[charles-m-knox]

I recently had to sell a MacBook Pro. Decided to open an eBay account because I never use eBay, and pretty much immediately had it banned.

I stripped the EXIF data from the laptop’s photos for fear of eBay not removing them for me - I didn’t want my GPS info exposed. I also accessed the website without a VPN and a fresh Firefox profile with only uBlock Origin. I own a clean email domain and used it for the account. I also verified my bank accounts the next morning.

I was banned 20 minutes after posting my listing and received the same message as OP - live chat is not currently available, and their fraud support line redirects to their discontinued phone number. Even after verifying my bank details the next day, nothing changed.

I wasn’t trying to scam anyone. I just wanted to try and sell something I legitimately owned. eBay locked me out completely with no recourse or proper justification. Truly awful company. Shocked that it’s even functioning with this level of “support”.

[nikkwong]

At least you hadn't shipped the MacBook out, to then get banned and lose the MacBook; which has certainly happened to a lot of people based on anecdotes I've read in the past.

[charles-m-knox]

That would have been horrifying.

I ended up selling the MacBook Pro locally via Facebook Marketplace, but only after rejecting 20+ people trying to get me to ship it across the country and paying me via PayPal.

I really do wonder often - at a certain point, does every company just simply become an anti-fraud service more than their original product? How much time and money do Google, eBay, Amazon, etc. spend fighting fraud? It’s unfortunate that businesses have to bake this kind of turmoil into their business model.

[kingcharles]

When I open an eBay account I buy a few dozen small items to get some positive feedback first. Shouldn't have to do such stupidity, but it's the only way to get yourself some "credit history".

[mrjin]

That was just a collateral damage. There are so many scammers and your behaviors were so suspicious to eBay. To those large organizations, simply ban you straight away would be the least costly solution AFAIK.

[charles-m-knox]

It’s a crappy truth, but you’re right in some respects. I did convince myself of this when it happened, and just acknowledged that eBay was a service I’ll probably never have access to.

Someone else I know and trust offered to sell it for me after I told them I was banned. They have legitimate sales and positive seller reputation that they’ve made, but I was absolutely not willing to risk their seller account getting banned too.

Shoot, they’ll probably get banned at some point too, because we have used the same IP at least once.

eBay failing to provide a functional chat and verification service to correct wrongful bans is the problem here. A company needs to provide a process for resolving its mistakes. People will stop using their service.

[wraptile]

Wow, I had almost exact same experience and had two more people in my coworking space encounter the same issue basically in the same month - we all tried to sell rather expensive stuff (300-600$ range) and were instantly suspended and no we didn't list it from the same IP.

Does ebay even get new users these days? I bet their banned user table has more rows than the active user one :D

[Normille]

To be fair, I doubt you'd have got any offers for the laptop anyway. Even if eBay hadn't blocked your account. I certainly wouldn't buy a laptop from a new account with zero feedback.

[exikyut]

So you can either implement optimal privacy hygiene, OR you can get access to services.

An awkward counterpoint.

This is actually interesting.

You basically executed perfectly on the supposed ultimate solution to staying in control of your data online, at the ideal level most wouldn't have the motivation/discipline to sustain... and it got your account revoked.

Of course it's extremely easy to understand why; you also happened to do everything a fraudulent user would do in trying to cover their tracks. And eBay's detection logic somehow figured that out, and I have to concede the point that it worked as intended. :(

This reveals where we're currently at: eBay can't tell you apart from a scammer, in the same way YouTube doesn't really know who I am and what I want to watch (the homepage feels like a hodgepodge of "throw everything at the wall" and more than anything else carries a fair bit of cognitive dissonance because it's kinda getting it right but just... not).

AI can't discern intention yet... because we're not feeding it enough data.

I'm not sure whether to be cynical, melancholy, viscerally depressed, angry ("man shakes fist at cloud") or what about the fact that the only way to prove individuals' legitimacy and authenticity is to basically mechanize and industrial level of private information sharing.

Naturally you've passed Facebook's bar for authenticity - it's analyzed the data you've provided explicitly, data you provide by interacting with the service, and data provided by those you interact with, and approved it - and so your account is not blocked there, and you can transact.

Considering the child comment you made about anti-fraud-as-a-service, it's kind of sad there isn't a way to allow eBay to access and evaluate the trust ranking Facebook has built. Kind of a "sign in with Facebook" sort of thing, except with a lot more data exchange going on behind the scenes.

A system like this would necessarily need to share a reasonable quantity of data, to overcome the same root-of-trust problems that eg makes fingerprint readers built into laptops generally worthless because they all merely send back a binary (yes/no) "OK, unlock" over USB after processing the fingerprint input inside the controller. (Yep.) Just sharing someone's email address and a binary "this person is legit" flag would expose eg Facebook to 100% of liability if that (entirely automated) decision was incorrect. This idea has almost certainly been thought of a lot and unilaterally shot down within 10 seconds. (Haha, it might even make a good interview question, whoever thinks it sounds good for more than 5 minutes maybe isn't great for a security position initially.)

Further, different services (Facebook, Amazon (online; Whole Foods), Apple, Netflix, Google, eBay, Walmart, etc, ad infinitum) engage with users in different ways, using different risk profiles, and the consolidated summaries of the risk assessments each company builds wouldn't be compatible with each other - at the policy level, because by definition this information is the proprietary, ostensibly-infinitely-valuable thing a company never, ever shares.

Getting something like this to work would be nigh impossible, and would hard-require both incentivization and regulation. I'm not sure how it would get off the ground even then, in much the same way the notion of a car would never pass approval today. (Hmm, but then we have Teslas driving themselves around off the back of utterly sketchy^W^WProprietary™ image processing, so maybe there's a twisted, messed-up chance, hahaha.)

I guess "interoperability" (in name only, lol) would basically look like companies sharing raw metrics and gross inputs and whatnot... oh man, it'd be a dumpster fire of incompatible implementations... and companies would absolutely try to get a leg up on each other by modeling what they shared in increasingly inscrutable ways that skate the line of the regulations.

Because at the end of the day internalizing anti-fraud-as-a-service is kind of a practical competitive thing to do.

Heh, the one thing would would definitely come out of something like this would be an entire ecosystem of startups promising to normalize the evaluation process. I wonder how long it would take for AI to bring us back to the broken position we're in today?