
Public by Default: Venmo Stories of 2017 - dbielik
https://publicbydefault.fyi/
======
CSEThrowaway
I have been complaining about this, basically since Venmo came out. My friends
would just say "oh, you just make your account private" like it was no big
deal, but I was still flabbergasted. Was it supposed to be some kind of social
networking aspect? It just boggles my mind that people would participate in
such a product. My primary experience with it was as an undergraduate, where
student groups would use it to send money for things like membership fees,
outfits, etc. Most of these people were downloading the app for the first
time, and I doubt they bothered managing their privacy settings.

The fact that this is now just getting attention kind of makes me want to hit
my head on my desk. I'm glad it is though; this site is very well done and I
hope Venmo and its users take note.

~~~
chickenfries
My sibling and their friends use the Cash app, they find the social networking
aspect of venmo appalling. I think when Venmo came out, there was nothing else
as convenient, so we accepted the social networking aspect for the
convenience.

Man, what a brilliant feature though, for Venmo. Provide users with Emoji
autocomplete, get perfectly labeled transactions. If I try to pay my roommate
for electricity, it asks me to use a series of emojis that represent
"electricity bill." In this way, Venmo is getting users to remove the
ambiguity in describing their transactions. Something like "electricity" could
refer to say, a night club, but Venmo got me to accurately label it as a power
bill.

~~~
chrisco255
The number of BS posts on Venmo and made up reasons for payments is quite
staggering. It became more of a joke for most people I know. Most of them on
my news feed are for "eggplant squirt" emoji or something similar.

~~~
wedn3sday
Every single one of my venmo transactions is labeled with a single eggplant.

------
bubblethink
Another FYI for anyone who uses venmo. A few months ago, they changed their
method for adding bank accounts. In most cases, they force you to use the
plaid method, which straight up asks for your bank password. Do not use it.
You will literally give venmo/plaid etc. your entire bank account history.
It's done very disingenuously because the log in screen for plaid is meant to
look like your bank login.

~~~
sdf43543t345
Those 3rd party scrapers they use also sell your banking / transaction
history. NEVER GIVE AWAY YOUR BANKING CREDENTIALS FOR ANY REASON.

------
decasia
It's hard to regulate the users' ignorance or to prevent the use of awful dark
patterns like "public by default."

But it would be a more ethical world if every site with public-facing social
features had to create something like the presentation that
publicbydefault.fyi has put together here. Something that graphically exposes
the exact privacy implications of the data people are leaking. Privacy is at
this point an _educational_ problem as much as a technical problem, and it's
on us to figure out the best practices for how to _teach_ it.

------
djsumdog
Wait is is this still true? Transactions are still public to the world by
default? I remember seeing this a while back and would have thought
Venmo/Paypal would have changed the default by now. I guess that's not the
case?

~~~
coolspot
I started using Venmo a week ago to pay babysitter.

Transactions are still public by default and you can browse strangers and see
what they are paying for.

Crazy!

~~~
dopamean
With the links to their photos and reverse image search you easily find out
who people are too. Why on earth does this need to be public.

------
cjhanks
Not long ago Venmo's ability to pay at the website was "Under Construction"...
and it never came back.

They forced all of their users to perform all transactions via their cell-
phone. When I signed up, that was not the deal.

I am reasonably responsible online and I never in my wild dreams expected that
the default behavior was my purchases would be public knowledge. It was not
really a big deal since they weren't embarrassing - but imagine the outrage if
VISA had a similar policy.

I do not trust Venmo and I hope they go out of business.

------
orarbel1
[https://web.archive.org/web/20180829075129/https://publicbyd...](https://web.archive.org/web/20180829075129/https://publicbydefault.fyi/)

------
chatmasta
I'm surprised nobody has commented on the quality of this website. It's really
well done! It's entertaining, informative and aesthetically pleasing all at
the same time. Nice job to whomever made it.

~~~
valuearb
It’s terrible.

“Soooorry, this content is not intended to be viewed in this resolution - you
wouldn't enjoy it! Either change to the portrait orientation or a bigger
screen.

Thanks for understanding!”

And in portrait it’s text is so small to be nearly unreadable.

------
Nightshaxx
To be honest I had no idea they even made transactions public and I'm
definitely more proactive about turning on privacy settings than the average
consumer. I thought it was just a friends thing......I didn't know it was
everyone in the world....

------
heinrichf
Previously discussed here:
[https://news.ycombinator.com/item?id=17549985](https://news.ycombinator.com/item?id=17549985)

~~~
mediumdeviation
And also
[https://news.ycombinator.com/item?id=17858019](https://news.ycombinator.com/item?id=17858019)

------
_eht
Speaking of bad apps... can people who insist on SPA's please respect default
browser based navigation?

------
phyzome
I wonder how this is supposed to benefit Venmo.

~~~
cbau
Teenagers/college students use it to show off they are hanging out with each
other without looking like they're trying, which probably increases adoption
by young people.

~~~
phyzome
So basically... it's public because it would be any work at all to implement
filters and friending? :-/

------
trumped
the default settings of most apps have been bad for decades... the mindset
need to change...

------
fiatjaf
Yes, you do need Bitcoin.

------
s_dev
This doesn't seem very GDPR compliant. Though I don't know -- it at least just
doesn't seem that way, it could be. "By default privacy isn't baked in"
something that GDPR does require.

I understand GDPR only applies to EU citizens but I'd imagine theres a lot of
EU citizens using this US only product in the US.

~~~
djsumdog
If they're EU citizens living in the US, they're under US law and
jurisdiction.

~~~
aidenn0
And they are also under EU law and jurisdiction.

~~~
LocalH
Why should someone be covered by the jurisdiction of their place of residence
when they are elsewhere?

That seems a bit authoritarian to me.

~~~
djsumdog
Say you went to a place where child sex traffic was legal, or the laws not
enforced. This is illegal in several EU countries and the US, and you can be
prosecuted upon return:

[https://www.justice.gov/criminal-ceos/extraterritorial-
sexua...](https://www.justice.gov/criminal-ceos/extraterritorial-sexual-
exploitation-children)

------
matz1
I welcome this public by default pattern. Same thing could be said from the
other side, public by default is an educational problem, it's to figure out
the best practices for how to teach it to the older generation on how to adapt
in the society where everything is public. To me privacy issue is better
solved by radical transparency for everyone. Public by Default is a good
initial step.

~~~
eerwrq
> To me privacy issue is better solved by radical transparency for everyone.

Human societies don't work like this, and never had. People aren't meant to
live in a world where everything is public. You are advocating for a very
dangerous and unhealthy transformation.

~~~
matz1
Society always changing. It will not be a quick change, it will be gradual. It
seem like the trend is going toward that way though.We have this expression
"Information wants to be free". The advancement of technology make it easier
for information to spread. Most kids today is already gradually accustomed to
live where many thing is public.

~~~
jonahx
> We have this expression "Information wants to be free".

This expression refers to _public available_ information which is nevertheless
copyrighted and costs money. [0]

I have never in my life (before now) heard anyone seriously argue that _all_
private information, and _all_ personal secrets should be free.

[0]
[https://en.wikipedia.org/wiki/Information_wants_to_be_free](https://en.wikipedia.org/wiki/Information_wants_to_be_free)

~~~
leetcrew
i always took the expression to be a valueless statement on the tendency of
digital information to be widely disseminated. more "you can't stop the
signal" than a moral claim.

