Hacker News new | past | comments | ask | show | jobs | submit login
Dear Bureaucrat, my job wants me to lie (federaltimes.com)
587 points by David_Reed on June 13, 2019 | hide | past | favorite | 436 comments



I was recently at a medical office (this is in the US), and they had replaced their system, so I had to re-sign the variety of forms that they make you sign, HIPAA disclosure, etc.

They gave me an electronic signature pad and asked me to sign. I pointed out that I did not have a document in front of me, and they said that they would give me a copy of the signed form after I signed it. I once again attempted to point out that I was being asked to sign a form that I couldn't read, and they said, "oh, it's just a privacy disclosure".

A superviser (who was overseeing the migration to the new system) came by and asked what the issue was, and I said I was being asked to sign a form without seeing what I was signing. They very patiently explained to me that it was a HIPAA disclosure, and I said that if I could sign their description, I would be happy to, but I'm not going to sign a more formal document having only been given a summary of it. They further explained that if I wanted, they could print out a copy of the form after I signed it for my records.

Nobody at the office seemed to understand here what my objection was. I overheard other patients saying things like "I'm not signing something I haven't seen", so I know that I wasn't crazy. Eventually I convinced the person I was working with to turn their monitor around so that I could read the documents before signing them.

The thing is that everyone knows that these forms are completely meaningless anyway. I probably would have been better off just signing the forms so that if they ever came up in a court case I could just honestly say that I had never seen the form before.


Similar horror story. When I went to get therapy for depression, they gave me a contract to read and sign for therapy agreement. I got to page 11 which said that I will not consume alcoholic beverages while under treatment at all.

It seemed to be a rather overbroad ask for what I was coming for, so I objected (over their secure PM system). They tried to object that "well, you need to follow your doctor's directions because there can be interactions between the medicine and alcohol."

I said "The clause doesn't say 'I will follow the psychiatrist's direction about drug interactions.' It says I will unconditionally refrain from all alcohol."

Then the main doctor entered the thread and really blew my mind. He said, basically, a) no one in 5 years has objected to that clause, and b) it's common to have a clinic policy like and it's like an EULA.

b) was weird because EULA's are known for being notoriously abusive. a) was weird because he seems to genuinely think it's no big deal that either 1) no one is reading that clause, or 2) all of his patients are apparently teetotalers.

(I also felt it was particularly disturbing that he was exploiting the bandwagon effect to intimidate me into signing.)

So I said, if you're comfortable with the clause meaning the interpretation earlier in chat, that it just means to follow directions about alcohol interactions with meds, then I'll sign, and he agreed.


> So I said, if you're comfortable with the clause meaning the interpretation earlier in chat, that it just means to follow directions about alcohol interactions with meds, then I'll sign, and he agreed.

Did you document that modification in in writing or recording?


All of this conversation was over their secure internet chat system, so it was logged that way.


IANAL, but I took a commerical law class in college. I feel like I remember there being a doctrine that if there's a written contract, agreements outside of the contract don't matter. (Which is not to say that verbal contracts aren't real contracts, but that if there's also a written contract, they overrule any unwritten agreements.)


> if there's also a written contract, they overrule any unwritten agreements

That typically only applies in situations where the agreement is otherwise ambiguous. The most common example being "A: We verbally agreed to $1 and I signed. B: But what you signed say $1.10" often in these situations the written contract win.

However in this case they are in a written format explicitly clarifying the contents of the contract which you are allowed to do as long as the interpretation you agree to doesn't meaningfully diverge from what was written in a way that doesn't follow standard practice. As the doctor said it is common practice to avoid consuming alcohol with medicine that has known interactions with it. Even if the original contract is unambiguous no one is going to side against OP on the topic of "we both agreed that it meant when taking certain medicines" since the original verbiage didn't follow standard practice by the clarified verbiage did.


Agreements over an electronic messaging system are written agreements, and satisfy the statute of frauds, and are not automatically superseeded.

Even if you have a written contract that has boilerplate language saying all future modifications need to be in writing, courts have enforced verbal modifications. A contract can always be modified, what matters is if both parties agree.


Yes, but most of the things people are talking about here are not contracts, I think, so I don't think the doctrine you're referring to would be applicable. Compare these two situations:

Situation 1. There is a single document with the title "CONTRACT" signed by both parties. It starts with a list of definitions and continues with a list of things that each party promises to do.

Situation 2. There is a whole pile of documents to be signed by just one of the parties, the word "contract" is not mentioned, and most of the sentences in the documents give information (warning, disclaimer, whatever) rather than express some kind of obligation.

Some kind of (implicit) contract may be created in situation 2, and the documents may have some bearing on it, but the documents are clearly not "the contract".

It's more like signing to receive a parcel than signing a contract.


... What are you basing that on? In Canada at least that would absolutely be a contract. We must be very careful not to confuse "common sense" or "obvious" or "that's what it intuitively means to me" with "law". Lots of people do that and lots of them pay the price :-(


It is absolutely a contract. This interpretation is just your personal opinion about how the world should work, and is not based at all in reality.

These forms clearly meet the legal definition of a contract.


The purpose of a consent form is not usually to create a contract but to comply with a statute requiring written consent to be obtained.


You're probably thinking of the https://en.wikipedia.org/wiki/Parol_evidence_rule.


You'll need a personal copy of that conversation if this were to come up. We don't know what their retention policy is, or if they'll mysteriously be unable to find it in a court case.


The only court case I could imagine this coming up in is for malpractice, where op suffered serious consequences for drinking alcohol and sued bc he wasn't told not to drink. I don't think the above message chain would help him win his case.


Yeah I figured there was relatively little legal risk here. I just wanted to point out that if your legal defense is the party at fault keeping support chat logs then you might want to rethink your legal defense :P


I was in medical trial that had the same... I just did not drink a day before they took my blood. Also I am pretty sure toxicology test was not performed. It also required me to not have kids. It made sense but still sounds extreame.


This is actually a violation of HIPAA law. My wife regularly schools hospital and doctors office employees all the time on their consent practices (she has a degree in public health). She will even call the hospital’s IRB to file formal complaints. Things we’ve heard:

“We will have you sign the consent form after the procedure when it’s more convenient for you”

“The first page doesn’t apply to you (when it clearly does)”

“Sign here to acknowledge receipt of our privacy policy (which we haven’t given you)”


"Things we've heard"?

Every single time I have ever been asked by a medical office to sign that I have been given a copy of their privacy policy, I have never been given that policy. Every single time I have pointed this out. Every time except one I have been made to understand that I am being unreasonably difficult.

From my experiences, I wouldn't say this is a rumor and something to be heard of. It is the standard practice everywhere I have ever sought medical attention.


Sorry, I should be more clear. When I say “things we have heard,” I mean “things someone said to us to our faces, which we heard with our own ears.”


Wow. Curious where you live. I have ALWAYS been provided all the documentation, in hard copy, with copy of receipt available if I desire it.


It's happened to me pretty often in California.


> “We will have you sign the consent form after the procedure when it’s more convenient for you”

Isn't the consent form for their CYA? I wonder what happens if someone refuses to sign it later.


Or dies during the procedure


So what's the punishment for what the parent comment described?


Each violation of HIPAA can carry a fine between $100 and $50,000 per violation. The hard part is that many people don't know what their privacy rights are, or to whom they go when their rights are violated (in this case, the Office of Civil Rights of the Department of Health and Human Services).


And that OCR is also a load of shit.

I had an office emailing me their appointment data for a patient; I don't know if we had a similar email or something. I responded the first two times I received it that it was being sent in error, and to please stop, for the sake of everyone concerned.

On occasions 3 and 4 I attempted to contact the practice. Both times I was sent to the manager's voicemail, where I left messages that were never returned.

After a half-dozen of these occasions, I contacted OCR on behalf of the patient (you can file an OCR complaint on someone else's behalf), specifically referencing the fact that although the privacy violation is not significant, their repeated violation with no effort to stop is. I enclosed screen shots of the repeated emails I had sent the practice, and the repeated privacy-violating emails I'd gotten from them.

OCR said they'd get in contact with the practice and help them implement a technical solution to stop contacting me, and could I please give them my email address to blacklist, and asked if that solution was satisfactory.

I said, no, no that's not fucking satisfactory. They could have fixed the email issue a year ago; it doesn't require technical assistance from the government. While I appreciate trying to assist small practices in remedying technical defects rather than just being punitive, this was exactly the time to be punitive - when the technical defect is simple and easy to remedy ("we have the wrong contact info; update it"), and there was plenty of opportunity to remedy and they willfully continued to engage in the activity. And blacklisting my email address does absolutely nothing to protect the next patient's privacy.

A few weeks later I got a letter in the mail that basically restated what had been in the email, and that no further action would be taken.

(Before anyone says "but you got no more information than you would have had if you'd been sitting in the waiting room when the guy came for his appointment":

HIPAA has an exception that basically says "reveal the minimum you need to run a functional clinic, but yeah, obviously you need to run a functional clinic." So things like "patients in the waiting room" is exempt from HIPAA because, well, you won't be able to keep an office open if you can't keep a waiting room full. That same information emailed out to a random stranger - that is, absolutely not needed to be shared with me to provide routine care - does not share that exemption.)


Look up how often HIPAA investigations turn into monetary fines. It’s comically small and essentially only affects big hospitals, universities, and insurance companies.

The agency likes to report “enforcement actions” which include fines but 99% of the time are some kind of promise to do better in the future.

HIPAA violations are one of those things the public thinks are super serious but in reality are all but a total joke.

And don’t get me started on HIPAA compliance consultants lol. Reminds me of Lisa Simpson selling Homer her magic rock that keeps away tigers.


The IRB would not be the correct office for a HIPAA violation, unless it was an informed consent form for a research study.

Most hospitals have a compliance office where this type of issue would be handled.


Yeah, the IRB isn't even within spitting distance of a HIPAA issue. They're entirely different things, handled by different regulatory agencies, and administered in different parts of a hospital (if a hospital even has an IRB, as most don't, since most aren't research institutions), overseeing different activities.

If someone called my hospital's IRB to "school them" on a HIPAA violation, I can't even imagine what their response would be. I mean, I'm sure it would be polite, but it's not like they'd start hand-holding the lady on how to file complaints - they wouldn't know, themselves. It's only one step up from calling the cafeteria services people.


Sorry, should have been more clear. The case where she called the IRB was where the office completely messed up the consent process -- told her to disregard the first page of the consent, which was included in the package and included items that were directly relevant, and also didn't include materials referenced in the consent. Note, this was in a research/teaching hospital, where the consent notice includes consent for students to participate in the procedure, so that's why she called the IRB -- and they were very interested to hear what she had to say ...


For a specific definition of "handled".


Hospitals take compliance issues very seriously; the incentives are skewed highly in one direction.

Consider it an extension of "HR is there to protect the company, not you." Compliance is there to protect the hospital, not the individual employee that may have erred.

As long as they make a good faith effort to act on the complaint, they themselves are protected from liability. Whereas if they don't act, they open themselves up to enormous liability, on behalf of a replaceable peon - I mean, on behalf of a highly respected staff member.


This makes me think that one should have to sign every page, because what's to stop pages being substituted after the fact? If you only sign the last page, there's no way to prove that the rest of the document is what you agreed to.


My bank likes to disable my credit card for fraud each month when I make the same exact <10$ international transaction to the same exact company.

After months of this and a half an hour on the phone they told me I could just lift the auto-ban for the particular country so that I wouldn't have to spend half an hour on hold every single month for a recurring payment.

I said sure, and I was told to just send an email saying I approved of this just to confirm. The representative quickly tried to end the call after that, and I had to make her back up and explain exactly what I was confirming. She wouldn't just come out with it plainly, saying it was a simple lift of the ban for that country.

After enough prodding, she spilled that my confirmation meant that any transaction coming from that country would be considered pre-approved and not eligible for fraud prevention. I would be stuck with whatever charge came from anywhere an entire country, with no way to fight it.

She got angry with me for having a problem with this and caught an attitude, saying that it was unusual for people to either want to make international transactions at all or for them to care if they pre-approved an entire country for all payments. She couldn't understand what was wrong with this.

As far as I know... that's not even legal?


They should be able to whitelist transactions to that particular company on your account, rather than whitelisting transactions for an entire country. From my personal experience, the credit card anti-fraud measures are quite advanced and offer a high level of granularity. It's one of the few aspects of banking I've been highly satisfied with. I suspect you're just dealing with very poor customer service.


Right?? But I was told this wasn't possible. Supposedly my rep asked Accounting and this is what she was told.


> it was unusual for people to either want to make international transactions at all or for them to care if they pre-approved an entire country for all payments

What do people use credit cards for if not buying things from other countries? O.o


> Everyday purchases because I get between 1-5% cash back and no fee or interest as I pay it off every month..

> A fee-free ATM that gets me airline points, when I buy my teammates lunch and have them give me cash / venmo me.

> In person purchases they make during the course of a day?

As a Dutch person, all of the above are done with my normal bank card. Everyday purchases aren't even be possible with a credit card. No grocer is insane enough to risk chargebacks and have to pay for that 'privilege'.

This year I've used my credit card for: Patreon, AliExpress, iTunes, JetBrains and wintersport in Austria.

Neither my normal bank nor my credit card give me cash back or points.

Ironically(?) the only time I ever had to pay an ATM fee was when I used my credit card.


>Ironically...

It's not ironic - fee-free cash withdrawals from credit cards are exceptions, not the norm.

But I am very surprised that you need debit for all your in-person purchases: normally at least the more expensive ones (i.e. eating out, big shopping) can go through a credit card. Vendors in the UK only seem to object to high fees - chargebacks aren't made out to be a big issue.


I think this is a cultural difference between Europe (minus the UK & Ireland maybe?) and the USA.

As an European, I do everything with my debit card. Only when I buy something on an American site do I 'need' a credit card. So I think it's weird you use the word 'need' for debit.

I feel unsafe every time I have to use the credit card: I'll have to make sure I get a statement at the end of the month and check it, maybe contest something. I have little idea about what my rights are. It is insecure, anyone who has access to a few numbers on it can make payments. Besides, why do I have to take a loan just to pay something, and make sure it all balances out? Not to say the whole credit score thing is alien to me.

The debit card feels much better. They are secured by a OTP, requiring both the card and a PIN. When it's paid, it's paid. No loans, no chargebacks, no credit score, no paperwork. And I know the governement has my back if something goes wrong.


I think you folks have better protections on your debit cards.

I would never use a debit card, for anything other than ATM access, ever. If somebody scans my credit card and clones it, or gets hold of the numbers and goes on a spree, no real money changes hands, and I've just got to call Chase or Citibank and dispute the charges.

With the debit card, that money is gone out of my bank account, and I can dispute it, but it takes time, and in the meantime my mortgage and car payment and utility bills have bounced and dinged my credit and incurred late fees and penalties.


With a Dutch bank card, for someone to go on a spree, they would have to have your actual bank card, not a copy or a bunch of numbers. They would also have to know your PIN number. And then they have to go on that spree before you manage to get to a phone to block that card.

And then you dispute the charges. No idea how long that takes, because it's never happened to me. I expect it's very rare now that bank cards have a chip rather than a magnetic strip (which is easily copied).

With a credit card, they just need some numbers that are easily visible. It's basically public information, and it's enough to authorise a payment. Sure, chargebacks are easy, but I still need to pay attention to whether someone might be using my credit card number. And as for those easy chargebacks, someone is still paying for that cost. And if they can't find the thief, it's ultimately going to be the consumers that pay for it one way or another. (I believe credit card transactions are relatively pricey, are they not?)


With my bank in Australia, the money that was stolen from my Debit card that was physically stolen from my car was given back to me the next day once the bank got a hold of me to tell me my card had been stolen. They knew before I did. Was lovely really!


> With a Dutch bank card, for someone to go on a spree, they would have to have your actual bank card

This here might be part of the difference between EU and USA: Here in the states, there are actually three main forms of "cards": Bank Cards, Debit Cards, and Credit Cards (ignoring Charge Cards like Amex - they aren't really credit cards as you are required to pay them in full each month, whereas a credit card you don't have to).

Bank cards can typically only be used at the issuing bank, or at one of their ATMs and virtually no place else; this does vary though. But in most cases, where you can use the card is fairly limited.

Debit cards, on the other hand, can typically be used anywhere a credit card can. Virtually any ATM will take them, you can swipe them at grocery stores and other retailers, use them to get gas, or type in the numbers on a web site to use them for online purchases. They are also typically issued by the bank in concert with one of the major credit card issuers (VISA or Mastercard, sometimes Discover); typically any fraudulent activity can also be resolved just as quickly because of this, but that varies too - and it doesn't prevent the money from leaving your checking account (to which it is tied). Such an account can also usually "overdraft" to a credit card by the same company - which may also be why the cards are provided/tied to the CC companies. I'm not sure on this completely, though.

Credit cards can be used anywhere and have the most protection; since they don't draw from your checking account, no worries if a fraudulent transaction occurs, either. There's also the thing about "float" - in which by using a credit card often enough, and paying the account balance off regularly, you can actually gain more purchasing power than if you were dealing with your debit card or cash alone (but you have to be vigilant about paying that balance off quickly and regularly, and not letting the float amount get far outside your income level - things can crash fast - but if you do it right, you can regulate the float to be higher at times, or lower, just by changing your spending habits - I can't really explain it well, but you know it when you do it).

I don't know about bank cards, but for the other two, here in the USA we've only recently started the wider adoption of "chip and pin". In the case of my credit card, I have it tied to my phone in such a way that (supposedly) my bank (or Visa?) checks that when I use my card, my phone is also nearby - if not, it flags for fraudulent usage. It doesn't require a pin (but most places read the chip); while my debit card does use the chip and pin (if I use it, which is rare for me nowadays).

Online, though - I only use my credit card - which always requires just the numbers; there's no way for the chip to be read, and nothing for a pin number or anything?

Are things different in Europe for online payments? How does it work other than numbers only for online purchases?

> And then you dispute the charges. No idea how long that takes, because it's never happened to me. I expect it's very rare now that bank cards have a chip rather than a magnetic strip (which is easily copied).

I've rarely had to "dispute charges" - I can only think of one time, and that turned out to be a mistake on the merchant's part (some kind of reconciliation issue at end-of-month or something - it's been years). But things were resolved fairly quickly.

> With a credit card, they just need some numbers that are easily visible. It's basically public information, and it's enough to authorise a payment.

Again - how does this work with online purchases? All I have ever used have been numbers...

In the case of real-world usage, it's either swiping the card (gas stations still aren't using chip readers at the pump yet), chip reading, or in the old-school days (and still found in some backwater areas - but very useful when the power goes out) the old carbon paper pressure chunk-chunk devices where they take an impression and you sign (though I've honestly haven't seen one of these in over a decade or more now, but I do recall them from earlier and when I was a kid).

Something they have recently changed here has been making cards "flat" and not having raised impressed numbers, and printing the number on the back of the card (only the name appears on the front). I'm not sure how much this helps, but it does prevent impressions or rubbings from being done. Not that it stops skimmers (mag stripe) or photos from being taken...


> Are things different in Europe for online payments? How does it work other than numbers only for online purchases?

My (Swedish) bank has 2FA for online purchases. When I make a purchase, an app on my phone asks me to confirm the purchase (showing the vendor name and amount) by signing it with a key stored on my phone, along with a PIN.

When I buy from some American companies (Steam, Amazon, etc.) I need to put the card into "unsafe mode" first, since by default all transactions must support this system.


With my bank card, I can get money from any ATM. Even outside the EU (I've done so in Egypt, for example). I can pay at any Dutch shop that accepts electronic payment[0], and generally also abroad.

> Are things different in Europe for online payments? How does it work other than numbers only for online purchases?

Netherland has a system called iDeal, which is supported by all banks and all webshops that want to do business here (which includes Steam and amazon.de, but not amazon.com, for example). The payment is processed directly through my own bank, with nobody else having to know even what my account number is. The webshop directs me to my bank (or to a page where I select my bank, which then directs me to my bank) with some token with payment details, I authorise the payment through my own bank (which uses 2FA), and the bank redirects me bank to the webshop which knows I've paid.

Basically just like how PayPal does it, except with my own bank in the place of PayPal and with 2FA. Much more secure.

Honestly I'm baffled that this isn't internationally supported. It seems to me to be the only proper way to handle internet payments. Sadly it would involve the whole world agreeing on adopting this system, and Dutch banks just don't have that kind of impact. American credit card companies do.

I also got a credit card (MasterCard) from my bank, but I only use it for online international purchases (mostly the US).

[0] Which is all of them except for my local cheese shop, because the owner is a luddite and considers anything other than cash too expensive. He's got good cheese though, and is really cheap.


> I don't know about bank cards, but for the other two, here in the USA we've only recently started the wider adoption of "chip and pin". In the case of my credit card, I have it tied to my phone in such a way that (supposedly) my bank (or Visa?) checks that when I use my card, my phone is also nearby - if not, it flags for fraudulent usage. It doesn't require a pin (but most places read the chip); while my debit card does use the chip and pin (if I use it, which is rare for me nowadays).

Doesn't this mean your card issuer has 24/7 access to your cell location? That's extremely invasive.


Some Dutch shops do accept credit cards, but primarily in very touristy areas. No Dutch person would ever use their credit card for anything like that, unless the total cost is higher than the maximum they've set for their bank card and their credit card has a higher maximum. Like when you buy an expensive laptop straight from a brick-and-mortar shop.


> No grocer is insane enough...

Dirk (the supermarket) accepts credit cards. A few others as well


A fee-free ATM that gets me airline points, when I buy my teammates lunch and have them give me cash / venmo me.


Everyday purchases because I get between 1-5% cash back and no fee or interest as I pay it off every month..


And in return, your purchase history is tracked, documented, and filed away for later integration into future social credit systems.


Ok, are you 100% cash then, because debit and check can also be used for a theoretical future dystopia


No, but wouldn't that be nice. I do however try to limit my credit card usage to online purchases where it is unavoidable.


In person purchases they make during the course of a day?


Sounds like it's time to switch credit card providers.


This is my local credit union. I do not politically support any of the major banks and so that is not an option unfortunately.


Your bank lied to you, get another bank


I'll one up this. I recently went to Kaiser for a procedure and they handed me the signature thing and said, "you need your signature to indicate that you've checked-in". So I signed it. As the final part of check-in they handed me a stack of papers and said, "here's what you signed!"

I was stunned because they never gave any indication that the signature was for some sort of contract/legal form! Perhaps I should have suspected, but it still seemed really underhanded… If they had, I would have insisted on reading it first. Luckily, reading it afterward it was something I would have signed anyway, but come on!


I can’t speak for the US legal system but in the UK that would instantly void the contract. You have to be aware of what you’re signing.


This is also the case in US. Contract formation requires that the signing party has an opportunity to read the contract. If the contract is subject to litigation and the signing party can show they did not have an opportunity to read it, the contract will be thrown out. It is especially frowned upon to misrepresent the contract ("Don't worry, it's just some routine boilerplate") and not provide a copy before the person signs it.


I can’t wait until high res 24/7 lifelogging of audio and video is common so that these sorts of things are documented regularly.


Not sure why you're downvoted. It probably has to do with the implication that it might be a government or a private company that is doing the logging, but that doesn't need to be the case. We could develop a culture where we record everything around us and store the recording on our own devices, accessible only by us.


There was an early Black Mirror episode exploring exactly this scenario. The social consequences are frightening.


That episode was good, but the book/film The Circle I think covered this type of scenario better (even if the movie adaptation did leave a little to be desired)


the lifelogging will probably have a EULA that prevents everyone from using any audio or video in a legal dispute


I don't understand the EULA part. Are you saying that if a company sells eyeglasses with 24/7 audio and video recording to an microSD card, then that company would have an interest in adding a EULA that prevents using their own devices in a court case against someone else? Or are you saying that a hospital would have an EULA that prevents one from using any recording one might coincidentally hold of interactions with them in a court case?


The company won't be selling a 24/7 microSD recorder, it'll be selling a 24/7 cloud recorder, for the usual bullshit reasons that are ostensibly about convenience, but in reality are about securing recurring revenue. Since you won't be using a product but a service, there will be an EULA, and the company may not want their data (at this point it isn't your data anymore) trawled in random court cases.


I don't think an EULA will override a warrant or subpoena.


Might not, but EULA may stipulate that breaking it will cause termination of account and deletion of your data. It would be similar to forced arbitration clause, as far as I understand them - i.e. it's not that you can't sue the company, it's that you'd better not, if you want to retain your account.


In the US you may be correct, but there is other places on earth where this sort of corporate behaviour is not okay.


That's good for the other places (and I'm happy to live in one), but here we're talking strictly about the United States, as the article pertains to US federal government matters.


But they won't show the EULA until after I've agreed with it, so it'll be invalid!


Deepfakes.


That sounds like a textbook case of trading away privacy to get security. No thanks.


How do you show that they didn't tell you?


This could be why "serious contracts" have a place on each page for you to initial.


You swear to it in writing or in the witness box.


Fun related story.

My best friend was given a PIP from his manager. Company wanted him out for political reasons, told him he had to sign, except all of the reasons in the PIP were fabricated.

He stapled a page to the back before turning it in saying that he disagrees, but is required to sign, and thus wishes to comply with the requirement to sign.

They fired him immediately for refusing to remove the extra page, tried to deny him unemployment benefits saying that he chose to quit by not signing. The case went to unemployment court and he won. He got all his benefits, company had to pay a huge fine.


Whats a PIP?


Professional improvement plan. Basically when a large company wants to fire you they often put you on a PIP first which specifies areas where you are underperforming and metrics for improvement and a timeframe where you have to demonstrate improvement. In practice it’s often just the first step in the firing process to cover HR and document everything.

So if the friend took issue with the claims being made in the PIP about underperformance, it makes sense that he wouldn’t want to sign it as-is.


It's "performance improvement plan".


> Basically when a large company wants to fire you they often put you on a PIP first

In most countries I am aware of it is a requirement for being able to fire someone.


In the US it highly likely means you're getting fired and they're now documenting reasons. Well, "reasons".

The reasons don't need to be accurate; they just need to be not provably inaccurate and to be well documented.


It's mostly so they can later say that you were fired "for cause" so they can e.g. fight unemployment compensation. It's also a legal defense to a claim of unfair dismissal.


Case details? I'd like to reference this


Lol lemme ask him if he has a link to the case number of something. You in a similar position?


Bonus points that most medical offices have only a vague idea what HIPAA actually includes. 80% of the time an office says "we can't do the thing you're asking us to do, it's a HIPAA violation," it's not a HIPAA violation.


My shoulder surgeon gave my name, phone number and a vivid description of the circumstances that arose to warrant my shoulder surgery to a woman she thought I'd be a good match with. She even told the woman to "not tell anyone because this is a huge violation."

It goes both ways.


Oh, don't misunderstand me. Their understanding is alllllll full of false negatives and false positives, absolutely.

But I was specifically referring, as a pain point, to how often offices use HIPAA as an excuse to not do things patients want them to do.

I'm a physician that has worked in health policy. I get very, very volubly angry when a front desk puts me off with "that's a HIPAA violation" and it isn't. It's "we don't want to be bothered doing things that convenience the patient, and here's an excuse that sounds like it's out of our hands."

When they share information they're not supposed to, it's often - not always, but often - at least with the underlying intention of doing right by the patient, as opposed to just trying to get rid of them.


C'mon, you can't tell that story without sharing how you got your shoulder injury and whether it actually ended up being a good match.


yeah, the circumstances seem like an integral part of the story, were they helping a distressed pregnant elephant give birth?


Maybe lifting a lot of weight, or got injured while playing in a major sporting event?


Just long term impingement from powerlifting. We went on a date, it was awful. I paid and never called her again.


What kind of match? Romantic match?

What was your reaction when a stranger called you for a date?


A date, yeah. I thought it was weird, but figured if this surgeon risked her professional career to hook the two of us up, I should see what happens. The date was terrible.


Hope the surgeon has accident insurance!


>My shoulder surgeon gave my name, phone number and a vivid description of the circumstances that arose to warrant my shoulder surgery to a woman she thought I'd be a good match with.

So were you a good match or what?


How did you find out?!


The girl told me.


A match for what? Was she donating her spare shoulder?


This reminds me of a friend of mine. Jenny Ahlstrom learned it can be valuable for patients to voluntarily share their own medical data:

https://newsroom.siliconslopes.com/jenny-ahlstrom-mother-can...

Key quote:

“Everyone — from hospitals, tech companies, and pharma — wants patient data,” Jenny said. “But each have their own data silos, HIPAA restrictions, regulatory concerns, and liability issues. Through trial and error, we discovered the key to the puzzle: patients have the freedom to aggregate their own data and freely share it to drive new research.”

I look forward to seeing more initiatives like hers.


I assure you "Nobody at the office seemed to understand here what my objection was" is false.

They probably all understood quite well, but they stuck to the script (either unofficially to make their job smoother, or officially).

It's hard these days to know if you're talking to an innocent person or a corporate script.

A friend told me the inside story about a call answering service. This is a service that answers the late night infomercial numbers.

They are very quick to take your information to buy the thing, but then they try upselling you or cross-selling you other stuff.

EVERYTHING is scripted. "Oh, but other people didn't listen to these fabulous offers, and had to call back", etc.

So here's the thing. The people are required to follow the script, they cannot deviate. The ONLY exit to the script that would prevent them from being fired was "I will CANCEL my order unless you stop."


I've never experienced one that wouldn't let me read it before I signed it.

I thought it was particularly interesting that I was referred to another doctor inside the same medical system sharing an EHR (ie they already HAD my data)and I still had to sign aa new HIPAA form less than a week later. That was the single time I didn't insist on reading the whole thing, I asked them if they were the exact forms used across the entire hospital system, I double checked one of them, and then just signed the rest.

My real fun experience with this was when I bought a house, one thing said I had to move in within 30 days, another 60 days, and another 15 days. There were also various other date discrepancies on when certain things had been completed and, they had used my full name (first, middle, last) in some places and just first/last in others. Man everyone was mad I was reading everything before I signed it though.


I read everything put in front of me when I bought my car. Boy was the finance guy pissed, cause it took me like an hour, and he makes his living upselling add-ons and stuff.

I'm also a pretty fast reader, so it is pretty obvious that they absolutely expect you to not read whatever it is you are signing, because I assume that it would take most other people well over an hour to read.


You're my hero. That's what I wish I'd done the last time I bought a new car from a dealership. They knew I was coming in to buy that day and could have given me the paperwork on the warranties etc to review, but instead decided to spring it on me just when I thought I was about to walk off with the car.

They also asked me to sign a form that said "I have inspected the car" before I'd seen it at all. Sickens me.


I did the same and do it every time. I know their job is actually just to sell warranties and after-market products and the paperwork is a side-job, but I just can't spend $20-30k+ and sign a bunch of papers without reading them and taking some time.

Each of these places have their own branded contracts and similar, but unique documents that look like they typed up and copied some word document they wrote 7 years ago and have never re-printed.

And the descriptions they give are usually a couple works... This one is a power of attorney, it lets us handle title work for your car on your behalf. I had my title in-hand and signed it over to them, so I was really confused why that was necessary among several other things.


> I had my title in-hand and signed it over to them, so I was really confused why that was necessary among several other things.

They file the paperwork with the state. If possession of the title printout was sufficient to legally take possession of someone's car, that would open the door to a lot of easy car thefts.


My understanding is that the "finance guys" who offer these extended warranties and what not make the most and easiest money. At least when I did this last time at a dealership, they were flaunting the most wealth (expensive shirt/watch).


Same when I was closing on a house. Yes, it may be routine to you, Mr. Title Company person who sees these 23 times a week, but this is a pretty major endeavor I'm entering into and I'd kind of like to know what I'm getting into.


I did the same and spent 45 minutes enjoying explaining the time value of money and opportunity costs when they were trying to upsell me. I also googled the prices on the hood rock cover undercoat and pre paid maintenance plan.y favorite was the panicked look when he said that the warranty was void if the oil was changed outside the dealer and I informed him that was illegal in the whole us. Eventually he just gave up and sold me the car when the manager was trying to get the room for another sale.

I enjoyed putting the warranty In terms of a bet. Would you spend $5k on a lottery ticket that had payout capped at $25k? No. Then why are you trying to sell me a 3rd party warranty?

I enjoyed the whole process. I set aside a whole day for it.

The best part was when my credit card didn't run for some reason and I didn't have the full payment :)


I took mine home on my first car. Found out they hadn't sent it through Honda finance like was discussed for 3.5% but a local bank at close to 19.5%...they were upset the next day...then really upset with the approval from Honda. I was a young freshly graduated college student whom they thought apparently couldn't read.


I did the same for my current car. I noted to the lady that I'd ticked the "don't spam me" checkbox at the bottom and she admitted that she hadn't even noticed it was there. :P


But did you remember to tick the "I'm not a robot" checkbox[1]?

[1] https://twitter.com/marcirobin/status/998030243981033472?lan...


When I bought a house, my bank, Chase (naming names!) made me sign a form saying that they had permission to repossess my house.

Not conditional on non-payment or anything. Not conditional on violation of the terms of the mortgage. Just a blanket document that said they could take it whenever they liked. Apparently the idea is that if I die and my survivors continue to live in the house, then they might have trouble foreclosing on the house because my survivors did not sign the loan agreement. Otherwise, they promised, this document would stay in a drawer somewhere and never be used.

I said that of course I would not sign this document, and they said that the bank would not issue the loan without it. At this point, at closing, what can I even do? Closing was a formality -- my lease had already run out on my previous place, movers had been arranged, HOA had signed off on the purchase and the mortgage terms, and the approval of the loan itself took a stupidly long time to get all the documentation necessary so I couldn't just go to another bank and start the whole process again (especially since they would probably make me sign the same damn form).

So I signed it, and may God have mercy on my soul.


You can edit it. The same way they don't expect you to read it, they don't read it either.

So just edit it to say what you agree with and move on (and don't make a fuss, call their attention to it - they should be reading these just as much as you should).


If I get presented with this document in the future, that's what I'll do. As it was I was incredulous and just assumed that it was a mistake that would benefit from having attention drawn to it. I think you may underestimate the thoroughness of the bank's representative at this proceeding. If they detected the modification, they would simply print out a new one and tell me I had to sign it, or reschedule the closing, which would have been unacceptable at the time, and because of the verbiage in the contract might have result in my offer being voidable by the seller.


Wouldn't they have to initial the change?


That’s for the courts to decide, assuming that the bank signed the whole thing after you signed it and made the chance.


Wow. Not a lawyer, but I can tell you that clause and their explanation are BS. The whole mortgage system doesn’t work if a bank can repo a house irrespective of payment on the loan. And the inheritance thing is long solved: any heir would inherit the property with the (legit) mortgage repo rights attached to it, so they wouldn’t be able to escape the loan repayment obligation either.

Fortunately, I doubt a judge would uphold that provision and find that you were forced into it for exactly the reason you gave.


> I bought a house, one thing said I had to move in within 30 days, another 60 days, and another 15 days.

Confused... if you're buying the house why can't you just move in when/if you feel like it? Is this a mortgage/legal thing about it being your primary residence?


Yes, the terms of the loan were for a primary residence thus they expected me to actually live there. If I recall it also stipulated it had to be my primary residence for some amount of time.

Basically, they wanted to make sure I wasn't getting the mortgage to buy a commercial property since that would have had different terms associated with it.


Ah cool, thanks!


Yep. It’s tied to U.S. housing subsidies. Basically the Federal Government wants people to own their own home so they subsidize home loans. But to help prevent people from using the subsidies for 2 houses or rental properties they require you to move in within a limited timeframe.


It’s likely an owner-occupied mortgage rate. Mortgage rates are lower for properties you live in vs ones you want to rent out (seen as higher risk).


> one thing said I had to move in within 30 days, another 60 days, and another 15 days.

I doubt that it said you had to move in, unless it was a condo with bizarrely strict vacancy rules. do you mean that it said you have the right to move in in those time-frames?


Most loans are based on owner occupancy so the bank (really the Federal Government) will require that you are going to live the in house “immediately” to qualify for a better rate.


Fascinating. I've never heard that mentioned when associates have purchased a property and but took up to 1 year or more to renovate or rebuild it before moving in.


I at one point did call the bank and ask about that (I took a few weeks to move stuff in and it was going to exceed their timeline), their response was more or less "we're not going to check in on you or anything? If you say it's your primary residence that's all we need".

Nobody checks on it.


I had to go to the hospital for an emergency ultrasound recently because my physician thought I might have appendicitis. I was pretty nervous, and the nurse took me into a private office and had me sign a bunch of paper work (and pay on the spot via debit card) for the procedure (~$900). I just wanted to get through it, so I signed everything in a hurry. Mid-procedure the technician asked me what I was there for, she then point blank told me that what she was doing (and what I had already paid for) was really ineffective on adults and that it was almost a guaranteed waste of time. Results came back inconclusive and life went back to normal.

How do a trust a doctor, nurse, or hospital administrator, when the whole systems seems to OPTIMIZE for situations like the one I just mentioned? I guess I'm supposed to call bullshit on everything they tell me, assume malice, and spend a large amount of money/time chasing down bills and second opinions. And this is with private insurance through my employer.


The chances are that you could have simply told them you are not paying until it's billed through your insurance. My insurance card actually has that written on it. Hospitals especially always try to collect up front, but accept refusals when told to bill the insurance first.


I don't understand how signing on a pad that is detached from the form is enforceable. They captured an image of your signature and tell you what it is you're signing. They then take that image and attach it to the document. How is that any stronger proof than a claim of an oral contract?


AIUI, legally, a signature isn't itself inherently binding to anything, neither necessary nor sufficient. You don't even need a signature to form a binding contract.

The signature is merely evidence that you were physically present and signed the document, since a signature is generally (if farcically) considered to be something only you can create. The contract that the signature is attached to is another evidentiary question, which is why some multi-page documents ask for a signature or at least initials on every page.

Now, if the signature page you signed says, "I have read to and agree to Document X", that's evidence of... what it says, but there's still the very open question what are the contents of Document X, unless "X" is something like an SHA hash of a document, or a name and date/version of a document maintained by a well-trusted escrow agent.


I had the same thing happen to me on an ER trip. "Here's a little Crystal (brand) signature pad. Now I'll name off the document titles and have you sign your name."

No! It already feels illegitimate when I sign a PDF with a touchscreen computer over a paper signature. There's no way for me to know precisely what I'm signing unless I have paper in front of me. Even then, without acknowledgement on every sheet and/or me receiving a copy at the end, it's entirely possible for them to swap Page 3 out and for me to suddenly have agreed to something else entirely!

I ended up getting paper copies of the documents and signed those.


Next time maybe just write "not signing sight unseen" on that electronic signature pad. Clerk likely won't care what you scratch down!


Ha. And here (India) I was asked to sign 7 pieces of paper by DHL/Bluedart to send a piece of package across the country and also asked to submit an identity proof. Even the government doesn't make me sign this much when issuing a passport and the Indian government is infamous for its bureaucracy.

Rules and the regulators enforcing them sometimes do not make any sense at all.


I had to let someone into my work to do generator maintenance the other day, and he handed me an iPad to sign that said literally nothing on the screen except 'signature'. He seemed surprised that I wasn't going to sign something I couldn't read.


So, I unfortunately learned this from a HR attorney, but signing ‘Refuse to sign’ is acceptable, and mostly goes unnoticed, especially if written in cursive.


Is that "(I) Refuse to sign" (as in, you're writing it on your own behalf) or "Refused to sign" (as in, you're making it look like the form submitter filled it out themselves).


They use the same procedure for billing. First do the procedure and then find out how much it costs. No information upfront.


Yeah if any other industry besides health care pulled that people would go to prison.

Seems to be a thing that doctors like to point out how much more important they are than auto mechanics. I think the auto mechanic that fixed my transmission almost killed me. Because on SR 108 the transmission wouldn't go into low.


If you sign something without reading it the judge will take that to mean you're an idiot. Not a great way to look in front of a judge.


Now I'm curious if these forms go the way of EULAs in the past, where it became obvious nobody is reading them and they agreement is compulsory to proceed to use the software, so it became understood that the agreement is effectively void because of the way it is presented and used.

I think if it can be shown that the provider is making it difficult for the consumer to actually read the form before signing, a judge will actually be more upset with the provider.

What is a patient supposed to do in this case? Leave the office? What if this appointment was scheduled several months in advance, which is not an uncommon wait time? To put this in the way of a patient's health should not be acceptable.


It's not a valid contract if you haven't had the opportunity to read it. A waiver without legal power though? Well, it never meant anything to begin with.


Your signature on the contract will say otherwise. If you say you didn’t have time to read it, the judge is going to ask why you signed it.

Taken another way, this can’t work because otherwise everyone would just sign every contract without reading it and then get out of it later by saying they didn’t read it. Right?


If it worked that way, the people writing the contract would make you read it.

And that would be a better world.


Nonsense. People do it all the time. No judge is going to think you’re an idiot for signing some meaningless waiver that millions of other people do.


If you think that's true then you haven't seen many judges.

Other party: Did you read it before you signed it?

You: No

Other party: Why not

You: Nobody ever reads these things

Other party + Judge: :/


A better one is to insist you have not seen the document and have been forced to sign it to consent to a procedure that was time limited.

Now the onus is on the defense to show that it is not a common practice and who was responsible for that. Pretty excellent line to pursuit, hard to defend.


And easily dismissed when the defendant says "we showed him the document when he signed it. We show it to everyone" and now the onus is on prosecution to prove it.

The onus is not on the one who says it the loudest, it's on the one who can provide proof. The defense can explain to the judge that they turn the screen to show it or whatever it's supposed to do.


A contract signed under duress is not a valid contract.

There's no reason that the provider's testimony is magically preferred over the patient's, and in fact the generaly pratice is to resolve ambiguities in favor of the person who did not write the contract and is not the professional who has had plenty of pratice to know what they should be doing.


And how would they provide proof they showed it to you?


The signature is the proof!


Even Judges of the Court of Appeals don't read it: https://abovethelaw.com/2010/06/do-lawyers-actaully-read-boi...


he may rule against you but he's not going to think you're an idiot.

(We're talking about boilerplate forms here for doctor's visits, not like your mortgage)


You: Other party refused to show it to me Other party: :O


I doubt the other party would admit to that.

When it comes to he said she said you need actual evidence. The judge generally weighs what's said between both parties equally unless there's a reason not to.


Me: That's not my signature, your honor, that's a doodle I made to protest the absurdity of asking me to blindly sign something.


Key thing: Unenforceable clauses aren't enforceable.


They may not think you’re an idiot, but your signature on a contract is prima facie evidence that you assented to it.


I once visited a doctors office that wanted me to sign a HIPAA release form to release my health records to... myself!


That's probably a good thing.

If you find out that your records were released three times in the past year and when you ask to whom they were released to, it's better to have a piece of paper with a signature on it than for them to say "it must have been you, because we don't have any paperwork".


They want a signature on paper in case you're not you.


Yeah, sounds like either you're the person in question, in which case the paperwork means nothing, or you're not the person in question, in which case you've defrauded the office and they can point to that (and how they were deceived) if the real person asks why their info was released.


It also sounds like what happened at my (australian) high school. On a state exam one of my classmates had his older brother sit the exam for him.

Now the coversheet for the exam has a place to write your name and sign it which you must do before starting the test.

The older brother signed it as his younger brother. Then was charged with forgery. The requirement to sign was there to make that kind of cheating a crime.


Germany has the same approach with the forms you fill out on Hotel check in. They are on paper on purpose and have to be achieved for a year in case the police wants them to identify people. You of course could do that digitally, but then you wouldnt leave your fingerprints and DNA.

German source https://www.welt.de/wirtschaft/article191846877/Hotelanmeldu...


When I was a kid my mom took me to a doctor, they had her sign a HIPAA release for herself which I thought was kinda funny.

It makes sense why (default to release to nobody but the patient), but I just thought it was funny that although she has the authority to add herself or anyone else that she wasn't on the list by default.


With HIPAA, it is always better to be safe. In the case of requesting medical records, they generally want proof that they released it to you and not your fictional younger brother who looks almost like you but will give your information to a boss.

I honestly would rather have this.


That's surprising to me, because I usually see HIPAA taken very seriously. (I think the problems are more likely to be that personnel don't understand information technology and how fragile and untrustworthy our own "tech" field's work is today, not that they don't take HIPAA seriously.)

Related: On check-in for a doctor appointment, I was given a routine consent form to opt-in to some kind of sharing of info (for research purposes, or something like that). I instead checked the checkbox on the form that explicitly did not consent. The person at the front desk didn't seem to quite know what to do with the form when I didn't check the checkbox that was expected, but they accepted the form after a confused pause, and hopefully it was processed correctly.


A lot of medical forms will ask more info than they need (such as Social Security Number).

I rarely go to a new doctor, but when I do, I usually leave about half the forms untouched, and the other half, half-filled out. Never had any any issues with the staff. Your mileage may vary.


I've had the exact same thing happen at a US hospital. Probably the same software. I've also had a similar experience at my kids' school: By signing I agree to abide by their network acceptable use policy (no copy of said policy to be found).


The last time I went to Rite Aid to pick up a prescription, their point of sale system asked me to acknowledge whether I spoke with/declined to speak with the pharmacist, before I got to speak with the pharmacist.


To be fair, you probably could have simply waited to pay for the medicine until after you spoke to the pharmacist. If Rite Aid's system is like the pharmacy I worked at in the US, it was impossible to pay for a prescription until you sign.

The vast majority of folks picking up prescriptions do not talk to a pharmacist.


If they get stuborn and don't wanna provide the docs I was supposed to read, I manually edit the form to state that they will give it to me later, and sign+date the edit as well. Usually everybody is happy.


You could also "sign" using a random figure, not your real signature, after all. No? Nothing prevents you to do so, legally speaking.


You mean other than 'perjury' when they ask you in court if that was your signature?

No, it doesn't HAVE to match your usual signature, but that's not the actual point of a signature anyway.


Write "I don't agree" or something similar as your signature?


Nobody at the office seemed to understand here what my objection was.

Of course not. Because the rest of us were writing, "HERP DERP" in the signature line and moving on with our lives.


Actually, that made me think of a good idea. If the provider employees aren't aware of what's actually happening in this situation or just don't care, just write, "I didn't read this form" on the signature line and hand it back.

Have a good laugh when that document is presented to a judge.


I think signing "FORM NOT PROVIDED" might go over better with the judge, than outright stating what can be perceived as your own ignorance in signing something without reading it. That is, cut off the possibility that the judge, when presented with the printed form and your signature printed on it, interprets it as you signing "I didn't read this form" when the text was in front of you.

In principle, when there's a problem situation you are documenting, I think it's better to make sure you document what the other party did wrong first and foremost, then move on to what you did in response to it.


I’ve done this with a bunch of “???”. Nobody has ever checked.

It’s also a habit to sign actual restaurant receipts with a signature that isn’t my real one but a specific one for restaurants.


You don't even need to sign anything sensible at all. They almost certainly aren't going to check, and if you try to defraud the restaurant by refusing to pay, you might find yourself in trouble, regardless of signature.


On the contrary, I’m not trying to defraud anyone. I’m using a custom signature as evidence that it actually was me; if someone swipes my card and uses it somewhere it’d be obvious that it wasn’t me because the signature would not match the consistent deterministic gibberish that the real me would have signed.


The OP said

> I overheard other patients saying things like "I'm not signing something I haven't seen"

So it sounds like this was a common complaint


For these kind of forms my signature is just a line; screw it. I've seen electronic forms where you literally type out your name in print, and sometimes they get cheeky and put it into a signature looking font. What's the point? I'd love to see whichever engineer cobbled that half baked system together watch it get blown up in court.


> they found commanders were required to certify their troops completed 297 days of mandatory training, when only 256 days were available for training.

I think we often underestimate just how bad this sort of thing is. It's not just a question of personal integrity, or of whether the real value is a viable one.

First, these practices create miscommunication. If some clever analyst realizes training can be done in 256 days rather than 297, they might write a report recommending 30 days be shaved off training time. And unless someone who knows about the discrepancy gets involved, it's possible that "cut 30 days" will get implemented formally against the lower real timeframe. (This sort of thing happens all the time with budgets, where extra money that's been informally redirected to a different expense is formally cut as bloat.)

Second, they weaken the integrity of the system. No matter how upstanding the individuals, certifying nonsense disrupts a Schelling point of "printed and signed claims are accurate", and so it becomes harder to react to actual problems like the people cheating on nuclear missile readiness training. It's the print equivalent of unimportant elements in a safety routine; changing the routine is fine, but getting sloppy endangers the parts that do matter.


Although in a very different context, the certification of nonsense is to a great extent what made the economy in the USSR a total mess. Lots of money is lost because of this.


Here's a podcast where one of the authors of that study goes into more detail, especially on your second point:

http://www.econtalk.org/leonard-wong-on-honesty-and-ethics-i...


The OP links to Wong's paper, but the URL is bad:

correct URL: https://ssi.armywarcollege.edu/pdffiles/PUB1250.pdf

bad URL in OP: http://www.strategicstudiesinstitute.army.mil/pdffiles/PUB12...


A lot of that report had me going "yeah this is not good" but it wasn't until

"I falsified the [traumatic brain injury] report that changed a distance from the IED strike [to where] one person was standing. So that way someone didn’t come back down and stick a finger in my CO’s chest and say, “You need to evac that lieutenant right now!” Because in the middle of [a] RIP, that’s not going to happen. If I do that, I’m going to put my boys in bags because they don’t have any leadership. That ain’t happening. I owe the parents of this country more than that."

That I really had to stop and stare and re-read the paragraph to make sure I understood what had happened.

That is horrifying but the worst bit is I can sort of see the reasoning behind it, but bloody hell...


I wonder how common this is in a worldwide or perhaps developed country-wide comparison.

I know this happens/exists, but I have not seen it in my country. There are people who simply will not read what they are signing, but having to sign something that is factually wrong or impossible or without having the option to read it hasn't appeared to me yet. While anecdotal, I would have expected to see this as well if it is as widespread as I'd expect it to be. (I sign about ~10 things every week which might be on the low side or high side depending on job/location/context)


It's entirely possible that the training was de-facto complete, i.e. they covered all of the material issues in a shorter timeframe, and the remaining bits might just be bureaucratic padding anyhow.

i.e. the nature of these problems may stem from other forms of inefficiencies.

In the work camps on the Alberta Oil Fields, there are literally signs up in front of the all of the pissoires instructing men on 'what angle to hold your penis at' so as to avoid splatter. I'm. Not. Kidding.

Can you imagine the site Engineer signing off on the bathrooms, possibly knowing the 'how to hold your penis' safety posters have not been issued yet?


I've worked in places where those were put up on a volunteer basis by people who got tired of stepping in puddles...


The advice to "cross out" the offending lines has been interesting to me as of late. I bought my first house recently and with that comes a thousand signatures for all kinds of things. I ran into a few interesting cases.

1. Nobody seems to notice or care.

I did this to a bunch of minutiae, misspellings, wrong addresses, etc. They do make it into the scanned copy and as far as I'm concerned, the record. But nobody seems to notice or care that it got changed.

2. "Let's talk about it but I still want your business."

I crossed out some things about data sharing that I disagreed with on some insurance forms. I got a call days later that someone noticed this. It sounded like they had a protocol for handling it. This felt like a, "there's an option to decline but we won't show it to you; you have to ask for it" kind of thing.

3. "You just ruined this 30 page document."

Okay so she didn't say that, but she did have to make an effort not to sound irritated that I crossed out some stuff. The resolution was a polite, "this is non-negotiable by the lender. If you don't agree, then we won't be confirming the mortgage today and you won't be closing today, leading to an expensive breach in the contract with the home seller." She then re-printed the sheet I "ruined" and I initialed it.


Fun related story. I bought my first house when I was working for reddit, and brought in the stack of papers to review at lunch. Steve, reddit's founder, looks over and asks what the papers are for and I tell him for the purchase of my house.

He stands up, and says incredulously, "That is completely ridiculous. I sold reddit for a lot more than price of that house, and the contract was only a few pages. What the hell is in that packet?!" I couldn't help but agree with him.


After the last recession, the abomination known as Dodd-Frank "fixed" things by requiring massively more paperwork than before. It just made the whole home buying process more expensive and less accountable. For example, even though you pay the appraiser, you are not allowed to pick the appraiser or fire them. We had a complete incompetent come out to do an appraisal (lost 3 times trying to find the place - delaying settlement) (unable to determine basic things about the property, delaying settlement) ... and there was nothing anyone could do.


Hahahaha. But how many houses are sold annually vs. how many reddits?


I think the key question is: how many institutions are involved in selling a house, vs how many are involved in selling a company?


I think in the case of most documents you sign when buying a home, a) you don't have a choice (except don't buy a home) b) there are way too many documents to read (are you seriously going to pay the notary to sit there for 6 hours?) and c) it's all highly regulated and formulaic. Have you ever heard an anecdote to the contrary, ie someone who was bitten by a hidden clause when buying a home?


Honestly, the best way to do this is to just pay an attorney who specializes in it. They will just tell you what you're agreeing to, and you can actually believe them since they are your attorney. It's not cheap, but not too expensive on the scale of a real estate transaction.


I think this is only the case when getting a mortgage, which involves a regulated third party which is likely going to resell or insure the debt, involving fourth parties.

If you just buy the house like you buy anything else, everything is negotiable.


This is exactly what they hope the buyer would think. Many things in those contacts are negotiable.


You should be receiving a copy of the majority of these documents at least three days before closing to review


> leading to an expensive breach in the contract with the home seller."

Did you waive your financing contingency?


Your edits don't matter unless the counter-party initials them.


Terry Pratchett nailed the expectations of commerce pretty well. Lies are ingrained in our business dealings and openly enforced by management.

>"Zoon tribes are very proud of their Liars. Other races get very annoyed about all this. They feel like the Zoon ought to have adopted more suitable titles, like ‘diplomat’ or ‘public relations officer.’ They feel they are poking fun of the whole thing."


All the more amusing when you realise that Pratchett's job prior to becoming an author was as a public relations officer.



In Star Trek you have the Ferengi, a species known for lying. I like them because you know what you can expect. Of course I've never had to deal with Ferengi, so for me it's easy to say this... ;-)


>Of course I've never had to deal with Ferengi, so for me it's easy to say this... ;-)

You may be dealing with them more than you know. - https://en.wikipedia.org/wiki/Farang


All. The. Time. Legal paperwork is "it's just standard required legal blahblahblah, just sign it" right up until there's a dispute, and then it might as well have been signed in blood.

A job I worked at required that I acknowledge having received and read a pamphlet on sexual harassment in the workplace. My understanding is that it is a requirement of the state of CA that employers distribute such a pamphlet. The state even has a stock pamphlet that fulfills the requirement, though employers are free to substitute their own. My employer wanted me to acknowledge that I'd received the one via the HR website … except the link caused 500 Internal Server Errors.

I reported this, and even noted that if the link just goes to the standard pamphlet [and I linked to that] that we could consider the defect in the website "cured" and I could sign and life could move on. That part of the message got ignored, of course; the people responsible for the HR site are like "well it works for us?", and of course there's still pressure to sign a statement that I've read this thing.

All of that after I explicitly asked for any and all paperwork that would require my signature up front before becoming an employee. (This was, of course, not included in what I was given prior to starting.)


> All of that after I explicitly asked for any and all paperwork that would require my signature up front before becoming an employee. (This was, of course, not included in what I was given prior to starting.)

I'd be interested in what would happen if you pushed hard on this point. Giving people surprise contracts after they have quit their previous job, moved their family and acquired a new house should not be acceptable.


Unfortunately, pushing hard (as in, "I will not sign this since it was not given to me pre-employment") might actually get you booted. Companies routinely update policies and a refusal to comply with those, even created post-hiring, may be sufficient for termination.

If what you mean is "this policy sounds reasonable, but I cannot sign anything sight unseen" any reasonable HR will just print (scan / email) you a copy of anything they want you to sign. My 2c.


The first part is totally reasonable. If the company wants to change policies and you don't agree to those policies (and are in no way able to change them), why should they let you stay? Why should you let yourself stay? If a new policy is that egregious that you would rather possibly lose your job than sign in agreement, why would you even want to stay there? At that point, it's in everyone's best interests to part ways before it becomes a real issue.

If the company actually cares about keeping you and they have any sort of leeway as to changing the policy, they will listen to why you can't agree to it.


> If the company actually cares about keeping you and they have any sort of leeway as to changing the policy, they will listen to why you can't agree to it.

I agree in spirit, but I suspect this would almost never happen: companies who care and track employee signatures on a bunch of HR policies tend to be large and inflexible (smaller companies would often make some blanket blurb "thou must read and comply to policies that you can find <here>" and move on -- they have technologies to develop).


What if you’re starting out or otherwise don’t have the leverage?


If you just started, that's the perfect time to jump ship to something else.


There's two parts, I think, to the parent's point.

Using your leverage as an employer to change the terms of the agreement immediately after the agreement has been made is unacceptable. It might be legal¹, but that doesn't make it right. And when you present subsequent legal agreements after I've started my employment that I "must" sign when I explicitly asked for them up front (and even when my employment agreement states that this is "the entire agreement" too!) — I mean, the company might as well put on their best impression of Darth Vader "pray I do not alter it further".

There's also the point about asking for HR to send you a copy. I actually did that in the case above, and it just never happened; HR wants you to go through the website, for everything. It's incredible how dead set some people can be, because "that's the system"! The entire thing was inane, and so fell by the wayside, and was forgotten about. About a year later, someone new took over, audited their predecessor, found out I hadn't signed, and sent an email "Hey, we noticed you never signed that you've read the pamphlet, can you sign?" and attached the pamphlet as a PDF to that email. Since that rectified the error (I now had a copy of the pamphlet) a signature was given and life went on.

¹IANAL. I honestly don't think "we won't fire you" should be valid as consideration in a contract. Thus, such agreements lack consideration, so they're not valid contracts, signature or not. I think some Canadian courts have agreed with this, but alas, I'm not in Canada. I'm still at-will, so IDK if it really matters per se, given what at-will is.


I am likewise not a lawer but wouldn't your wagers be consideration? I mean "You give me money and I do a thing for you". Is pretty standard as contracts go.


Yes, in the original agreement wages are absolutely the consideration. The point is here is that — all too often IME — companies will, shortly after you start, ask for another signature on an additional agreement, giving them (the company) additional things. The sexual harassment pamphlet example is mild (and more about me not signing something falsely rather than a bad deal), but I've also seen IP agreements and stock agreements after the fact.

If you consider only what has changed from the original agreement: the company gets whatever it is you're signing the document for. You typically get nothing, aside from getting to keep your job. It's in this second agreement that I just don't find a compelling argument that "keep your job" (i.e., wages) suffices as "consideration". If you do, it's effectively reneging on the original deal, and trying to replace it with a new one that's not as good for the employee. Meanwhile, the employee has likely left their previous employment, and is at a huge disadvantage to walk away at this point. Particularly so when a prospective employee asks for anything that requires a signature up front, and when the documents in question use legalese like "this is the entire agreement". After that, there shouldn't be any more agreements unless something actually changes.


Those people get the documents. I've never been in a job that required me to sign something that I couldn't see. When it doesn't work, you say no. People are too afraid to say no.


> I'd be interested in what would happen if you pushed hard on this point.

No employment, problem solved.


“It’s just standard whatever” is really fun when you want a change and you have all the leverage. It’s hilarious to watch the tune change when you say you just won’t sign in that case. Alas, I’ve only been in this position once.


I've once been in that situation where the company tried to introduce a contract rewrite with the standard lack of clarity over whether it applied to everything, including outside work (e.g. open source contributions). There were enough open source developers in the company that this was a big problem.

So we all just refused to sign the contract change.

The situation stalled for a few months, and they eventually backed down and wrote in a clarification. This was the UK, so we actually had rights and couldn't just be arbitrarily sacked, and everyone was aware that pursuing individuals over this would lead to a mass exodus and the destruction of the company.


That's the effect of unionizing, that is, sticking together.


Collective bargaining, indeed! A union is merely this formalised.


In the UK, you can't legally get fired without cause, regardless of being in a union or not. (You can be made redundant but shrug).


And if they hire someone else to do your job, that wasn't redundancy, that was firing under false pretenses, and you can sue.


Not signing a new contract in the UK is not as protected as you think here. Unless TUPE applies where there are protections


Not protected in the formal sense, but the old one still applied with its month's notice in both directions. Really the key factor was the difficulty in replacing developers.


Had to quit the company I worked at for 4-5 years after the owner died his wife took over - and tried to force non competes that were forever and transferable if the business was sold etc..

The contract was so broad there was no way it was valid. The kicker was she was withholding my standard'ish larg'ish bonus. I just walked and finally she came around - took years for us to mend our relationship.


I actually don't mind signing unenforceable contracts.

You don't have to say anything, life can be like a game of poker. If your perception of reality is correct, you gain outsize influence, if it is incorrect (or more specifically "can't gain consensus") then you are poor or are imprisoned or killed. Do you gain a benefit by informing someone else about their perception of reality?

I primarily try to be rich enough to exercise my perception of reality in appeals court, because thats the only place it really matters.


I quit my job, and moved to another state only to be presented with an egregious unenforceable noncompete on my first day of the new job.

Signing it knowing I was in the clear was the best of a couple bad options.


In a lot of situations where a contract like that comes to court, the company will try to convince the judge to simply reduce the scope of the contract to whatever seems reasonable to them - and this can succeed. (Of course if you're in a state where non-competes are blanket illegal, that's different.)


I do the same thing. It's not even necessary to be especially rich in most cases, so long as you took the time to read the relevant statutes and case law in advance. An hour on a search engine is often enough.


Shit! Did you get the bonus in the end?


Oh yeah on day 3, she said come in and we'll talk... Talked for 2 hours and she was still stuck on the contract.

Finally I told her 'I feel like that check your holding is already mine' - aka your on the verge of theft..

I immediately spent the next month negotiating the bonus into the base pay. Took a few years to regain trust and now I'm at a glass ceiling (which I won't complain about but feel fortunate about)


In employee-employer relationships, the employer typically has all the power, so if you refuse to sign, you will likely be terminated. This comes up all the time with signing NDAs, copyright assignment policies, anti-moonlighting policies... you have to sign it or you’re gone. I’ve tried the cute “strike out the clauses you don’t like” trick and in every case, Legal got back to me in a few days with a stern “Sign it unmodified or GTFO.”

I also remember a company that I worked for where every week, you had to sign a paper showing you worked 8 hours each day for a total of 40 hours, regardless of whether you actually worked more or less. This was for a salaried position with no overtime so it didn’t really affect my compensation. I tried correcting the numbers and HR said you can’t change them. I pointed out that I’d be lying if I signed it unmodified and the response was I’d be terminated if I didn’t sign. So, of course I signed it but it seemed like such a pointless exercise.


I once accepted an offer and the next day I put in my 2 week notice at my new job, and later the same day I found out from a press release that the my new employer was being acquired.

A year or so into the new job, the CEO emailed everyone in the company a restrictive NDA, non-compete, non-solicitation contract and told everyone to sign it. It included language about theft of company forms or documents among other things.

I looked at the metadata of the contract doc and the "company" tag was the CEO's previous employer. Which told me that the CEO "stole" the doc from his previous company, and was asking everyone to sign something saying they wouldn't do the same.

Because of that I decided not to sign it. Several other colleagues refused it too. No one was terminated, but there was a large staff exodus shortly after who were solicited by another former employee. I stayed on another 6 months to finish a project but left after that to join my former coworkers.

I would have been open to signing if I was compensated for it, but that option wasn't on the table, and I wasn't willing to restrict my future ability to find work with no benefit to me.

Lesson learned: Reusing legal forms from old companies can cost a lot more than a proper lawyer review would have cost. Don't take shortcuts when signing OR asking people to sign a legal document.


As a counterpoint to this, a few years back I was freelancing for a fairly well known startup. My first day on site their lawyer gave me a contract with a clause saying something to the effect of if the company found my work unsatisfactory I would redo it free of charge. I brought this up to the lawyer and he immediately agreed he wouldn't sign something similar (also that he was surprised that I actually read the contract since it was otherwise fairly standard). He struck it out and we both initialed.

No issues came up but I've since felt vindicated in doing a close reading of anything more important than an EULA.


Arguably that's a bit different though. If I hire a contractor to do a job (whether construction or software) for a fixed price and they do a sub-standard job, it's really not unreasonable to expect that they'll correct deficiencies prior to final payment. (If I'm paying them hourly and there are no other conditions in the contract, then it's probably on me though.)


Usually contracts with a do-over clause like that also include very specific, objective measures of what makes a job sub-standard (like not being able to pass certain engineering inspections, in the case of construction jobs). A contract that just says "I can make you re-do this work if I'm subjectively unhappy" is insane.


Things tend to be more formalized in a business context but my experience with contractors, etc. at home is that it's often pretty loose, at least for relatively small things.


There's quite a big difference between voluntarily making a few tweaks to something to keep your client happy, and giving them a legally enforceable right to unlimited and uncompensated re-work until they're satisfied.


Finding something "unsatisfactory" is an incredibly vague term and does not necessarily mean someone did a substandard job.


This is why civil suits exist. Generally such attempts at exploiting clauses made in bad will get settled out of court.


Satisfaction clauses like that are the thing I always tell my contractor friends to look for. No sane person would agree to it but the corporate lawyers often manage to sneak it in.

It’s usually enforceable but it’s also almost always negotiable.


Careful, the surprise may be fake, because it was struck out and you both had to initial--if it was so weird, why did they just not give you a new copy that didn't have the clause?


I don’t understand what you mean, can you clarify? What is the difference between striking out vs printing a new contract, and why is one choice or the other correlated with the surprise being fake?


I suppose theoretically one could imagine a malicious company having a contract with language that is favorable to the employee, and then striking that out after the employee has already signed, with the intent to claim that the employee signed with knowledge of the struck clauses. But then again, if contracts were ever intended to be the end-all of legal dispute then one would think they'd use something less easily forgeable than mere initialing.


The lawyer was surprised that someone actually read the contract, not that the contract contained a satisfaction clause. The lawyer was probably already aware that the clause was there, and it's a standard contract that they use for all contractors.


I was in exactly this situation at UTMB Galveston around 2002ish. I ended up in a room with the manager who decided to implement the policy & one of the hospital's lawyers. The lawyer was patiently explaining to the incoherently-sobbing manager that:

1. UTMB Galveston was indemnified from her mistakes by her employment contract;

2. She owed me something like 60000$ in unpaid compensation, and that the State of Texas would probably penalize her another 250-500k$; and,

3. A cursory investigation showed that there was probably another several million in fines & compensation, outstanding in the complaint, that she would have to pay.

We "settled" with an official apology, an official write up in her permanent record, & a change in policy. (She quietly "left" shortly thereafter.)

If you have to track your hours to be paid (or not terminated), then you are by definition not a salaried employee: you are hourly. The way the FLSA works is it asks how the employer treats the employee — if you're treated like you're salaried, then you're salaried. Legally, there's no notion of 'salary' and 'hourly' outside of this. (Ignoring all the real complexities of the law.)

Requiring an hourly worker to falsify statements of hourly work is a serious crime. The repercussions are pretty crazy.


> 1. UTMB Galveston was indemnified from her mistakes by her employment contract;

For a low-level manager? That's insane and I'd be shocked to see that hold up in court.

> Requiring an hourly worker to falsify statements of hourly work is a serious crime.

Maybe, but it's also one of the most common non-punished crimes in the USA.

https://en.wikipedia.org/wiki/Wage_theft


For a low-level manager? That's insane and I'd be shocked to see that hold up in court.

I wouldn't. In the United States, you don't screw with labor law. Pay your employees late a couple of times, and if the right bureaucrat finds out, your company is gone.


>If you have to track your hours to be paid (or not terminated), then you are by definition not a salaried employee: you are hourly.

Every law firm I know of has their associates keep track of hours and all are on salary. I assume the lawyers know what they are doing.


For salary purposes or for client billing? I'd imagine the distinction matters


I'd speculate that the certification of hours might be an effort to deny unemployment benefits. The company can fire you for cause and claim that you lied about your hours. If everyone breaks some minor rule all of the time, then prosecution and punishment becomes entirely discretionary, used only when furthering the goals of the authority.

I'm not sure if this theory would actually prevail in an unemployment hearing - it varies significantly by state - but the business loses nothing by trying.


The business stands to lose something by trying this: when I learn that they knowingly entrap their own employees in this manner, I will refuse to work with them. I'm sure I'm not alone. Given the cluelessness of many companies' recruitment, they may very well not realize this, but they will in aggregate lose out on some portion of viable talent.


If a terminated employee can prove the sanctions are being applied arbitrarily that's totally grounds for wrongful termination.

But who knows, the court system is so in the pocket of employers in stuff like this and it's so expensive to litigate in the first place it never really happens unless you've got a huge organization with deep pockets.


I know this probably limits my career potential, but I consistently choose smaller companies and enjoy avoiding this kind of thing. There are software "mom and pop" companies all over the place, itching to find a good hire. I sign exactly one piece of paper, my employment contract, and they've always been good about negotiating good terms that allow me to keep my side projects and things of that nature. I think I would sooner change career than move into a corporate sized company, no matter how "startup" the culture is.


I've had mixed results going this approach early in my career. At small companies, you can find some _shockingly_ huge egos. "Tiny kings, in tiny kingdoms" as they say.

The worst one was where during the interview, the interviewer specifically warned about the dynamics of the place: "we serve at the pleasure."

And indeed we did. The owner expected bizarre rigid behaviors. For one, everybody clocked in/out (a question that didn't occur to me to even ask about), and if you clocked in >5 minutes after when you were supposed to start, you had to go to HR and sign a document explaining why. This was a development gig.

We also had to watch cartoons made by the owners wife. Absolutely bizarre place. I made it about 6mo before getting the hell outta there.

The other notable "small shop" experience was when I stopped getting paid on time and the company credit card started getting declined.

MegaCorp1 is nice in the way that the others were not.


Were the cartoons work related?


Where I work this is a thing. We are required to report to the government how many hours we work and I think by law are entitled to overtime. Instead it gets reported as 40 his each week when that is obviously not true.

I'm ok with my compensation, and have no real complaints, except the lying to authorities pay.

This is in a FAANG company, but a European subsidiary.


An old defense contractor I worked at did the similar things.

It was required by federal contracting rules/law/whatever that our timesheet reporting be accurate. The spirit of the law was probably "don't charge us for time you didn't work for us", which is a reasonable requirement.

The problem was when I worked 70 or 80 hour weeks. I didn't get paid any more, the company didn't get paid any more (I have no idea how or why, I didn't do project or program management, so I have only the most cursory knowledge of the different flavors of the main contract types in defense contracting). I was just trying to follow the law and whatever agreements I had signed. Seems pretty easy, pretty cut and dry, right?

Nope. I was working on two projects - we often did this. 90% on one, 10% on the other, usually in some sort of super specialist role where you help with one specific aspect you might be good at and free up other devs' time to focus on the actual dev, not things like Decision Analysis and Reporting plans for your CMMI compliance. The problem was the percentages were fixed. That means if my 90% project was in crunch time, and I worked a 70 hour week, even if I still did the normal 5 hours for the 10% project, it didn't work out that way. They normalized all the hours back down to 40, so the normal 5 ended up looking more like 3. Shouldn't be a big deal, but different contract types, different budgets not burning at the right rates, blah blah blah blah blah.

The result was they asked me to work a proportionately increased amount on the 10% project, as well. So not only was I putting in an extra 30 hours a week for no extra pay, no benefits, no tangible rewards in any way, but they wanted me to do even more of that on the other 10% too.


So then report them. If you don't, then you're lying as much as they are.


I agree, but it doesn't seem worth risking my job over. I know, pretty weak.


Keep another accurate record of your hours and then when you are ready to quit, sue them for the overtime.


Switzerland does not allow this.

http://www.webster.ch/humanresources/overtimepolicy.html

> All extra hours and overtime [...] must be announced to HR department before the 10th of the following month

> Any hours that are not announced respecting this time frame will be excluded from any form of compensation.


I have a friend who did this - it works. I doubt they'll have to sue, probably a simple demand letter will be sufficient.


Anonymous tip to the authorities might work.


Keep a record of your hours worked, and send them an invoice for the difference at the end of your employment there. Good chance they'll pay it to avoid the headache of arguing.


> In employee-employer relationships, the employer typically has all the power, so if you refuse to sign, you will likely be terminated.

Almost always, it won't hurt to ask. I've gotten approval to cross out some of the clauses when it didn't matter to the employer. Ex: ownership of work clause when I wasn't in a position providing work; but they wouldn't let me cross out asymmetric notice clauses.

I also neglected to sign an NDA for about two years once; I was asked to sign and scan prior to employment, but had some equipment issues and was told we'd do it on the first day, but it was forgotten, until investors wanted to see that everyone had an NDA prior to the next round of investment.


This can vary quite a bit employer to employer. As a contractor I've always successfully crossed out indemnification clauses, noncompete clauses (except while the contract is in progress), and anything that lays claim to my time or effort outside of work. But I've also been willing to walk.


You have more leverage as a contractor I think, the position is different to an employee. Clauses like noncompetes and IP claims outside of the contract are a pretty hard sell for a contractor, as it limits your ability to work after the job is done and as such it's going to be hard to hire a contractor with those kinds terms. I imagine clauses like that are designed to keep employees around for as long as possible, not really an aim if you're hiring a contractor.


Depends on the goals of the contractor. They might concede to some crazy agreements to be able to list a big name company or a high profile project on their work history to get higher paying work in the future.


Not saying this is right or proper... but if you are in the U.S. then this was almost certainly about corporate tax reporting. Your salary may or may not be deductible from the company's business tax, depending on whether your work is classified as an "operational" or "capital" expense.

Different companies are more or less zealous in how they collect documentation for these tax deductions. I've worked for companies where management just "handles it", and it's invisible to employees. I've worked for companies that not only make salaried employees log hours, but also do separate them by project code (with some codes being "operational" and other "capital").


> I pointed out that I’d be lying if I signed it unmodified and the response was I’d be terminated if I didn’t sign

Why isn't this a good reason to file a wrongful termination lawsuit?


I've rarely had any pushback over clarification or refusing to sign as-is. A lot of the time a strike-through on a portion of a contract is sufficient. My bigger issue is electronic signing against versions that don't have the option of striking a line or two.

My biggest concerns are outside contributions and IP. Personally, I don't believe in Software Patents for the most part, and will not give up rights for stuff I build on my own time.


Yup, this happened to me too (signing off timesheets for an exempt position)


I don't know if I'm just lucky, but I've always had good results just not presenting my compliance with the law as something I have a choice in. "Oh, gosh, I really want to sign this, but I need X to fulfill the legal requirements. Please help me resolve this so I can do the thing we both want."


Would love to hear a concrete example of this. I love the idea but still quite can’t envision the execution.


Isn't the signature for the employer's CYA, not for your own? That is, if you lodged a complaint saying that you never received the pamphlet and were told to sign anyway (and especially if there's a paper trail of you saying you couldn't access the page and them telling you to sign anyway), can't they get in trouble for not following the law?


Yes-ish? That is, I'd be very surprised if anyone ever said "I know the page is down, but sign like it isn't anyway", at least in writing.

The general pattern for this sort of thing is that a different person from the one who got the complaint comes by and reminds you you haven't signed the form, and HR is breathing down their neck now. And if you explain about the error, they might reasonably say "well, if it's the same form as the one you did read, then who cares?" After all, it's not their form, they're not asking you to lie - just pointing out the same sensible thing you did in the first place. In the most extreme case, a bunch of people would ask this, none of them would ever push back up the chain, and if you refused strenuously enough you might get fired for "failing to sign the sexual harassment form" (or more likely, for no stated reason). Nobody's going to ask for a lie, they just ignore the problem and keep repeating the initial request. That doesn't necessarily make it legal, given that the complaint was raised, but it makes proving the misbehavior enormously difficult.

I don't remember who said this first, but the miracle of bureaucracy is that it can create causeless effects. A bunch of people make a bunch of reasonable, innocent-looking decisions, and somehow they all add up to "lie or get fired" without anyone ever having to say it.


Except it doesn't work that way. When your boss has you in the room to tell you your fired, instead he would just have the form you need read and to sign.


Not necessarily. More likely, he’d just have the part you need to sign.


So you tell the boss that you need to see everything to sign it. Regardless of my relationship with my managers, they know that hiring a replacement is expensive and it's not worth being down a team member for a while, recruiting / interviewing, and training someone new over something silly.

(This might be legitimately less true for more entry-level jobs, which is why we have unions. Pushing back against unreasonable transfers of burden from the company to individually-low-power workers is basically the entire point of unions.)


> This might be legitimately less true for more entry-level jobs, which is why we have unions. Pushing back against unreasonable transfers of burden from the company to individually-low-power workers is basically the entire point of unions.

Precisely. If I had to guess which group of people get fired or penalized for this sort of thing most, I'd go with "shift managers". The shift manager at a fast-food franchise might have the most power in the room, but they don't have local control (i.e. ownership) or corporate power (i.e. any say in company policy). If somebody at the head office screws up like this, their options are to fire the person who won't sign, or complain upstream until they get fired.

If replacing people is a lot of work for the company (and especially if its not that hard on those replaced), these things tend to take care of themselves. If everyone is in one place and talking, sanity tends to prevail regardless. But when costs are low and power is sufficiently indirect, there's no guarantee anyone with a say in the matter will give it any thought.


Only if he wants you fired and to then have to pay you unemployment.


In a big company it won’t ultimately be up to him. A good boss will track it down but they’re not all good.


Yes, exactly. The downside of those "causeless effects" I mentioned is that there's no guarantee they're good effects. After all, no individual consciously made the choice.

If the organization gets big enough, it's very possible that things simply become both mandatory and forbidden, and no one with the power to fix it cares enough to do so.


What if you just send an email to HR saying "Hey - my understanding from so-and-so is that it's known that the system is down and I should just sign the form anyway for now, so I did so. Please let me know when it's back up so I can read the brochure, thanks!"? Are they going to fire you for sending that email?


No, but you just lost the whole reason you pushed back in the first place as you have signed a form saying you read something you haven't read.


Not exactly, if you would blow the whistle with internal comms and there's evidence to suggest it's commonplace, the company can be fined without your just cause, as per pro-bono suit. Of course, there has to be some goodwill on prosecutor's side.


Why does that matter? Is there any effective negative consequence to me from admitting that?


That was the whole premise of the article.


Not a job, but I signed up for a gym membership recently and the sales employee asked me to digitally sign the contract (displayed on screen) using an electronic signature pad.

Naturally I asked him to print out a copy so I could read it before signing. While I was reading the document, to make some small-talk I asked him how many people in the years he'd been there have actually read the contract they signed. His answer? 0. I was the first.


I backed my rental car into a tree and scratched the bumper on the vacation end of a business trip to Israel a couple of years ago. When I was at the rental agency working out how much I owed them, the lady handed me a paper to sign, completely in Hebrew, then got visibly annoyed when I insisted on looking at it through Google translate first.


>All of that after I explicitly asked for any and all paperwork that would require my signature up front before becoming an employee.

This reminds me of the Feynman story where he agrees to do a talk - but only if he doesn't have to sign his name more than 13 times.

They almost make it.

https://www.e-reading.club/chapter.php/71262/43/Feynman_-_Su...


I wonder if it's possible to keep an opposing paper trail somehow.


This is another Pandora's box. I can't tell you how many times I've received emails regarding my relationship with the company as an employee that are also then labelled as being "confidential", and thus not to leave the company's systems. (I.e., I'm not technically allowed to make a paper trail.)

I've also received countless "confidential, do not forward. We just posted on our public blog <TL;DR of blog post>"


This Dear Bureaucrat letter seems interesting as well. In response to the query, "How do I deal with this inadequate computer system?", the response is to use Shadow IT. I have strong feelings against Shadow IT, but I have equally strong feelings about government IT systems being garbage. I'm torn.

https://www.federaltimes.com/opinions/2019/04/18/dear-bureau...


Goodness, that reply is awesome in the detail and savoir faire! Thanks for sharing.


It makes the mistake of assuming, as the letter writer does, that the purpose of the foia system is to reply to requests in an accurate and timely manner, rather than to bury them in red tape.


[Running sarcasm detector.] Thanks!


Honest, I’m impressed.


Thanks. I'll post that column to Hacker News tomorrow.


I'm pretty sure tvanantwerp just did. ;-)


Last defcon someone did a really interesting presentation on how to investigate the government or government officials. Talked about how to get a FOIA request responded to, where to look for information.

What really stuck with me though was a slide they offered towards the beginning. I don't have it memorized, but it was demonstrating a sort of "pyramid of public outrage" for certain actions. Sex with children was at the top as most likely to generate outrage, hypocrisy was at the bottom, and somewhere near the bottom was misappropriation of government funds.


> hypocrisy was at the bottom

That surprises me given the furore around the likes of Michael Gove admitting to taking drugs[1].

Seems like a politician can lie, steal and manipulate without much complaint, but hypocrisy is a major sin.

(Although it's sometimes difficult to distinguish between genuine public outrage and the newspapers whipping it up.)

[1]:https://www.theguardian.com/politics/2019/jun/08/michael-gov...


>Seems like a politician can lie, steal and manipulate without much complaint //

I don't think that's true, there's just not much we can do about it.

Some Tory MPs are supremely awful people willing to cause harm to millions to line their own pockets -- and people vote for them because they will get richer themselves (so long as they don't fall ill, or get made unemployed, or become poor).

I don't think it's necessarily the hypocrisy here that has people up in arms. It seems that it's the unequal treatment (a close cousin to hypocrisy, for sure): has Gove been questioned by police, had his house searched, his computers and phone seized, etc.. I'm guessing "no he's rich, so he can get away with drugs crime that others get locked up for".

Many people probably thing his crime is de minimis and should really be decriminalised. But here's the rub, he is in position to initiate that; but he doesn't want to, because "letting proles use drugs is different to me using it" or some excuse.

In short, for me it's not plain hypocrisy but evidence of deep seated belief of their own superiority.

Per your last paragraph: you can't even tell if it's true, they just do it to try and look interesting when their public persona is very bland.


I just want to point out that there is a very active subreddit called Trump criticizes Trump[0] where people take historical tweets from Trump and show them as hypocritical compared to a more current tweet/events. The top post, for example, shows a tweet of Trump criticizing Obama for "attacking the internet" and saying that net neutrality is "the fairness doctrine" on the day that net neutrality was repealed, or another where he said he'd stand by LGBTQ+ and then ban trans folk from serving in the military. There's hundreds of posts and (other than people getting frustrated over the internet) nothing seems to be done about it.

[0]: https://old.reddit.com/r/TrumpCriticizesTrump/


Hypocrisy is only a sin when the other side does it.

Like when democrats push gun control and complain about systemic racism in the same breath or when republicans blindly advocate for whatever law enforcement wants while saying they care about individual liberty. Those things only ever get called out by the other side.


Off topic but I'll bite. What's the hypocrisy with gun control + systemic racism complaints?


I'll give you a Canadian example. Our gun control system has three tiers: non-restricted (basic rifles/"long guns", shotguns), restricted (pistols, AR-type rifles, an arbitrary list established by the RCMP), and prohibited (machine guns, some pistols, some crazy stuff). Each tier has more restrictive licensing.

For non-restricted, you do a ~$200 course over a weekend, send $60 to the RCMP, and if you don't have any concerning criminal behaviour in your past, you're free to buy as many rifles as you want.

For restricted, you do another weekend course, pay another fee to the RCMP, and go through a more thorough background check. Per my understanding, this check used to only cover the last 5 years, but recent legislation has, I believe, extended that to your lifetime. So you pass the background check, get your license, and now you're good to go? No. When you go to buy a handgun, you have to say what you're buying it for, and there are only two choices: target shooting or collector. If you ever plan on actually shooting it, you choose target practice. Now, before approving the transfer, the RCMP needs confirmation that you're a member of a shooting club with a range. Around here, that's another $150-$300/year.

So at this point, you've spent around $700, used up two weekends, and spent time on multiple phone calls (only open from 9am-5pm), and you're finally OK to buy your first handgun. All of that, and where's the systemic racism? Its not direct, but disadvantaged minorities are: less likely to pass the lifetime criminal record check (got in a fight when you were 19?), less likely to be able to take two weekends getting licensed, less likely to be able to afford the mandatory fees, and less likely to have a job where you can go and sit on hold for a while, waiting to get to the front of the queue.

While it's not explicitly racist, shooting (especially restricted) is definitely not a sport that is particularly accessible across socio-economic backgrounds.


I believe your mistake is using the term racism when you mean to say classism or elitist.


Systematic racism doesn't require a person somewhere saying "I hate black people" - it merely requires that the system be unfair towards people, correlated with their skin color.

Systematic racism could affect someone because the history of oppression against their race has resulted in them being born to a family that constantly gets evicted from homes due to poverty, which exacerbates the poverty for them and their eventual offspring, which means that the history of oppression against their race continues indefinitely.


Correlation vs. causation. Just because an inequality exists, doesn't mean it's caused by systemic oppression.


Black people in America experience more poverty than white people because of systematic racism.

https://www.americanprogress.org/issues/race/reports/2018/02...

https://webcache.googleusercontent.com/search?q=cache:Ld6aYU...

Even Ben and Jerry's knows this to be true: https://www.benjerry.com/home/whats-new/2016/systemic-racism...

Would you like to present your alternative theory for why black people in America experience more poverty than white people?


I think the bigger question is why does Ben and Jerry's have a page discussing systemic racism on their website. Isn't that a few astronomical units outside the scope of their business?


They are very active in progressive causes. Perhaps when they sold the company to Unilever they negotiated some deal that allows them to continue to use Ben and Jerry website for their activism?


The earliest gun control laws were pretty explicitly Jim Crow laws, intended to keep black folks from being able to defend themselves against, say, the guys burning a cross on their front lawn.

And even today, there's a disparate impact aspect to it. I mean, the neighborhoods where you're most likely to want to have the means to defend yourself are the poor urban neighborhoods, which are disproportionately inhabited by blacks.


Some states and counties make carry permits "may issue" so they are free to deny them for any reason. In practice the most liberal areas deny all permit applications except for well connected people. Infamously Diane Feinstein (a prominent gun control advocate) at one point held one of 4 carry permits in San Francisco county, a de-facto no-issue county. I suppose it's more elitist than racist, but membership of the elite varies by race.


In my state the process is definitely "racist" because you need to get the discretionary approval of the police, a group not known for being colorblind (to put it mildly), simply to posses in your own home(!!) anything that's magazine fed (i.e. anything reasonably modern).

The laws are also structured to make it legal minefield anyone who can't just get everyone in the household licensed (which ain't happening if anyone in the household has a record) and chuck all their guns in a safe. Sure, it's not overtly racist but there's s lot of less racist things that people complain about being racist.

It's all basically a poll tax on something that's supposedly a constitutionally protected right.


Assuming you're talking about a US state, I don't think a may-issue license to own a firearm that uses a magazine and keep it at home passes the test established by DC v. Heller and applied to the states by McDonald v. Chicago. Requiring a license is permissible under that standard, but it must be shall-issue.


>I don't think a may-issue license to own a firearm that uses a magazine and keep it at home passes the test established by DC v. Heller and applied to the states by McDonald v. Chicago

I am talking about a US state. I'm hoping they get a SCOTUS smack-down for the reasons you mentioned but I'm not gonna hold my breath.


Basically, who do you expect gun control will be enforced against?


Reagan and the black panthers not withstanding, having a gun hasent been very relevant the recent unjust murders that have hit the public consiousness. The police are perfectly willing to kill unarmed black men as well.


But if you want real gun control laws, bring back the Black Panthers.


In the US owning a gun is a protected right, just like voting. It has been ruled illegal to levy a tax on voting as that would place a hurdle on the poor (and thus minorities who are disproportionately poor) and effectively deprive them of their rights.

Poll taxes are seen as an explicitly racist policy, yet the National Firearms Act somehow is not despite serving the same outcome. Same goes for the myriad of fees associated with carry licenses, fingerprinting, mandatory training, etc. And left-wing politicians are actively calling to increase these with the express purpose of making it more difficult to acquire firearms... the hypocrisy being that this disenfranchisement would hit the underprivileged the hardest.

That's just the economic angle. When it comes to enforcement, prohibitions on stock/grip configurations, barrel lengths, magazine sizes, pistol models, and public possession will always fall hardest on those who have the most contact with law enforcement... which again is minorities and the poor. These are infringements on everybody's rights, but they are most likely to result in legal consequences for people who tend to get stopped and frisked, or have their cars searched at a traffic stop over an imaginary weed smell.


How then should someone who doesn't want people to have the right to own guns, go about exerting that desire?

I want terribly strict gun control in America (get rid of them all), but I am very swayed by your argument that restrictions are merely obstacles for the poor, rather than the rich.


Get enough people that feel the same way to come together in a coherent group that can wield comparable electoral influence as the NRA, for a start. That’s the absolute minimum you’ll need to get legislation enacted, and you’ll still run into Constitutional issues.

For anything resembling a complete ban, you’ll need to rewrite the second amendment which is an awfully high bar. The exact language change will be incredibly controversial in any case, but it’s one of the more vague amendments because it includes a rationale in addition to the right being protected. If you’re willing to compromise some, there may be room for clarifying the scope of the right to bear arms without removing it completely.


Same way you'd overturn any civil right. Get a two-thirds majority of states to agree and hold a constitutional convention. Probably easier to just move to a less free country.


I understand that to you, freedom means the ability to carry a gun around and decide when another person should die (i.e. at what threat level shooting them is justified).

But please don't be so dismissive - freedom to me means not having to worry about my kids being shot at school, or having to carry a gun around to defend myself with.

Other countries you describe as "less free," I'd describe as "more free."


Freedom is the absence of coercive interference over one's life. Exercising self-defense with adequate tools is affirmatively more free than being forbidden from doing so.

Safety is not freedom. Both are desirable but conceptually there is no overlap, and in reality there is often a tradeoff. Conflating the two as though safety is a form of freedom is a pretty good shibboleth for authoritarians; let alone defining freedom as the feeling of safety, which is textbook doublethink.

The US has strayed in many ways, but we seem to have the most people out of anywhere who are still invested in actual freedom.


> freedom to me means not having to worry about my kids being shot at school, or having to carry a gun around to defend myself with.

There is no requirement to do either of those things, I don't do either myself but if I wanted to I'd be allowed to. That's freedom.


You shouldn't. Criminalizing private firearm possession is inherently a calcification of the police state's power to control the poor and protect the status quo for the rich.

You should worry about the systemic social problems that breed violence instead of fixating on one of the tools used to carry it out. We have seen with drugs and alcohol that prohibition exacerbates these problems rather than fixing them.


Gun control in the USA has always been enacted specifically for racist reasons, from the very first regulations designed to disarm freed slaves that defended themselves against lynch mobs, to federal regulations in recent history when the black panthers carried long arms onto the floor of congress.


The "Slate Presents: Charged" podcast [0] claims that in NYC, stricter gun laws are replacing "Stop and Frisk" as a go to method for racist policing.

[0] https://slate.com/plus/charged-podcast.html


Do you know if this talk is on YouTube?



Ah, thank you! I had spent 15 minutes unsucessfully looking through the program for it.

I can't find his slides on the media server: https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20pre...

Usually everything from defcon is present. Weird.

Anyway, someone more motivated than me may be able to turn them up. Thank you for finding the speaker.


Seeing the no camera symbol in the twitter picture, I think it not being on the internet was done on purpose.


> hypocrisy was at the bottom

Where it belongs. Reminds me of Norm MacDonald’s recent joking about Bill Cosby being a hypocrite.


I'm curious why you think hypocrisy belongs at the bottom. Is it not reasonable to expect our elected officials to "walk the walk", and get pissed at them when they don't?


It is reasonable to expect anyone to walk the walk. It is not reasonable to become very angry when they don't. Elected officials are more of symbolic representations of the ideas they're elected to uphold/enforce/legislate/whatever, and I can't understand why people act surprised/angry/outraged when they realize these officials are just flawed humans like everyone else.

That said, it is perfectly reasonable to be pissed when they do something wrong. But the significance here is that they did something wrong and the severity of the act. Their actions matter much more than any disagreement between those actions and what they present about themselves. We should be angry at the act, not the hypocrisy.

The Bill Cosby example would point at any outrage over Bill Cosby being a serial rapist specifically while presenting himself as a wholesome character/person. If your problem is the disagreement between his actions and his presentation of himself as a wholesome character, there is something severely wrong with your reasoning for this anger. The disagreement between action/presentation is so infinitesimally small compared to the action itself. I seriously worry for the society and people in it that are more concerned over hypocrisy than the act.


I'm not sure Western thought agrees with that. Hypocrisy has long been considered extra evil. There's even a circle of Hell named for it, the 8th, Fraud, of which Hypocrisy is a special case.


This normalization of deviance can burn you for playing along.

In a previous job at an F100 company we routinely used contractors for a lot of day to day work. Every other week we had to sign a statement certifying the number of hours worked. This was fine for the first couple of years when we only had about a dozen contractors split across two managers.

As our organization grew, so did the number of contractors, mostly under a third manager at a different site. Due to peculiarities about how this large, blue logoed F100 company dealt with purchasing and contractors, I and a peer still had to sign the certifications instead of the third manager. We both protested (verbally, which was a mistake in hindsight) but were told "just go ahead it's how we do things."

Funny thing. That third manager, working out of our sight with their army of contractors at another site? Yeah. They were colluding with the contracting agency to overbill the company.

My peer left for unrelated reasons. The colluding manager left for another company as the scheme was coming to light. I spent a week being grilled by the company's purchasing team and eventually company lawyers about my "participation" in the scheme. Because, of course, I had signed all of these timesheets certifying that the hours worked were true.

In the end as far as I can tell the only penalty was for the contracting agency to be barred from working with the company again (they closed, formed a new LLC, and started right up again within a year). I got dinged professionally as the only manager left holding the bag so to speak.

So, if you find yourself in that sort of situation where you're being pressured to accommodate the process because that's how we've always done it, get it in writing absolving you of any responsibility for signing off.


I used to work for a consulting/contracting company, with 6-10 reports at any given time. I was responsible for reviewing and approving their time sheets.

Except that, due to the nature of the business, I didn't see or even communicate with most of my reports on a daily or even weekly basis. They were working on different projects under different contracts for different customers in different locations. My manager responsibilities were an add-on to my own near-full-time billable work.

I raised my personal concerns to my own manager(s) that I did not feel that I could confidently and truthfully review and approve my reports' timesheets. Their response was effectively "just go with it, it's the way it works". Basically I was told to rubber stamp them with my name as the approver.

I don't necessarily believe that anyone was maliciously abusing the system, but I definitely believe that casual and hard-to-prove overbilling was a regular occurrence.

I don't work there anymore.


These things happen because the executives originally charged with implementation of some external compliance requirement know that they have the power to implement changes, but don’t have the ground-level information required to feed those changes. So these requirements get delegated down the org-chart, to people with ground-level information but without power; under the presumption that a response will flow back up the org-chart from said people, telling the higher-up what is needed-but-unavailable on the ground to actually implement the requirement.

In other words, the higher-up is trying to receive an error condition by installing an exception handler in their part of the system, and then expecting the ground-level routine to realize there’s a problem and throw an exception, and for that exception to make its way back to them.

But, unlike in software, where you usually feed everything as source through a single compiler at some point, and so you can force every component of the system to support exception-handling the same way; in organizational “systems”, the parts in the middle usually have no idea what to do with “exceptional” reports that cross their desks. They haven’t been informed that it’s part of their job to keep raising these reports up a level until someone sees them who can handle them. And because they haven’t been told that, they try to “handle” the exception themselves, in order to present a clean interface to their own boss—usually by just tossing the exception-report out, and chewing out their subordinate for giving it to them.

If you’re a CEO, and you think you might ever need to use “exception handling” as a way to collect ground-level information, you’ve gotta ensure every layer of your management understands this in advance—understands that they won’t be blamed for a “fault” happening below them, and in fact that this fault was expected, even encouraged by people above them; and that those higher-ups need to know when ground-level faults happen.

Sadly, even for organizations that that implement this policy perfectly... it only ends up “counting” for the types of exception-reports they were looking for at the time that they set up the policy. So, for example, retail companies know to reraise security reports; companies that employ tradespeople know to reraise health-and-safety reports; etc. But these same companies, when it comes to other types of exception-reports, are no better than anyone else. They learned a specific lesson, but not the general one.


> the parts in the middle usually have no idea what to do with “exceptional” reports that cross their desks

Or they explicitly don't want to report them because it makes it look like they don't know what they are doing, or they are afraid that it would create more work for them and they are already overworked.


Right, that’s what I meant by “a clean interface to their boss”—because they’re unaware that rethrowing these exceptions is a (perhaps implicit) part of their job description, and they certainly don’t think it’s part of their boss’s job description, they think that 1. they’ll be doing something they’re not supposed to be doing by rethrowing the exception, and 2. it’ll be their own boss’s job to handle the exception, probably by throwing out the report and then trusting them less to get stuff done on their own.


more realistically: first manager installed the system as a virtuous feedback gathering mechanism, then three turnover later as the first crunch hit faults become a metric to optimize and everyone gets incentived on reducing them, at which point gaming the system ensues


Interesting they say "suck it up, lie, or resist". The other way is to push the requirement further down: I don't understand this thing you're buying but you have represented to me that it is necessary.

That's the actual responsible way to do it.


I like this thought. What would it take to certify the form? 10 hours a month? 20? Can you redirect other people on your team to work on this?

When it is broken down to a cost (time) calculation then it might actually become reasonable to invest in a better system for accounting and analyzing expenditures.


Today I expensed a $10 BNC connector.

How long do you suppose it would take to confirm that it was a part we need, that we don't already have, and that I got a good price on it? And how many such claims do you think each person in the finance department sees each day?


That's why each level of management, and the individual contributor as well, should have their own levels of certification. I can self-certify, say, $50 as essential. My manager can certify $5000, the director might do $50K, and so on.


You can deduce immediately that expensing is cheaper than the time it would take to investigate thoroughly


I agree, nobody in their right mind would audit every such expense.

But he isn't being asked to sign that expenses are "essential or too trivial to audit" he has to sign that all expenses are essential.


>I agree, nobody in their right mind would audit every such expense.

I'll bite. Our money counters aren't in their right minds, because I submitted a small breakfast tab (at most $10) from work travel for reimbursement, only to learn it was unacceptable to not include a receipt. My other meals had receipts, but I had forgotten to ask for one this time. The accountant then said I had to call the cafe for a receipt. Luckily, the place had a website with contact info, and there was a helpful employee who emailed me the receipt.

But I spent at least an hour talking with the accountant and getting the receipt. The accountant spent probably 30 minutes with this problem. It was a net loss.

Obviously, I work in the government.


In that context, it IS essential: We need the item, and it's cheaper to buy a new one than to figure out if we already have one.


Exactly: you should certify that to the best of your knowledge those things are true so you got it. There might be one in inventory on the other side of the country but still it was better to buy one rather than try to figure that out (or wait for that, and cheaper than shipping it even if it existed).

It should be a check box on your expense report.


It doesn't look like a total fix in this case, since the questioner still has to certify that they've only approved essential things. The initial form is too badly botched for "I've verified that this was claimed as essential" to suffice.

But in general, this is a good point. People are always going to have to accept decisions with incomplete information. The fix for that isn't owning outcomes they don't understand, it's clarifying what they're really doing; in this case, George isn't verifying the necessity but rather that experts have declared the thing necessary.


Yeah. It doesn't sound like it'd take too much work for this manager to get a general sense from his employees of how "essential" a purchase is.


This bothers me as well. I've seen an employment contract that stated any hand-written addenda were invalid, so the idea of crossing out a clause or correcting it is at least partially defeated. Some other things I've tried:

- Instead of signing, I write (quickly, to appear like I'm signing, but legibly enough that no one can later claim I wrote anything else) "unable to comply", "documentation not received", or something like that. I haven't tried this in situations where I knew someone would check, but when I have tried it no one has noticed. If they ever attempt to use it against me I imagine it won't get very far. As a side-note, I also write "Fake Name" when asked to sign credit card receipts and in 13+ years not one person ever noticed, which is how I know that it's useless for fraud prevention.

- If I am asked to sign a very large complicated form, especially when it's something that should have been sent to me in advance (which I usually request), I will stand there and read it, making notes as I go through to help myself understand it. When they rush me, I then give them the lecture about how it either doesn't matter and I shouldn't have to sign it to proceed, or it does matter and they shouldn't ask me to sign it without reading it. They are welcome to get my money at a later date, or wait for me to read it. On one occasion I had to sign a massive agreement to buy a TV. I stood there reading it until a manager came over and, wanting to make the sale and let his rep get back to work, signed a copy of the agreement stating that the store would honor the warranty even though I hadn't signed.


> I've seen an employment contract that stated any hand-written addenda were invalid, so the idea of crossing out a clause or correcting it is at least partially defeated

Couldn't you just cross out that line?


The signature is used for follow up when a transaction is reported as fraudulent. It's never checked proactively.


What incentive do people have to sign their name correctly on legitimate transactions then? If I plan on reporting a transaction is fraudulent, I just sign my name weird and make sure they don't have cameras? I don't understand how this helps.

What I thought was supposed to happen is you're supposed to have signed your name on the back of the card and they check that your receipt matches the card, and it's a weak form of 2FA.


It is not about being "correct" it is about being consistent. If you have 1,000 receipts with an X then it is good enough for the cc company. The signature matching the card one is only used when the value of the transaction is high and rare enough. i.e. not for daily groceries.

For more important manners a bank might check and tell you if your signature has drifted from the one you used before. On the other hand they might move all your savings to a different country because of a fraudulent badly written letter. Banks are banks


I've rarely encountered situations where a superior wouldn't tell me on the record exactly what level of diligence is necessary, and the few exceptions turned out to be extremely toxic situations.

Which expenditures are "essential" can't always be objectively determined anyway. The purpose of the rule is not to ensure that inessential expenditures don't slip through the process but rather to ensure a chain of accountability that can be checked if some flagrant violation is discovered. In the letter-writer's position, it's probably only their job to be able to produce evidence of who assured them that an expenditure was essential, which means they need to put the right language on the form by which people request expenditures. As far as I understand it, procurement teams exist because a dedicated team of specialists can be more efficient and effective at procurement, not because spending decisions should be second-guessed by people who don't have the background to understand them.


I once bought a house. It was advertised as sitting on "an acre plus".

When we started doing the paperwork we noticed it was written as .85 acres.

But the tax map was broken up into two parcels, one of which was clearly about 1/4 as large as the other. They were both marked as about 40% of an acre.

Everyone involved in the deal, including my spouse at the time, was upset when I said that we had to go walk the property and figure this out. Apparently nobody gave a crap about half an acre here or there, even though this represented about half of the property under discussion.

I finally got my way. The real estate broker took one of those DaVinci wheels and, in his fancy loafers, in the pouring rain, walked the wheel through tick infested woods until he had surveyed the entire property.

It was .51 acres


For the commission the guy got for doing the relative;ly simple job of selling a house it was frankly the least he could do.


Having been through the hell of buying property twice in my life, I say take the real estate brokers out before you even get to the lawyers and accountants. There's no rational way to account for them taking 5% or more off every transaction, especially with the price inflation of the last few years.


I got lots of dirty looks at my house closing when I re-read all the documents I was signing. I had read copies of them the night before, but I wanted to make sure they were the same.


did that same thing once, and discovered that they had swapped the numbers for the interest rate and the term, so it was specified as a 4 year mortgage at 30% interest. Ouch!

The closing agent told me to just sign it and they'd fix it in an amendment later. Which I flatly refused to do - no f'ing way I'm signing on for $20k/month payments and hoping they fix it real soon now, especially when the fix is printing off one corrected page.


A similar thing happened to me. The paperwork for our most recent home purchase listed both my wife and I as female, even though I'm male! I emailed the lender and CC:ed my wife saying, "Please correct this as I currently identify as male," which gave my wife a chuckle.


> The closing agent told me to just sign it and they'd fix it in an amendment later.

Given the ethics of the mortgage industry, this might not have even been a mistake. They're terrible and they'd have held you to it.


Not a chance. No one would actually pay 30% interest instead of 4% for a house, and there's no way the contract would hold up in court.


>No one would actually pay 30% interest instead of 4% for a house, and there's no way the contract would hold up in court

Who will reimburse me the legal fees?

Lots and lots of people improperly lost their homes due to illegal robo-signing. They could have saved their houses if they had the resources to fight it in court.


Why wouldn't it hold up if you signed it? And after how many years of litigation? And you're going to let the house go into foreclosure?


There are several reasons the contract would be unenforceable. The main reason is that typos and obvious mistakes in a contract just result in the corrected contract applying.

Even if it were totally clear that both parties really intended 30% interest, which would not be the case, most US states have usury laws, 30% is way above the maximum allowed by any state. So the contract is automatically void in most states.

http://www.lendingkarma.com/content/state-usury-laws-legal-i...

Even in states without usury laws, a mortgage at several times the prevailing rate would certainly be considered "unconscionable", making the contract unenforceable.


I’m sure this was probably not a big deal. No bank would issue such a mortgage. The numbers would have been corrected whether you caught it or not. After all, your mortgage is a separate agreement between you and the bank, and not part of the purchase and sale agreement.


I agree that this would have been fine. But at the same time, it also shouldn’t be a big deal to get a contract that says what it’s supposed to before you sign it.


It was on the mortgage docs, which I was signing at the same time as closing, which is quite typical (at least where I live).

I'm 99% sure that it would've been fine... but a 1% chance of a total shitshow is too much when it's so easily avoidable.


One of the best examples of this is US Student Visa system.

US Consulates in India hold hundreds of events each year to entice Indian students to USA. They also actively tell students about their wonderful OPT and CPT programs and how they can convert to H1B later.

When an Indian student appears before the consulate officer the student must convince the officer that he/she will promptly return back to India after studies are completed. Even though it is perfectly legal to get a student visa, then work on OPT and get your H1B through lottery it is not something you can admit to the visa officer.


This sounds somewhat familiar, though I approached what I saw a different way, with different outcome.

I'm getting out of independent technical consulting (just as soon as I find the right dotcom/startup employer), because the various business burdens, separate from the actual technical expertise I provide, kept increasing, and I could no longer cost-justify the burdens.

One kind of burden is regulatory compliances, and my favorite example is when a client needed me to be able to check a box in a compliance-tracking system Web form, attesting something like "I have an understanding of the FAR" document. I'm by-the-book about such things, so I put tech work on hold, dug in, and started reading. The FAR is actually not bad, pretty accessible, and I imagine a lot of serious straight-shooter accountant types put a lot of work into this, as part of making things run well, and I respect that immensely, and am glad they do that. But the current FAR PDF file is approx. 2,000 pages, and my expertise is in software. It took me a solid person-week to read through, so that I could possibly claim to have an understanding of it. Once I was done, at the time, I decided not to invoice those hours.

(On some later burdens, I had learned from this, and talked with the clients. Some burdens the client could help with, and some not.)

I agree with the need for such regulations and processes, but these and other burdens seemed to keep increasing, one of the architecture projects that would've made up for the overhead didn't seem to be coming through, and the burdens no longer made financial/personal sense for my particular one-person business. So, when a last straw burden was added (though reasonable, from a regulatory perspective), amidst some reorg on the parent contracts, I had to terminate a couple contracts for very positive projects that I'd been proud to be working on.


The CYA thing to do here is to create a paper trail of you asking your boss and HR what procedure you need to follow to determine if something is essential. They likely won't respond at all or in writing, send a follow-up in writing noting their lack of response.


This is the true bureaucratic answer. Also insert a CYA about why you're signing the form now, so you can keep signing it after their non-response without exposing yourself to too much risk. Something like, "I've attempted to verify the list of items, and to my knowledge they appear essential, but can you clarify the procedure for determining whether an expenditure is essential or not?"


Do you really send two or more emails for every piece of red tape that you go through? The overhead here is ridiculous, all for CYA from lawsuits that won't affect 99% of workers.


You only need to do this once. It establishes the procedure or lack thereof.


Do you save the emails so it doesn't get deleted by the 3 month retention policy later on?


There is another alternative as well, require that anyone submitting a purchasing request sign a document with substantially similar if not identical wording and provide their case for why a purchase is needed. That way you build up your own paper trail if someone submitting requests is doing so nefariously.


This type of thing goes beyond normalization of deviance to acculturation of deviance.

This article, rightly, focuses on the direct impact of individual acts of false certification. But this type of normalizing and even requiring it likely has broader impacts in how employees enegage with information and communication around their job in ways that affect authenticity and intention in hard to observe ways.

This is a scary thing to me...very scary.


Has anyone every decided to just get terminated as a result of not signing something? How does that go when applying for your next job and you say you were terminated because you refused to sign something that wasn't true or was not in your favor?


I only tried refusing to sign something once. Nobody ever called me on it. I got nastygrams via email. I ignored them. One day, they stopped coming.

I cannot guarantee that will work in all situations, of course. You basically are calling their bluff, and it could backfire. But if they really are bluffing, all is well.


I think the problem here is that of 'who's bluff are you calling'.

Usually the people bothering me about these types of things aren't the one's doing the bluffing about it...they are in their own loop of compliance and nastygrams. They are trained to be compliant and don't have a mental framing that this stuff could be a bluff. That makes me a lot less confident of how they will react or their willingness to be rational.


When I signed up for life insurance, I was required to sign a form asserting that I have not "ever been instructed by a doctor to stop taking any prescription or non-prescription medication".

Uh, what? Apparently, what's meant is a doctor never told you to stop abuse of a drug. But that's not what it said, and I ended up having to go the 'subversive' route and submit the forms on paper, with this line crossed out, and an explanation attached.


It's frightening that this arises in the procurement context. I fear for the good USG people in these situations. The Boeing tanker fraud wasn't all that long ago, the folks fallen from the highest levels to federal prison. https://nlpc.org/2019/03/19/boeing-tanker-scandals-never-go-...


Breaucracy hacking. I guess I'm a subversive type, because my first instinct was to 'sign' the forms with the word 'unverifiable' in long hand


That would still likely count as your signature. Same reason an ‘X’ works.


My preference is to annotate exceptions to what I am signing in legible block print, and then initial and date at the end of each annotation.

When I sign, I include my full name and the date in block print as well as "with exceptions."

Bureaucrat/legal types usually understand that asking me to sign a fresh copy without those annotations is explicitly asking me to lie.


I don’t know about that. One requirement of a contract is a “meeting of the minds,” i.e. both sides are in agreement. An X indicates that, but “unverifiable” would seem not to.


A friend had these problems frequently and said that if it was a legal/contractual requirement, he would adhere to it to the letter. But if it was some out-of-touch boss's boss's boss that made an unrealistic demand, his inclination was to go with "how it was done".


Seems this is common with a lot of processes that require review by others. On the surface this sounds great and thorough but the reviewers actually need the qualifications and time to review things properly. I have done plenty of code and spec reviews where I really didn’t understand what’s going on and certainly didn’t have time to get up to speed. So you nitpick a few little things or just approve and move on with your real work.


Looks like every "four eye approval" process I know. In the end just everything is confirmed out of pressure to have a clean queue. And let's be honest, just by looking at individual requests a person can never have the necessary context. Needless to mention that four eye approval of that kind isn't even a legal requirement under SOX.


A “this is not categorically insane” stamp is still better than the absence of such a review. It doesn’t have to be “I stake my reputation on an ironclad guarantee that this will perform perfectly in all circumstances.”


My first salaried job had an employment agreement that said I would pay the company to work there instead of getting paid. I had it fixed before signing, but I was employee #5.......


The author is not nearly subversive enough.

The really subversive action is to start a paper trail reporting every instance of your co-workers falsly certifying in cases where they had insufficient knowledge.


Reading the article and the comments prompted me to wonder what would happen if//when I say something to the order of "may I read it first?". As I age, I feel myself becoming more cautious than I was [perhaps as cautious as I should have been in the first place a la "everyone agrees to the EULA"].


There has to be a process around defining what 'essential obligations and expenditures' means for the purposes of signing off on procurement - even if it the definition is 'because my boss says so'.

If not, this is the typical disconnect between defining processes (and laws and regulations and heck, even software requirements) and the practical aspects of actually implementing it. I'm sure it sounded good to whoever put this process together that only 'essential obligations' are procured because defining processes is easy and fun! Abiding by them is hard work.


Shouldn't this be something that should be delegated down the hierarchy? Presumably - for each purchase - somebody knows whether the purchase is needed. If the person in question has insufficient information to make that decision, all he should do is check that people down the hierarchy made that decision and can be held accountable for it.


All the stories in this thread about people having to sign stuff without reading it. I guess this just makes them all unenforceable in reality if anyone actually challenged them.

Perhaps this is why anything actually serious I've ever signed requires witnesses.


I have to deal with OSHA and other local regulatory agencies on a regular basis. Having to deal with a bunch of unimaginative (or simply stupid) people who force you to conform to poorly written regulatory requirements is just soul sucking.


They should force you to conform to the requirements regardless of their opinion of how poorly or well the regulation is written. If those aren't two separate issues then the whole system breaks down.


Complying with payment card industry (PCI DSS) requirements is an absolutely insane process, even if you're vaguely technically literate.

Obviously not saying payment processing isn't an incredibly important area to enforce good security practice. But it's a lonely place to be when you're attesting to hundreds of ridiculous requirements relating to your overpriced, off-the-shelf POS system and anything/anyone that touches it.

"Yes. Yes. Yes. Yes. Absolutely, yes." Cross fingers. Repeat annually.


Maybe you're certifying at a lower level. I had to prove pretty much everything.

We have a "wallet" function, in support of which there's a DB that stores encrypted credit card numbers (they're encrypted by the app, so the DB never sees the cleartext). Obviously this database is backed up periodically. The auditor forced me to restore one of those backups and show them the content of the restored table, in order to prove that the backup/restore operation didn't magically decrypt the data.

This is something that I would have been willing to sign any document to certify, without having actually run the experiment. But they wanted screenshots.

They also told us that all employees need to have obfuscated email addresses to protect against spear phishing. That's when the infosec team finally told them they were being ridiculous.


Also has lovely requirements like having antivirus installed on your Linux servers.


Is that wrong? Malware does exist for Linux, and that way you can also detect malware designed for other systems if it ends up on the machine.


It depends on the AV.

Either the AV ties into the kernel with a module, in which case it can also be an avenue for an increased permissions exploit, or it doesn't have any special kernel level capabilities, in which case it will never find rootkits that include kernel modules to hide themselves.

Personally, I would be happy with an open source community based disk scanner looking for weirdly named files and folders (there are common variants used in hacks) and a locked down selinux config. Bonus points if you compile a kernel that doesn't allow modules (but IIRC that doesn't preclude kernel level shenanigans).

Interestingly, it looks like since the PCI requirement for AV is for "all systems commonly affected by malicious software" they don't actually require it of all Linux systems in all cases.[1]

1: https://security.stackexchange.com/questions/58345/how-to-pa...


Antivirus software is not particularly effective, and also a significant attack vector. You can find several interesting stories just by searching antivirus on HN: https://hn.algolia.com/?query=antivirus&sort=byPopularity&pr....


Depending on scale, its usually easier to spin a new server than prevent malware.


These fall into the white lies bucket. Largely inconsequential, rarely checked on, and when things do go south deniable to a degree large enough for the person to not lose their job.


Would it be possible to require similar signed forms from those below you, until the bottom? If an unwarranted expense was made, the whole chain will be responsible, and the discussion can then finally focus on how to actually specify sane rules and requirements (i.e. normal volumes of low expenses get ignored, larger expenses need to be vetted by multiple people on the same level etc...)


They call it "shadow IT" but I like to call it "the cuff system".

Putting a fun antiquated name on things like designing one off, and potentially dangerous IT infrastructure because you can't get anyone to fix what is wrong is itself wrong. It's part of the problem. It's a growing cause of personal information leaks and people shouldn't celebrate encouraging it.


How about signing under protest? So you sign, but at the same time you signal that you're not OK with the situation. In the Netherlands this is often used if you don't agree with the amount you have to pay for something. When you sign under protest, you admit that you got the products or service you requested, but you are not satisfied with the quality or the price.


so this is why (sometimes) my hopes for the future depend on mediocrity and corruption, when the system is this stupid medocrity and corruption (which are terrible) can save the day!

does this mean that the system is even worse? (the answer depends on how well "it has treated" you).


If you are between a rock and a hard place like in the article, it's best to keep a copy of the email where you object to the language, and store a copy at home. It shows you made a reasonable attempt to remedy the problem if it ever turns into a big case against you.


That’s okay. Bureaucrats are also forced to lie as part of their job. They pretend not to understand (it’s their job to pretend) but they really do.


This isn’t limited to public service, the private sector is rife with this as well.


There are two distinct types of lying mentioned in the article, and each should be handled differently:

1. The non-issue "lie" that was the subject of the original question. Sometimes I get a little annoyed at people that take a form completely literally and then raise a stink about it. Every form like this has an implied "to the best of my knowledge" inserted in it. You cannot know for 100% certainty that every purchase was completely necessary. Did every piece of paper that was printed from that ream you ordered get used in a necessary function, or did maybe one or two sheets get used for someone to print their baseball tickets out at the office? Could some of those papers have been stored digitally instead of printed? Of course that ream of paper wasn't used for 100% necessary business purposes. But by signing the form you are saying, "it doesn't look like there are any employees in my branch that are stealing tons of office supplies, and that our waste seems reasonable." What you are saying is that "I'm not personally aware of any fraud going on with the supply order, and I've done some due diligence to check." What you are NOT saying is "I personally tracked every piece of paper and staple in the office to make sure nobody was cheating." That is not the expectation with these certifications, and any federal employee fired for that level of expectation can go to arbitration and would certainly win. Luckily federal employees have probably the strongest employment protections of anybody in the USA.

2. The second type of lie, mentioned in the anecdote about the Army officers, is a problem but easily fixed in a way that you don't sacrifice your integrity. This is the case in which adding the implied "to the best of my knowledge" doesn't fix the issue. To fix this, you must line out the "297 days" portion and write in (a different colored ink) the correct number of days that you trained. Then you sign in ink, and return a scanned copy to wherever it needs to go. You probably cannot change the form in Adobe Reader because most government forms are protected against changes, so you must alter the form with pen. If the people that you returned the form to raise a stink (usually they want a digital signature), you simply explain that you cannot comply because to do so would be perjury. If they still won't accept your corrected version of the form you can stall, but let your boss/commander know that you cannot sign the form as-is because to do so would be a violation of federal law- and you can't be fired for not breaking the law. Most of the time, it falls out on your side. If not, you would have your defense counsel salivating to take this one past arbitration to make some real money.

Pretty much every federal employee that cares about their integrity has already discovered the answers to these situations, and I suspect that this question is more of a straw man so that the author can talk about the pervasive culture of dishonesty that exists in the workplace. He's right in that a culture of dishonesty does exist, but he's missing the mark on where it's a problem. It's not in the resource management office that signs off on the paper/staples/toner orders or the Army officer that signs a training certification form that has the wrong number of days on it (as long as he feels his troops are mission ready). The culture of dishonesty is where a person awards a contract with a particular company so that they can get a cushy job in the private sector, or with people that accept a free trip to Disneyland to overlook an issue. Those are the dishonest incidents that matter, and they do not arise from some imagined "slippery slope" after certifying an office supply order.


diane vaughan talks about this stuff in the challenger book -- she found claims of fact by SMEs that were vetoed by nasa managers, and thinks that this is one mechanism for groups to leak risk.


oh dear lord does this ring true. Yours, someone that works in banking


This is a good thing to talk about but let's not pretend that this is just a government thing.


It's probably even more common in the private sector (especially in relatively informal business arrangements where contracts consist of boilerplate).


It can only happen where there is real entrenched power and companies do not have to be competitive.

Most 'private companies' are not at the scale where they have that.

I would imagine that 'Healthcare' is rife with this kind of thing, they are cash flush, and the outcomes are intangible but existential (like defence).

I can't imagine people playing solitaire at any kind of Health insurer etc. but I can certainly imagine them spending gazillions on boondoggles.

I have a family member who does 'BD' for Health Care, I'm certain from years of chats with her that she does nothing. Meets, plans, talks about possible future plans with other corps, they never work out. Looks into 'strategic initiatives' that are secondary and irrelevant. She's paid handsomely. And she's pretty smart, great communicator, certainly not a 'solitaire player' ... but about as efficient. And FYI I'm aware of how even 'good' BD works, and that it's mostly 'misses'.


Liar and Lawyer, sound the pretty much the same to me.


> I can’t know whether each item we purchase is essential. Many of them are highly technical.

> The subversive way is to circumvent the requirement to lie. Can you cross out the offending sentence on the form each month before you sign it? ... I have used this method.

This seems like terrible advice. It pretty much guarantees that no one is accountable and the problem will only get worse. Don't sign anything until the necessary evidence is provided and be prepared to reject purchases that lack justification. Inaction and delegation are powerful tools in the hands of a bureaucrat, use them.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: