Hacker News new | past | comments | ask | show | jobs | submit login
HubSpot Acquires Clearbit (hubspot.com)
136 points by jcolman 5 months ago | hide | past | favorite | 56 comments

> Now, imagine that once prospects’ and customers’ data are in HubSpot, our platform actively monitors those customers for buying intents. Not just based on direct engagements within the HubSpot platform, but also based on customers’ activities outside of HubSpot and around the web. And, when it’s time to reach out, imagine using generative A.I. powered by all of this rich data to create personal messages. That will be possible with Clearbit and HubSpot.

I have a feeling this will be very successful - but could they do this for B2B?

The AI can send the outreach messages, and then AI can respond. Then we can all go and retire on a beach while the AI's just bounce off of each ad infinitium.

Unfortunately, there aren't enough beaches to go around, so we will still have to pick winners and losers

> we will still have to pick winners and losers

Why would we do that? Surely there is an AI model that can do it for us.

That's what the Vision Pro is for.

Am I the only one that feels disgusted by this?

This also smells very illegal in the EU without consent.

> A.I. powered

> personal messages

Read customized at scale to elicit familiar responses from the recipients. So Gibson-esque.

I've always wondered how services like Clearbit work?

How do they map IPs to companies? Do their chrome extensions send data back or something? It seems fairly difficult to me especially with CG-NAT growing and growing?

Curious to see how Clearbit will be integrated into HubSpot and if the Clearbit API will remain open for others to use. Are there any other viable competitors to Clearbit for coverage and quality? We have a legacy plan for my startup at a very good price, so I've never checked out the other options.

Hubspot have been working on how they improve the data that their customers have in their CRM system. The state of CRM data across companies is... variable to say the least, with a leaning towards the poor side.

It's often entered by hand, by a salesperson with a telephone handset in the other hand. Typos, inaccuracy abound, which limits the ability to analyse and gain insight from the data, as well as to use it effectively in automated processes.

Hubspot have been releasing features and changes that start to address this, and I expect powering it all with Clearbit data will be the first thing they do with this acquisition.

There are quite a few companies competing in this space, so there are options if Clearbit shut the doors to use outside of Hubspot.

My company is one of those, focusing on IP->Business matching, but also selling direct access to our database of business information in certain circumstances. (www.leadforensics.com).

Very neat. How do companies actually get/derive the data to do IP to business matching though?

ZoomInfo is in the same general area on quality and the price per record is competitive, but they have historically required a high minimum annual spend and have a reputation for litigiousness. There are a few other large players (e.g. apollo), a few medium sized players (e.g. coresignal, mixrank), and some smaller players (e.g. thecompanies, bigpicture). There are also a lot of other folks who are not as api-oriented and are more focused around the sales/marketing experience (e.g. seamless.ai)

Is it approximately correct that most sites (beside Google, Microsoft, Meta, etc.) that get your email address are selling it to data-brokers and sharing cookie/browser-signature information so you can be de-anonymized across the web?

One small piece of nuance here is that a lot of the times they're not selling your email address, they're hashing it and using it as an identifier for targeting on other sites (so that two sites that both have your email address can coordinate to sell you ads, but sites that don't already have your email address don't learn anything new).

Except it's also trivial to buy or produce tables of pre-hashed emails, so this cloak of "oh we don't know who you are, it's a hash!" is usually just lipservice.

They're not literally passing around the hash. Holders of hash(email) <=> browser cookie associations are heavily incentivized for both regulatory and also competitive reasons to not blast that information around the internet -- or even to let direct partners A & B identify overlaps without their being in the middle.

When passing identifiers, there's generally some combination of lookup tables, per-distribution salted hashes, or encryption happening to make reverse mapping as difficult as possible.

(I was in this space up until a few years ago).

Which makes perfect sense, because why would anyone sell their golden goose, if they had any other possible way of monetizing it?

I think this is generally false in most instances. All advertising pixels use unsalted sha1 hashes over https.

Things like homomorphic encryption making secure sharing possible without the security being lip service.

This is one of the things that drives me nuts when hardcore privacy advocates start wading into browser feature discussions and complaining about things being used to fingerprint users.

I mean, can eye-tracking in a WebXR session be used to identify users? Yes, clearly that is a possibility. But will the addition of eye-tracking increase the identifiability of users? No, not in the least, because users are already identifiable by means that involve core browser features.

But frequently, the "privacy advocates" win and we're left with a web platform that has a lot of weird, missing functionally in comparison to native apps, pushing developers to either compromise on functionality or develop a native app. Compromising is bad for users. And developing a native app could can be bad for the developer, if one considers their existing investment in web technologies. Or both the developer and users, when one considers the vig that app stores charge, or the editorial control that app stores enforce over socially-controversial-yet-not-actually-illegal topics. Or just users when one considers the fact that the app stores just hand app developers a user identity without even making them work for it with fingerprinting.

And often, the voices that are loudest in defence of "privacy" are browser developers that also just so happen to be employed by said app store vendors.

> produce tables of pre-hashed emails

Wouldn't this require knowledge of the email beforehand?

I think the idea is that you can generate the MD5 hash of all, say 8 letter, @gmail.com addresses trivially and since the email hashes used for targeting don’t have a salt, it’s a one time “expense” to build the reverse lookup table

No, nobody is interested in de-anonymising, it’s not useful. To target, say a car ad all that is needed is to know that cookie 1234 is interested in buying a sports car, and when that cookie is encountered, serve it a sports car ad.

It's very useful for b2b people to know who is looking at your website and who might be good targets to reach out to. Knowing that Steve the SVP at Databricks is looking at your website vs cookie 1234 is a pretty key differentiator

From first-hand experience, B2B sellers do not get this information today. They typically get "signals" like "Company X is searching for product category Y" or "Company X is visiting your web site". And "Company X's CIO is John Smith - here's his phone number". But nobody that I've seen claims to offer individual names of web site visitors.

Services like retention.com provide email addresses for otherwise anonymous site visitors based on information provided to them by their "publisher network".

There are a lot of companies selling exactly this service. In some cases, they're able to do it pretty easily, because most people don't actually make any effort whatsoever to remain anonymous. And in a B2B setting, there's a good chance your own company is feeding their data into the same pool.

Some companies are trying to sell you on "AI based" solutions that take deanonymization a step further, but as far as I can tell, it's mostly horseshit and wishful thinking.

I'm curious who these "companies selling exactly this service" are.

I get solicited by dozens of companies daily. And I've seen nobody who can provide this de-annonymization of website visitors.

You're right, I phrased that too generically.

What I mean is that they provide enough information to pair your first-party data with "anonymous" web traffic matched to the account level with enough granularity to line up the two.

That said, most of the companies in this space massively over promise and under deliver. The one thing they all have in common is that they're good at ABM, so they can sell to your CMO/CRO faster than you can call them out on their bullshit.

I don't think this is correct. Meta and Google don't sell direct access to your data. They sell advertising targeting you, based on your personal data.

I'm pretty sure it's illegal to sell users email address to a data broker under GDPR.

In the context of a business email address GDPR is far less restrictive. See GDPR Recital 47 (7): https://gdpr-info.eu/recitals/no-47/

Direct marketing is not explicitly banned. If you have a reason to believe that the data subject in question (a B2B person operating in the context of their work) is interested in buying your stuff then you could claim "legitimate interest" and process their contact details/market to them.

That's what people are relying on at the moment. Whether all the data protection authorities in all the member states will agree with the market's assessment of this remains to be seen...

Right. Meta and Google are much less shady about this.

Not really... they're just vertically integrated and have their own ad networks.

Consequently, they're not protecting data because they care about privacy -- they're protecting data because the wider they share the raw data, the less value it (their product) is.

It's economic self-interest, not ethics.

If they didn't have ad networks, they'd sell anything and everything in a heartbeat.

Be that as it may, their object-level behavior is still far less shady. And in fact this is an argument that it is good that they exist, because in the counterfactual world where they don't, their niche would be filled by these non-vertically-integrated data brokers and advertisers who ARE financially incentivized to leak and sell and share far more information.

I used to be all gung-ho about being anti-FAANG, those evil privacy violators, but having now talked to friends who have worked at places like FB and Google, their internal data security practices are far more stringent than I had imagined (my friends complain about how difficult these rules make their jobs!). And yeah, sure, they are scooping up as much information about you as they can, and I'm not a big fan of that fact. But I have been convinced that they are actually somewhat decent stewards of that information, and the alternative is far worse.

All that being said, this is a pretty loosely-held belief, and all the surveillance and so on is quite icky to me. I'm still trying to slowly de-google my life and all that, just with a bit less paranoia and urgency.

> their niche would be filled by these non-vertically-integrated data brokers and advertisers who ARE financially incentivized to leak and sell and share far more information

I look at it a slightly different way.

Absent the vertical integration, they wouldn't dominate the market.

Absent dominating the market, they wouldn't wield as many resources.

Absent as many resources, they wouldn't have been able to build a panopticon in the first place.

And even if there were excesses in an alternate world... there would be a market of competitors, which would encourage different behavior.

And possibly even (gasp!) regulation because of the worst excesses.

Instead, FAANG wield vast resources, culled from entrenched monopoly positions, and act just responsible enough (plus lobbying) to avoid regulation.

Outside of using a Meta product or a Google product it's all completely shady. I shouldn't be tracked going to the DMV website or purchasing something online or using a dating app or going into a store or...

it feels to me that to date, selling people's information remains as the only viable large business model of the internet, after ecommerce

I would guess not most, but that a lot of them do. My assumption is that if there is a third-party service in use, there's a fair chance that a copy of my data is going to the third party in addition to the place I expect it to go. I have nothing but anecdotal information to back this up though.



Citation? Or just an assumption?

Congrats to Alex MacCaw et al.

He's a great guy and deserves the success. I reached out to him in 2013ish about US immigration and he was extremely nice and helpful. Check out his new startup, Reflect Notes, seems to be getting some traction.

I remember that blog post. Very useful. Not much has changed since unfortunately!


Curious what % of Clearbit revenue was from the Salesforce integration (which I imagine will be shut down). I remember years ago when I was looking to use Clearbit it was significantly more expensive to use directly from Salesforce.

You pay for the convenience.

Wonder what the prices on the transaction was?

I honestly was wondering how services like Clearbit are even legal.

It's because it's about companies rather than private individuals.

Clearbit (nor my company) don't do anything B2C.

Actually, it "enriches" data with private info as well.

Clearbit's product wasn't that good anymore and they had just got the old CEO back as far as I can remember, they've sold it in a good time then.

I wonder if it was a good purchase for HubSpot though, but who am I to judge those M&A's :-)

> just got the old CEO back as far as I can remember

hum? The original CEO is developing https://reflect.app/

Interesting, it does not look to be ready to be used on mobile though.

Love that landing page.

one of the co-founders (former CMO > COO > interim CEO) Matt Sornson came back to be CEO.

^ that, my mistake.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact