Y'all know that I worked for Google. On this topic, I can only say good things about the place. When it comes to privacy and PII, Google holds itself to an extremely high standard. Many of these "social" innovations that are popping up on the market place were rejected out-of-hand at Google because it holds itself to an extremely high ethical standard regarding user data, as it actually respects them.
I was shocked, for example, when I learned that a certain social network gives universal profile access to employees as a perk. That would not happen at Google. If you looked at your high-school ex-girlfriend's email, you'd be fired immediately (and deserve it).
Social is creepy, because it's all about being defined by other people, which is ridiculous and horrible. What, so do I suck at Programming Languages because I haven't trolled my 25 closest acquaintances for endorsements? Am I really going to become more credible in Machine Learning if I get 15 strangers to "endorse" me?
The major conflict in "Social" is what I call "Document vs. Improve" (or: Exploit vs. Explore). A social app can expand the web of social connections and make it more efficient, but (a) that's really hard, and (b) there isn't a lot of short-term money in it. Or it can document social relationships that already exist, and make a shit-ton of money off the data. That's easy, but it doesn't actually make anyone's life better. Guess which one the mainstream social players favor?
What I find depressing about LinkedIn is how much it has play-by-play replicated the old, broken way of doing things. Resumes. Titles and dates of employment. Recommendations. Recruiter spam. It feels like the Wayback Machine took us to 1995.
> When it comes to privacy and PII, Google holds itself to an extremely high standard.
With all due respect, but you've gotta joking.
Google doesn't even hold itself to the standards set by the laws in countries it operates in. Laws that are for now still full of loopholes Google happily exploits with zero restraint, despite knowing full well (not in the last place because they've been warned on a regular basis) that this at the very least violates the intent of those privacy laws.
Also, Google has been actively lobbying against privacy protection laws in the EU for several years now.
Considering that, for years, Facebook had a universal password that would log you into anyone's account, I'd say that Google's standards are significantly higher than other players in the social sphere.
Well, the claim was that Google's standard is higher than that of (some) other actors, so the behavior of the other actors is kind of directly relevant...
From my experience interning twice at Google, I was very impressed by their standard for privacy and the protections they had put in place. They have teams dedicated to just researching ways to improve information security.
Two projects I found fascinating:
1) A system that analyses all attempts and actual accesses to user data by employees (this access it self was very regulated on a need-only basis), determining whether the given user that was accessed falls somewhere within the employee's likely social graph, and flagging anything suspicious to their security team. So if an employee tried to view their ex's info, or their friend's roommates info, etc. the system would auto-flag them and an investigation would likely result in that employee being immediately terminated.
2) Much of Google's data is accessible by many production services. This is a security weakness, however, there was a project to make the data layer enforce security constraints so that applications could only access data relavent to them, and additionally also enforcing security on a user-level (so an app could only access that user's data if it had an access token for that user). Mind you, this is not even limiting admin access, this is actually preventing the code from accessing the data even if the app's built-in security features fail.
| Also, Google has been actively lobbying
| against privacy protection laws in the EU
| for several years now.
Don't some of those same laws have data retention requirements[1] or are those separate laws?
[1] Could be a requirement or a limitation. If your company keeps data indefinitely, then maybe a law saying, "everyone keeps records 2 years, then destroys them" is a limitation. On the other hand, if you retain no information, then it's an extra burden, and an erosion of privacy.
Not all laws in all countries are worth holding oneself to. For example, Russia has official internet censorship, does it mean Google should now support censorship too because some country has laws about that?
By what legal standard should Google be held, then? Are you really advocating the multinational/Internet companies pick and choose what laws they follow according to their own needs and whims?
I'm not advocating anything like that. I'm saying before criticizing Google for trying to avoid or change the laws, it may be useful to consider if these laws are actually good idea. If they are not, all props to Google for trying to circumvent or repeal them.
I do not see why one needs "legal standard" to evaluate somebody's actions. Why not use the standard that is supposed to be the base for the legal standard instead? If in some country it is illegal to publish links that the government thinks are inappropriate, and Google doesn't like it - why would we consider Google being in the wrong?
It is a matter of law - means the government wants to enforce it. But why I have to agree with it? I do not have any obligation to respect anything the government of Russia or Iran does.
In an online chat discussion? Google should be held to the standards of decency described by the poster himself.
Stating, "Google is not good at privacy because they violate some law and I like that law." Is a perfectly valid argument.
Stating, "Google is bad because it doesn't follow a privacy law I won't describe, in a random country I won't name." Does not advance the conversation in any meaniful way.
Whats wrong with lobbying against the laws which you think are bad? In a democratic process, you can (and do) end up with laws which are crappy/outdated/unjust. Lobbying is a legitimate way to tackle this problem.
You just made my general point in a specific use case. Anyone (individuals, groups of individuals, corporate entities...) should have freedom to voice against laws they don't like.
Throwaway because I learned this while NDAed (on-site interview for an internship over 4 years ago), but Facebook USED to allow employees universal profile access. I heard this from the recruiter who took all of us interviewees to lunch and showed us around, etc. - she said she had used it once to look up some dude she thought was creepy. I'm pretty sure they've since changed their policy. Not sure if OP was referring to Facebook or some other company, though.
Personally I'd argue that this isn't QUITE equivalent to giving employees access to all users' email accounts. That would be a better analogy if they were giving employees access to users' private messages.
From what I have heard they locked that down years ago. Overriding default rights to go admin was logged and if it wasn't justified, the employee who did it was fired. Later, I'm not even sure if it remained an option to manually override it, even with the oversight.
That's pretty horrendous that a recruiter would mention that to you. I'd heard initially there was a master password for fixing things before they had a proper login/auditing setup for account access.
Didn't think people would actually be logging into accounts on a whim to check out users.
It wasn't that they could log into any account they wanted (that would be much worse); it was that they could view any profile page they wanted, so it was essentially like an employee could become "friends" with a user, without the user knowing, and without the user's consent.
Le me first say that I don't work for LinkedIn :).
However, it has been quite helpful for me. A year ago, I was not happy with my job. I worked hard and long hours and felt like I was going nowhere. At the same time I didn't try looking for a new one because I didn't have enough confidence in my work experience.
All that changed when a HR manager from a different company found me through LinkedIn. We clicked really well. I am getting paid more than what I used to and I love my job. I also got promoted a few months ago.
Since that experience, I have changed my attitude about job hunting. Now, I am always on the look out for the next big opportunity. LinkedIn helps with that without me putting in too much work.
FYI, I have no endorsements on my profile. Just my basic resume.
Amen. The new endorsement feature is typically a sign of "how hard is this person looking for another job" which as a quality signal, may be inversely correlated with their capabilities.
LinkedIn seems to be expanding as a magnet for scummy and crappy recruiters. Awesome strategy guys. I love getting unsolicited phone calls from clueless strangers. At least I can ignore emails.
I think the business model for LinkedIn is to try and replace salesforce.com. Eg, maintain customer contacts on an interactive database.
The job search aspect is useful, but it needs work. targeted postings seems a lot less intrusive. the recruiter angle, selling premium access to my contact details is just obnoxious. gives us a good reason to shut down the profile.
Endorsements seem to work OK for people in my network. I've never known anybody to actively solicit endorsements and I think that my network's endorsements are fairly accurate. I find that people making large updates to their profile is a better indicator of whether someone is about to leave.
I've worried about endorsements as a negative signal also, but mostly because my mom keeps endorsing me for technologies that don't mean anything to her. :-)
Or my business-oriented suitemate who endorsed everything I listed in the hope that I would do the same for him. Because apparently that's something that the kids in Business School brag about to each other? (he says it is)
They should play up whatever the person does 90% of the time. For Engineers that could be demonstrated by the following profiles: GitHub, TopCoder, StackOverflow, Quora, etc. Just get right to the heart of what they do and what their skills are in a way that demonstrates those skills. That's what's missing. Everything else, and most of what is currently used, is a misguided attempt to gauge or estimate what really matters by asking about everything other than what matters.
Great question, and it'd take me a long time to answer.
My first thought about resumes is that they serve two purposes, one legitimate and one not:
(a) social status grading, which is easy for douchebags to game and for extortionists ("do <X> or I'll fire you and give you a bad reference") to abuse.
(b) a list of "ask me about <X>" topics where X ranges over areas of professional expertise and interests, so they can probe you during the interview as to what you actually know.
I'd focus on (b) while throwing (a) to the wind. One thought I had is an "allocate 20 points" system. You don't actually have to prove anything because resumes suck at that, but if you put "Machine Learning: 7" that shows that you view yourself as being "35%" Machine Learning and are fairly comfortable discussing it on an interview.
This leads to the concept of a scarce graph, which is weighted but also imposes granularity (e.g. 20-point limit with 1-point minimum units) to prevent sprawl, and forces people to prioritize. Running graph algorithms against scarce graphs, with data pertaining to peoples' desires for connection (new jobs, new candidates) could be interesting.
So there's that. You get as much legitimate information out of a 20-point allocation of interests and experience as you would out of a resume or a job posting. What you don't get is the social status bullshit (dates and titles).
That's Part I. Part II comes from the fact that, if Part I is build, people are going to want to get better, fast, at marketing themselves so their call options trade at a higher rate. That leads naturally into career coaching (a better model than traditional recruiting) but also into objective evaluation of, for example, source code quality. Now we can actually verify that, yes, John is a top-notch programmer and his $200/hr-struck call options actually aren't out of the money.
Part III would be to use all the professional development data thus gathered and start scoring employers based on how much value they add to peoples' careers. How fast does a typical person grow, as a programmer, after 2 years at Google? What does it do for that person's employment potential 10 years down the road? Those would be great things to know.
I like your idea of point allocation (especially if we can include STR, DEX, and INT). But how do we set up the taxonomy of attributes? Particularly with hierarchical relationships (ex: is Machine Learning a subset of AI?) you'd want rough consensus if you're going to run graph algorithms over it and conclude anything beyond data-visualization style "Look, pretty data!" data pron.
That's one of the hilarious things about linkedin attributes; people accrue tags that have vastly different importance depending on context. But hey, it's hard to say no to someone else vouching for my Computer Animation trait, whatever that means. It has the same sort of vague benefit with negligible cost situation as friend graphs. This is why I like your idea of careful scarce allocation, vs. limitless accrual. Information is only meaningful inasmuch as it represents choice.
> What I find depressing about LinkedIn is how much it has play-by-play replicated the old, broken way of doing things. Resumes. Titles and dates of employment. Recommendations.
Old, yes. Broken, no (at least not for the examples you mention). They work, they're familiar, and so they're a much easier "sell" to prospective users.
> I was shocked, for example, when I learned that a certain social network gives universal profile access to employees as a perk. That would not happen at Google. If you looked at your high-school ex-girlfriend's email, you'd be fired immediately (and deserve it).
I worked for a social network that gave universal profile access for every employee, even a specific admin function to log in as any user, but it was never treated as a perk, but a tool to fix errors in their profiles and such. There was no explicit rule about using it for snooping and there was indeed a fair amount of it (more impersonal, "look at the (possibly private) photo of this user" than "let's see how's doing my ex-girlfriend"); however, the shadier uses of the tool were definitely not encouraged and I think someone got into trouble for doing things he wasn't supposed to. After all, they weren't stupid, they kept a log of such accesses.
> When it comes to privacy and PII, Google holds itself to an extremely high standard. Many of these "social" innovations that are popping up on the market place were rejected out-of-hand at Google because it holds itself to an extremely high ethical standard regarding user data, as it actually expects them.
Privacy is not about tehnical details, it's about (ab)using users data. And btw you are also frontend to CIA,FBI,... so sorry to burst your bubble, same shit as facebook, amazon, ... You should all unite and call that corporation Little Bros United >:-)
> When it comes to privacy and PII, Google holds itself to an extremely high standard.
Except that Google has for some time now been waging an all-out assault on the concept of anonymity, which at least in my mind is an important part of privacy.
I was shocked, for example, when I learned that a certain social network gives universal profile access to employees as a perk. That would not happen at Google. If you looked at your high-school ex-girlfriend's email, you'd be fired immediately (and deserve it).
Social is creepy, because it's all about being defined by other people, which is ridiculous and horrible. What, so do I suck at Programming Languages because I haven't trolled my 25 closest acquaintances for endorsements? Am I really going to become more credible in Machine Learning if I get 15 strangers to "endorse" me?
The major conflict in "Social" is what I call "Document vs. Improve" (or: Exploit vs. Explore). A social app can expand the web of social connections and make it more efficient, but (a) that's really hard, and (b) there isn't a lot of short-term money in it. Or it can document social relationships that already exist, and make a shit-ton of money off the data. That's easy, but it doesn't actually make anyone's life better. Guess which one the mainstream social players favor?
What I find depressing about LinkedIn is how much it has play-by-play replicated the old, broken way of doing things. Resumes. Titles and dates of employment. Recommendations. Recruiter spam. It feels like the Wayback Machine took us to 1995.