Last week, Katie Moussouris, a noted security researcher and the woman who was instrumental in developing Microsoft's bug bounty program – a task that led her to become one of the Web's foremost experts on disclosure and vulnerability policy – filed a gender discrimination class action lawsuit against her former employer.
The complaint alleges that over the years Microsoft has engaged in "systemic and pervasive discrimination against female employees in technical and engineering roles with respect to performance evaluations, pay, promotions, and other terms and conditions of employment."
Microsoft, in statements to the media, said they're committed to a diverse workforce, one where all employees have the chance to succeed. The statement goes on to say that they've "previously reviewed the plaintiff’s allegations about her specific experience" and found nothing that support's the lawsuit's complaints.
The core of the lawsuit addresses a practice of stack ranking, a policy that was dropped in 2013.
From the complaint:
"[F]or many years and continuing through 2013, Microsoft used a companywide “stack ranking” system for evaluating employee performance, which force ranked employees from best to worst using a performance rating from 1 through 5, with 1 being best, and 5 being worst. Only 20% of employees could receive a 1, 20% a 2, 40% a 3, 13% a 4, and the remaining 7% received a 5. This stack ranking process systematically undervalued female technical employees compared to similarly situated male employees because, among other reasons, it meant that lower ranked employees were inferior and should be paid less and promoted less frequently regardless of their actual contributions to Microsoft."
The ranking took place twice a year. The mid-year stack assignments were used as a means to determine mid-year promotions, and the end of year stacking was used for compensation and year-end promotions.
This stacking, the complaint continues, led to a system where "female technical employees receive less compensation and are promoted less frequently than their male counterparts."
"Microsoft company-wide policies and practices systematically violate female technical employees’ rights and result in the unchecked gender bias that pervades its corporate culture."
Other than the blanket statement given to the media, Microsoft has issued no further comments. A copy of the filing itself is available online.