At one point, the article describes the mantra of the software engineers within the company as:
"Move fast and break things."
This isn't too far from one of Google's slogans as cited in the Huffington Post:
"Launch and iterate"
In fast moving markets, it is crucial to be up there in front of the pack, innovating and delivering new products and services constantly so that the user experience stays relevant and fresh. However, as lawyers, we know that this need must be balanced well as there are significant risks (legal, financial and reputational) if the product development and management process does not include sufficient legal and compliance input. Even if it is finally decided that the benefits outweigh the risks, one must consider the potential for miscalculations of that risk (given the propensity of some within the business to exude over-confidence, which gives rise to the illusion of control) and prepare for the potential consequences of such miscalculations.
Here are some examples of where a focus on development and product functionality did not serve the company well from a privacy perspective:
- The "launch and iterate" process probably didn't help Google when its product engineer decided to write code to allow the capture and storage of payload data transmitted via unencrypted Wi-Fi networks.
- Path did not get the consent of users when it uploaded their address books onto Path servers, and the CEO had to issue an apology, and according to Bloomberg, was on the receiving end of a grilling from Tim Cook.
We lawyers also have a mantra of our own:
"Tone at the Top"
"Once Broken, Considered Sold".