CEO apologises for ill-considered proposal
He's getting good at that...
GitLab has swiftly backtracked on plans to add telemetry services to track usage of its products. VP of product Scott Williamson announced on 10 October that "to make GitLab better faster, we need more data on how users are using GitLab". GitLab is a web application that runs on Linux, with options for self-hosting or using …
"you unethically greedy CFO!"
Indeed, it seems the desire to make money from data knows no bounds, not even legal ones. Tracking without opt-out would surely have been found illegal in the EU and the reason GDPR protections are in place is because that sort of tracking is unethical.
It seems that we need to alter the phrase to:
"Even if you are paying, you are the product" :|
On the other hand, GitLab CFO Paul Machle said: "This should not be an opt in or an opt out. It is a condition of using our product. There is an acceptance of terms and the use of this data should be included in that."
Worth noting that he's right that they can do this. GDPR quickly loses its teeth for anything that requires a login, unfortunately. Tells us a lot about what the investors who currently own GitLab are interested: you are not a name, you are a data resource.
"GDPR quickly loses its teeth for anything that requires a login"
GDPR says that accepting use of PII over and above that needed to perform the functions of the service requires opt-in and should not be a condition of provision of the services. I can't see how requiring a login affects this.
> CFO Paul Machle said: "This should not be an opt in or an opt out. It is a condition of using our product...
> Sijbrandij also promised a review of what went wrong.
You're letting the CFO decide the features of your product, a product that is designed for engineers. That never goes well.
I'd have thought that a CFO would be very concerned about features that would cost the business money. Features such as ignoring the opt-in requirements to handle PII which would open up liability under GDPR. Maybe the CO needs to speak to the CLO or whatever title is given to their legal bod.
Well, the corporate attitude to the law is easy: the question is not whether it's legal or not. The question is whether the expected (in the stochastical sense) fine is larger or smaller than the extra revenue it generated.
(Do we have court decisions already on whether breach of GDPR falls under unfair business practices? Because which end user is going to go and bring the charges against GitLab?)
In fairness to Gitlab, in the discussion thread where the CFO said that, their legal team pushed back with that same observation (amongst others), and the overall consensus in the Gitlab management crowd -- including the CEO -- was to reject the CFO's assertion.
That said, Gitlab's actions here have left a bad taste in my mouth.
So the engineering manager flags up that there's a major privacy impact, and may also be legal issues (i.e. GDPR).
But, the head bean-counter. Not a lawyer or an engineer, a CFO says it's OK? And despite the responses telling him why he's wrong, they seem to have plowed on with it for a while.
I quite like Gitlab as a product, but I'm becoming quite worried about the direction the company seems to be headed - history is littered with good tools that were badly managed and went to shit.
I am/was a self confessed Gitlab fan boy, I spent a week sniggering when Microsoft bought Github. But then Goldman Sachs invested in Gitlab and it became obvious which way this was going. I guess it's just what happens, you develop some great software, you attract the attention of the big money, get dazzled by the bright lights and gala luncheons and sell your soul to a corporate bank.... or Microsoft.... or Google...... or Amazon..... But I guess that then creates the space for the new upstarts to come up with a better idea.
The apology by Sid Sijbrandij was simply a diversion and whether we like it or not, telemetry is going to be implemented for sure.
Here's recent discussion thats being going on for implementation of telemetry
and here's the issue where Gitlab team is trying to explain to users that they don't know it yet, but its for their own benefit
Biting the hand that feeds IT © 1998–2021