
Salesforce CEO Benioff calls for national privacy law - jeffthechimp
https://www.salesforce.com/company/news-press/stories/2018/5/051618/
======
slap_shot
This is absolutely hilarious. This dude owns company that builds an array of
products around identifying your users, storing as much information about them
as possible, and then making that information as actionable as it can.

>A national privacy law would require that companies disclose how they collect
your information, use your information, and offer a right-to-be-forgotten,
Benioff explained. “If you want to delete your information, you could hit that
button and be sure your data is gone forever.”

Okay, want to start by adding that button the Salesforce DMP Page? Right now,
it looks like the best I can do is get an opt-out cookie that expires in 6
months [0]. I'll wait.

[0] [https://www.salesforce.com/products/marketing-
cloud/sfmc/sal...](https://www.salesforce.com/products/marketing-
cloud/sfmc/salesforce-dmp-privacy/)

Edit: I was being facetious. I know exactly why he said this and I don't
expect Salesforce to do this until they legally have to. I just hope the irony
wasn't lost on anyone.

~~~
majos
It's plenty reasonable to be skeptical of the public utterances of CEOs, but
it's not _necessarily_ true that his words are hollow because his company is
not currently compliant with the law he's proposing. As long as competitors
are free to ignore this proposed privacy requirement it probably makes no
competitive sense for his company to comply with it. In that case, it's
perfectly logical to agitate for a law, which would let you adhere to stricter
privacy requirements confident that your competition has to do so as well.

~~~
craftyguy
This is a classic case of a well established company lobbying for regulations
to keep newcomers out of their sector.

~~~
pathseeker
> This is a classic case of a well established company lobbying for
> regulations to keep newcomers out of their sector.

No it's not because SF won't be allowed to do it either. It's like a power
company advocating for the banning of coal while still using it because its
the cheapest option. You can participate in a practice to stay competitive
while advocating for the banning of that practice.

~~~
taysic
The point is newcomers have a disadvantage against any type of regulation they
need to comply to - simply because they often have less funding/resources than
a giant company. This happens in practice all the time.

~~~
infogulch
I'm starting a chemical manufacturing business, but regulations are putting an
undue burden on me by not letting me just dump waste product into the nearest
river. Dow Chemical Company didn't have to abide by all these regulations when
they were founded in 1897, it's not fair!

Edit: To be clear, I'm not saying anything about the necessity of any
regulations. I'm just saying that when evaluating possible future regulations,
viewing just in the light of incumbent/newcomer dynamics _alone_ will give you
absurd results.

~~~
2RTZZSro
Your comparison is laughable. Try competing with Comcast and AT&T.

~~~
kbenson
Comcast and AT&T are slightly different, in that they have government granted
advantages (not just usage rights to infrastructure, and infrastructure access
which is much harder or impossible to achieve now, but in some cases the
government paid for that infrastructure before handing it over), not _just_
the benefit of coming up prior to regulation and already having practices in
place to deal with regulation.

------
skrebbel
I disagree with the people here who call out Benioff's hypocrisy in making
this statement.

It's not uncommon or hypocritical for companies to be in favour of regulation
that would prohibit things that they currently do. The whole point is that if
Salesforce would currently start respecting privacy more than they'd be
legally required to, for plain ethical reasons, but other companies don't do
the same, then they have a competitive disadvantage. If the law requires them
to do so, they can be more ethical while the playing field is level.

Of course there's still a strong and fair open discussion on how far a company
should go in the "totally unethical but technically legal" arena of evil shit.
But I don't see much of that discussion in this thread.

Companies often welcome regulation. I once read somewhere that when cigarette
companies were forbidden to advertise in the EU, their profits went up. All of
them were only advertising to compete with the others, it was an arms race
without end. When the entire arms race got outlawed, cost shrunk but income
did not change. Smokers didn't suddenly switch brand because they didn't see
bad jokes about camels every commercial block.

I also disagree with the argument that this is a call for regulation to keep
newcomers out. It's true that bigco's rooting for regulation often do this for
anticompetitive reasons and it's abysmal, but I really don't see how increased
privacy controls such as the GDPR (but in more places) prevents incumbents
from outperforming and outmarketing the big shots. You need to come with a
stronger argument about how such regulation affects Salesforce less than a
tiny startup. Assuming it's decent regulation, of course - I fully agree if
this ends up being a legal minefield.

But eg the GDPR is decent regulation that is really not that hard to abide to
unless you're genuinely evil (I say this as the owner of a small EU-based
startup). The world could use more of that stuff.

------
eganist
People might be missing the point.

You always start ahead in a contract negotiation when you're the one writing
the first draft. It's no different here having an adtech/martech company kick
off a privacy discussion; Salesforce wants the upper hand because it's easier
to know the ways around the legalese when you're the one writing it.

The key is to say "you're right" to Benioff and then draft the law entirely
without his influence.

~~~
cityzen
"You always start ahead in a contract negotiation when you're the one writing
the first draft." Never heard that but I like it. I am aware of it, just never
heard it put into words like that. Thanks!

------
ocdtrekkie
Both the UN and the EU consider privacy a fundamental human right. We
shouldn't be looking for a law, we should be looking for a Constitutional
Amendment.

~~~
strictnein
It would be improper to limit individuals in their interactions with other
individuals or corporations via an amendment. A law is the proper place for
that type of restriction.

~~~
gowld
You are getting reflexively downvoted, but it's not so clear cut.

On the one hand, slavery was banned by 13th amendment.

On the middle handle, alcohol was banned (18th) and then unbanned (21st) by
amendment.

On the other hand, nearly everything else in the Constitution is about the
function of _government_ and the _rights_ of individuals _with respect to
government_ , not the rights of individuals with respect to other individuals.

------
mychael
Of course he does. Big businesses like SalesForce will benefit the most from
the regulation and he gets the glory of virtue signaling about it.

~~~
bllguo
I get these cynical responses, but ultimately don't many HN readers - me
included - want this kind of law too? Why are people so hung up about the
guy's motivations?

seems like a case of letting perfect be the enemy of good

~~~
woolvalley
Seeing what is happening with GDPR currently is cause to be cynical.

Lawmakers tend to copy & reference laws from other places as case studies. So
if one law shows up somewhere, that law tends to start spreading around like
it's a meme.

------
jaredhansen
The CEO of a massive public company that lives on data is calling for new
regulations that his company will be better equipped to deal with than
competitors will? Color me shocked.

~~~
dmode
Just to clarify, Salesforce doesn't live on data. Salesforce primary business
is CRM tools, where the data belongs to Salesforce customers. Salesforce is
not tricking its customers' customers in giving them data for one purpose and
then using it for another purpose and selling it to advertisers. Salesforce
simply makes money from the CRM license. Not through data trading.

------
matchagaucho
Regulatory capture would be the result of any regulation on FB.

I'm not convinced that Benioff is devious enough to have this ulterior motive.

But clearly, social networks have become the new CRM for many small-mid size
businesses... and on that front FB represents a threat.

~~~
thrav
Facebook is definitely not a threat to Salesforce small business. Hubspot,
Insightly, and other small focused offerings plus Pad of Paper and Excel are
the real competition for small CRM / Marketing buyers.

------
Shivetya
Can we have opt out for government agencies as well? I posted the other day
that many county and state governments let you search their data bases for a
wealth of information and you can damn well bet they sell or provide bulk
access.

While I know it cannot be reasonably expected that "government" forget us in
this manner it certainly could be forced to limit access to data that is
identifiable back to an individual without their permission

Example of the details offered, by address or name of owner
[http://www.cobbassessor.org/cobbga/search/commonsearch.aspx?...](http://www.cobbassessor.org/cobbga/search/commonsearch.aspx?mode=address)

~~~
peatmoss
Many governments are providing access to the sort of data you link out of a
desire / mandate for transparency. As an undergrad journalism major, one of
our assignments was to dig up as much information as we could from public
records about the school’s dean (he was a willing participant). The purpose of
the exercise was to impress upon us how much information was available through
public records.

The difference now is that those records are digital and don’t require (in
most cases) flipping through actual paper documents.

The question of privacy vs. transparency is an active area of conversation
now, particularly because people like yourself are discovering that you never
had privacy around some transactions in the first place. Also, machine
readability has changed the threat model somewhat.

In general, however, I’d guess that transparency and open access to many kinds
of data will continue to be the way the law leans.

------
gwbas1c
> In some ways, you could say that Facebook has become the new cigarettes in
> our industry. That is, it's a technology that is addictive, it may not be
> that great for you and it might be something you don't want to go back to.

I watched Bernioff repeat, over and over, about how much he loved Facebook,
for about 30 minutes. This was in 2010 at the Moscone center in San Francisco,
right before he introduced Chatter.

~~~
inscionent
Is 8 years not long enough for someone to change their opinion or at least
have their economic incentives change?

------
collyw
This seems slightly ironic from Salesforce. I am pretty sure companies that
use Salesforce will also be doing as much tracking of their users as they know
how to and feeding that data into Salesforce.

------
njarboe
I think the big problem is not privacy violations, per se, but that, with
computers and the internet, one never knows what information about you is
being stored and sold to others. The majority of states make it illegal to
tape a conversation without consent of the other person. I support those laws.
Also ones where businesses have to post they are using video surveillance. It
would be great if the government or some other group would develop well
defined levels of privacy with good names and icons so companies can easily
describe their policies to the public. Like movie ratings. Not the best. Wish
we did not need them. But works OK. I'll avoid companies that sell my location
information to anyone who will pay.

Passing laws where people somehow own what other people and companies know
about you is not a good idea. I saw your dog poop on my lawn and you did not
pick it up. Can I tell my neighbors about that? What about posting on
Nextdoor? Local newspaper? A tweet? If I libel or slander someone, we have
laws against that. It seems to me that telling a truth you know about someone
should not be at the discretion of the someone. People just need to know when
they are being observed, what is being observed, and by who (or what), so they
can act accordingly. Not sure how to get to that space in this smartphone
world.

------
hadrien01
Could we link to the canonical url [1] instead of the tracking shortened url
please?

[1] [https://www.salesforce.com/company/news-
press/stories/2018/5...](https://www.salesforce.com/company/news-
press/stories/2018/5/051618/)

~~~
sctb
Sure thing, we've updated the link from
[https://sforce.co/2wKldaR](https://sforce.co/2wKldaR).

------
ProAm
I think it's fair we should implement some sort of Consumer DRM law, where
explicit permission be granted to reproduce our private data.

~~~
gowld
Copyright, not DRM. You should own your personal information, until 70 years
after your death.

~~~
dredmorbius
Copyright doesn't apply to facts, only expression.

A restated diary of your life with sub-second and sub-metre accuracy would not
violate copyright law. (The initial collection ... might, though if not "an
original work of authorship", that case is difficult to make..)

What GP and you are looking for is privacy-specific legislation (or court
interpretations).

------
lixtra
Can they please also come up with a reasonable standard to communicate the
privacy policies, i.e.
[https://news.ycombinator.com/item?id=17067787](https://news.ycombinator.com/item?id=17067787)

------
throwaway_2277
Although, it might a wildly unpopular opinion here, if US does not innovate in
AI, someone else (and you know who) will and US will have to follow the suit.
Regulations are healthy as long as they are well understood and not over-
reaching.

Sounds like he wants to have regulation for all the aspects where their
company innovate

