Literally no one but legal should have the authority to remove a contract from the website, and allowing any other human being to do so is gross negligence at absolute best.
It should have sent a cascade of giant red flags the second it was touched.
Oh it definitely would be grossly negligent, but the amount of technical systems I’ve seen that somebody should have a stake in but wasn’t actually involved with… well, if Legal’s purview ends at writing up those terms, Compliance made sure they’re up in an appropriate place and nobody thought to put “make sure they are automatically involved of any change affecting this” on the checklist, all the boxes have been ticked and they won’t notice until the fallout starts hitting.
In an ideal world, any change to the master branch of that repo or to the repo itself should require the approval of a technically versed member of Legal/Compliance (or one of each, if they’re separate teams). In reality, that approval process may well exist only on paper, with no technical safeguards to enforce it.
Literally no one but legal should have the authority to remove a contract from the website, and allowing any other human being to do so is gross negligence at absolute best.
It should have sent a cascade of giant red flags the second it was touched.
Oh it definitely would be grossly negligent, but the amount of technical systems I’ve seen that somebody should have a stake in but wasn’t actually involved with… well, if Legal’s purview ends at writing up those terms, Compliance made sure they’re up in an appropriate place and nobody thought to put “make sure they are automatically involved of any change affecting this” on the checklist, all the boxes have been ticked and they won’t notice until the fallout starts hitting.
In an ideal world, any change to the master branch of that repo or to the repo itself should require the approval of a technically versed member of Legal/Compliance (or one of each, if they’re separate teams). In reality, that approval process may well exist only on paper, with no technical safeguards to enforce it.