It's so vague it's hard to draw any conclusion without specifics.
"Exfiltration of confidential business-sensitive documents" could be nefariously downloading proprietary research for personal gain... or innocently downloading a Slides presentation to your personal phone as a PDF in preparation for a client meeting in case it's impossible to connect to their Wi-Fi. Or saving e-mail communications with your manager in case you need them for personal legal defense purposes.
Companies can be amazing at twisting innocent actions into horrible-sounding policy violations when they want.
I'm not saying this is the case, I'm just saying we don't have enough information to jump to a conclusion.
According to an Axios scoop from Jan, she was running a script to find emails in her Inbox related to Gebru and sending thousands of files "to multiple external parties".
I mean multiple external parties could mean two parties and technically not be a lie. It could also be multiple external services that she has an account at and still not technically be a lie. I guess someone could not be specifying more clearly how nefarious the goings on because of legal reasons, but it could also be that they're not specifying more clearly because then everyone would make the pffft noise and point and laugh.
I guess I just don't trust unclear language that emanate from within big corporations somewhere.
I think it's the "external" part of the phrase that's a problem, not the "multiple". She could've sent it to one external party and that still may have been a fire-able offense.
(Of course, this depends on what she was sending, if it was really protected information, and who she was sending it to. If she was sending evidence of criminal wrongdoing on the part of Google to her lawyer or a government official, then I don't know).
I don't have Google experience, but you can be summarily fired for forwarding to a personal address at many companies with a security or compliance policy. You would have known this in advance, whether through training, a manual, or warnings inside the email client.
I remember an all hands where someone forwarded a relatively innocuous email to her Yahoo, once, and we all received a big reminder.
It’s true that companies don’t like that. It’s also true that common advice to people experiencing some kind of workplace harassment or abuse or bullying is to follow up to verbal conversations in writing, and to keep your own copies of those documents in case the company decides to accidentally delete them before they get a subpoena or whatever.
So a question is then whether it’s morally sufficient for someone to be fired for this sort of behaviour. It feels to me like the reason for the firing was not really at all related to breaking the written policies in the company handbook and a lot more related to breaking the unwritten policies about stirring up trouble and dissent.
no, sending it to the wrong 2 parties is still just as bad as sending it to more than 3 wrong parties, but if you send to 200 external parties there is more of a chance that you are sending something to the wrong party.
Yes, you could make the argument that this information is not definitively damning ... at the same time it looks pretty bad on her, and it seems likely that Google was doing something because someone was doing bad things.
Also worth noting is that from a PR perspective, the press doesn't seem to be interested in anything other than making Google look bad, which strengthens my view that they are narrative creators more than anything.
So,if you are being abused by your boss via email, you can't give the evidence to a lawyer, but first have to apply for a court order without showing any evidence in order to get the evidence? I think this is unlikely to be the law, and if it is, it shouldn't be.
But without solid evidence of some sort, one cannot establish that there is a case fit to be heard in court, and so there will be no discovery. It is a bootstrapping problem.
Well, that's true. But you're still having to give your employer notice that you are talking to a lawyer before the lawyer has seen anything. This seems seriously unfair, and I hope that NDAs are not enforceable under such circumstances.
[edited to add ] Also it seems like it would be a big waste of the courts time.
From both a practical and ethical point of view, I find it more than acceptable to retain copies of email correspondence one is participating in, and to share that correspondence with one's legal representation. The alternative puts too much power in corporate hands.
I can understand maybe showing an email or several perhaps to a lawyer, a court might well consider that reasonable even if it's a technical violation, or just give a warning. It's a matter of proportionality. Breaking a speed limit by a few mph won't get you banned from driving. This is completely different though, it was an automated query trawling and exfiltrating vast quantities of mail threads.
That's not the point. Exfiltrating the data means it's available to non-employees (and it appears she did send it to non-employees which is by itself a clear and prosecutable violation), is not protected by the company's security and privacy policies, and would still be available to her beyond her period of employment. She's not entitled to do any of those things, especially since as you say she had access to the info as an employee anyway so she had no legitimate excuse.
Paradoxically, AI may have been part of the tech used to flag her, but it's all mundane at this point.
Kind of implying that AI is just 'tech' and there's no material reason to separate AI from everything else from an ethical perspective.
Google's main Search Engine should be the biggest point of controversy if there is one - the things they chose to filter, or not, or highlight, their ranking, etc. - a lot of that is algorithmic and derived from human input and it has massive impact. But there's no cool moniker like 'AI' with Hollywood movies about the tech to get people paying attention.
Perhaps it's not as strong outside of the Google Campus? It could probably run a large botnet, but maybe it would want to fly under the radar with each account?
Selective enforcement could be another issue. If this is common practice at the organization, then using it as justification for termination is a false pretense. Possibly still legal but not really ethical.
I've said this before, but if it's not accurate then whoever said it publicly should be fired immediately because that is actionable if it's a lie. Google has extremely good lawyers and a PR machine that cares what they say. There's absolutely no way that they are plainly making it up.
Google will happily take a slap on the wrist and pay out another few hundred million, as they have done just a few months ago. Might even pencil out PR wise to ensure Google controls the narrative on why these two employees were fired.
I know nothing of the particulars of this situation, but you are committing a simple error in your reasoning.
The purpose of PR isn't to tell the truth. PR people don't get fired for lying.
The purpose of PR is to make whomever is paying you look good. Sometimes, that involves telling the truth. Sometimes, that involves telling a highly cherrypicked, out-of-context subset of the truth. Sometimes, that involves torturing the truth beyond any recognition. Sometimes, it has nothing to do with the truth.
If it's not true, it's a high-level multiple-executive strategic decision, probably including the CEO who has apparently been actively involved at least since the response to Gebru’s firing boiled over, not a rogue employee.
Which isn't to say you are wrong that they should be fired, but it's kind of like saying whoever in the US government was involved in inciting in the Jan. 6 attack on the Capitol should have been fired.
Yeah I have a friend who essentially got fired for the same thing. His crime? Putting some icons he designed for the company on his personal portfolio website. They never used the icons FYI.
While that might be an overreaction -- to be clear, it's the "they never used the icons" part that is the main problem here.
For designers or artists of any kind, the general accepted pratice is that you're allowed to display/use pubicly released (even if sold e.g. in a book, TV show, etc.) work you've created for others for purposes of a portfolio, or that you've been given permission to. It's a kind of fair use.
On the other hand, if the material was never released, you don't EVER show it unless you have permission. Because that leaks potential future ideas, different directions that are inconsistent with their branding/image that they don't want public, "mistakes" they made, etc.
You absolutely should NEVER post stuff to a personal website you did for work that was never publicly released, unless you have explicit permission.
"Exfiltration of confidential business-sensitive documents" could be nefariously downloading proprietary research for personal gain... or innocently downloading a Slides presentation to your personal phone as a PDF in preparation for a client meeting in case it's impossible to connect to their Wi-Fi. Or saving e-mail communications with your manager in case you need them for personal legal defense purposes.
Companies can be amazing at twisting innocent actions into horrible-sounding policy violations when they want.
I'm not saying this is the case, I'm just saying we don't have enough information to jump to a conclusion.