TripleByte Public Profiles Response Email
pastebin.comOngoing discussion with CEO responding:
Hiring is their business. How they could not factor this in? The hiring process requires a very high level of trust and discretion. Insane. Makes you wonder what else is wrong there, from a culture/product standpoint.
I received this email from TripleByte today. Here's the full text:
There’s no other way to put this--I screwed up badly. On Friday evening, I sent an email to you about a new feature called public Triplebyte profiles. We failed to think through the effects of this feature on our community, and made the profiles default public with an option to opt out. Many of you were rightfully angry. I am truly sorry. As CEO, this is my fault. I made this decision. Effective immediately, we are canceling this feature. You came to us with the goal of landing a great software engineering job. As part of that, you entrusted us with your personal, sensitive information, including both the fact that you are job searching as well as the results of your assessments with us. Launching a profile feature that would automatically make any of that data public betrayed that trust. Rather than safeguarding the fact that you are or were job searching, we threatened exposure. Current employers might retaliate if they saw that you were job searching. You did not expect that any personal information you’d given us, in the context of a private, secure job search, would be used publicly without your explicit consent. I sincerely apologize. It was my failure. So, what happened? How did I screw this up? I’ve been asking myself this question a bunch over the past 48 hours. I can point to two factors (which by no means excuse the decision). The first was that the profiles as spec’d were an evolution of a feature we already had (Triplebyte Certificates--these are not default public). I failed to see the significance of “default public” in my head. The second factor was the speed we were trying to move at to respond to the COVID recession. We’re a hiring company and hiring is in crisis. The floor has fallen out on parts of our business, and other parts are under unprecedented growth. We've been in a state of churn as we quickly try various things to adapt. But I let myself get caught in this rush and did not look critically enough at the features we were shipping. Inexcusably, I ignored our users’ very real privacy concerns. This was a breach of trust not only in the decision, but in my actual thought process. The circumstances don’t excuse this. The privacy violation should have been obvious to me from the beginning, and the fact that I did not see this coming was a major failure on my part. Our mission at Triplebyte has always been to build a background-blind hiring process. I graduated at the height of the financial crisis as most companies were doing layoffs (similar to what many recent-grads are experiencing today). My LinkedIn profile and resume had nothing on them other than the name of a school few people had heard of. I applied to over 100 jobs the summer after I graduated, and I remember just never hearing back. I know that a lot of people are going through the same thing right now. I finally got my first job at a company that had a coding challenge rather than a resume screen. They cared about what I could do, not what was on my resume. This was a foundational insight for me. It's still the case today, though, that companies rely primarily on resume screens that don’t pick up what most candidates can actually do--making the hiring problem much worse than it needs to be. This is the problem we're trying to fix. We believed that we could do so by building a better Linkedin profile that was focused on your skills, rather than where you went to school, where you worked, or who you knew. I still believe there's a need for something like this. But to release it as a default public feature was not just a major mistake, it was a betrayal. I'm ashamed and I'm sorry. Triplebyte can’t function without the trust of the engineering community. Last Friday I lost a big chunk of that trust. We’re now going to try to earn it back. I’m not sure that’s fully possible, but we have to try. What I will do now is slow down, take a step back, and learn the lessons I need to avoid repeating this. I understand that cancelling this feature does not undo the harm. It’s only one necessary step. Please let me know any other concerns or questions that I can answer (replies to this email go to me). I am sorry to all of you for letting you down. Sincerely, -Ammon
https://web.archive.org/web/20200525173210/https://pastebin....
Pastebin's locked behind Cloudflare and it won't work if you use Tor Browser (which you should, for everything) so I fetched the link from archive.org. A bit redundant thanks to twillin but the habit of linking to locked-off sites should be broken.
Not a snark; it’s a genuine question: What’s the point of using Tor if you’re gonna be signed into a website? That deanonymizes you, no? Also, doesn’t Tor have (relatively) huge latency and really slow speeds due to all the hops?
Tor has its uses; I just don’t see the point in uses it for everything.
I might sign into a web site willingly, but I might not want the perhaps dozens of other companies' assets which I pull in also identifiying me, and tracking my habits.
Why wouldn't one use it for everything? That would seriously damage the Internet tracking industry, who after all is the Internet user's enemy or at best, hostile adversary.
You can hurt the internet tracking industry by just using uBlock and uMatrix
I already do, but I can hurt it even more by always using Tor Browser. Heck, it's even fast enough these days to watch Youtube and handle torrents.
For privacy. From your ISP to the website itself fingerprinting you.
Perhaps I want to be Joe Blow from Carton OH on triplebyte. Tor allows this. Otherwise TripleBytes might see my ip is based in Iran and they might block me. I still want an account with my different test results.