She was doing activism, not work. She knew damn well that she could not push without a code review, so she basically threw two colleagues under the bus (they were reprimanded).
She will get work somewhere else, but, to me, it does not look good to be fired for abusing internal security tooling, with the huge responsibility that security engineers have. Burning bridges and making a stink about it was her own choice, and this should have consequences, like crying about any other unrelated protected status (I did this very bad thing, but my employer fired me for racism, unionizing, being a (trans) woman, being old, etc.). You poison the well for everyone with that crap. Your group identity becomes so important to you, that you start to label individuals as "old white men" and anything negative happening to you must be related to your group identity. I don't play that game, so don't handicap me with your stereotypical groupthink.
The only one being tarred and feathered here is Google, for union-busting and retaliatory firing (as if... some even argue these firings target transgenders). Your example misrepresents my argument: advocating increased security against management is harmless and part of your job. Trying to be cute and score brownie points with activist pals is a risk she thought worth taking. Good on her.
She did not abuse any sort of security tooling. She was working on a application designed to serve notices both security and legal to Google users. She added this notice because as part of being legally compliant with the law people have to be informed of their right to unionize.
The rest of your argument is massive projection because she did nothing of the sort. She added a notice which linked to internal Google documentation which was reviewed by her peers and by any account incredible benign. Acting like this was some severe security violation is out of line.
> She was working on a application designed to serve notices both security and legal to Google users. She added this notice because as part of being legally compliant with the law people have to be informed of their right to unionize.
That's a valid point, though it takes me a lot of energy to hold this view even for seconds. But I see where you are coming from now.
It does assume / hinges on: adding such legal and security notices without approval of higher-ups is the way security and legal compliance at Google is done. That would look bad on Google, because it is bad security practice (using a rapid code push meant for solving critical bugs, for something that could go live next week), bad culture practice (why not ask input from more experienced Googlers?), and bad legal practice (a legal notice is worth at least one meeting with someone hired to do / deal with law issues).
> She added this notice because as part of being legally compliant with the law people have to be informed of their right to unionize.
I do not believe this for a single moment. This was her "temporarily change the Linux background"-moment, not a "oh, let's be proactive and do legal requirements for Googlers who can't Google 'right to unionize'.". That is the one you use to cover your ass and turn this into a political hot potato. But then still, if true, you go to your supervisor and you can bring this up. You don't emergency push a legal notice.
> Acting like this was some severe security violation is out of line.
I think that what she did would be grounds for insta-firing a security engineer, even in very employee-friendly countries in the EU. It betrays trust of all colleagues (the message would be no different from a carefully vetted company policy, so she basically spoofed her colleagues). She played an activist prank using internal security tooling: I laugh when I think of the confused angry emails upper management must have been sending the Privacy Policy Notifier team lead, they got trolled hard. I also think all this backlash from the diversity crowd is something that Google has deserved: They are either hypocritical (they never meant it, and are now stuck babysitting 20+ genders), or supporting Damore's argument that the ideological echo chamber within Google does not really work, and in business terms is a very ugly beast (if this was an action movie, they fired the scientist for pointing out that the volcano is about to explode).
So for severity I would not go as far as a good wry laugh about this. The mask is coming off. I can understand not wanting to build government murder machines and stick to ads, or not wanting to be part of the deeply ingrained rapey culture and this being the reason to protest and organize. But an internal security tool that your colleagues trust you to run on their machines is just a very bad "murder baby hitler" way to go about it. Murders your trust, processes, and protocols. Some big nasty lawyers are going to push the "disrupt the workplace"-argument hard, Google is going to be even more careful to fire blue-haired employees, and the argument that Google is intentionally targeting on anything protected by law will make even less sense.
She will get work somewhere else, but, to me, it does not look good to be fired for abusing internal security tooling, with the huge responsibility that security engineers have. Burning bridges and making a stink about it was her own choice, and this should have consequences, like crying about any other unrelated protected status (I did this very bad thing, but my employer fired me for racism, unionizing, being a (trans) woman, being old, etc.). You poison the well for everyone with that crap. Your group identity becomes so important to you, that you start to label individuals as "old white men" and anything negative happening to you must be related to your group identity. I don't play that game, so don't handicap me with your stereotypical groupthink.
The only one being tarred and feathered here is Google, for union-busting and retaliatory firing (as if... some even argue these firings target transgenders). Your example misrepresents my argument: advocating increased security against management is harmless and part of your job. Trying to be cute and score brownie points with activist pals is a risk she thought worth taking. Good on her.