the rules that doesn't mean she should be absolved of guilt. You can follow the rules and submit a PR, have 2 code reviews and plenty of tests, if you brake production then you can still be fired for incompentency.
The fact that 2 reviewers approved her change doesn't mean that she has the right to send notifications like this through a browser extension.
In my company, I could put in travel orders to let me go to and from Hawaii on the company dime, have a vacation, and have my supervisor approve (which is following the standard process), but doing that should get me in a lot of trouble and/or fired.