zlacker

[return to "Tell HN: Interviewed with Triplebyte? Your profile is about to become public"]
1. gansty+u5[view] [source] 2020-05-23 05:29:35
>>winsto+(OP)
This is horrible, what a breach of trust. I used TB to stealthily interview for jobs, had a good experience. Recommended them to others. Now I see that if I hadn't seen this post, I wouldn't have known about this and those details would have been public, which had the potential to seriously undermine me at my current position. I'll opt out tomorrow, but according to others it sounds like the visibility link was somewhat hidden. At least with this they're well on the way to becoming the next LinkedIn, at least by their practices. What a dark pattern.
◧◩
2. ammon+Pa[view] [source] 2020-05-23 06:36:03
>>gansty+u5
Your Triplebyte profile will NOT contain any data/details about you or your job search that will undermine you at your current employer. We should have included a screenshot and more details in the email. I'll talk to my team about following up with more details tomorrow. We are talking about a lightweight profile, like your Stack Overflow or HN profile, to provide us the canvas to release badges. That's it.
◧◩◪
3. eganis+9G[view] [source] 2020-05-23 12:39:52
>>ammon+Pa
> 25(2). The controller shall implement appropriate technical and organisational measures for ensuring that, by default, only personal data which are necessary for each specific purpose of the processing are processed. That obligation applies to the amount of personal data collected, the extent of their processing, the period of their storage and their accessibility. In particular, such measures shall ensure that by default personal data are not made accessible without the individual's intervention to an indefinite number of natural persons.

You may wish to consult your privacy attorneys; you'll likely be the subject of a number of GDPR complaints considering the above.

My interpretation of the above if you were to do it within the letter of the law (again, talk to your attorneys; I'm just a security director):

1. opt-in via settings page (or a modal on next login) for all people who already have accounts.

2. opt-in during registration for all people who choose to register accounts after the roll-over date.

Again, talk to your attorneys. If you successfully roll over without having taken the suggestion to talk to your attorneys, your conversation with your attorneys may change from "how to best implement this" to "how to avoid getting fined."

[go to top]