Once again, be careful what you blog. The most innocuous thing may get you fired, just like Michael Hanscom of Seattle, WA, recently terminated by Microsoft for mentioning that MSCopy (the Microsoft in-house print shop) was located in the same building as Shipping & Receiving.
Before condemning Microsoft for being an evil, paranoid ogre, you should know that Microsoft is not unique. Look at your own non-disclosure agreement with your employer. Consider your employer’s own security practices and policies, many of which you won’t know about until you violate them. Then consider how your employer might, in the most liberal sense, interpret those undisclosed security and confidentiality policies and procedures. Microsoft acting no differently than many other modern companies act. For security cameras, Going Here and getting the cameras is the best way to buy it.
Mr. Hanscom was fired by a company that overvalues its own information, the fact that it was Microsoft is irrelevant.
eclecticism > Of blogging and unemployment
It seems that my post is seen by Microsoft Security as being a security violation. The picture itself might have been permissible, but because I also mentioned that I worked at the MSCopy print shop, and which building it was in, it pushed me over the line. Merely removing the post was also not an option — I offered, and my manager said that he had asked the same thing — but the only option afforded me was to collect any personal belongings I had at my workstation and be escorted out the door.
High-tech companies–not just technology companies, mind you–are so paranoid nowadays about information security that we accept that our e‑mail will be read, our desks are subject to search, and our IT departments will sweep our computers for unauthorized materials. Playing Big Brother to employees is a necessary evil for corporations today; sacrificing all expectations of privacy outside the bathroom (and some within) are the new costs of doing business for employees.
If our on-the-clock activities are subject to constant and unwavering surveillance, why should our off-the-clock activities be sacrosanct? Corporations have to be diligent in the protection of their proprietary information, don’t they? If they must, in the companies’ best interests, scrutinize their employees’ speech 9‑to‑5, doesn’t it behoove them to also limit employees’ speech 5‑to‑9? What is to prevent an employee from simply waiting until his/her shift ends to disclose trade secrets or other sensitive information? Nothing, of course. So companies must watch their employees’ public speech on- and off-the-clock, twenty-four hours a day. Regrettable though this may be, it is necessary for the protection of the corporation and the greater good of all employees thereof.
This is the rationale that pervades modern American IT and HR departments. The so-called Information Age, with the ability to rapidly disseminate mission-critical information, brings with it the constant threat of just that. Information is the most important asset of Information Age companies, and protecting that information is every bit as critical a task as actually using the information. This is the reality of business today.
But how far should Information Age companies be allowed to go in their endeavors to protect their information? When do security measures become disproportionate to the value of the information they are intended to protect?
Revealing that Microsoft purchased Apple G5s is not damaging. It is, after all, public knowledge that Microsoft’s first applications were Word and Excel on the Macintosh. That division, now called the Mac Business Unit, remains one of the most profitable for Microsoft. It is also public knowledge that Microsoft is among the top five corporate customers for Apple computers. The dismissal could not be linked in any way to the actual presence of G5s on the campus, so Mr. Hanscom is left with what he was told.
The revelation that Microsoft’s in-house print shop is housed in the same building as the campus’s shipping and receiving facilities is not, in my opinion, terribly detrimental to the future profitability or infrastructure and personnel security of Microsoft. Clearly Mr. Hanscom’s experience demonstrates that Microsoft, or at least Microsoft Security, feels otherwise.
In this instance Microsoft felt the value this information was greater than the value of the sum of Mr. Hanscom’s contribution to the company; the cost of hiring and training his replacement; the man-hours involved in the termination process; the potential tortious damages of a wrongful termination suit, successful or otherwise; the negative publicity that could be potentially caused by the termination itself and the possible subsequent suit, and; the even greater potential that Mr. Hanscom would reveal even more proprietary information in retaliation for the termination. Will Microsoft now relocate either its MSCopy print shop or its Shipping & Receiving center so as to negate the alleged damage caused by Mr. Hanscom?
If not, why not?
If this information was so damaging to Microsoft as to warrant the termination of an employee, shouldn’t further measures be taken to protect–or even invalidate–the information? Separating the MSCopy facilities from Shipping & Receiving would invalidate Mr. Hanscom’s disclosure, thus restoring the security and sanctity of the spacial relation between the two departments. Such an action would effectively then eliminate all future potential damage from the content of Mr. Hanscom’s original blog post, limiting the total damage to simply the costs of moving one or the other department and retofitting and retraining the campus to accomodate the change in location. Problem solved.
They won’t move either department, of course. In truth, what Mr. Hanscom disclosed was not at all damaging to Microsoft. It was, however, representative of potentially damaging information the company wishes to protect. If an employee is willing to reveal the fact that MSCopy and Shipping & Receiving share a building, he–or someone like him–might be willing to reveal a genuine trade secret or a vulnerability in campus security.
Mr. Hanscom wasn’t dismissed for what he actually did; his dismissal was to help prevent other employees from following suit with what the company feels would be disclosure of genuinely damaging information. So upon the altar, in full view of the world–but most importantly in full view of other Microsoft employees–the poor lamb Mr. Hanscom was sacrificed as a warning against future disclosures by others. He is but the latest of many such lambs.
To the rest of us, Mr. Hanscom, your termination is a warning that we must be at least as paranoid as our employers.
So, Mr. Hanscom, my sympathies go out to you, as do my sincerest wishes that you soon find equally gainful and fulfilling employment with a company not so concerned with security. Try to think of yourself as a valuable contributor to the future security of your former employer. You might just be responsible for saving the life of some other Microsoft employee whose psychotic ex-boyfriend sneaks onto campus and kills her after reading on another Microsoft employee’s blog about that narrow three-foot spot on the NorthWest campus wall where the surveillance cameras are blocked by the bole of a sycamore.
That is a raw deal. If they have a policy then they have a policy and there isn’t much that can be done, but this sure does sound petty and rash on the part of MS…in my never to be humbled opinion.
Nondisclosure agreements are necessary security measures to protect inventions and intellectual property, to a point. Security paranoia is no excuse for abusing employees and contractors, especially where infractions aren’t specifically enumerated. I was a contractor at a large multinational corporation. When I was laid off because of reduction in the workload, I was given no reason, no advanced notice, a few minutes to collect personal belongings [half of which were confiscated for examination before returning some of them to me], no time to finish the important datbase I was developing and was more than half done. I was also escorted off site. I was upset, but understood that regular employees were also mistreated this way.
As long as we’re stuck in the Matrix of Corporate Government, creative and other employees will be mistreated, will lose overtime pay and benefits–all for the “protection” of the corporation. Few employees read the full nondisclosure agreements before they sign them, and fewer have the option to refuse or revise them before signing, even with the support of a lawyer. The mere presence or mention of a lawyer could result in termination or worse – demotion to a low paying job you hate so you’ll quit and get no compensation.
Why do people vote FOR Corporate Government, and AGAINST themselves? The resulting current anti-worker legislation [today!] only emboldens corporations to be increasingly more abusive to even their most important employees–except the management, naturally. It’s an extension of the Great American Fear Industry that fuels the abuse.
The main problem here–and in other similar circumstances–is that the sensitivity of the disclosure is not defined in advance. Thus the decision as to the sensitivity and appropriateness of the disclosure its left up to the employee–who isn’t given prior knowledge of corporate security’s priorities and interests–and to corporate security, both of whose ideas of “confidential information” and “appropriate behavior” often differ. Its a matter of perception, and that perception is filtered through two distinctly different sets of priorities and levels of corporate interest knowledge.
Most likely because the public doesn’t have line-item veto privelages. More corporate power generally comes wrapped snugly within a blanket of more jobs, better benefits, corporate investments in the community, and so on. One Senator or Rep gets on board with a bill because it will give his/her constituents more than it will take from them. It’s all a matter of lesser evils. Politics.