zlacker

[return to "Tell HN: Interviewed with Triplebyte? Your profile is about to become public"]
1. gansty+u5[view] [source] 2020-05-23 05:29:35
>>winsto+(OP)
This is horrible, what a breach of trust. I used TB to stealthily interview for jobs, had a good experience. Recommended them to others. Now I see that if I hadn't seen this post, I wouldn't have known about this and those details would have been public, which had the potential to seriously undermine me at my current position. I'll opt out tomorrow, but according to others it sounds like the visibility link was somewhat hidden. At least with this they're well on the way to becoming the next LinkedIn, at least by their practices. What a dark pattern.
◧◩
2. ammon+Pa[view] [source] 2020-05-23 06:36:03
>>gansty+u5
Your Triplebyte profile will NOT contain any data/details about you or your job search that will undermine you at your current employer. We should have included a screenshot and more details in the email. I'll talk to my team about following up with more details tomorrow. We are talking about a lightweight profile, like your Stack Overflow or HN profile, to provide us the canvas to release badges. That's it.
◧◩◪
3. g_p+Eo[view] [source] 2020-05-23 09:07:05
>>ammon+Pa
Regardless, this breaches GDPR by making data public and accessible to an unlimited audience by default.

I hope (for your sake) that you don't have any users that can invoke their GDPR rights against you by virtue of their citizenship.

For the sake of incentivising companies to do the right thing, however, I hope you do have some EU or UK citizen users who do litigate or have their data protection authority investigate and formally punish Triplebyte, even if only to establish clear precedent here for the future.

◧◩◪◨
4. im3w1l+pp[view] [source] 2020-05-23 09:14:47
>>g_p+Eo
Triplebyte is only targetting Americans afaik.
◧◩◪◨⬒
5. g_p+Nq[view] [source] 2020-05-23 09:29:15
>>im3w1l+pp
I'm not an expert in the direct applicability of GDPR, but my understanding is a European, living in Europe at the time this change happens (but who was perhaps doing an online job hunt, considering a move) might still be covered. Admittedly this is an edge case, but it's not one I'd want to risk in the era of extraterritorial enforcement of various privacy laws.
◧◩◪◨⬒⬓
6. rather+Yr[view] [source] 2020-05-23 09:43:42
>>g_p+Nq
A European living anywhere is covered.
◧◩◪◨⬒⬓⬔
7. netsha+tt[view] [source] 2020-05-23 10:03:03
>>rather+Yr
I was reading about GDPR last week (since CouchSurfing was another company that turned scumbaggy and put up a paywall that one couldn't even access one's own account to delete it without paying a subscription), as I understand it, it only applies to people who were in the EU as the data collection occurred.
◧◩◪◨⬒⬓⬔⧯
8. rather+2u[view] [source] 2020-05-23 10:10:47
>>netsha+tt
No, it covers EU citizens' data fully no matter where they are or where the data is. It may also cover non-EU citizens when in Europe which is perhaps what the article you read was referring to or had misunderstood.
◧◩◪◨⬒⬓⬔⧯▣
9. g_p+ox[view] [source] 2020-05-23 10:57:50
>>rather+2u
It seems slightly unclear, but generally a lot of interpretations seem to be focusing on the location of the person. An American buying something in a European airport is protected by GDPR during their fleeting pass-through of the "GDPR zone".

https://www.hipaajournal.com/does-gdpr-apply-to-eu-citizens-... seems to suggest it is based on location. There would seem to be standing for anyone based in Europe that made an account when considering a move to the US, or who is based in Europe next Friday when the "data processing operation" occurs. That seems like it would give them standing, even if they weren't protected while overseas, as this is a new data processing operation.

[go to top]