A former Twitter employee, Gary Rooney, won about $600,000 for unfair dismissal after Twitter assumed he resigned by not responding to Elon Musk’s “hardcore” work email.
The case highlighted the importance of clear communication between employers and employees, especially regarding significant changes in employment terms.
Rooney’s private Slack messages, where he discussed leaving, were used as evidence by Twitter, underscoring that internal communication on platforms like Slack is not always private and can be used in legal disputes.
Fucking good. I’ve had to fire people (up in Canada though) and it’d be fucking ridiculous to “Please opt in to not be fired” it violates so many fucking employment laws.
That’s why we don’t bother having employment laws. So much easier this way!
american-based billionaire attempts to use american capitalist tactics against an employee who is not in america. fails spectacularly.
are workers rights communism now? /s
Always have been.
Worker’s rights? More like “Wokers rights,” amirite???
Maybe if you pulled yourselves up by your bootstraps, we could all live off our investment portfolios and the margaritas would just serve themselves.
internal communication on platforms like Slack is not always private
That’s common sense, frankly.
But people don’t understand it.
Hell, no email sent or received is yours and likely can never be truly deleted off your company’s exchsnge. Same with files etc.
It’s not common knowledge, let’s not pretend it is and educate people.
True that. I have to tell employees regularly to not send any chat or email they don’t want read in court. That usually gets the point across.
I hope I get to read mine someday, I really wanna say
it’s okay to be an idiot, just don’t be so fucking loud about it…uhhh… your honor
Most companies have a strict policy to delete everything off of exchange after a few months unless there is a reason to keep it longer. You can’t bring up in court anything that wan daleted before you looked.
I don’t think that’s true. We archive all email within the company as soon as it arrives. This is done to prevent an employee from deleting any evidence for many reasons that they may have. We are also on litigation hold which requires all data to be saved and since we can’t trust everyone to do this we are required to back up everything until we are told not to. We have used restored data many times for legal cases in the past.
Where I work there is a data retention policy, and emails and other forms of communication (internal emails and slack, but even customer calls, etc) are deleted after a set amount of time, which varies depending on the rationale for storing that data.
There’s many reasons to do this - limit disclosure issues in case of litigation, reduce storage costs, comply with PII rules around the world, etc. The guys in Legal have us file these loong ass forms about all this, including where the data is kept, security measures, etc etc etc.
I’m shocked this isn’t common practice everywhere.
There are two main types of data retention policy:
- Retain everything to protect the company when the staff do something dodgy.
- Delete everything to protect management when management do something dodgy.
It’s a little more nuanced than that, of course, but in broad strokes that’s how I’ve seen it play out. Does the company want to pin the blame on somebody or shrug and say “we have no idea how that can have happened, guess we need to forget about it.”
No he’s actually right, it’s a SOX thing. Not all companies do it but big ones with good legal departments generally do. Especially if they’re into shady s***.
The concept rules like this: we delete all emails over 90 days old. If someone subpoena’s emails over 90 days old we simply say they don’t exist we delete emails over 90 days old and show them the policy. From there it gets a little more dicey if people cram stuff into local stores.
From a corporate standpoint there’s a strong advantage to deleting all of your old emails and not keeping backups over 90 days especially for anything that might be legally questionable.
That said with the advent of SAAS, there’s a hell of a lot of data out there that doesn’t ever go away even if you do your best to make it happen.
I’ve contracted for companies with email policies that nuke anything older than 30 days.
I typically learn it the hard way when I go back to look for an email I need and…it has been deleted.
When I worked as a US FedGov contractor, I was greeted with a long warning banner every time I logged into my computer. The tl;dr version of it is “fuck your privacy”. Being that I was part of cybersecurity for the site I was working at, I was one of the people doing the fucking. While we didn’t read everything from everyone all the time, we were logging it and could pull it up, if we were performing an investigation. We also had some automated stuff scanning for patterns and keywords on a regular basis, which could trigger an investigation.
While I’m no longer in the FedGov space (thank the gods), I still assume that everything I do on my work system or with work accounts is being logged. Also, I’m still working in cybersecurity and am often still the one doing the privacy fucking. Yes, everything is being logged. We may not look at it today, we may not look at it tomorrow. But, when HR and Legal ask us about a user’s activity, we can usually be pretty detailed. Act accordingly.
My company is better than most I’ve worked for. They tell you, upfront, anything on their equipment can be monitored for any reason with no warning.
But then, as part of the HR and acceptable use policy, no one will monitor your activities without just cause and investigation. Meaning in practice, “We’re not going to look over your shoulder while you watch YouTube videos but if we notice you’re watching a lot of or you start visiting porn sites, we’re going to start monitoring you.”
Now all that said, I still assume that my company knows every key I type on their laptop.
Mines the same way. It’s actually kind of difficult to get approval to monitor someone. Has to be approved by two VPs.
I would assume they have some basic stuff running 24x7. I can’t imagine a network which doesn’t have Endpoint Detection and Response (EDR) running 24x7 these days. There’s also things like firewall logs, which are almost certainly being captured (or at least netflow). Stuff like screen recording and mouse monitoring is probably saved for extreme cases. That said, my own experience has been pretty close to:
We’re not going to look over your shoulder while you watch YouTube videos but if we notice you’re watching a lot of or you start visiting porn sites, we’re going to start monitoring you.
Quite frankly, no one’s got time for that shit. I work at an organization with a bit north of 25,000 employees, and we have less than a dozen security analysts. While I could run a search against our firewall logs and see evidence of folks dicking around. I have much better things to do, like running down abnormal processes and writing up reports on users who got their systems infected while dicking around. And that’s really the way it comes to our attention, most of the time. Someone is out trying to download movies or software on their work laptop (you’d think people would know better…) and they pickup malware. We get an alert and start investigating. While trying to determine the source, we pull browser history and see the user out on “SketchyMovieSite[.]xyz”. And then their dicking around becomes our problem, mostly because the site had a malicious redirect, which is where the infection came from.
So ya, they may not be looking, but I’d always bet they are recording. Logging isn’t useful if it isn’t recording at the time of the compromise.
What made you leave gov space?
It’s not OP, but when I left it was because the money and resources were better.
Federal purchasing is fairly rigged you don’t end up with decent hardware to do anything. Projects are constantly as complicated and strenuously pushed as possible. Everything has an angle there are too many people with essentially tenure. Don’t get me wrong, I liked a lot of the people that I worked with and around, but leaving Federal work for Enterprise was really refreshing.
Remote work and pay. I was already interested in getting a remote gig when COVID hit. We went to a hybrid schedule and I realized that I really liked working from home. Also that my job was pretty much built for it. While many of the folks I used to work with are still hybrid, fully remote was never an option. I worked with Classified systems and I could never convince them to put a SIPR drop in my home. I guess you need to get elected President for that.
As the world was opening back up, many companies saw remote work as a carrot to offer cybersecurity folks and I started to see a lot more job postings with it as an option. So, I put my LinkedIn profile to “looking for work” and started getting recruiters messaging me on a regular basis. One hit me up with “REMOTE WORK OPPORTUNITY” (yes, all in caps) as the lead for an offer. What followed that sounded interesting and I started talking with him. A few week later, I put in my notice and started working in the private sector. Got a pay bump in the move as well.
My time in the FedGov space was overall a positive thing. I learned a lot and got to see systems locked down in a way that actually mattered (I never thought I would miss STIGs). At the same time, I don’t see myself ever going back. The bureaucratic nature of everything is soul crushing. And sitting in an OSS all day long sucks. It especially sucks when you’re the only one in the container and need to go out and take a piss. Clear the room, arm the alarm, spin the lock, sign the sheet, go piss. Open the lock, sign the sheet, disarm the alarm, get back to wishing for the sweet, sweet embrace of death.
OMG the OSS at my first job was like that, but they wouldn’t give contractors the lock code. So after I was waiting 30 min to go pee I spun the lock, went pee, came back and waited an hour outside the door. We both got a talking to, him by his command and me by my company. I snapped back and pay, hours, and lack of trust and that if they tried to gig me for this I was walking out and not coming back. That was back in 2012 and I have changed jobs multiple times. I like the team and what I do, openshift and kuberneties is awesome to get teams to update their code. But as you said,no remote, except for development.
And people wonder why we want encrypted communications
Paywall?
If your browser has a reader mode, it can probably bypass the Business Insider paywall. Article full text below.
Gary Rooney had worked at Twitter for nearly a decade.
He was the director of “source to pay,” a procurement role, in Twitter’s European headquarters in Dublin when Elon Musk acquired the social-media platform for $44 billion in October 2022.
Within weeks of taking over Twitter, Musk sent a now infamous email to the entire workforce asking them to commit to an “extremely hardcore” work schedule or resign.
“This will mean working long hours at high intensity. Only exceptional performance will constitute a passing grade,” the billionaire wrote in the email.
Anyone who didn’t click yes on a link in the email to “be part of the new Twitter” by the next day would receive three months’ severance, the message said.
Rooney fell into that group. But rather than leaving quietly, he brought a case to Ireland’s Workplace Relations Commission, claiming unfair dismissal. He won and was awarded about $600,000.
Recently released documents detailed the commission’s decision, revealing new details about Rooney’s case and Twitter’s human-resources practices under Musk’s direction.
Rooney saw the email but did not respond. Three days later, he received a second email from HR saying it was acknowledging his “decision to resign and accept the voluntary separation offer.”
“At no time have I indicated to Twitter that I am resigning my position,” he replied a week later, according to the report. The company told him that not clicking yes was “treated as you having served notice to resign your employment.” Resignation by omission
It may not seem like common practice to terminate an employee without speaking with them, but no-show resignations aren’t unheard of, said Robyn Hopper, an HR-knowledge advisor at the Society for Human Resource Management.
Related stories
Employee handbooks explain when termination may be considered a voluntary resignation. The issue is that many employees tend not to read company policies or handbooks until it’s too late, Stefanie Camfield, the director of HR at Engage PEO, said.
Workers install lighting on an “X” sign atop the downtown San Francisco building that housed what was formally known as Twitter, now rebranded X by owner Elon Musk, Friday, July 28, 2023. Twitter was rebranded as X after Musk took over. Noah Berger/AP Photo
Another factor to be aware of, Camfield said, is that many US companies do not offer a written employment contract to workers and that positions at companies are mostly “at will” — unlike other countries such as Ireland, where Rooney is based and which has stronger protections for the employee
“‘At will’ means an employer or the employee can end the employment relationship for any reason or no reason, so long as it’s not unlawful,” she said.
If anything is disputed, the courts generally place the employee in a position of less strength.
For example, an employer can terminate an employee without notice if they fail to show up for work. It assumes the employee has decided to resign and just hasn’t told it yet, Camfield said. This is known as job abandonment.
How long the employee has depends, but most companies that Camfield works with set a three-day rule. Communication
Camfield said Twitter’s handling of the situation was hampered by unclear communication and informal language.
“The employee wasn’t really given clear terms on the changes to the terms of their employment. They were just told Twitter 2.0 — that’s not clarity,” Camfield said.
“What stood out to me is that there’s a question about whether the statement that was sent to the employee could be construed as the employee resigning by not checking yes,” she added. “There’s not anything that actually evidences that the employee resigned.”
However, she said she thought that the employee could have responded in some manner on the day, even if they did not agree with what was being presented to them.
Ending an employment relationship generally deserves face-to-face or at least personalized conversations, she said. But phone calls are often time-consuming and need to be scheduled. Particularly for a large workforce, it’s just not feasible to individually call all employees.
Hopper pointed out that sometimes HR has their hands tied and is acting on orders from upper management.
“Some employers have a requirement that if an employee is resigning, and it is written as an email or text, they will call an employee to make sure that what was received is legitimate,” she said. “But there is no law that I am aware of that states that an employee or employer cannot use email or other communication.”
Hybrid and remote work have also created a new challenge for HR professionals, particularly with employees spread across regions with different regulations, Hopper said. Your Slack messages aren’t private
The Workplace Relations Commission’s report shows that on the day Rooney received Musk’s email, he messaged a colleague on Slack, saying: “Hey — wanted to let you know im going. I need to step away for my own sake. I’m deeply troubled by whats going on here these days.”
In another message, he wrote: “Iv made the decision not to press the yes button, and wanted to drop in a goodbye here.”
Twitter used these messages and others as evidence that he intended to leave the company. The commission found the Slack messages had “no relevance to the question as to what brought about the termination of the Complainant’s employment.”
Even though Rooney won his case, experts told Business Insider that it should serve as a reminder to all employees about the risks of using internal messaging systems.
New Slack redesign Slack is a great tool for communication in the hybrid world, Stefanie Camfield, the director of HR at Engage PEO, said. Slack
Employers often have the right to monitor and preserve data on Slack. They primarily use it to ensure company policies are being followed, Camfield said, but it can be used however they see fit — including as evidence in a lawsuit, as Twitter did in this case.
That’s not necessarily a bad thing, she added.
“This messaging tends to encourage employees to talk more frequently and more casually,” she said. “And it can lead to inappropriate conversations.”
Slack messages could just as easily be used as evidence in a sexual-harassment case, Camfield added.
The software is still a great tool for keeping teams connected in the age of hybrid work. However, employers need to train employees to understand that company policies extend to Slack and that their information is not private, she said.
