> She was working on a application designed to serve notices both security and legal to Google users. She added this notice because as part of being legally compliant with the law people have to be informed of their right to unionize.
That's a valid point, though it takes me a lot of energy to hold this view even for seconds. But I see where you are coming from now.
It does assume / hinges on: adding such legal and security notices without approval of higher-ups is the way security and legal compliance at Google is done. That would look bad on Google, because it is bad security practice (using a rapid code push meant for solving critical bugs, for something that could go live next week), bad culture practice (why not ask input from more experienced Googlers?), and bad legal practice (a legal notice is worth at least one meeting with someone hired to do / deal with law issues).
> She added this notice because as part of being legally compliant with the law people have to be informed of their right to unionize.
I do not believe this for a single moment. This was her "temporarily change the Linux background"-moment, not a "oh, let's be proactive and do legal requirements for Googlers who can't Google 'right to unionize'.". That is the one you use to cover your ass and turn this into a political hot potato. But then still, if true, you go to your supervisor and you can bring this up. You don't emergency push a legal notice.
> Acting like this was some severe security violation is out of line.
I think that what she did would be grounds for insta-firing a security engineer, even in very employee-friendly countries in the EU. It betrays trust of all colleagues (the message would be no different from a carefully vetted company policy, so she basically spoofed her colleagues). She played an activist prank using internal security tooling: I laugh when I think of the confused angry emails upper management must have been sending the Privacy Policy Notifier team lead, they got trolled hard. I also think all this backlash from the diversity crowd is something that Google has deserved: They are either hypocritical (they never meant it, and are now stuck babysitting 20+ genders), or supporting Damore's argument that the ideological echo chamber within Google does not really work, and in business terms is a very ugly beast (if this was an action movie, they fired the scientist for pointing out that the volcano is about to explode).
So for severity I would not go as far as a good wry laugh about this. The mask is coming off. I can understand not wanting to build government murder machines and stick to ads, or not wanting to be part of the deeply ingrained rapey culture and this being the reason to protest and organize. But an internal security tool that your colleagues trust you to run on their machines is just a very bad "murder baby hitler" way to go about it. Murders your trust, processes, and protocols. Some big nasty lawyers are going to push the "disrupt the workplace"-argument hard, Google is going to be even more careful to fire blue-haired employees, and the argument that Google is intentionally targeting on anything protected by law will make even less sense.
That's a valid point, though it takes me a lot of energy to hold this view even for seconds. But I see where you are coming from now.
It does assume / hinges on: adding such legal and security notices without approval of higher-ups is the way security and legal compliance at Google is done. That would look bad on Google, because it is bad security practice (using a rapid code push meant for solving critical bugs, for something that could go live next week), bad culture practice (why not ask input from more experienced Googlers?), and bad legal practice (a legal notice is worth at least one meeting with someone hired to do / deal with law issues).
> She added this notice because as part of being legally compliant with the law people have to be informed of their right to unionize.
I do not believe this for a single moment. This was her "temporarily change the Linux background"-moment, not a "oh, let's be proactive and do legal requirements for Googlers who can't Google 'right to unionize'.". That is the one you use to cover your ass and turn this into a political hot potato. But then still, if true, you go to your supervisor and you can bring this up. You don't emergency push a legal notice.
> Acting like this was some severe security violation is out of line.
I think that what she did would be grounds for insta-firing a security engineer, even in very employee-friendly countries in the EU. It betrays trust of all colleagues (the message would be no different from a carefully vetted company policy, so she basically spoofed her colleagues). She played an activist prank using internal security tooling: I laugh when I think of the confused angry emails upper management must have been sending the Privacy Policy Notifier team lead, they got trolled hard. I also think all this backlash from the diversity crowd is something that Google has deserved: They are either hypocritical (they never meant it, and are now stuck babysitting 20+ genders), or supporting Damore's argument that the ideological echo chamber within Google does not really work, and in business terms is a very ugly beast (if this was an action movie, they fired the scientist for pointing out that the volcano is about to explode).
So for severity I would not go as far as a good wry laugh about this. The mask is coming off. I can understand not wanting to build government murder machines and stick to ads, or not wanting to be part of the deeply ingrained rapey culture and this being the reason to protest and organize. But an internal security tool that your colleagues trust you to run on their machines is just a very bad "murder baby hitler" way to go about it. Murders your trust, processes, and protocols. Some big nasty lawyers are going to push the "disrupt the workplace"-argument hard, Google is going to be even more careful to fire blue-haired employees, and the argument that Google is intentionally targeting on anything protected by law will make even less sense.