Exploring the fuzzy edges of privacy and security
I’ve moved my blog to http://jnorthrop.me. I’ll leave this blog up, but I won’t update it any longer.
I read a blog post the other day about how to properly negotiate a salary. It received a lot attention on Hacker News and generated a heated discussion. Obviously this is important to many of us — me included.
However, I see things differently than Patrick. I’ve liked almost all of my bosses (5 to date), and enjoyed my past places of employment. I’ve generally felt fairly compensated and when I haven’t, I’ve done my research to make sure my feelings match reality then talked to my boss about it. In short I’ve treated salary negation like a considerate human relationship, not a game to win. Maybe I’ve “left money on the table,” but I hate playing games and frankly compensation negotiations aren’t a game.
The gist of the post is this: “Be more assertive and shamelessly demand more.” I’ve been thinking about that advice quite a bit since reading it and it makes me feel sorry for those who have to follow this advice at face value.
I do agree that many people, not just those of us in IT, need to be more frank about their needs and wants, but why the need to take such an adversarial approach? It’s important to keep in mind that you’re negotiating with a human being and all the emotional baggage that comes with it.
I guess original author believes that being difficult in negotiations is the best method to get the most value. Honestly, I haven’t tried it but I imagine it leaves the risk of getting a relationship off on the wrong foot. And, at the end of the day, a large part of your job satisfaction relies on the relationship between you and your manager.
The whole discussion around “don’t give the first number” is ridiculous. My “rule number one,” and only rule, in going into any negotiation is to know what you want as the result before you start. Given that, if you have done your research and know what salary you want, there is no reason not to come out and state it when asked.
If the hiring manager wants to ask for a number in the first interview, fine with me. “I want around $xxx,xxx. Of course I’ll take into consideration the complete package but I think that’s a fair starting point.”
At that point you can end that line of questioning and decline to get more specific without coming across like you are playing games. If they do persist and ask you for more details (expected vacation, etc.) at this point you can comfortably tell them you don’t want to get into those details yet. Unless you do. In that case tell them you like to take every August off to be with your European relatives. Or that you need to work from home every Friday. Why not?
Everyone is different and everyone has their own style and organizations are much the same. So go into negotiations prepared, do your homework on salaries and compensation packages and know what you want, but in the end be yourself. Then when the final job offer makes you happy, take the job and be happy.
As expected The European Commission released two principal documents outlining proposed reforms of the EU’s 1995 data protection rules. And as promised last week I will do my best to put it into context for IT professionals. First off, from all accounts, It appears to be relatively close to what was leaked in November so there are no big surprises in it. However, that doesn’t mean that it isn’t a big deal—it is.
At least it has the potential to be. It’s important to remember that the next step is for the Commission’s proposals to be passed on to the European Parliament and EU Council of Ministers for discussion. Then, if passes as is (which is unlikely), they will take effect starting two years after adoption.
Keeping all that in mind, to follow are the key points from the proposed reforms. Keep in mind I’m not a lawyer, I’m an IT professional, so key provisions from the document that may be important in other aspects aren’t import to me and aren’t mentioned here.
The big items to consider are the need to get explicit consent, the breadth of applicability to multinationals doing business in Europe, and the right to be forgotten. I would strongly suggest to all that you start planning to account for these provisions sooner rather than later when possible.
As one expert noted:
Given the energy, speed, and determination with which the reform of the EU data protection regime has been handled, it is likely that the final documents should be substantially similar to what was published on January 25, 2012, and that a final vote will take place sooner than later.
Did you catch Google’s full page ads in The Wall Street Journal, The New York Times, USA Today as well as other papers around the country this week? If privacy isn’t your business then you may have just passed them over, but for those of us who make a living either convincing customer’s to given us their data or struggle to keep those within the company who want to mine that same data at bay, it was a breath of fresh air. And quite possibly revolutionary.
Back in October Google started their Good To Know campaign, and this week’s advertising was the big kick-off. The primary goal appears to be public education. The site teaches the public about protecting their personal data. It also makes Google more transparent about how they are using the personal data they collect which helps comply with FTC regulations and European Union laws.
Why I call it “revolutionary” though is the tertiary benefit they derive from the way in which they are communicating to the public. The Good To Know campaign is subtly selling us on the benefits of Google collecting and collating our personal information. In other words they are encouraging us to give them our data by showing us the value we will derive from it.
This is something that has been preached in privacy circles for a while—I heard Jules Polentsky talk about this very approach years ago—but this is the first time I can think that someone has applied it with a multimillion dollar advertising and marketing campaign.
This is the way of the future folks. People now largely realize that free services on the internet aren’t really free—we “spend” our anonymity in exchange for the services we use. The public’s collective reaction to this realization has been visceral. They’re repulsed and as a result entire businesses have sprung up to protect anonymity. Technologies such as Tor, or services like Bug Me Not as well as dozens of other methods have sprung to life to help obscure the identity of the person using online services.
In the middle of this environment Google steps forward saying, “look at all the benefits you get when we know who you are!” Admittedly it is going to be a tough sell, but if they succeed then they have secured a future with loyal customers who willingly participate in an exchange of information, which is exactly were Google derives most of it’s value.
The alternative, what most are currently doing, is to hide behind the legalese of privacy policies but, in the long run it’ll be a much tougher row to hoe. That is a future which includes fighting against businesses built around hiding identities of people as well as increasing difficulties operating in Europe (e.g European Data Directive) and potential FTC action (e.g. Buzz lawsuit).
Google is blazing a trail with Good To Know. Those that do not follow are facing an uphill battle and future that finds them at a competitive disadvantage.
Anyone still think they can keep their head in the sand over privacy issues? Think again. Check out this post by 37Signals. Here’s the meat of it.
Taylor’s post about our growth in 2011 included a bunch of numbers showing how the pistons inside the 37signals engine are pounding faster, but it all got swept away by what seemed like an innocent side-note: The 100 millionth file was called cat.jpg.
Being as it is that the internet is constantly accused of being just an elaborate way of sharing pictures of cats, sharing pictures of cats, we thought that was funny. But it wasn’t. We shouldn’t make jokes about anything even remotely related to people’s data.