[presumably]

Please respond to the actual contents of my post, and not a strawman version of it.

I’m saying what I said, nothing more.

> Software absolutely can and does lead to unintended outcomes, else there would be no bugs.

Edit: also see this: https://news.ycombinator.com/item?id=22429620

TFA explains how the system was added, it’s absurd and intellectually dishonest to interpret my post as saying what you wrote.

[close04]

Have you noticed how no feature that brings monetary value to the users is ever accidentally added? I never accidentally received money from these companies, extra storage quota, personalized email address, premium account, etc. And certainly never something that you get to keep once they realize the mistake. The fact that they have such weak controls when it comes to protecting you but such strong controls when it comes to protecting themselves can only be a calculated decision. And the number of precedents of such "mistakes" that are always to their advantage is the proof.

It's a mistake only the first time. Knowing they get away with it every time and reap the reward is just an incentive to do it again and again. And people finding excuses and justifying this as being acceptable is one reason they get away with it. They rely on advocates for ignorance and defeatism to make such incidents feel like a banality, "oh well, what can you do", "it could happen to anyone", etc.

How many situations would you consider excusable where bad things happen to you because someone "accidentally" removed the step where you were informed what's happening and could say no?

[dspillett]

> I never accidentally ... extra storage quota

Raises hand as an example of someone who essentially got a free server upgrade from 500G to 2T storage recently, due to people following a fixed procedure in a slightly unusual circumstance without thinking.

"Positive" accidents do happen. People just don't tend to shout about them publicly as much as they do about those with negative consequences or that affect many at the same time.

> someone "accidentally" removed the step where you were informed what's happening and could say no

In this case I can easily see this accident happen. A junior was told to remove those parts of the UI. That person has little of no knowledge of the back-end and does not have time to dig or think further because they have other work tickets assigned to them to get on with, just did the job and moved on.

Facebook may be deliberately shitty a lot of the time, that doesn't mean they aren't sometimes accidentally stupidly shitty too.

> would you consider excusable where bad things happen to you because someone "accidentally"

Of course this doesn't excuse it, just explains it. There was a fault in the management and/or work review processes. Someone should have had the opportunity to put two and two together and failed to do so. And there should be some fallout. To use a rather extreme analogy: accidentally killing someone through gross ineptitude is still a punishable crime (manslaughter), I would agree that accidentally breaching data collection rules through gross ineptitude should be too (though I doubt the coders/testers dealing with the "UI cleanup" ticket could be said to be responsible).

[close04]

We're talking about different things. You're considering just the coding accident of an employee removing this and forgetting that. I'm talking about the intentional decision of not validating this in a better, more robust fashion, at least when it comes to issues that have a huge impact on security or privacy. This was a calculated decision. Whether it was done by not putting in place or by removing all the obstacles that could have prevented this makes no difference. After the first privacy "accident" they should have had in place all the processes required to make sure such an issue doesn't happen, then go unnoticed for so long.

If 5 years from now VW has another "rogue engineer" everybody will wonder how is it possible that it slip through the cracks again. Facebook let things like this slip through the cracks again and again.

> Of course this doesn't excuse it, just explains it.

It excuses it the second it's made too look like a random accident but somehow keeps happening again and again the same way, always to their advantage.

P.S. I'm sure no company accidentally gave such upgrades to 1.5 million users and let them get away with this. And they also didn't accidentally do this again and again. You highlighted perfectly the difference between an accident and an "accident".

[kd5bjo]

> I'm talking about the intentional decision of not validating this in a better, more robust fashion, ...

In my experience, deciding not to do something is unlikely to be intentional. Instead, the something that’s not done simply never presented itself as an idea.

Do you have any evidence that this particular lapse was premeditated, or did you come to this conclusion based solely on your prior opinion of their actions?

[close04]

> In my experience, deciding not to do something is unlikely to be intentional.

That's some weird experience. A decision is by definition intentional. It's literally "a conclusion or judgment reached after consideration". The moment a person with power of decision is made aware of an issue both action and inaction become conscious, deliberate decisions.

> did you come to this conclusion based solely on your prior opinion of their actions?

That's quite the assumption given the above and the fact that I was pretty clear that it's based on their continued stream of "mistakes" that tend to be massively in the company's favor. Almost feels like you made it in bad faith.

How many mistakes would you say it takes to make one start beefing up their internal processes so millions of people don't accidentally suffer repeatedly? How many before you start to at least consider that it can't be constantly attributed to bad luck? Would you feel different if a company kept overcharging you by mistake and never returned the money or fixed the issue? But now it's "just" and endless stream of your private data. Uncommon sense...

[kd5bjo]

I was imprecise and overly snarky in my original reply, and for that I sincerely apologize. I’d still like an answer to the half of my question that you ignored, so let me try again in a more neutral tone:

In my experience, most instances of someone (or a company) not doing something are not examples of conscious, intentional decisions but rather an unconscious process of the proposed thing not coming to mind. As a concrete example, I haven’t made a painting of anything since grade school. The vast majority of days, I didn’t consider and discard the idea of painting; the idea simply never presented itself.

While Facebook’s history must absolutely be taken into account when trying to discern their motivations, I consider it fundamentally unjust to judge any given incident solely based on behavior in other incidents— otherwise, you leave no path to redemption for the alleged transgressor.

As such, I would like to know if you have any evidence specific to this incident that indicates it was intentional rather than an accident, as claimed.

[bathtub365]

Sorry, so they built a system designed to vacuum up even more personal information and accidentally turned off the screen where they tricked people into giving the information up, leading to it being collected by default?