you're treating the company as monolithic, and it's not. every group has their own hiring practices and contractors, and manage it differently. i came across this when a bunch of infosec people (myself included) got spammed for entry level jobs. every group has their own targets, methods, faults and strengths. it's just how it is. can't fault the entire company for one bad incident. if you do have concerns, reach out to people and let them know their tactics are turning good candidates off. that gets attention, and that gets changes.
Your right, but Google still has polices and procedures to follow for hiring that do blanket across the company. It could be some thing like, do not contact former employees unless a human vets it.
In a situation with former employees, you have to take into account all that has happened with them. Because the employee sure will (for better or worse).
If you have different groups operating for hiring, they need tools and info to work better. I'm not faulting google for this incident, I just think it could be done better.
