Hacker News new | ask | show | jobs
by Xylakant 5076 days ago
> It doesn't seem like you are trying to discuss this in good faith. Read my post again, I was pretty clear that privacy matters in some cases, but that I do not think it is the common case.

I am actually trying to discuss in good faith, but you're last sentence in your post is:

> "You get zero emails about leaking it."

That's what I dispute. If information would have leaked on that project I'd have had a very angry email from my customer in the inbox. Probably rather a written letter in the letterbox ;)

I guess basically we're both in agreement. If you go back an re-read my statements, I do agree with you that double opt in is

a) not the golden end of it all and the one-size-fits-all approach won't work b) and legally not required in some cases (though we differ on how many cases there are)

However, I argue that im my experience most projects will end up with double opt in because

a) they're legally required b) or they might be legally required to do so in the future (like when they plan to send advertisement emails) c) they have risk-averse stakeholders that want every anchor they can have in a (potential, probably imaginary) lawsuit that some bone-headed user might trigger.

In any case you're kinda missing my original point: The starting point of the discussion was not that you're required to have a privacy protecting signup scheme. My only point is that it's possible to have one. If you don't need one, that's fine with me.
1 comments
papsosouid 5076 days ago
>That's what I dispute.

Because you are taking it out of the context of the implicit "for a typical web app" that had already been established in the previous post.

>I do agree with you that double opt in is

You are still arguing a false dichotomy of "double opt in" vs "not double opt in". Double opt is entirely irrelevant. The only time I mentioned it was pointing out that it is not in any way a legal requirement.

>My only point is that it's possible to have one

Nobody said it wasn't possible. People said it is a huge usability flaw.

link
Xylakant 5076 days ago
> Because you are taking it out of the context of the implicit "for a typical web app" that had already been established in the previous post.

I don't get that point. What's a typical web app? Most of those that I've built had in some way or another email connectivity. Many had a newsletter component somewhere that was used to inform users about new features/offers/whatever promotional content. Even more had the tentative idea of at least keeping the option open. And if you do that, you need to confirm the email address. So probably we differ on the notion of "typical" here and I guess that's a point that can't be resolved.

> You are still arguing a false dichotomy of "double opt in" vs "not double opt in". Double opt is entirely irrelevant. The only time I mentioned it was pointing out that it is not in any way a legal requirement.

Sorry, you kinda lost me here. I don't understand what point you're trying to make.

> People said it is a huge usability flaw.

That's the whole point. IMHO it isn't that "huge" when you have double opt-in anyways. And as I pointed out that there are some reasons to have double opt-in regardless of legal requirements as well, in fact, most services that I signed up for use it. That might be different for you, but it's certainly not a minority or a freak occurrence if you encounter some service that uses double opt-in. So it can't be that bad either.

I fully acknowledge that you have a different view here, that's completely fine with me.

link
papsosouid 5076 days ago
>Sorry, you kinda lost me here. I don't understand what point you're trying to make

This is what I have been saying for the whole thread. And you are only getting worse. I do not know how I can make myself any clearer, sorry.

link