undefined | Better HN

0 pointsAlexandrB5y ago0 comments

Exhibit n + 1 on why when you're acquired you're not in a position to promise anything to anyone despite any assurances from the acquirer. Or, from the consumer's side, why those promises should carry no weight.

0 comments

duxup5y ago

We see this time and again but ... you SOLD, you're not the captain anymore.

If the new captain doesn't make the promise, you can't give it much weight, and if it is Facebook, probably no weight even if they did :(

vsareto5y ago

Facebook made that promise by approving it on an ongoing basis. They just changed their mind.

jacquesm5y ago

Facebook deals in contracts, not promises and even if it was contractually agreed upon, what would you do about it? Sue? At a guess you'd count the money one more time, shrug and maybe send a short apologetic note about how terrible you feel about it. And then count the money again.

4 more replies

de_watcher5y ago

"ongoing basis" - that's an oxymoron lmao. If your base is going somewhere then it's not really a base.

rdiddly5y ago

It was true until it wasn't.

ehsankia5y ago

Was it just a verbal agreement or written in the contract though.

2 more replies

Ajedi325y ago

If that promise wasn't in the actual contract then it wasn't "Facebook" who made it, it was someone at Facebook. Individual employees aren't typically in a position to be making those types of promises anymore than the company being acquired is.

2 more replies

MattGaiser5y ago

I suspect they do a lot to make you think you are the captain though to help get you to sell.

bob332125y ago

They usually follow through for some amount of time. This is because it takes time to figure out how they are going to absorb you. If they changed everything on day 1 it would be a cluster fuck. A simple example would be if Orcl bought a company that was 100% on SAP for financials. If all your SAP people walk out the door the first week how are you going to file the next quarter financials. So they claim that nothing is going to change and that the SAP people have nothing to worry about.

mobilemidget5y ago

And I bet some nice fat clause in the contract that prevents him from creating a new (and even better) VR headset?

1 more reply

esotericimpl5y ago

Yes

dqpb5y ago

One could theoretically put it in a contract, but I doubt anyone would risk the sale over this kind of detail.

fizzled5y ago

Money talks.

sneak5y ago

I mean, this is really a condemnation of any data privacy practices whatsoever claimed by any company, as they may at any point in the future sell the entire company and databases with it.

The only privacy claims one may wish to take seriously are those that occur simultaneously with promises never to sell the company.

I used to use a location tracking app called Moves, which was a neat 24/7 location tracking lifelogging tool. Facebook, the very last people I would like to have that data, bought them, and presumably integrated it into my shadow profile.

Special thanks go to to the founders of Moves: Zsolt Szász, Jukka Partanen, Juho Pennanen, Aapo Kyrölä, and Aleksi Aaltonen. Hope you got paid selling private data that belongs to the users that entrusted it to you.

ragnese5y ago

And, in my opinion, that is exactly the position you SHOULD take. Stop giving up your data to any company. Even if your favorite company is nice now, they'll get hacked, they'll get sold, the CEO will get replaced, etc. There is no cloud, just someone else's computer.

jacquesm5y ago

> I mean, this is really a condemnation of any data privacy practices whatsoever claimed by any company, as they may at any point in the future sell the entire company and databases with it.

Yes! That's why you should be very very careful who you give your data because you are exactly one acquisition away from the same effect as a breach. Fortunately the GDPR affords some protection here, if the data was collected for one purpose it can not suddenly be used for another.

As for never selling the company: there is one other option: you could give users the option to destroy their data just prior to the transfer. Of course no acquirer would be interested but that is another way of dealing with it.

sn5y ago

I put in our privacy policy that customers will be notified if majority ownership changes, but had not considered advance notification of the ownership change.

Such a clause might work as long as it's part of the sale contract to adjust the sale price if any customers take that option.

hapless5y ago

Good luck enforcing GDPR against any of the malign actors you should most wish to enforce GDPR against

1 more reply

a13692099935y ago

> any data privacy practices whatsoever

Nitpick: Rather, it's a condemnation of any data privacy claims; a data privacy practice is a technical measure that (by design if not in reality) makes it literally impossible for the attacker to collect private information in the first place. Nothing else actually provides security in practice.

entropicdrifter5y ago

The only truly private data practice is not keeping any.

The only winning move is not to play

sixdimensional5y ago

I want to agree with you, really.. but the realistic person in me says that it is likely that if you don’t keep the data, someone else will find a way, because getting the data seems to be irresistible as a form of control and advantage.

So maybe not playing doesn’t really work.

I was thinking, in regards to some grandparent way up there, the same statement “don’t play” might have been true for Oculus in general.

What I mean to say is, don’t sell the company, ever. Then you can “control the outcome”.

Ah, but there lies another fallacy. You really can’t control the outcome even if you try to. Even if you don’t play, likely someone who wants to do the same thing as you, and exploit it, will find a way. Or maybe on their own, Oculus would have never found the right supporter who would honor privacy. Even if they had.. the below could happen.

For example, if Facebook hadn’t bought Oculus, maybe they would have bought the Vive product line from HTC (a bit far fetched) and compete against Oculus.. and then done the same privacy intruding measures.

So even if Oculus had held out and didn’t “play”, they might have been crushed anyway or the privacy problem could have just happened somewhere else.

I’m not saying we should give up trying to protect privacy and “play” the game... but that somehow in the competitive environment we are in, those playing the game are winning more over those who wish not to.

1 more reply

dec0dedab0de5y ago

I mean, this is really a condemnation of any data privacy practices whatsoever claimed by any company, as they may at any point in the future sell the entire company and databases with it.

unless they have clear penalties for themselves in their EULA, and no clause that says they can change anything they want at any time. So yeah I guess you're right.

zimpenfish5y ago

> I used to use a location tracking app called Moves

Same. Nothing since has managed the same usefulness (although I suspect this is because iOS has somewhat neutered tracking apps - e.g. both OwnTracks and Gyroscope have significant issues tracking my phone.)

novok5y ago

Have you tried arc?

1 more reply

donkey-hotei5y ago

just a nit: Facebook does not collect "shadow profiles".

commoner5y ago

Facebook does collect shadow profiles, despite its denials.

https://theconversation.com/shadow-profiles-facebook-knows-a...

https://www.zdnet.com/article/anger-mounts-after-facebooks-s...

https://www.theverge.com/2018/4/11/17225482/facebook-shadow-...

https://www.cnet.com/news/shadow-profiles-facebook-has-infor...

https://techcrunch.com/2018/04/11/facebook-shadow-profiles-h...

The House Committee interview in the last link (TechCrunch) shows that Zuckerberg does not like to use the "shadow profiles" term, but it's what others use to refer to Facebook's tracking of non-users.

1 more reply

ISL5y ago

One can demand such promises from the acquirer in the form of a contract that states, in effect, this:

a) If acquirer does X, the seller, Y, has the option to repurchase the company for $1. b) Any future acquirer must agree to the same contract. If it does not, Y must be extended the option to repurchase the company for $1 before the sale.

I don't think anything less could constitute a true promise that the acquirer would avoid X.

monadic25y ago

Contracts are only binding up to a certain amount of capital. You can only make the violator bleed so much.... i don't see contracts as threats to any of these large corporations.

IncRnd5y ago

That's trivial to get around. X can dump liabilities into the company, and Y would never reacquire it.

colechristensen5y ago

And that is trivial to get around, instead of a $1 clawback for the company, a $1 clawback for all acquired IP, trademarks, etc including any related developed under the same or derivative marks and companies.

1 more reply

konjin5y ago

I remember the original reddit posts before their crowd funding on how they were going to be open hardware.

Then open firmware.

Then support Linux.

Then ...

vmception5y ago

The same thing applies to the gullible idealists that believe in B-Corporations

the_other5y ago

Can you unpack that a bit?

triceratops5y ago

If you stop smoking you'll feel better but it's not going to do anything to reduce smoking in the world overall. The only thing that can reduce smoking is the law: taxes, restrictions on where smoking is permitted, and so on.

You should still stop smoking (for your own good) but that alone won't change the world.

3 more replies

Nextgrid5y ago

I'm pretty sure there is at least one MLM aka pyramid scheme that is bragging about being a B-Corp which they use to try and ensnare new victims. That's all you need to know to understand that the "B" in B-Corp stands for bullshit and steer well clear of any that explicitly brag about that status (if your business truly acts in a manner that makes the world better you wouldn't need to buy a bullshit certification to prove it).

DominikD5y ago

I assumed that the B in b-corp stands for bullshit, but I checked. And the explanation is bullshit (label given to some companies which claim to care about stuff that matters), so unfortunately I was right and so was vmception: you can't believe in stuff because it's certified.

tinodotim5y ago

+1 - what's wrong with b-corps and what's better?

3 more replies

dragonwriter5y ago

> Exhibit n + 1 on why when you're acquired you're not in a position to promise anything to anyone despite any assurances from the acquirer.

You are in a position to promise something where you have contractually retained control, or at least contractually secured an enforceable promise from the purchaser.

Otherwise, you are in the same position as Joe on the street.

slim5y ago

unless you flex your cryptoanarchist power and enshrine strong encryption into your architecture. what WhatsApp did. make it costly for the new owner to change their minds.

wizzwizz45y ago

They still managed, though. Facebook has the technical ability to just walk around all of your encryption.

slim5y ago

not past conversations thanks to forward secrecy

1 more reply

monadic25y ago

Surely you can't be using WhatsApp as an example of strong encryption.... that app is hardly auditable.

fastball5y ago

We were in talks with a potential acquirer of our company recently and this was an explicit reason we gave to them why we ended up not taking the deal – we knew that whatever promises they made to uphold our current priorities, there is a very real chance they wouldn't stick. And we weren't happy doing that to our customers in our current stage (all early adopters).

harrisonjackson5y ago

He had as much authority as anyone else to make the promise. Consumers shouldn't have believed it from anyone.

chrisandchips5y ago

This is why I was quite sad when IBM announced that RedHat would be continuing with “business as usual” ...

Mandatum5y ago

It's also why all of the smart cookies have already left; anyone still there is waiting for a payday or waiting for a VP title. IBM don't pay quality. They pay market share.

It took 2.5 years for IBM to begin the process of gutting the consultancy they bought, for RedHat I think it'll probably take twice as long.

nabla95y ago

It's possible to get assurances but you must write them down in the form of legal agreements.

Getting "company assurance at the highest level" is just as good as is the word of the person at the highest level. There are people for whom their word is their bond, but it's not very common.

godelmachine5y ago

Just curious to understand what does Exhibit n + 1 mean? Would you kindly explain?

trosi5y ago

He probably means that something with similar implications has happened a lot of times already and we should have already learned the lesson

rhn_mk15y ago

"exhibit" is "example". "n" examples occured before, the "1" is this new one. Hence we have "n + 1" examples already, and the newest one can be called "exhibit n + 1".

ccktlmazeltov5y ago

is it such a big deal to create a fb account though? Can't you just use a fake name if you don't care about having a fb account?

hansvm5y ago

Last I tried (1-3yrs ago? don't quite remember), no. They needed a phone number, so I added a VOIP phone number and was informed that I needed a phone number tied to a real phone. I went out and bought a cheap phone so I could make the bloody account, and while I could make and receive calls just fine Facebook still treated it as if it weren't a "real" phone. Long story short, I never made that account, I briefly enjoyed the perks of a burner phone, and I turned the phone into a small web server.

danlugo925y ago

You can get IDless SIM cards overseas still. E.g. Colombia.

They probably don't have the infra set up (yet) to detect they are such SIM cards.

KuiN5y ago

Given how pervasive Facebook tracking is, I'd bet on your pseudonymous account being linked to your shadow profile very quickly. There is no anonymity when Facebook is involved.

I'd also strongly object to moving the needle even the tiniest amount on Facebook's metrics. They wouldn't force users to do this unless it benefitted them; that's plenty enough reason for a lot of people.

raxxorrax5y ago

Especially considering that VR devices film your whole room constantly, I think I will never connect my Rift again.

ForHackernews5y ago

In short, no. Facebook has gotten very good at catching and deleting "fake" accounts. Back in the day, I worked on an application that used Facebook's Graph API and I needed to create some bogus accounts for testing, but they were consistently blocked within days.

Using some combination of behaviour analysis, flagging new and/or cookie-less browsers, and (I suspect) human review FB have gone to great lengths to try and assure their customers that all humans have one and only one account under their true legal name and biographical details.

smolder5y ago

That might be what they tell investors but I disagree that they've gotten good at policing accounts. I moderate a large Facebook group and we get flooded with join requests from obviously fake users all the time. Most of them have a handful of southeast Asia friends, some random highly geographically distributed friends in the English speaking world, and stock or stolen photos. The real giveaway is the programmatic nonsense responses they give to the membership questions. I've been reporting these accounts to Facebook a long time and they persist, often with join dates making them multiple years old.

Marsymars5y ago

> Using some combination of behaviour analysis, flagging new and/or cookie-less browsers, and (I suspect) human review FB have gone to great lengths to try and assure their customers that all humans have one and only one account under their true legal name and biographical details.

They're not very good at that. A pretty big chunk of people I have as friends have fake names, some of them even after me reporting their names for being fake.

2 more replies

TT33515y ago

fwiw, facebook has gotten upset with me when i've tried this exact thing, usually demanding a phone number or email, and refusing contact info i've already provided for other sock accounts. sometimes they'll lock my socks for not acting "human" (never posting anything, no profile picture, etc). just gives me an excuse to care less about facebook in all honesty

j / k navigate · click thread line to collapse

0 comments

duxup5y ago

We see this time and again but ... you SOLD, you're not the captain anymore.

If the new captain doesn't make the promise, you can't give it much weight, and if it is Facebook, probably no weight even if they did :(

vsareto5y ago

Facebook made that promise by approving it on an ongoing basis. They just changed their mind.

jacquesm5y ago

4 more replies

de_watcher5y ago

"ongoing basis" - that's an oxymoron lmao. If your base is going somewhere then it's not really a base.

rdiddly5y ago

It was true until it wasn't.

ehsankia5y ago

Was it just a verbal agreement or written in the contract though.

2 more replies

Ajedi325y ago

2 more replies

MattGaiser5y ago

I suspect they do a lot to make you think you are the captain though to help get you to sell.

bob332125y ago

mobilemidget5y ago

And I bet some nice fat clause in the contract that prevents him from creating a new (and even better) VR headset?

1 more reply

esotericimpl5y ago

Yes

dqpb5y ago

One could theoretically put it in a contract, but I doubt anyone would risk the sale over this kind of detail.

fizzled5y ago

Money talks.

sneak5y ago

I mean, this is really a condemnation of any data privacy practices whatsoever claimed by any company, as they may at any point in the future sell the entire company and databases with it.

The only privacy claims one may wish to take seriously are those that occur simultaneously with promises never to sell the company.

ragnese5y ago

jacquesm5y ago

> I mean, this is really a condemnation of any data privacy practices whatsoever claimed by any company, as they may at any point in the future sell the entire company and databases with it.

sn5y ago

I put in our privacy policy that customers will be notified if majority ownership changes, but had not considered advance notification of the ownership change.

Such a clause might work as long as it's part of the sale contract to adjust the sale price if any customers take that option.

hapless5y ago

Good luck enforcing GDPR against any of the malign actors you should most wish to enforce GDPR against

1 more reply

a13692099935y ago

> any data privacy practices whatsoever

entropicdrifter5y ago

The only truly private data practice is not keeping any.

The only winning move is not to play

sixdimensional5y ago

So maybe not playing doesn’t really work.

I was thinking, in regards to some grandparent way up there, the same statement “don’t play” might have been true for Oculus in general.

What I mean to say is, don’t sell the company, ever. Then you can “control the outcome”.

So even if Oculus had held out and didn’t “play”, they might have been crushed anyway or the privacy problem could have just happened somewhere else.

1 more reply

dec0dedab0de5y ago

I mean, this is really a condemnation of any data privacy practices whatsoever claimed by any company, as they may at any point in the future sell the entire company and databases with it.

unless they have clear penalties for themselves in their EULA, and no clause that says they can change anything they want at any time. So yeah I guess you're right.

zimpenfish5y ago

> I used to use a location tracking app called Moves

novok5y ago

Have you tried arc?

1 more reply

donkey-hotei5y ago

just a nit: Facebook does not collect "shadow profiles".

commoner5y ago

Facebook does collect shadow profiles, despite its denials.

https://theconversation.com/shadow-profiles-facebook-knows-a...

https://www.zdnet.com/article/anger-mounts-after-facebooks-s...

https://www.theverge.com/2018/4/11/17225482/facebook-shadow-...

https://www.cnet.com/news/shadow-profiles-facebook-has-infor...

https://techcrunch.com/2018/04/11/facebook-shadow-profiles-h...

1 more reply

ISL5y ago

One can demand such promises from the acquirer in the form of a contract that states, in effect, this:

I don't think anything less could constitute a true promise that the acquirer would avoid X.

monadic25y ago

Contracts are only binding up to a certain amount of capital. You can only make the violator bleed so much.... i don't see contracts as threats to any of these large corporations.

IncRnd5y ago

That's trivial to get around. X can dump liabilities into the company, and Y would never reacquire it.

colechristensen5y ago

1 more reply

konjin5y ago

I remember the original reddit posts before their crowd funding on how they were going to be open hardware.

Then open firmware.

Then support Linux.

Then ...

vmception5y ago

The same thing applies to the gullible idealists that believe in B-Corporations

the_other5y ago

Can you unpack that a bit?

triceratops5y ago

You should still stop smoking (for your own good) but that alone won't change the world.

3 more replies

Nextgrid5y ago

DominikD5y ago

tinodotim5y ago

+1 - what's wrong with b-corps and what's better?

3 more replies

dragonwriter5y ago

> Exhibit n + 1 on why when you're acquired you're not in a position to promise anything to anyone despite any assurances from the acquirer.

You are in a position to promise something where you have contractually retained control, or at least contractually secured an enforceable promise from the purchaser.

Otherwise, you are in the same position as Joe on the street.

slim5y ago

unless you flex your cryptoanarchist power and enshrine strong encryption into your architecture. what WhatsApp did. make it costly for the new owner to change their minds.

wizzwizz45y ago

They still managed, though. Facebook has the technical ability to just walk around all of your encryption.

slim5y ago

not past conversations thanks to forward secrecy

1 more reply

monadic25y ago

Surely you can't be using WhatsApp as an example of strong encryption.... that app is hardly auditable.

fastball5y ago

harrisonjackson5y ago

He had as much authority as anyone else to make the promise. Consumers shouldn't have believed it from anyone.

chrisandchips5y ago

This is why I was quite sad when IBM announced that RedHat would be continuing with “business as usual” ...

Mandatum5y ago

It's also why all of the smart cookies have already left; anyone still there is waiting for a payday or waiting for a VP title. IBM don't pay quality. They pay market share.

It took 2.5 years for IBM to begin the process of gutting the consultancy they bought, for RedHat I think it'll probably take twice as long.

nabla95y ago

It's possible to get assurances but you must write them down in the form of legal agreements.

Getting "company assurance at the highest level" is just as good as is the word of the person at the highest level. There are people for whom their word is their bond, but it's not very common.

godelmachine5y ago

Just curious to understand what does Exhibit n + 1 mean? Would you kindly explain?

trosi5y ago

He probably means that something with similar implications has happened a lot of times already and we should have already learned the lesson

rhn_mk15y ago

"exhibit" is "example". "n" examples occured before, the "1" is this new one. Hence we have "n + 1" examples already, and the newest one can be called "exhibit n + 1".

ccktlmazeltov5y ago

is it such a big deal to create a fb account though? Can't you just use a fake name if you don't care about having a fb account?

hansvm5y ago

danlugo925y ago

You can get IDless SIM cards overseas still. E.g. Colombia.

They probably don't have the infra set up (yet) to detect they are such SIM cards.

KuiN5y ago

Given how pervasive Facebook tracking is, I'd bet on your pseudonymous account being linked to your shadow profile very quickly. There is no anonymity when Facebook is involved.

raxxorrax5y ago

Especially considering that VR devices film your whole room constantly, I think I will never connect my Rift again.

ForHackernews5y ago

smolder5y ago

Marsymars5y ago

They're not very good at that. A pretty big chunk of people I have as friends have fake names, some of them even after me reporting their names for being fake.

2 more replies

TT33515y ago

j / k navigate · click thread line to collapse