this post was submitted on 20 Mar 2024
1346 points (98.4% liked)
Technology
60055 readers
3337 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
It seems as though nobody in this thread actually read the article. They are not revealing user names on the site. The objection here is having the real name as part of your private profile data, in case of a future data breach. It’s a real concern, but orders of magnitude less serious than what everybody is assuming.
Shame on Ars for the misleading clickbait headline.
Agree that it's misleading, but to add there is another significant concern given how glassdoor is already "pay to win" from the companies perspective: they could just offer identifying the users as a paid service.
It would be digging their own grave if that starts happening, but that doesn't seem to be stopping many companies..
You mean digging it even deeper than they already did with this?
You mean, "They are not currently revealing user names on the site." This may easily be the first temperature increment in a frog-boiling process.
(Cynical? Yes, but the world keeps reinforcing that attitude.)
Agreed, but the article title implies that they are in fact currently revealing names, which is just not the case.
I'm more concerned that the company decided it was OK to meld the "From:" line of her email (asking for support) into her profile. If they think that's an appropriate way to handle PII, I don't trust them.
What they’re actually doing is super shady, and reason enough to cause concern without exaggerating.
It's not that, its the risk they could get subpoenaed and then they have to turn over the CSVs that could identify users inadvertently.
Financial institutions who are currently having data breaches. This is the worst time to couple PII data So tightly.
The moment Glassdoor gets hacked, it'll be absolute shit show for whistleblowers.
This doesn't really make it any better though, IMO
You really don't think "we store your username and haven't revealed it" is any better than "we store your real name and did reveal it"?
I swear some people are just contrary.
No they're not
For a supposedly anonymous site that's going to be a target from both hackers and companies looking to reveal that data, I'd say it's not really any better, just delayed. All it takes is someone finding a SQL injection vulnerability on the site to scrape the user database, or a court to rule that they have to turn that data over to a company looking to go after an employee, or even just someone with the right access at the company clicking the wrong link
If you want to be anonymous, the first step is to not give people your name or other PII