My statement was more about principle, rather than this particular incident. In this case the person admitted to having the password and was seeking to extort payment, that is problematic (the information was not theirs to sell, they did steal the by denying access to it by the proper owners). The hardware, well, the employer has to prove it is theirs and the contractual conditions under which they gave the employee that hardware, before they can try to claim it back. Obviously they did not simply claim it was stolen, hence it ownership is questionable, they can only really sue for it's return. Google is still largely at fault for the problem, they simply did the cheap thing, fobbed it off and failed to deal with it properly.
No, he did not admit to having the password. The contingent offer to help was to work with Google to get the password reset. King Richard move for sure, asking for 200K.
He worked entirely remotely and was the last IT employee remaining when they demanded he move to Indianapolis.
Apparently, there was also a racial discrimination back and forth with lawyers involved, prior to filing suit. The 200k demand was in light of the perceived discrimination.
He returned the laptop when asked for it.
This is not a clear case of holding data for ransom at all.
Ultimately, the primary role of IT is to protect the data. Doing anything else is unethical, and can be illegal (duh, right?). However, a company crying foul after it's own management screw ups does not automatically brand an IT peon as some kind of saboteur.