Hacker News new | past | comments | ask | show | jobs | submit login
Tell HN: Triplebyte reverses, emails apology
1030 points by trianx on May 25, 2020 | hide | past | favorite | 649 comments
This just landed in my inbox. The discussion on hackernews (https://news.ycombinator.com/item?id=23279837) surely helped Triplebyte understand that it was a mistake to create public profiles of their users by default:

Email by Triplebyte CEO, Ammon: ---

Hi xxxxx,

There’s no other way to put this--I screwed up badly. On Friday evening, I sent an email to you about a new feature called public Triplebyte profiles. We failed to think through the effects of this feature on our community, and made the profiles default public with an option to opt out. Many of you were rightfully angry. I am truly sorry. As CEO, this is my fault. I made this decision. Effective immediately, we are canceling this feature.

You came to us with the goal of landing a great software engineering job. As part of that, you entrusted us with your personal, sensitive information, including both the fact that you are job searching as well as the results of your assessments with us. Launching a profile feature that would automatically make any of that data public betrayed that trust.

Rather than safeguarding the fact that you are or were job searching, we threatened exposure. Current employers might retaliate if they saw that you were job searching. You did not expect that any personal information you’d given us, in the context of a private, secure job search, would be used publicly without your explicit consent. I sincerely apologize. It was my failure.

So, what happened? How did I screw this up? I’ve been asking myself this question a bunch over the past 48 hours. I can point to two factors (which by no means excuse the decision). The first was that the profiles as spec’d were an evolution of a feature we already had (Triplebyte Certificates--these are not default public). I failed to see the significance of “default public” in my head. The second factor was the speed we were trying to move at to respond to the COVID recession. We’re a hiring company and hiring is in crisis. The floor has fallen out on parts of our business, and other parts are under unprecedented growth. We've been in a state of churn as we quickly try various things to adapt. But I let myself get caught in this rush and did not look critically enough at the features we were shipping. Inexcusably, I ignored our users’ very real privacy concerns. This was a breach of trust not only in the decision, but in my actual thought process. The circumstances don’t excuse this. The privacy violation should have been obvious to me from the beginning, and the fact that I did not see this coming was a major failure on my part.

Our mission at Triplebyte has always been to build a background-blind hiring process. I graduated at the height of the financial crisis as most companies were doing layoffs (similar to what many recent-grads are experiencing today). My LinkedIn profile and resume had nothing on them other than the name of a school few people had heard of. I applied to over 100 jobs the summer after I graduated, and I remember just never hearing back. I know that a lot of people are going through the same thing right now. I finally got my first job at a company that had a coding challenge rather than a resume screen. They cared about what I could do, not what was on my resume. This was a foundational insight for me. It's still the case today, though, that companies rely primarily on resume screens that don’t pick up what most candidates can actually do--making the hiring problem much worse than it needs to be. This is the problem we're trying to fix.

We believed that we could do so by building a better Linkedin profile that was focused on your skills, rather than where you went to school, where you worked, or who you knew. I still believe there's a need for something like this. But to release it as a default public feature was not just a major mistake, it was a betrayal. I'm ashamed and I'm sorry.

Triplebyte can’t function without the trust of the engineering community. Last Friday I lost a big chunk of that trust. We’re now going to try to earn it back. I’m not sure that’s fully possible, but we have to try. What I will do now is slow down, take a step back, and learn the lessons I need to avoid repeating this.

I understand that cancelling this feature does not undo the harm. It’s only one necessary step. Please let me know any other concerns or questions that I can answer (replies to this email go to me). I am sorry to all of you for letting you down.

Sincerely,

-Ammon




All: this thread has more than one page of comments. If you click the More link at the bottom you'll get to the others. I post this reminder because confusion appeared (https://news.ycombinator.com/item?id=23306062). We hope to go back to single-page threads as soon as some performance improvements are ready. Previous explanations are at https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que....


I am not an active Triplebyte user, but I have an account and followed the thread(s).

This e-mail (which I also got) seems like a heartfelt apology. They fucked up, realized it and turned the ship around. They listened and that's what counts for me. They listened to the negative feedback and responded to it.

Some comments around here are extremely negative of the whole situation. More negative than I think they deserve. They could've pushed through and ignored all the feedback they got. They didn't, and that's enough for to show the company and its CEO isn't utterly rotten.

@ammon Thanks for listening and participating in the discussions on HN. You made a mistake, but the fact that you responded is enough for me to put my trust in Triplebyte in the future if the need arises.


> They could've pushed through and ignored all the feedback they got.

That’s a very charitable analysis of the situation. For all we know, this decision was motivated by internal KPIs that immediately reflected what a disaster this was.

The whole situation reeks. Announcing on the Friday on a long weekend, the ceo defending it ardently in HN comments, the very deliberate decision to make it opt-in, the difficulty in disabling it. I mean, sure, this apology could be heartfelt. But that doesn’t mean it wasn’t a shady as hell thing to do, and a shady as hell way to do it.

There are really only two ways this happened:

A) The company’s culture and values are so maligned they actually, genuinely thought this was something that would excite users and go over well.

B) They were 100% aware that this move was ethically dubious (at best), but were willing to take the risk. This is the much more likely path when you take into consideration how exactly they went about it.

An apology can be heartfelt, but that doesn’t have anything to do with whether it undos the damage. And it can’t make people forget that TripleByte thought this was a good idea. That says so much more about the company and their integrity than any apology ever can.


>I mean, sure, this apology could be heartfelt. But that doesn’t mean it wasn’t a shady as hell thing to do, and a shady as hell way to do it.

just a classical SV startup - "it's better to ask forgiveness than permission" . This time though we, SV tech, did it to ourselves and thus there are such loud and so many screams of pain - because it is our own pain.


What's left me confused is one thing: if the significance of "default public" was missed, then what was the motivation for the previous warning email? It seems bizarre to suddenly email everyone "Hey folks, we're changing your default privacy settings next week" while simultaneously believing that it's... an insignificant thing?


My Guess, someone on the team understood the ramifications but others did not. They only thing they someone could get them to agree to is the email

I have been in meetings where everyone in the meeting though "doing X will have no impact on anyone so there is not need to notify", where I knew 100% they were wrong but none of my arguments landed, my final statement was "well if it is not significant then the email should not matter either so why not just send it out just in case."

These things do not happen in the vacuum, and while it is good the CEO is talking 100% of the blame, I can assure you the CEO had internal support and internal dissent for the feature.


Makes sense I guess, thanks. Going a little off-topic, but regarding what you mentioned -- how do you reply when they (inevitably, I often feel) reply to your 'why not' with "Well because we shouldn't send out needless emails to people"?


You're making a false dichotomy there - there aren't only two ways. They could also have sincerely not thought about how this new platform would behave given the opt-in nature of it.

There have been similar incidents throughout tech history (and history in general) - it's not always that the culture is bad. It's also sometimes an honest mistake (at least, thinking through the ramifications of it is).


You must have missed the part where the CEO actively defended the decision on Hacker news when confronted.


"maligned"

Their culture and values have been much maligned, but you mean malignant. Please don't take this personally, it's just that it seems like this misuse of the word is going viral.


I actually really appreciate your comment. Thanks for letting me know!


While we're clarifying, the decision was opt-out - everybody was included unless they took action to be excluded. Opt-in means that you're not included unless you take action to be included.


thank you, I appreciate opportunities to improve my English


I wish I could upvote this more than once. Their conduct on HN proves this was not a case of "rush" and "churn" resulting in ignorance of consequences. This was simple greed and the decision that the profit from screwing their users would outweigh the backlash. The only reason they backpedaled is because the backlash turned out bigger than they expected. They're not sorry and they will fuck you again the moment they decide it's worth it.


Rofl chill out. There are a million shades of grey between your midnight black and Christian white.

First, this was not shady as hell. Shady as hell would be selling your data to a 3rd party and never telling you. Not-shady is building a feature, seeing negative feedback, and cancelling that feature.

It’s more than likely they had discussions and came to a decision through thoughtful discourse, rather than knowingly saying “fuck the user”.


> This e-mail (which I also got) seems like a heartfelt apology.

Even if it is heartfelt, I'd argue that if no alarm bells went off internally when they were discussing this feature, they are not the group of people to entrust with information such as this.


Given the prevalence of comments like this, I wonder why any company would ever bother offering an apology or retraction.

As soon as a company does something that a chunk of people on the internet don’t agree with, there’s really no way out. They’re going to get bad press regardless of whether they retract, whether they apologize, and whether they say they’re taking actions to avoid the sequence that led to the action in question.

But alongside that, for every time the internet mob has risen up over a company’s action, very few companies seem to have experienced major long term effects. I bet everybody knows a few people who have quit Facebook/GitHub, or who rage about Oracle business practices or MongoDB stability, but these companies still manage to keep trucking along.

In light of this, I’m mostly surprised that Triplebyte bothered apologizing; it seems unlikely to do them any good, and it’s unclear to me whether continuing course would have actually done as much harm to their bottom line as the prior Hackernews thread appeared to indicate.


The current position is "sorry for breaking your trust, please trust us". It's hard to find it compelling.

> Given the prevalence of comments like this, I wonder why any company would ever bother offering an apology or retraction.

To project my own opinion onto others: these comments are warranted because an apology has no actual value. The fact remains that Triplebytes can still do this if they wish to, and they are constrained only by what they can manage to slip past their users.

There's a stark asymmetry in the digital space, where service providers are protected by the legal language in their TOS or EULA, but the users have to trust that the service provider will not act outside their interests, and with no recourse. By contrast, in a normal contract negotiation, there will be an opportunity for both sides to ammend the contract to better serve their interests.

If Triplebytes wanted to show that they will not attempt to do this again, they could break this asymmetry and constrain themselves in their user contract, accepting all resulting liability or specifying concrete penalties if they do persue this route in the future. An apology is just a meaningless PR exercise.


> The current position is "sorry for breaking your trust, please trust us". It's hard to find it compelling.

Why is this a hard thing to do? It’s literally what everyone who ever messes something up is asking you to do.

Just because someone once committed a broken build, doesn’t mean I’ll never again trust them with access.

It’s argubly more like “sorry for being a moron, but I hear you. Please give us another chance”?


> Why is this a hard thing to do? It’s literally what everyone who ever messes something up is asking you to do.

Because you're treating a service-client relationship as an interpersonal relationship. They are not, and the same norms do not apply. That apology, and its implicit premise(s) and promise, is rooted in the norms of intimate, interpersonal relationships. Those do not apply.

When you screw up and ask your spouse's forgiveness, the psychosocial interaction is quite different from when a CEO fucks up, writes a mea culpa to the faceless masses, gets his draft looked over by a PR flack and a couple board members, and then sends it out to the highest-impact social media circles for his service and waits to see what his KPIs do.


> Just because someone once committed a broken build, doesn’t mean I’ll never again trust them with access.

I don't think this analogy is useful. An error in execution can be quite different in an error in judgement.

To offer an alternative example: a contractor decides to publish the source code to a company's closed-source software, so that they can use it as evidence of their work for their next job application.

> It’s argubly more like “sorry for being a moron, but I hear you. Please give us another chance”?

When these kinds of bad judgement happen, the person normally loses some decision-making power to stop it from happening again. This is in noticeable contrast to Triplebyte here: an apology as a PR exercise, and no material change to prevent it in future.


It's more like your best friend telling someone the secrets you told them, and then expecting you to immediately trust them again with some more.

However much you'd like to, you can't just flip that trust back on - and in a lot of cases, it'll never fully go back to the way it was.

Not that we should personify company-customer relations - this was a decision that would have been taken by a lot of people expending serious effort to get it out the door. It's not a single lapse in judgement, but a continued expression of different values.


You make it sound like an innocent mistake, but they must have discussed this issue and decided that violating their user‘s privacy is acceptable. It’s not like they made a typo, it shows malintent.


There’s a distinction between a mistake and an unethical decision.


Break the build, okay we give you a second chance, delete the database and all backups when you were hired as the DBA? You're probably going to be looking for another job.


Lol did this actually happen to more people then I'd assume? Anyone got a good: IAMA dba that deleted all our data?


Ask Gitlab.


I guess what's missing is the corrective steps they are taking to make sure a mistake like this doesn't happen in the future. I think even a short statement like "In the future, all feature plans will undergo a thorough review by an independent or in-house privacy expert before being greenlit." would give me more confidence that they understand that this was a privacy incident and not a PR issue.


> An apology is just a meaningless PR exercise.

Not to mention this terrible default practice landed them some great pr to start with and the apology gives them more (this time "good pr")


For the Cambridge Analytica case, FB had to pay $5b. there is recourse.


Which is particularly damning given it wasn't even FB's fault.


> Given the prevalence of comments like this, I wonder why any company would ever bother offering an apology or retraction.

Correct. I don't want apologies or retractions from companies. I want postmortems.

This is really no different from a technical outage, e.g., "As a result of a bad deploy to prod on Friday, all Triplebyte profiles became public." Why was it not noticed in testing? What is the testing process? Is profile privacy part of the testing process or part of code reviews? What are the practices around making changes that affect user privacy - is there a culture of asking questions about it up front, etc.?

Most importantly, what changes are being made to prevent a similar outage from reoccurring in the future? I really couldn't care less about how bad the CEO feels about it - sure, the CEO probably should feel bad, but feeling bad is not a reliable mechanism. If the CEO said "Bwahaha, I wish to profit and I learned over the weekend that my profits were in danger, so I changed course" but then says that in order to maintain his profits in the future he added an external privacy council that reviewed all major new initiatives (or whatever), that would actually be a lot more useful than contrition.

Now, yes, it's true that basically no company does public postmortems of decisions that they needed to walk back (at best you get blameful postmortems that end with a key executive resigning, but most of the time that doesn't help anyway - either the executive wasn't the problem, or they were the problem and they already spread the bad culture to others). But I think it was pretty rare until a couple of years ago for tech companies to do detailed public postmortems of internal outages, and that expectation has slowly changed. I think we should push for the same change for non-technical incidents like this.


If there's one comment I think the CEO ought to take to heart, it's this.

I'm sure the CEO has been taught that good leadership means fessing up when you've screwed up, and to an extent that's true. But it's also an act of ego to assume full responsibility. Ego got them into this mess, most likely, and it will not get them out of it.

The CEO needs to realize there was a systemic failure. It's not just about him having an epiphany – it's about surrounding himself with people, processes, and values that can help keep a runaway product idea from breaking their customer base ever again.


That sounds like an excellent idea.

And I absolutely agree that the feelings of the CEO matter less than putting in place some proper procedures.

Profit ain't bad.


You can’t install business processes to prevent unethical decisions. You can only hold the people making those decisions to high ethical standards, and replace them when they fall short of those standards.

Now, I suppose it may be possible that the CEO in this situation dramatically misunderstood the situation. It may even be possible that he had good faith even as he militantly defended those misunderstandings in previous threads. But from the perspective of trust, I can’t get past the suspicion that he’s just sorry that he got caught.


You can install business processes that give chances for unethical decisions to be reviewed and identified, though. Committees are shit for innovation but relatively effective for squashing interestingly bad ideas along with any interestingly good ones.

I read the apology letter as essentially saying he single-handedly drove the idea, in part because he was flailing due to COVID killing their bottom line, and was tunnel-visioned enough to not recognize it was unethical. Even at face value, that’s absolutely troubling for a CEO in TB’s domain. But smarter people have done dumber things under pressure, and sometimes dumb is at someone’s (or a lot of someones) expense by mistake.

So I’d like to think this was an exceptional occurrence, and I appreciated his personal post-mortem of sorts. However, taking this as charitably as possible, a process-oriented RCA focused on how he’ll keep his runaway ideas from being a one-man show—or whatever the problem actually was that saw this conflagration actually see light of day—wouldn’t suck.


I still don’t like the idea of hamstringing the CEO’s ability to make executive decisions because the CEO can’t be trusted to make ethical executive decisions. Processes are fine for preventing operational mistakes, but when it comes to ethics and executive judgment, they’re a poor substitute for having trustworthy people making the decisions.


I think you'd still want some sort of business process for "hire ethical people" - because there is a huge business process being implemented from all your team managers and all your board members for "make money in whatever way you can" (or, in the case of a startup, perhaps just "grow in whatever way you can"), and you want something to counteract that beyond just one person's conscience.

Potential business processes include "ask about ethics as part of culture fit, and have a good sense of what you mean by 'ethics'," "ask about ethics as part of promo / do not count projects that put user data at risk towards promo," "vet investors for their ethics and see how their other investments are doing before allowing them to take a board seat," etc.

An ethical CEO will probably be doing many of these anyway, which is fine. You don't need to formalize them. It's fine for the CEO to say, for instance, "Ordinarily I would have put the brakes on this via this particular means, but I failed to notice because of this unexpected circumstance. I'm sorry and this is how I'm going to make sure I notice and make the right decision next time." (That is't too far off from what was actually said, actually, except for the bit about how to make decision-making more robust in the future. Everyone, ethical or not, fails to live up to their expectations of themselves at least occasionally.)


> I think you'd still want some sort of business process for "hire ethical people"

I absolutely agree. But this only works if the top leadership are themselves ethical people. If they are unethical or even neutral, it’s going to backfire. Instead of hiring people for their backbone in terms of pushing back against unethical decisions, it turns into hiring people for their willingness to conform to what they are told.

> It's fine for the CEO to say, for instance, "Ordinarily I would have put the brakes on this via this particular means, but I failed to notice because of this unexpected circumstance. I'm sorry and this is how I'm going to make sure I notice and make the right decision next time."

Definitely. But you only get to use that excuse so many times before it starts to lose credibility.

> That is't too far off from what was actually said, actually

Here I disagree. To his credit, Ammon has taken full personal responsibility for pushing this through, even over internal objections. It’s not a failure to notice something that happened when you’re the one doing the thing.

The resolution is also more personal than procedural: be more conscientious about your users and listen to people who object to your ideas. Demonstrate that you can do that over time and you can regain trust.


They should be more trustworthy than this, for sure. But sometimes a poor or harmful decision is still an operational mistake that comes down to poor information or comprehension. If it were to become more apparent to me that this was a deliberate lapse in ethics, I’m sure I’d be more where you’re at.

As it is right now, I’m giving some charitable credence to the idea he’s the CEO equivalent of the skydiving photographer that, in his passion to get a great shot, jumped out of his plane with no parachute. It certainly may end up having an analogous effect on Triplebyte’s credibility.


Maybe so. But in the general case I think individuals typically have much better moral judgment than processes and organizations. And the individual whose moral judgment ultimately prevails is the one who makes the decision. It’s not something that can be delegated.


> Processes are fine for preventing operational mistakes, but when it comes to ethics and executive judgment, they’re a poor substitute for having trustworthy people making the decisions.

Exactly this. The only thing that _might_ actually make me trust Triplebyte with my data again is if their current CEO actually stepped down to a less influential role. If I were part of the board I'd actually be advocating for him to step down or be forceably removed if possible.

He didn't put a stop this catastrophic breach of trust after being made aware of it. Even worse, he seemed to have actively drove this forward in spite of opposition. I'm simply not willing to trust a company where he's the top-level decision maker with data as sensitive as they're dealing with, apologies or not.


Exactly. I went through their process to delete my account on Saturday or Sunday, and still received their apology letter. This suggests my account was not deleted?


They could delete almost all the data in your account, but still hold onto your email address?


Why would they need to keep your email if you have deleted your account? To spam you? To sell your email to spammers?


I mean, I can accept an apology when I can somehow understand the initial intention. In the thread the CEO was answering "but stackoverflow also has public accounts!" to people explaining why this was a very bad move. The guy seemed completely clueless. It was like trying to explain that hurting people is bad to someone who has just punched you in the face. And this guy justifies his move saying that he has watched a boxing match and that seems a normal thing to do. And then the day after that he finally understand for some reason? The apology is useless because the harm done is too great.


I was clueless. The posts I made Friday night were what I thought at the time (which was badly wrong). I was still focused on what I'd been thinking while we were developing the feature (still trying to make it "work"). What it took was a bunch of friends and mentors reaching out Saturday morning (and basically telling me I'd made a big mistake and betrayed the trust of our users). I wish I'd been able to understand this sooner based on the original HN thread. But it took me some time.


I think the issue is that many (most?) posters can't understand how this decision could have ever been made in the first place and how could it have been so strongly defended? It speaks to some sort of fundamental disconnect about what is acceptable handling of user data and privacy. This naturally leads to mistrust about less visible policies that are in place or will be created. What decisions have been made in the past and/or will be made in the future that are less visible to users that will similarly abuse users personal data? I think everyone appreciates the apology very much, but the unfortunate truth is that this business requires trust and this debacle has eroded that trust in a way that can't be quickly repaired by a simple mea culpa.


It seems convenient to be clueless. Certainly makes for a better apology than "Of course I knew the issue but wanted to try to push it through."

To me it doesn't seem credible that you as the CEO of a recruiting company didn't realize the issue of "default public" profiles. You literally have a section about confidentiality on the front page of your website so you must have known it was important to users.


I'm just as upset as the next guy, but it's a bit silly to presume that he knew how bad this would be. If that were the case, even if he were a greedy, evil, selfish bastard, he wouldn't have rolled out the feature because he would understand the backlash.


Users are obviously not the customer, and recruitment business is shady in itself, sadly. No wonder.


Why did it take friends and mentors reaching out when hundreds of users had already been telling you the same on Friday?


I don't have a great answer. I guess just an entrenched/combative view of what was going on? I'm not proud of it.


It is because he thinks he is above us, who listens to the cows when you sell milk.


If you are that clueless you shouldn't be running a company.


But no harm was done? It’s like he enthusiastically told you he was going to punch you in the face next week and you told him that’s a bad idea, so he stopped.


The fact that you had to tell him that punching somebody in the face is bad, is sufficient reason for me to never wanting to deal with that person again.


I've definitely punched people in the face by mistake. They even forgave me!


> Given the prevalence of comments like this, I wonder why any company would ever bother offering an apology or retraction.

Because the people running the company have a conscience which causes them to feel bad and want to apologize when they harm people? Are we really entertaining the idea that the only reason someone might apologize is if it benefits them?

It's disturbing to me how absolutely normal your comment is on Hacker News. There's a significant portion of HN whose entire concept of ethics seems to be, "if it's profitable, it's right" and who can't imagine any motivation except profit. Over and over again we see profitable corporations doing terrible things and people on HN defending them on no other grounds but the fact that what they are doing is profitable. And when people disagree, it's almost always because the profitable corporation's actions affect them directly. All I can conclude is that a significant number of HN users are just amoral, which is terrifying, because a lot of HN users hold positions with significant power.

And before you tell me that everyone acts selfishly--no, they don't. I've met hundreds of wonderful people in my life who were generous, honest, kind, and/or brave, at great personal cost and risk to themselves. The behavior you're engaging in isn't normal, and it's not okay.


> Because the people running the company have a conscience which causes them to feel bad and want to apologize when they harm people? Are we really entertaining the idea that the only reason someone might apologize is if it benefits them?

>... And before you tell me that everyone acts selfishly--no, they don't. I've met hundreds of wonderful people in my life who were generous, honest, kind, and/or brave, at great personal cost and risk to themselves. The behavior you're engaging in isn't normal, and it's not okay.

I can see that you’re trying to be charitable, so let me try and be charitable in return.

I actually kind of agree with the comment you’re responding to, but I don’t interpret it the same way you do. A normal, moral person like you or me will apologize out of genuine guilt. But then again, a normal, moral person like you or me doesn’t operate a business in a way that betrays the trust of its users.

I don’t think everyone acts selfishly. But I do think that some people do. And even a selfish person would want to try and convincingly feign remorse for their selfish actions once those actions backfired and were no longer in their own self-interest.


> I actually kind of agree with the comment you’re responding to, but I don’t interpret it the same way you do.

I think akerl_ is saying that companies shouldn't bother apologizing when they do something wrong and get caught.

I think that's some "lizard person school of business" shit that has no place in a civilized society.


That’s one way of reading it. Another, more cynical reading is that if companies are amoral in the first place, why do they bother issuing insincere apologies that don’t actually benefit them? Less of a, “companies should be sociopathic” and more of a, “why do these sociopathic companies behave in this way that’s inconsistent with their otherwise-well-demonstrated pattern of sociopathic behavior?”

And sure, maybe the answer is that they’re not sociopathic in the first place. But that’s a very non-cynical answer. Credulous, perhaps.


This, essentially. But more specifically: if I were in Triplebyte’s shoes, I’d have probably done one of two things:

Either just release the feature anyway, and maybe default it to opt-in for people with existing content, maybe make it “only content from $now forward is public”, something to that effect.

Halt the feature, but expend the minimum possible effort on the message out: “Hi all, we’ve reconsidered the feature in light of feedback. Thanks, CEO”.

It’s not clear to me that applying more time/effort to explaining themselves to the world has done them any benefit. There’s the bulk of people who didn’t notice / don’t care, there’s people who are permanently angry, and there’s people who are going to want to see actual changes before they revisit.

The people who work for a business are incentivized to live lives that let them sleep well at night, but it’s entirely possible for them to learn from this experience and behave differently in the future without bothering to respond to the mob.


So basically, if you were in TripleByte's shoes, you'd react without conscience?

You have accused me of misinterpreting your intent elsewhere, but really I don't know how you expect me to interpret this that would cast you in a more positive light. You're saying you would do unethical things, so I don't think I'm off-base to say you might be unethical.


It’s not “without conscience” to change the default from opt-out to opt-in and it’s not “without conscience” to withdraw the entire feature citing negative feedback, so I think that’s a very uncharitable representation that you’re making.


I'm specifically reacting to akerl_ saying that they wouldn't apologize because there's no selfish benefit.


I think the point is more that elaborate apologies and mea culpas don’t actually help anyone. They don’t help the company that does them and they don’t really do anything for us as customers either.

As a customer, am I going to believe TripleByte is sincere when they apologize to me? Maybe, but probably not. The only way to be sure is to judge them by their actions.

And in this case in particular, there’s not technically anything to apologize for since they never actually rolled out the feature.

Any liar can make beautiful apologies without meaning a word of them. It takes an honest person to demonstrate conscience through their actions.


I’d like to live in a world where businesses apologize and adjust their behavior when they make mistakes. I think it would be great if they’d do that regardless of internet mobs.

My point above is that I don’t think internet mobs incentivize businesses to behave that way, and in fact it seems that apologizing to the mob, or adjusting behavior in response to things the mob does not approve off, are counterproductive for the business. They continue to take heat for the wording of their apology, they get another wave of media coverage about the thing the mob is pissed about, there’s not really any visible upside.

Given that, I’m surprised more business don’t just ignore the angry people on the internet and just proceed as-is, continuing to rake in money from the people who aren’t outraged.

But maybe I’m just a lizard, unfit for your civilized society.


> I’d like to live in a world where businesses apologize and adjust their behavior when they make mistakes. I think it would be great if they’d do that regardless of internet mobs.

Okay, great, so we're in agreement.

The incentives applied by dissatisfied customers aren't about getting companies to apologize: it's about getting them to behave in a manner such that they don't have to apologize. If you want to discuss whether there are better strategies that dissatisfied customers might employ, that's something I'd be happy to discuss.

If you actually want businesses to apologize and adjust their behavior as you claim, then it makes sense to look at how customers can make that happen.

Point being: if your goal is to actually help people harmed by corporations, calling those people "internet mobs" who "ragequit" and then analyzing whether it's profitable to apologize to them is a pretty strange way of communicating that goal.


To be clear: I do not think that the behavior shown by internet mobs is effective at causing businesses to behave better.

I’m not looking to debate whether or not you agree with my word choice for “the people on the internet who loudly protest companies who do stuff they disagree with, and stop using those companies’ services out of these disagreements”.


> To be clear: I do not think that the behavior shown by internet mobs is effective at causing businesses to behave better.

Neither do I, and I'd be interested to hear how you think people could do better.


Check out the original HN topic.

It would be one thing if he apologized immediately after people pointed out the flaws in their plan.

But he didn’t.

He ignored all the objections, and defended his decision over and over again.

He clearly didn’t care.

There is huge difference between “whoops, we didn’t think things through, sorry about that” and “after seeing tons of people cancel their account, let’s pretend that I’m now truly sorry.” Especially when he had a history of building shitty social networks.


Yeah it kind of feels like the reversal came only after hundreds? of people deleted their accounts.


> hundreds? of people deleted their accounts

Two thousand: https://news.ycombinator.com/item?id=23304097


Link?


https://news.ycombinator.com/item?id=23284667


Thank you!


https://news.ycombinator.com/item?id=23279837


Thank you!


You offer an apology because it’s the right thing to do. You fucked up and you want to own it and recognise it. Once you realise what you’ve done, respecting yourself as a man/woman depends on doing it.

It shouldn’t be for gain. In fact if apologies always led to a positive outcome they would mean less and the world would be a worse place for it.


I think the general expectation for an apology is that it allows you to maintain a relationship you do not want to lose.

Obviously is a bit harder if you hit-and-run someone’s pet dog.


I mean I deleted my account. They probably realized they're getting a ton of account deletions and went back on it.


Probably which is mentioned in the email. “ Last Friday I lost a big chunk of that trust. ” which translates to account deletion


I also deleted my account and encouraged others to do so. I'd love to see their account metrics and to know whether the reason for the decision reversal was primarily driven by individual email responses, HN/reddit outrage, or mass account deletion.


> Probably which is _weasel-worded_ in the email. “ Last Friday I lost a big chunk of that trust. ” which translates to account deletion

FTFY...


He originally said they got around 2000 deletion requests since sending out the original message. That comment appears to be gone from this page now, but another commenter concurs with my recollection.

It's hard to gauge significance without knowing a number of total users, but I imagine it is a relatively strong hypothesis that there is significant correlation between regular browsing of HN and having an account on his service.


> That comment appears to be gone from this page now

I think you're running into the pagination problem: https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...

If you scroll to the bottom and click More you should find it. Edit: yes, it's there: https://news.ycombinator.com/item?id=23304097.


> Given the prevalence of comments like this, I wonder why any company would ever bother offering an apology or retraction.

I wonder why anyone would ever place a non-zero value on an apology from an organization acting in its own interests. A company isn't a single person acting in isolation and ignorance. It's a profit-seeking entity organizing a whole number of people of various levels of conscientiousness and intelligence, and pointing them at a single profit-seeking goal.

When that many-limbed organism grabs at a profitable course of action, it's not an impulsive accident of blind flailing. If that turns out to be a problem and they have to reverse course, it's not because of remorse.

They did what was in their interest then; they did what's in their interest now. People confusing corporations for actual, you know, people absolutely baffles me. Their apologies mean absolutely nothing, good or bad, but how bad a hit their business appeared to take and how good their copy writer was. That is all.

As another poster said, and I agree wholeheartedly, I don't care for apologies, I care for post-mortems. The only thing that matters is what operations led to this action, and what change in those operations will prevent it happening again - if any such change can prevent it. A public mea culpa with an executive's signature on it means... well, nothing. Absolutely nothing. It's the cheapest possible way of reclaiming good will, and worth the paper it's written on.


Just as with a person, you'd need them to also demonstrate a series of correct decisions, and moving to give greater accountability to their actions before trusting them again.


>As soon as a company does something that a chunk of people on the internet don’t agree with, there’s really no way out.

And yet, tons of companies had done that, and suffered very little. Heck, any company has done something that "a chunk of people on the internet don’t agree with"...

It's not about never doing anything wrong, or it being futile to apologize.

It's about, you don't do THIS kind of privacy affecting changes without publicly announcing it first, and without red flags raised internally that it might not be a good idea.

That's a good thing to instill in companies, whether this one apologized or not...


Given that there don’t seem to be actual business repercussions from the internet mob’s displeasure, and the internet mob’s displeasure, once roused, cannot be quieted by apologies, changes in behavior, or explanations, it’s unclear to me that we’re actually “instilling” anything in companies, other than the lesson that it’s not worth bothering to pay attention to the internet mob.


> Given that there don’t seem to be actual business repercussions from the internet mob’s displeasure,

2000 account closures is an actual business repercussion.

> and the internet mob’s displeasure, once roused, cannot be quieted by apologies, changes in behavior, or explanations

It absolutely could. As a member of said "internet mob" (I deleted my account) I'll say that yes, an apology by itself is not enough, but an apology combined with a long-term change in behavior would absolutely cause me to stop criticizing them and maybe even create an account again. If, for example, they remove a bunch of dark patterns from their site and change their terms of use to give specific guarantees of data privacy, that would go a long way in my mind.


I will bet you $20 that Triplebyte does not make any long term changes to remove dark patterns within the next year, and that they also continue to do just fine without those 2000 accounts.

Additionally, even if the 2000 accounts were enough to cause business impact, the idea that they’d need to demonstrate long-term change to win back those users is effectively irrelevant. They may as well put their efforts into gaining new users to replace the 2000, rather than try to repair the burned bridges. The return-on-investment for making “long-term change” to win back people who ragequit their service is low, especially since those people self-select for “people likely to ragequit again if they disagree with future company decisions”.


Well, you're certainly leaving out big parts of the equation. Like: they can court new users and try to repair burned bridges. Or: the people who quit, and the narrative around why, certainly affects their ability to court new users.

But ultimately, you might be right--maybe the net effect of not apologizing would be negligibly different from the net effect of apologizing. I don't have numbers to say you're wrong, but you don't have numbers to say you're right.

But as I said elsewhere, why are we even talking about this? You seemingly have complete, disdain for users who are concerned about TripleByte using their data against them, calling them an "internet mob" and accusing them of "ragequitting". Are you capable of empathizing with users at all? Do you have a conscience? Why are we talking about this as a strategic problem when it's an ethical problem?


I’m not sure how you expect to have a productive conversation when, in this and parallel comments, you’ve made several insinuations that I’m a conscienceless lizard person.

But to be clear: Triplebyte’s specific situation is a an ethical issue only in respect to the fact that they planned to enable by default for existing users. That’s a bad move. They’ve stopped the bad move.

I’m more interested in the overall pattern of “company does thing, people disagree with thing, people express outrage to company, company issues statement”. Which in many cases has zero ethical components.


> I’m not sure how you expect to have a productive conversation when, in this and parallel comments, you’ve made several insinuations that I’m a conscienceless lizard person.

Your reaction that perhaps corporations shouldn't apologize when they do something wrong if it have any selfish benefit, does lack conscience and is a wholly inappropriate reaction to this situation. Discussing the self-centered strategic merits of apologizing from the perspective of a sociopath isn't a productive conversation.

However, I'm not one to write people off based on one interaction. Just because you've reacted without conscience in one situation doesn't mean you would do so in all situations.

> But to be clear: Triplebyte’s specific situation is a an ethical issue only in respect to the fact that they planned to enable by default for existing users. That’s a bad move. They’ve stopped the bad move.

There are more ethical issues than that--they haven't stopped them all.

> I’m more interested in the overall pattern of “company does thing, people disagree with thing, people express outrage to company, company issues statement”. Which in many cases has zero ethical components.

Which is irrelevant in this case, because this case does have multiple ethical components.

And, more to the point, this is still an ethical question. Apologies are never about benefiting the person apologizing. Apologies are inherently an ethical action--if you claim that the company didn't do anything wrong, then they shouldn't apologize. Not because it doesn't benefit them, but because lying about being sorry isn't ethical.

"Should a company lie and pretend to be sorry when they haven't done anything wrong?" is still an ethical question, and you're looking at it from the perspective of selfish gain is still an inappropriate way to look at it.


I appreciate your candor in pointing out that you don’t consider my perspective to be appropriate.

I suspect, in light of that, that we’ve bottomed out the utility of this thread.


I read your guys threads... I want my 5 minutes back.


That's probably the greatest lesson companies could learn at this point.


An apology is not a "get out of jail free card," it is a good first step on the road to repairing users' trust. They still screwed up and have a long way to go in my mind.


Apologies maintain norms and standards. They define the lines we shouldn't cross by noting areas where they were crossed.

We should reward apologies and punish those who don't. Our failure to do so is creating a market incentive that will destroy or weaken valuable norms.


> We should reward apologies and punish those who don't.

We should expect rather than reward apologies, and we should punish both people who fail to apologise as well as people who apologies but fail to follow through on changing their behaviour.

Ammon so far has done no more that the minimum expected from someone in his position. Time will tell whether his actions reveal his apology to be genuine and behaviour changing, or empty lies.

Rewarding apologies that turn out to be empty lies is what gave us Facebook. I fear Ammon's ambitions are to be more like Zuckerbergs rather than less, so I'll be very judgemental and dubious as I watch future moves by Ammon and Triplebyte. Like he acknowledges, he's lost trust. You earn trust back by your future actions, not by the eloquence of your apology.


Words have no value. Actions do. This apology changes nothing, so long as they don't follow it up with actions that prove their intent.

The one action they took is that they cancelled the feature. _That_ has value. Arguably not enough, but it's a good first step. I'm eager to hear what they follow it up with, but they _have to follow it up._


> Words have no value. Actions do.

Uttering (or publishing) words is an action.


Because screwing up and retracting is better than just screwing up.


It is still important to apologize so that potential or previous users can begin to form an opinion on whether or not a company can even attempt to earn their trust back. Of course an apology does not erase Triplebyte's actions, but I think that it is possible the CEO truly did lose sight of his goals and become removed from the user. The section about his experience job searching during the recession seems genuine.

Companies are becoming more sterile and calculated, and perhaps statistically issuing an apology has no impact on user retention, but I for one am glad there is still some humanity to be found even if it's a hollow gesture.

Publicly taking responsibility and acknowledging mistakes can be a powerful tool in changing. Because of this apology, I will at least monitor Triplebyte's progress to see if significant structural changes are made to keep a decision like this from being made, instead of not even giving them a chance to gain back my trust. Their actions will tell whether this apology is genuine or not.


Uh, you say this like an apology is always sufficient. It isn't. If you break the trust in a relationship and damage that relationship, saying "sorry" isn't enough. Trust should be hard to regain. Your comment reflects why companies keep getting away with being terrible to consumers. It's like an abusive relationship - some kind words, a "heartfelt" apology,and everything is back to normal so they can abuse you some more. It's not enough if they don't take any steps to improve themselves and prevent this behavior from happening again. Trust can be regained over time by repeatedly doing the right thing. "Sorry" just doesn't cut it.


The expectation is not receiving more apologies from companies, it is companies learning from screw-ups like this and not trying to pull off stunts like this in the first place.


In the context you mention, the word mob is usually understood to mean: "a large crowd of people, especially one that is disorderly and intent on causing trouble or violence"

With this understanding of the word, using the phrase "the internet mob" seems quite negatively loaded. Consider the context of companies harming their users in ways that may not be obvious to everyday people: I, for one, want people organizing to get the word out.


An apology is a company's best shot at damage control after a PR disaster. A well crafted one has obvious benefits in that it might win some people back, as can be seen from the people defending Triplebyte in this very thread.

Just because it doesn't work for everybody doesn't make it not worth doing.

FWIW the apology doesn't do jack shit for me.


I think what the company wants is to recognize their mistake.

Users can still see that... and be worried about how they came to the inital decision.

None of that should influence if you do or don't apologize.


What's with all the apologizing lately. I don't pay for people to mess up. How many mess up does your employer tolerate before they find someone else to take your place?

This isn't kinder garden, we're not here to educate those companies, they run a business, you mess up, you're out, we give the competitor a chance. That's how it works.


In the interest of providing a counterpoint: I’ve definitely made many mistakes per job at multiple jobs, without the employer “find[ing] someone else to take [my] place”.

As a user, I’m also not dropping a company that provides me a useful service at the first (or likely second, or third) mistake.

Not everybody subscribes to this one-screwup-and-you’re-done mindset that you seem to be describing.


That's not really the mindset. The mindset is: what will serve me best. If you no longer qualify, you no longer qualify.

> that provides me a useful service

And what if the service stops being useful? What is an apology going to change? No longer useful, you'll move on.

That's where I find these apologies to be a sham. It's trying to play on people's emotions, to keep them around even once they've stopped providing value and utility, or in this case, actually causing you harm.

The only reason your employers have kept you around, is because your "mistakes" were within the expected range of what people in your position will be making as well. If you fall below that threshold, trust me, you will not be kept around for very long.


Your prior comment says “... you mess up, you're out, we give the competitor a chance. That's how it works.”

I’m saying that’s not how I approach my interactions with businesses. As you noted in your reply, employers expect an employee to make mistakes within a reasonable threshold. I have the same expectation for companies that provide me services. Making a mistake does not suddenly evaporate all their “usefulness” to me, as you seem to be suggesting.


That's just because we're using weasel words.

When I say "mess up", I imply a quantity of mistake that is beyond acceptable for the value I get.

You seem to quantify "mess up" to a much smaller degree, like "mess up" implies a reasonable set of mistakes.

So we're not discussing the same scenario, due to us quantifying "mess up" to different degrees.

It seems if we normalize our quantity of "messing up", that we actually fundamentally agree. No amount of lack of or of providing an apology really affects the consequence. Mess up within reason, you don't even need to apologise, as long as I'm still getting good value I'll continue to be a customer. Mess up beyond reason, and an apology won't help, as soon as I'm no longer getting good value, or if you're actually providing me negative returns, I will begin to look for an alternative.


People do make mistakes. Sometimes people really do just fuck up. We're only human. All of us. Whether you're a CEO or just a worker. Whether it's even heartfelt or not, it's nice to see someone without any bullshit or wishy washy words, just straight up say, sorry everyone, i really fucked up.

Personally, i appreciate the honesty from people, whether they mean it or not, it still takes some bit of honour and humbleness to openly admit your mistake. It's not an easy thing to do and i can appreciate the effort it takes to come out and just straight up say 'yeah i'm an idiot and i fucked up pretty bad.'

Plus, the way i look at it, you always have to remember, no matter how badly you fuck up, you're not that dude that fucked up the space station and caused a slow oxygen leak that had to be repaired with a risky space walk and even he was forgiven...probably.

ETA: Just to add to this as i've thought of it. Years ago, somebody i knew stole a few hundred dollars from me and disappeared. I thought i'd never hear from him again. A couple years later i got a random phonecall from him. He didn't have my money or anything, but he had the guts to call me and apologize and admit he'd just straight up ripped me off. I've never heard from him since and i'd never trust him again, but i respect the nerve it took for him to do that.


How many times have we heard Zuckerberg say "I'm sorry, we let down our users" in a eloquent and humble and seemingly heartfelt way, only to find they were right then in the middle of an even more brazen abuse of their users?

Do you suppose Ammon truely realises this plan was a totally unacceptable betrayal of his users, or that he admires and aspires to be Zuckerberg still?


I haven't heard Ammon call his users a bunch of dumb shits and repeatedly do shady things and i've never heard him directly apologize without somehow not only insulting users but saying a bunch of hypocritical shit and contradicting himself.

No I doubt he truly realizes it. There's no way he can empathize or truly understand the needs and worries of people using his service. But, like I say, I respect and appreciate upfront admission of wrong doing. I don't think anyone should trust them.

Tryplebyte fucked up, anyone believing this shit wasn't intentional and planned to derive revenue from users during an obvious downtime is naive. The mistake was not realizing this was a horrible idea and continuing to such a ridiculous thing. They should be abandoned. But I respect the admission of the fuck upery.


Key words: "how many times"

Ammon has done this once. I think everyone deserves a second chance, and maybe even a third. Zuckerberg has had way more than that.


>Even if it is heartfelt, I'd argue that if no alarm bells went off internally when they were discussing this feature, they are not the group of people to entrust with information such as this.

On one level I agree with this, in that I don't think 'heartfelt' is a fair metric. It's subjective, it's a ritual, and on some level the demand for performative contrition feels to me like something that doesn't have well defined parameters and past a certain point doesn't serve a purpose.

What is important to me are the statements that acknowledge error and recognize what made it a bad thing to do. Those seem on-point to me and, insofar as apologies go, I'm not sure what else should have to be said.


Both the heartfelt-ness and the acknowledgement of error are things that talented writers at crisis management agencies oe OR firms or even internal comms teams can ghostwrite for anyone. All they tell us is that someone (not necessarily the person who fucked up) recognises what the right things to say publiclly right now are. Apart from Ammon's ability to accept words assigning blame to himself, we can not really read anything more into those words.

Lets wait and see what he, and the entire team who didn't stop this before they launched the idea to significant negative outcry, actually do in the future.


He dropped it on the Friday before the biggest holiday weekend of the year. He knows what he's doing. He's done it before, and he's still doing it. Just pulling power moves. Move fast and fuck shit up.

The dude has personally tried to pull fast ones on me. This is a fucked company since day one. I brushed it off, but when you keep up these patterns for years...jog on.


>The dude has personally tried to pull fast ones on me.

Can you clarify?


> biggest holiday weekend of the year.

What holiday was that? I wasn't aware of any. In any case, I'd say Christmas is probably the biggest holiday, although it doesn't always fall on a weekend.


The holiday weekends in the United States are MLK Day, Presidents' Day, Memorial Day, Labor Day, Columbus Day, and Veteran's Day.

This past weekend was Memorial Day for those in the United States.


In the USA it’s a long weekend with nice weather. (Nicer than typical Christmas winter, anyway)


> if no alarm bells went off internally when they were discussing this feature, they are not the group of people to entrust with information such as this.

On the other hand, once shit hit the fan, you could argue that these people would be extra-careful about fucking it up again, as opposed to another company where everything seems silently OK.

It's a bit like the story of the engineer who did a 400.000 dollar mistake on his first job. Asking the manager if they were going to fire him, he was told that no way they were going to fire somebody that just cost them so much money to train!


> On the other hand, once shit hit the fan, you could argue that these people would be extra-careful about fucking it up again

In my experience with Facebook, Google, and a variety of smaller companies, this doesn't happen.

To people who think the way TripleByte apparently does, the fuck-up was getting caught, not violating trust in the first place. If they had no moral issues with betraying users, they won't have any in the future (unless executives and board are replaced).

Instead, they will pay more lip service to privacy concerns and be more secretive about violating user trust.


So Go Daddy after the first "We're sorry..."?


I also read a story on HN where a devops engineer made a $80k mistake and got fired. He got hired at a new startup and the founder thought "of course he won't make the same mistake twice". He did.


Anyyyy chance you happen to have that link handy? Terrible misfortune but sounds like a good read.


https://news.ycombinator.com/item?id=22719573


At least we can be sure lightning won't strike thrice!


I wouldn't count my blessings!


> It's a bit like the story of the engineer who did a 400.000 dollar mistake on his first job.

The primary reason not to fire this person is that if something like this can happen, it's a process failure.


They're undoubtedly going to have to do more to make things right in the future for those who have been following this issue, but it's at least refreshing to read what seems like a genuine apology. If we can take away anything from this, it's that Triplebyte actually understand why people were upset over this. I've read lots of apology emails where those in charge clearly either didn't understand the problem or they were dismissive towards their consumers.


We want to do something more concrete to guarantee user privacy going forward. A technical solution would be best. But short of that just a really strong, transparent commitment (that makes it easy to hold our feet to the fire if we screw it up again). But I could not get this together before the email today. I'm expecting to announce something in the next few weeks. I agree with people here when they say that actions are what really matter. I screwed up enough that I don't certainly don't think an apology alone makes it better.


> A technical solution would be best.

This is another error in your thinking.

You can't solve failures in human understanding with technical solutions.

Your first instinct is going to be too try to cite counterexamples - but that only proves the point.

You're in a business that deals with people. You can't eliminate that with technology, and the fact that you think you can try is what makes you dangerous.


> If we can take away anything from this, it's that Triplebyte actually ...

... have a decent crisis management or PR firm on retainer.

Which might be as much of a red flag as the initial fuckup...


> have a decent crisis management or PR firm on retainer.

On what basis do you say they have a firm on retainer?

I think many/most CEO's in this situation would make some calls to get advice on how to manage the situation -- I don't that is a red flag.

If they don't take strong, concrete steps to mitigate these kinds of problems in the future, I will have less confidence and trust in their company.


There was a study about surgical fuckups. In almost every case, multiple people in the OR admitted they recognized the problem but were too scared to speak up because the surgeon said things were going fine.


The same issue was found to be the cause of plane crashes: the crew knew that something was going wrong, but did not feel that they could contradict the captain (or the captain just wouldn't listen). This gave rise to the practice called Crew Resource Management (CRM):

> Crew resource management formally began with a National Transportation Safety Board (NTSB) recommendation made during their investigation of the 1978 United Airlines Flight 173 crash. The issues surrounding that crash included a DC-8 crew running out of fuel over Portland, Oregon while troubleshooting a landing gear problem.

> The term "cockpit resource management" (later generalized to "crew resource management") was coined in 1979 by NASA psychologist John Lauber who had studied communication processes in cockpits for several years. While retaining a command hierarchy, the concept was intended to foster a less authoritarian cockpit culture, where co-pilots were encouraged to question captains if they observed them making mistakes.

Source: https://en.wikipedia.org/wiki/Crew_resource_management


Do you have a link to the study?

I certainly believe it. Projecting my own anecdotal bias, most surgeons I've met have been a special kind of arrogant.


Same happened for pilots

https://www.linkedin.com/pulse/20140217220032-266437464-asia...


The pilots' case is subject of entire chapter in the book outliers.

Book is... of oscillating quality.


I can't find the specific study, but it is part of the third part of the book The Power of Habit.


That last part is called the God Complex. Many surgeons have it.


Many engineers complained about the risks before the Challenger disaster. Management suppressed the concerns and championed incorrect risk math in order to justify it.


This is more sensible than people in this thread seem to think. The company emitted a signal about how they reach decisions — you can debate the strength of it but it makes sense to update one's priors accordingly. Hey, path dependence is a bitch.


I'm surprised they didn't consider beta testing the feature with a subset of users to see how it'd go first.


According to one of the CEO's replies in the other comment thread, one of the drivers to push forward was that they need to meet their sprint goal.

I don't have any inside information but it seems that this could also be a case of the downsides of deadlines. They set a deadline and then all other considerations go out the window when trying to meet that.


For anyone who thinks this is too ridiculous to be true, here is the CEO confirming this was rushed out to meet a fake-Agile fake deadline, without regard for how it might affect users or developers:

https://news.ycombinator.com/item?id=23280137


I am trying to evaluate this as fairly as I can. "Sprint" is one of those words that just ... sets me off. I have to remind myself to be rational and measured in my response.

Having said that, "sprint" is not a word I associate with thoughtful progress toward a reasonable goal. What it does say is "rush forward in a heedless manner" and "don't think, just run."

Another artificial deadline dressed up with terminology that encourages plunging ahead without due consideration.


Lol. Gotta have priorities. That's some serious b school negative work.


Yeah, I think that's certainly part of it. I'll try to be more careful with sprints going forward. But I made the initial plan for the opt-out release before the deadline. So it was also just a pretty bad loss of perspective on my part.


Whoa! Deadline was a reason to push a feature which is big and privacy violating one. Can a bank say due to deadlines we made passwords not encrypted ? The feature which is your core cannot be part of deadlines. If they really intent of user protection, they would have de-scoped it to next sprint.


We did user research about the profiles, but not (crucially) about the opt-out release. That was the fuck up.


In a state that permits users to delete their entire data forever and ever, hallelujah.

golf clap

(One of the 2,000+)


Both a cynical and wrongheaded answer.


It's like they don't even internet.


Even the greatest of apologies is not a time machine that will completely undue what happened. A C-level/director-level team pushed out a massively privacy violating policy with zero feedback in an effort to compete against an incumbent company (LinkedIn) on a Friday afternoon.

It reeks of they-raised-too-much-money-and-now-have-to-do-BIG-things syndrome and would seriously discourage me as either a user or enterprise customer, as if the AI/machine-learning BULLSHIT didn't already do that. They're a recruiting company that took a sucker punch with CV-19 and effectively tried to sell their user data as a get out of jail free card.

The saving grace is that LI Recruiter is a trash product (for years...) and they could probably eek out a consumer net-good by bringing more competition to the market, if only they went about it the right way.


People screw up. It happens. I accept the apology.


You are right, and the apology sounds genuine, yet my feeling as someone working in IT myself is that their culture cannot be one that values privacy. If your users entrust you with their information deciding about what to throw away, what to keep, what needs to be anomyized, what private and what public is literally why people would trust you.

It can happen, but if it does maybe you are the wrong person for the job.

The question really is: in what kind of mode would you have to operate in order to forget that you users might want to have a say in the publication of their data? That is like a restaurant waiter forgetting to ask people what they want and bringing them a single random things instead.


For myself, I don't expect corporations to be paragons of virtue. I just try support the ones that are less screwed up. Everything is flawed. If you don't accept that, honestly ask yourself if you could build something bigger than just yourself that didn't have to make compromises you'd rather not make.

Every company that can help me find work is flawed, and I don't wanna start my own company any time soon. Heck, I am flawed. The best I can do is better than nothing and worse than perfect.


Really even if it’s a bank or a financial entity. Here it is privacy


Sure, Triplebyte made a dumb move here. But “massively privacy violating” is hyperbole.

It seems as if everything is considered “private” now. No, not everything is private. You interviewing for a job isn’t private unless both parties make it private with a legally binding contract. It is a mistake to wishfully label public information as private simply because we don’t want it to be public. It also makes it harder to talk about true violations of privacy and distracts from understanding the real issues at stake.

What people ought to say, and have often said here, is that it is a violation of trust. People trusted Triplebyte to find them a new job, not lose their current job. That trust was violated not by an invasion of privacy — it is their data as much as it is ours — but a violation of using that data in a harmful way.

Privacy isn’t the problem here. The problem is with whatever broken processes led to this bad product and poor decision.


> You interviewing for a job isn’t private unless both parties make it private with a legally binding contract.

I would gently suggest that you look into the idea of "reasonable expectation of privacy" which has a long history in the courts.


I'm in a different industry, but I read the HN thread about it a few days ago. In the CEO's comments, I saw a lot of 'I'm sorry you feel that way' type of apologies. I wrote that he should take responsibility for his own actions.

Perhaps he read that and took it to heart. Perhaps he read that and realized it would sound better if it seemed like he took it to heart. Perhaps after the monumental PR screw-up, they hired a PR professional that wrote the apology.

Who knows. Actions speak louder than words.


My personal belief is that any educated, native English speaker who peddles in non-apologies like "I'm sorry that YOU feel that way" is to be avoided as much as possible (socially or professionally). In my experience, these are typically the same people who will do other weasel-y things like tell lies by omission and justify it to themselves (and others) by saying didn't technically lie so what's the big deal?

Indeed I've learned this the hard way.

Having said all that, the above apology goes even farther in accepting personal blame than I would have expected... so I'd be slightly torn on this one if the cynic in me didn't know he was likely coached heavily in crafting it.


Your comment was the first thing I thought of when reading today's email. I hav worked most of my life as a secondary math and science teacher, and one of the things we teach all students about communication is "I statements."

This email is full of sincere I statements. Whether it comes from reading your comment or just reflecting on the whole situation, this is about the best response I could have imagined a few days ago. It accepts responsibility, and shares the thinking and feeling behind getting so far from where they should be heading.

I don't have a TripleByte account at the moment, but if I did I'd be open to what they do next. A CEO who has made a major mistake and taken sincere responsibility for it in my eyes is more trustworthy than many who just haven't made their first major public mistake yet. I know we need to watch them carefully for a while, but this is about the best statement I could imagine Ammon and TripleByte putting out right now.


After digging in his heels repeatedly on Friday against a tidal wave of opposition, Ammon found a "how to apologize" book and banged out an apology, while still devoting paragraphs to defending his mistake and selling his origin myth. Even his well researched apologize reeks of narcissism not respect.


I guess he also needs some amount of reasoning to explain his mistakes. I do too, and it somehow infuriates people if an apology contains anything but ‘groveling’.

Doesn’t it show that I’ve properly reflected on how I could screw up like this so O can adjust my behavior in the future to avoid it?


> I guess he also needs some amount of reasoning to explain his mistakes.

An apology 100% does not need explanation or justification of why mistakes were made.

And if you're going to put those in, you 100% need them not to be "Our company is doing it really hard due to COVID, so we though we'd just {{monetise user data provided under strict expectations of total privacy}} "

People who beat their partners regularly say "look what you made me do!". Ammon just said "but I was going broke, I had to try this!"


They scrapped the feature so that's an action backing up his words.


Question is why was it there in the first place , so hideous, so late on Friday, one week time to update the profile. Why not more time when it concerns privacy.


The fact that it got to this point I think would be concerning:

a) No one thought this was a bad idea, or

b) people who thought it was a bad idea didn't want to say it was a bad idea (why?), or

c) people who did say it was a bad idea were not listened to (feedback was not acted on).


I wonder if searching LinkedIn/Crunchbase might reveal a small team of people with experience in the technical recruiting space who've very recently left Triplebyte?

That might be a good indicator that perhaps _they_ are the sort of people who might sensibly be trusted with job seeking personal information...


I totally agree with this. When I see corporate apologies I look for two things:

1. Actions speak louder than words. In this case, they are reversing what originally caused the outcry.

2. Did they look introspectively to try to really understand what made people mad in the first place. In this case I believe the CEO did.

If we don't ever accept sincere apologies, then we're left with a world where there is never an incentive to apologize and improve. Frankly, seeing a taste of this in US politics with politicians doubling down on their past mistakes even when confronted with all evidence to the contrary - this is not a path I'd prefer to go down further.


I look for one more thing:

3. What steps the corporation took to prevent this issue from occurring in the future.

While a believe that the CEO is sorry, I can't consider the issue resolved without #3.


This is an important point, and it's something I'm thinking a lot about right now. I don't have an answer, but I want to talk to my team and make an announcement in the next few weeks.


It is sad that you felt you had to use a throwaway account to post this totally reasonable opinion.


It’s a three year old account. Not everyone wants a HN account in their real name.


This kind of missed my point. I know this is not something we are supposed to talk about, but I miss the old HN. The sad thing is these days I get more value reading the new post raw feed than the conversations on the front page.


I didn’t miss your point. Your point was not based in reality.


Not only did you miss my point, you made it.


Tell that to TripleByte, amirite?


I'm like you, not actually a triplebyte customer, but have followed on hn.

> They listened and that's what counts for me.

The fact is that they didn't listen. The ceo ammon was here on hn clearly not listening and clearly not apologising.

I would surmise that it's only due to a flood of account deletion requests that he started to notice... Add this proves one thing: on triplebyte you are the commodity and not the customer.

Although it's unlikely I'd have ever used them, because of this fiasco you can be sure I'll be warning people away from the platform entirely, heartfelt apology or no.

For my view to change he'll have to do a whole lot more than one email. He needs to change his way of thinking and one email is no way of proving that it's happened.


+1 for "you are the commodity and not the customer"


If they're so sorry and they're listening to feedback why do they employ dark patterns such as requiring a government ID to delete an account?


That is foolish. Fool me once, shame on you. Fool me twice, shame on me.

It is too early to put trust in Triplebyte. The classic Silicon Valley playbook is to do something that crosses a boundary, get pushback, apologize, and later try again. Eventually it succeeds.

Examples:

- sharing all you financial transactions and passwords with a third party

- suppressing posts for reasons

- sharing private conversations with powerful parties

Wait and let Triplebyte prove itself with real actions instead of just talk.


So many companies issue an apology that's been composed by a PR team and edited by legal. It ends up being a wishy washy we admit nothing but care about our customers kind of statement.

It's refreshing to see a real, detailed, apology. Just taking responsibility and owning each mistake of judgment or process along the way.

My opinion of these guys actually went up a notch over this debacle.


I was about to read this apology cynically but I think this is one of the best apologies I've ever read.


Sure. Great case study for the crisis management team who got it together over the long weekend. I wonder who they were? (And which other companies they work for that I should avoid?)


I think what the critics are trying to say is that plenty of companies in the same space were not tempted to do this kind of stuff, despite all the pressures, and instead atayed committed to engineers’ privacy and putting candidates first.


Ammon was also a cofounder of Socialcam, known for a ton of dark patterns. He employed similar techniques here. If he didn’t use so many dark patterns I could forgive him.

He made the feature opt-out. He sent out the email on a Friday before Memorial Day weekend hoping no one would notice. He made the opt out button hard to find. He made the process of deleting accounts very hard, saying they required government ID and it would take 30 days.

He knew exactly what he was doing.

He made preparations for the blowback. That’s a fact otherwise he wouldn’t have taken these dark measures ahead of time. What he didn’t anticipate was getting caught and the level of vitriol he would receive.

He honestly thinks he is smarter than us. I think a person can go to the well only so many times before we have to assume they are insincere and lying.


Do you believe the part where he said he didn't realize the consequences of being default public? That part is inconceivable to me. I believe he did know the issues and decided to proceed anyway to see how bad the public reaction would be.

His actions and response are consistent with behavior. It sounds much better to say "I didn't think through it" than "I knew it was bad and wanted to try it anyway."


I disagree, the site is by developers for developers. Every developer on planet earth is well aware of privacy issues and the evil dark pattern of negative options. They knew this ahead of time, they took a gamble and shit hit the fan. The apology is not heartfelt or sincere, its just damage control.

If they want to correct this mistake, turf the product manager or make a $25K donation to the EFF as an act of penance.


If they make a $25k donation to the EFF, people will just ask “why not $50k?” or “why not pay me?” They can’t win against people who have their mind made up.


You also can't win against companies/founders who have their mind made up about acceptable monetisation strategies and PII handling.


Turning the ship around was just the only rational move from the business perspective. They thought they can pull it off, doubled down, found out they cannot. Too late now.


Do something shady, blows in your face, write heartfelt apology, repeat. Fine with you?


>>Some comments around here are extremely negative of the whole situation. More negative than I think they deserve.

Welcome to the new world of Cancel Culture, where no can ever be forgiven, excused or allowed to personally grow

The second you make a mistake will that should mean your life is over...

Society today is in a sorry state and I see no end in sight


> Some comments around here are extremely negative of the whole situation. More negative than I think they deserve

People would have gotten laid-off to this. The dark patterns are just cherry on top.

The negativity is well deserved.


The negativity towards to original announcement of making profiles public was deserved. For me, the negativity towards the CEO's apology and cancelling the feature is not.

Everyone makes mistakes and if nobody would be willing to look past that, then we'd never get anywhere.


It would have gone over a lot better if he didn't spend a couple days on HN telling people they shouldn't be mad about it.

And it would have gone over a lot better if he was honest about what happened. He got caught with his hand in the cookie jar and he's all "was that wrong? Should I not have done that?". They knew exactly what they were doing and calculated that it was worth it.


Quick correction:

> spend a couple days on HN telling people they shouldn't be mad about it.

It was actually a only a couple of hours and a few (very inflammatory and highly downvoted) comments, near the beginning of the thread, and then radio silence as the fire raged on.

I think that he took a step back and began reconsidering after realizing that his comments weren’t helping any, but because they were the only thing he said in that thread and a lot of discussion was focused on them it seemed like a lot more activity than it really was. (Not that this excuses anything, but I think it’s important to be clear about what happened.)


I suspect the board and/or legal and/or investors confiscated all his devices and put him in total lockdown...


He didn't spend a couple days on HN telling people they shouldn't be mad about it.


He certainly spent a great deal of time saying "I'm sorry you feel that way" (a classic non-apology... there's no better way to make a bad situation worse than by starting off with those words).


Yeah but not for a couple days. He got whipped by downvotes and left after a couple hours. Agreed about the sorry you feel part.


What I've come to observe is that you can never make everyone happy - a truism detached from this specific incident.

So when you receive negative feedback on something - how should you respond?

What if you're used to some certain baseline level of negativity? How should you respond then?

I feel like there is feedback on the individual level and the aggregate level. Clearly in this case TripleByte saw that they would have alienated a large and important community but I'm convinced you can blame a CEO for being diplomatic but thick skinned.

I mean this is the community famed for trivialising Dropbox


> What I've come to observe is that you can never make everyone happy

Most of us get through life without ever making that many people that unhappy all at once though. It's not like this outcry wasn't obvious and predictable to any reasonable person.


There are plenty of ways to respond. "I'm sorry you feel that way" is never one of them.


I interpret such a statement as expressing sympathy with someone's point of view, but also disagreeing with it.


It's pretty well understood by people far less experienced than the CEO (i.e. me) that you need to split those messages up.

Empathy is unconditional. It says "wow, that must be really painful/terrible/scary". It carries no judgement around the accuracy of such feelings, only an understanding that they are real for the other person.

Disagreeing comes later after you have shown there are legitimate competing solutions.

"I'm sorry you feel that way" fails at the first so you haven't yet earned the right to disagree agreeably.


What makes it complicated, though, is that some people interpret "I'm sorry" as an admission of guilt or agreement, so conservative lawyers and others recommend specifying what you feel sorry for so as to not give away the farm.


I can see how that conclusion gets drawn.

Any new feature that is announced can be met with some negativity. Sometimes it just ends up working despite that. It is not surprising to me that at first, they tried to defend their plans. It probably took a while for the backslash to sink in and their own opinions to change.

I wouldn't expect every company, even ones that target HN's primary audience to turn everything around right away because of an angry thread within a few hours. They turned around in 2-3 days. Quick enough if you ask me.

Disclaimer: I am really not in any way affiliated with Triplebyte. I am not even a user/customer. I just see a lot of negativity that I that I find unjustified.


Nobody is mad about a "feature". They're mad because Triplebyte made sensitive private data public.


They're mad because Triplebyte made sensitive private data public.

And engaged in a host of dark patterns that made it difficult for people to effectively respond to that, for example by getting the data deleted and cancelling any account they had. The problem wasn't just the original error in judgement, serious as that was. It was the doubling down on it in both the implementation and the handling of the criticism when it was announced.


This ^. This is the issue.

Calling it only a "feature" is just downright twisting the facts.


Except they didn’t make any data public. Yes, they were going to, but they hadn’t yet.


Is it possible to look too kindly at somebody? I think so. Clearly the CEO is backpedaling now that there's been a public outcry.

He's not sorry about what he did. He's sad he got caught.


What's the penalty for looking too kindly at somebody in this context?


One continues to be taken advantage of, over and over again.

Assuming good faith is not prudent when dealing with people who want your money or data. We have enough collective experience at this stage to say this conclusively.

Edit: Being cynical is the new normal when dealing with companies. Especially if they have your data, or want it.


Wait, I thought we were talking about kindness after they pulled the plug and backtracked on everything.

How am I being taken advantage of if I read that letter and think "Well, good for them to finally realize things and take the right steps"? And I hope you're not speaking for everyone when you talk about good faith.


They have not "taken the right steps", at least not yet.

They've "stopped beating their wife". That's nothing to be proud of or rewarded for.

Everything else so far is just empty words. (Well written and convincing words, sure. But that guarantees nothing, any of us could find somebody to write a great apology if we're prepared to pay. Means nothing.)


> They have not "taken the right steps", at least not yet.

So reversing and apologizing is still taking the wrong steps? Is this one of those situations where no positive descriptor must ever be uttered about someone?

> That's nothing to be proud of or rewarded for.

Good thing I never said that. I don't think we're speaking the same language here.


> Assuming good faith is not prudent when dealing with people who want your money or data. We have enough collective experience at this stage to say this conclusively.

Well said. This ought to be taught in schools.

Being slightly pedantic I'd change it to "when dealing with companies that want your money or data" rather than "people" (though I've pretty sure that's the general meaning you intended anyhow).


Until companies are run by AI, it's people.


What I mean is that I wouldn't apply the "don't assume good faith" principle to all people in all cases where money is exchanged. Like smaller "mom and pop" businesses, charities, or the self-employed for example. That's the only reason I made the distinction.


You’re assuming ill intent on a new company. To be so cynical is not a good way to view things in life. Also, they don’t want my money. You literally pay nothing to use them; they get paid (a one time lump sum) by the company who hires you


Think of it this way: If someone I trusted with my data doxxes me it doesn't matter if they do it for free!

Yes, we know they weren't doing it for the goodness in their hearts, but there's a huge leap between

- using what they know about me to sell services to others (classic Google)

- and outright selling/publishing my data to others

There's a reason why I still - despite all my dislike for Google - still respect them somewhat: they actually seems to try to guard their treasure chest of juicy customer data against both governments as well as everyone else, they seem to be in this for the long haul.

Edit: try to avoid being rude / abrasive


> He got caught with his hand in the cookie jar

This confuses me. What big payout could they have gotten from making this public?


This isn't just a whoopsy mistake, this is a drastically stupid decision that brings the whole business into question. This wasn't really a technical mistake, this is bad leadership mixed with bad procedures. When you drive you boat into the ground because your "not thinking" as the captain, it doesn't remove the fact that you drove a boat into the ground. Irresponsible would be an under statement, it would be more appropriate to call this moronic.


At this point in time it doesn't matter if there is an apology or not. Like above mentioned, some would have got laid-off or for some their intentions of job search is revealed. This is much worst of an effect that an apology would do any good. He apologized so what. It is good but damage is done. Can anything be about it ?


I believe you are misinformed. They didn't go public yet.


It wasn't just an apology -- they reversed the decision before it happened, preventing any damage.

I was also furious when I found out, and still am upset at how they went about this situation in the beginning. They could've handled it much better. But they did what the community asked for, and nobody was harmed in the end. I would argue that this was the system actually working.

I think we should incourage good behavior, instead of being totally unforgiving of all mistakes. Hopefully other companies can learn a lesson from Triplebyte and think twice before making this mistake at all in the future.

I'm still not sure if I'm going to keep my account with them, but I do feel better about it


With your attitude, someone could try to something sneaky and dishonest like TripleByte did, but as long as they walk back on it eventually, it's all good.

Why wouldn't another company first try to push privacy violating changes on a Friday, when people like you are so willing to turn a blind eye to it if they get caught?

They violated trust and it's going to take a lot more than an email apology to get it back from people who care.


Did you read his comments here (on this thread)? It was that they were rushing to have this feature done earlier, but missed the deadline.


Yes, I read his initial comments and the ones here. Those very comments are the reason I am not as willing to turn a blind eye as others are. Those comments showed blatant intent to minimize the privacy violations and TripleByte's dishonest tactics. The follow up reads just like an excuse that sounds plausible to those with an engineering mindset. Given the audience of the blunder, and this site, I'd say that many users' capacities for forgiveness and second option bias are being taken advantage of.

Again, it will take a lot more than some words on the internet to gain back trust from people who care about the fact that they were tricked for financial gain.


If someone you know gets drunk and tells you they're going home to beat their wife, and you talk them out of it - they are still a wife beater. Being drunk doesn't justify it. Getting taked out of it doesn't make it OK. They totally though beating their wife was an acceptable thing to do.

Ammon got talked out of making all his user's sensitive job seeking intent public. He is still the guy who thought that was an OK thing to do. Maybe he was drunk. Maybe he was going broke. He didn't _actually_ beat his wife. This time.


"...and nobody was harmed in the end"

Consider how you would feel if a credit card or a bank did this? Would you ever trust them again?

No, you would not.


But they didn't. They cancelled the feature in time. So no real harm was done.


I thought it went already live. Misread and misinformed.


They cancelled because someone caught it and posted it here on HN. It would have been a different story if it's given no publicity


They emailed their entire user base and notified them of their intentions.

You make it sound like they tried to hide this and got caught - that’s absurd given the facts.


They gave their user base only one week's notice of the upcoming change[1], and according to the discussion in the original thread, had dark patterns in their UI that made it hard to opt out of the feature (it would only allow you opt out for 24 months)[2] or cancel your account.

[1] https://news.ycombinator.com/item?id=23279837

[2] https://news.ycombinator.com/item?id=23283237


I got the email. Your characterization is inaccurate.


I also got the email. I think the characterization is entirely accurate. (The bit about needing to opt out was badly phrased at best, and buried in the middle of a paragraph. I skimmed the email and thought it was a neat feature, and made a note to turn it on before my next job hunt.)


Since they reversed before making the information pubilc, was damage really done?


Yes, massively, to Triplebyte’s reputation.


Could you maybe describe the damage to users that has been done? It is my understanding that they cancelled the feature before it went live.


Broken trust, induced fear, damage is done.

And worse, who is to say they won't do this again later when no one is paying attention?

Do you have personal guarantees they won't?


Stress, real or imagined, is stress.


How could a CEO the one major feature they were trying to do can't think something which many caught that upfront. Its not like something, that was caught after 2 months or 2 years of a change, it was caught and discussed immediately after the announcement.


The explanation for how it actually would have worked (as opposed to how HN thought it worked) seems to clarify the reaction imo. I can totally see how they thought they were justified in the rollout of this feature. They believed it, while opt-out, was merely a badge and contained no sensitive data (compared to HN profiles).

This reaction seems way overblown. Its fine to criticize a feature but lets not pretend this is some nefarious plot that would have resulted in layoffs


> merely a badge

> This reaction seems way overblown.

A badge on a user's now-public profile at a service that's used only when job hunting. Any company that noticed that one of their existing employees had a profile at Triplebyte could guess that the employee was looking for employment elsewhere. This would not be good for their career prospects, and could easily result in the job-hunting employee being chosen for a layoff or skipped for a promotion - most companies would rather keep or promote someone who's not about to leave.


Are workers in a competitive industry such as tech really at risk for getting fired for possibly looking for new work? Having a TripleByte profile would say as much as having a LinkedIn profile. It doesn't necessarily mean you're looking for a job. And when it's extremely difficult and expensive to replace an engineer, it seems like a bad business decision to fire a worker for this reason.


This gets into all sorts of dynamics and who controls them:

-- Layoffs are happening around COVID, now who do you think a manager will feel more OK picking?

-- For luckier companies, bonuses/refreshers/promotions happen at different times, a candidate may want their manager thinking about their work vs. them exploring greener pastures

That's sensitive stuff! Some candidate may like being exposed (it's a threat!), some won't (shows disinterest! distracts!). Crucially, the question is of agency: folks entrusted TripleByte, expected privacy based on TripleByte's marketing and industry norms, and instead of having the decision, got into a world of dark patterns (opt-out, weak notification, difficult avoidance, long time delays, ...).

Edit: People are down-voting this. Consumer tech companies have been going through layoffs, generally one or more rounds of 20%. Many B2B's are on a delay, and are starting to see numbers around their b2c customers plummet: easy for more to happen as ripples continue. What could have been an opt-in feature to help folks maybe get better new positions was instead setup to add easily-avoidable risk.


I didn't downvote, but I reasonably question how much energy is put into looking if employees have a TripleByte page. Performance reviews are typically backwards looking (what did this individual deliver for us in the last year) and forward looking (what trajectory does this person have in continuing to deliver value to our organization).


Imagine an HR person using Triplebyte to recruit. As part of regular self-googling, finding folks with similar skills, etc., they'd see employees looking for new opportunities. A good HR person would notify the manager etc. of flight risk.

This won't happen to everyone, but again, it's a matter of agency. Someone at a tiny startup may not care, but someone at a bigger or more political org might might feel risk differently. It's their career, not TripleByte's.


> I reasonably question how much energy is put into looking if employees have a TripleByte page.

Right now? None. Because sensibly there is no such publicly available thing.

Any recruiter or hiring manager who doesn't at least look for a candidate's public LinkedIn page (and in those roles, they should also have LinkedIn premium or whatever it's called too) is not doing their job properly.

I have little doubt that this would have become "standard procedure" for managers when prepping for the "forward looking" section of a performance review and when making decisions about promotions/layoffs/payrises - if Ammon had got his way.


There are what, 15000+ engineers competing for that many fewer jobs? Getting fired for looking for new work looks much more possible now than it did 3 months ago.


I really doubt this.

If a company would lay you off because you have a profile on a jobs network, they’re really a shit company you wouldn’t want to work for anyway.

Not that I agree with their actions - anything like this ought to be opt in only, but I can’t see people getting laid off. I have a profile on linked in with my boss and multiple people from my company as contacts, I’ve got profiles on multiple additional jobs board both locally and nationally. I’m not really looking for a job, but I have absolutely no reason to think I’d get fired for having a profile on triplebyte (which I do as well).


Scenario: You're the boss. Your company needs to layoff one of two people in a specific role. The two employees up for termination are more or less equal in terms of performance, wages, experience, etc.

You have strong evidence Employee A is unsatisfied and looking to move on. Employee B has given no indication of such.

Which one do you lay off? Keep in mind that unsatisfied employees often have a detrimental effect on the morale of their (otherwise content) co-workers.

Answer: You lay off Employee A. And not because you are a bad CEO or bad person. You do it because it's legitimately in the best interest of the company.

Now take the same scenario and substitute a promotion in place of a termination. Which employee will get the promotion? Which employee is in your best interest to invest more money and time in? I think you know the answer.


we can make up hypotheticals all day long. Firing someone because they have a profile on triplebyte is just silly. I ge that you all need to justify your rage over this, but this really makes no sense. The world doesn't work the way you want to believe it does. I don't know, maybe you work somewhere that's normal, but if you want to call something toxic, that's toxic. No boss I've ever had would care less about my online profiles.


>we can make up hypotheticals all day long.

So you're not going to point out any logical flaws in the scenario? You're not going to tell me why it's not a useful exercise? You're just going to avoid answering it because.... reasons.

> Firing someone because they have a profile on triplebyte is just silly.

Neither of the examples I gave were about firing.

>I ge that you all need to justify your rage over this, but this really makes no sense

I don't have any rage. My comment didn't express any rage. It gave two perfectly sound illustrations of why this information being public could put one at a disadvantage.

>The world doesn't work the way you want to believe it does.

Please elaborate. How does it work? And why is your experience about how it works more "correct" than the hundred of commenters here?

>I don't know, maybe you work somewhere that's normal, but if you want to call something toxic, that's toxic.

You can prove it by answering my question. What decision would a non-toxic, perfectly reasonable employer do? What would you do? I'm genuinely curious.

>No boss I've ever had would care less about my online profiles.

Same here. Aren't we lucky. Not everyone has had the same experience as evidenced by this thread.


It's a silly hypothetical, and not worth addressing any further than I already did.

You've now admitted you're not even in the situation, so why debate for it other than internet gotcha points?


>It's a silly hypothetical, and not worth addressing any further than I already did.

You haven't given a _reason_ why it's "silly" and "not worth addressing", you just declared it so. That's not how civilized debate works and not how intelligent, honest, people disagree.

>You've now admitted you're not even in the situation, so why debate for it other than internet gotcha points?

Because I believe in privacy, ethics and get some enjoyment out of vigorous and fair debate. Sometimes my mind gets changed, sometimes I change other peoples minds. Other times, there are people who just aren't up to it intellectually and cover their ears and spew childish nonsense.

So let's cite some sources shall we?

1) According to a specialist in employment law at Dilworth Paxson LLP and author of the online law blog “The Employer Handbook” it is sometimes advisable for employers to terminate an employee looking for other work.[0]

2) According to hundreds of professionally employed developers on HN. "We feel at risk of this happening to us."

3) According to internet user jkl275. "That's silly because it doesn't match my experience. And if it is true, the company you work for is shit. Therefore your concerns are unfounded because.. well... I'm not sure. Why are you even arguing with me!?"

[0] https://blog.shrm.org/workforce/caught-in-the-act-employees-...


I’m pretty sure one can find a lawyer to argue any side of any point. That doesn’t make it so.


It makes it much more "so" than a random internet user attempting to argue the opposite without (1) providing any references or (2) putting forth a coherent supporting argument.


> you wouldn’t want to work for anyway.

Sure, but you still have a mortgage to pay and would like to switch companies on your terms rather than on your employer's terms, right? Have enough time to find the right job you want, instead of the least-worst because you're really not comfortable with being out of work in what's looking to be a long economic crisis?


> you wouldn’t want to work for anyway

That would have been much easier to say a few months ago. But now, lots of startups and even large companies like Uber and Airbnb are laying off workers. Suddenly, for many, staying at that crappy company they currently work for is starting to seem like a much better option.


Are you kidding? Pandering to covid-19 based urgency to release this feature?

To put it much more politely than they deserve, this company is scum.


I don't have an account there, and didn't even know about them a week ago, but based on what people posted I don't understand the drama.

They want to make profiles pubic, like LinkedIn. The public profiles only contain subset of information from actual profile. Their FAQ page says that you can enable/disable sharing of your profile. They sent email to their users announcing the change and giving plenty of time to change settings.

I don't see how could they do better than that.


Explanations in comments: https://news.ycombinator.com/item?id=23279837

Synopsis IIRC: Dark paterns, requiring ID to close account, 30 days to close account (and they quietly cancel the request if you log in), only 7 days notice, no permanent opt-out.


Ah, had no idea, thanks for explaining.

So the real issue are those dark patterns, not that much making profiles public. If they would execute it right, I think majority of people wouldn't have problems with it.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: