• ieatpillowtags
    link
    fedilink
    English
    arrow-up
    131
    arrow-down
    13
    ·
    8 months ago

    It seems as though nobody in this thread actually read the article. They are not revealing user names on the site. The objection here is having the real name as part of your private profile data, in case of a future data breach. It’s a real concern, but orders of magnitude less serious than what everybody is assuming.

    Shame on Ars for the misleading clickbait headline.

    • myliltoehurts
      link
      fedilink
      English
      arrow-up
      53
      arrow-down
      1
      ·
      8 months ago

      Agree that it’s misleading, but to add there is another significant concern given how glassdoor is already “pay to win” from the companies perspective: they could just offer identifying the users as a paid service.

      It would be digging their own grave if that starts happening, but that doesn’t seem to be stopping many companies…

    • nyan@lemmy.cafe
      link
      fedilink
      English
      arrow-up
      44
      ·
      8 months ago

      They are not revealing user names on the site.

      You mean, “They are not currently revealing user names on the site.” This may easily be the first temperature increment in a frog-boiling process.

      (Cynical? Yes, but the world keeps reinforcing that attitude.)

      • ieatpillowtags
        link
        fedilink
        English
        arrow-up
        12
        arrow-down
        2
        ·
        8 months ago

        Agreed, but the article title implies that they are in fact currently revealing names, which is just not the case.

    • FlumPHP@programming.dev
      link
      fedilink
      English
      arrow-up
      25
      ·
      8 months ago

      I’m more concerned that the company decided it was OK to meld the “From:” line of her email (asking for support) into her profile. If they think that’s an appropriate way to handle PII, I don’t trust them.

      • ieatpillowtags
        link
        fedilink
        English
        arrow-up
        10
        ·
        8 months ago

        What they’re actually doing is super shady, and reason enough to cause concern without exaggerating.

    • kingthrillgore@lemmy.ml
      link
      fedilink
      English
      arrow-up
      18
      ·
      8 months ago

      It’s not that, its the risk they could get subpoenaed and then they have to turn over the CSVs that could identify users inadvertently.

    • Potatos_are_not_friends@lemmy.world
      link
      fedilink
      English
      arrow-up
      13
      ·
      8 months ago

      Financial institutions who are currently having data breaches. This is the worst time to couple PII data So tightly.

      The moment Glassdoor gets hacked, it’ll be absolute shit show for whistleblowers.

      • asdfasdfasdf@lemmy.world
        link
        fedilink
        English
        arrow-up
        21
        arrow-down
        3
        ·
        8 months ago

        You really don’t think “we store your username and haven’t revealed it” is any better than “we store your real name and did reveal it”?

        • laurelraven@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          10
          arrow-down
          3
          ·
          8 months ago

          For a supposedly anonymous site that’s going to be a target from both hackers and companies looking to reveal that data, I’d say it’s not really any better, just delayed. All it takes is someone finding a SQL injection vulnerability on the site to scrape the user database, or a court to rule that they have to turn that data over to a company looking to go after an employee, or even just someone with the right access at the company clicking the wrong link

          If you want to be anonymous, the first step is to not give people your name or other PII