The current position is "sorry for breaking your trust, please trust us". It's hard to find it compelling.
> Given the prevalence of comments like this, I wonder why any company would ever bother offering an apology or retraction.
To project my own opinion onto others: these comments are warranted because an apology has no actual value. The fact remains that Triplebytes can still do this if they wish to, and they are constrained only by what they can manage to slip past their users.
There's a stark asymmetry in the digital space, where service providers are protected by the legal language in their TOS or EULA, but the users have to trust that the service provider will not act outside their interests, and with no recourse. By contrast, in a normal contract negotiation, there will be an opportunity for both sides to ammend the contract to better serve their interests.
If Triplebytes wanted to show that they will not attempt to do this again, they could break this asymmetry and constrain themselves in their user contract, accepting all resulting liability or specifying concrete penalties if they do persue this route in the future. An apology is just a meaningless PR exercise.
> Why is this a hard thing to do? It’s literally what everyone who ever messes something up is asking you to do.
Because you're treating a service-client relationship as an interpersonal relationship. They are not, and the same norms do not apply. That apology, and its implicit premise(s) and promise, is rooted in the norms of intimate, interpersonal relationships. Those do not apply.
When you screw up and ask your spouse's forgiveness, the psychosocial interaction is quite different from when a CEO fucks up, writes a mea culpa to the faceless masses, gets his draft looked over by a PR flack and a couple board members, and then sends it out to the highest-impact social media circles for his service and waits to see what his KPIs do.
> Just because someone once committed a broken build, doesn’t mean I’ll never again trust them with access.
I don't think this analogy is useful. An error in execution can be quite different in an error in judgement.
To offer an alternative example: a contractor decides to publish the source code to a company's closed-source software, so that they can use it as evidence of their work for their next job application.
> It’s argubly more like “sorry for being a moron, but I hear you. Please give us another chance”?
When these kinds of bad judgement happen, the person normally loses some decision-making power to stop it from happening again. This is in noticeable contrast to Triplebyte here: an apology as a PR exercise, and no material change to prevent it in future.
It's more like your best friend telling someone the secrets you told them, and then expecting you to immediately trust them again with some more.
However much you'd like to, you can't just flip that trust back on - and in a lot of cases, it'll never fully go back to the way it was.
Not that we should personify company-customer relations - this was a decision that would have been taken by a lot of people expending serious effort to get it out the door. It's not a single lapse in judgement, but a continued expression of different values.
You make it sound like an innocent mistake, but they must have discussed this issue and decided that violating their user‘s privacy is acceptable. It’s not like they made a typo, it shows malintent.
Break the build, okay we give you a second chance, delete the database and all backups when you were hired as the DBA? You're probably going to be looking for another job.
I guess what's missing is the corrective steps they are taking to make sure a mistake like this doesn't happen in the future. I think even a short statement like "In the future, all feature plans will undergo a thorough review by an independent or in-house privacy expert before being greenlit." would give me more confidence that they understand that this was a privacy incident and not a PR issue.
> Given the prevalence of comments like this, I wonder why any company would ever bother offering an apology or retraction.
To project my own opinion onto others: these comments are warranted because an apology has no actual value. The fact remains that Triplebytes can still do this if they wish to, and they are constrained only by what they can manage to slip past their users.
There's a stark asymmetry in the digital space, where service providers are protected by the legal language in their TOS or EULA, but the users have to trust that the service provider will not act outside their interests, and with no recourse. By contrast, in a normal contract negotiation, there will be an opportunity for both sides to ammend the contract to better serve their interests.
If Triplebytes wanted to show that they will not attempt to do this again, they could break this asymmetry and constrain themselves in their user contract, accepting all resulting liability or specifying concrete penalties if they do persue this route in the future. An apology is just a meaningless PR exercise.