DockerHub uses a company/product called "TrustArc: TRUSTe" and they have _exactly_ this method. The slowdown is intentional. People who come up with sort of tactics and those who implement them should go to jail. It's beyond infuriating. I've decided to not upload my images to dockerhub because of this.
Edit: jail time is not for anger obviously, but for intentionally swindling people. It'll be handled on a case by case bases obviously, but data is worth something, people who swindle you out of your data are like those who scam you in the street for your wallet, and as far as I know, there's jail time for that.
Yes, it appears to be. If you check the network tab of your browser, you see it makes about 8 requests. Then it waits for about 5-10 seconds and makes again 5 requests.
I think there should be some sort of public shaming for shady practices like this, so large companies like Oracle would seriously consider alternatives.
Since your edit seems to be taking the jail suggestion seriously:
I think the data-money analogy isn't unreasonable, but you're overloading "swindle" pretty heavily here, in a way that defeats your point. Companies and people "swindle" others out of money all the time with dark patterns, and this predates computing by ten thousand years. Caveat emptor exists for a reason: the legal system is just too inflexible a tool to cram a person's view of "honesty in business" into.
Defining "making one side of an option an iota more of a hassle than the other" as criminal is broad enough that you're pretty much guaranteed to catch many honest transactors too. The law is a really blunt instrument.
I agree. I’m certainly taking it from my own point of view, and I might be overloading “swindle”. It’s probably a bad choice of a word here. It would have to be on case by case basis anyway, but even with the inflexibility of the system and the impossibility of jail time for every theft case, I think it would have to be at least an option when the intent on scamming for the purpose of selling the data (like those mailing lists) is clear.
There are certain patterns that are illegal though, and presumably have legal penalties (maybe not jail time, but presumably at least fines). False advertising is the obvious example. I don’t think it’s unreasonable to support strengthening the laws around these things.
If memory serves me, the EU does not
Operate on the same legal framework as the US, so the assumptions I hear here: that the exact letter of the law they’re suggesting is worrying, is not
How it works in the EU. They also don’t use case law to define exactly how something will be dealt with.
It’s a lot more fluid and ‘spirit of the law’y there.
It seemed very clear to me from his comment that his justification didn't revolve around him getting angry personally, but the harm these features cause over time. With that being said, your post seems disingenuous. I personally don't believe in jail time for this, but very heavy fines certainly. People need to care about these issues.
Jail time is probably the only suitable enough deterrent for adtech nightmares. Fines are just treated as a cost of doing business expense, and doesn't directly even hurt the terrible people making these decisions.
When someone commits a wrong, the punishment is in part based on the amount of harm. You might feel that adtech causes small harms, if you look at harm against an individual, but adtech folks harm billions of people, every single day.
If you're Mark Zuckerberg, Larry Page, or Sergey Brin, no fine is large enough to make you regret your life choices. The only way to punish billionaires who get rich off harming others is to take away their time/freedom, the one thing they can't just buy back. As long as corporate CEOs can't get jailed, crime absolutely pays in this country.
Exactly. Facebook and Google have been fined in the past and it’s never amounted to anything for them. When they make more
Money from engaging in bad behavior than the fine costs, it’s a law they’d be stupid not to break.
No amount of fines would make a difference? I beg to differ. Make the fines high enough, bill them to the executives personally, I guarantee it will make a difference.
A large enough fine could literally take the company and thus their power away from them. A large enough fine could literally bankrupt the company.
The problem is simply that the fines aren't big enough.
This refers to the "normal" people not businesses or rich execs. Giving them for example 20 years instead of 5 doesn't change much, because 5 is already a lot. If someone does crime, because of poverty, being mentally ill, or because of addiction no jail time will be a strong enough deterrent.
If businesses actually would have fines that significantly hurt the business (and not being able to deduct it from taxes, if they were unable to pay, they would have to close down) would absolutely help and would change the calculation from fine being a cost of doing the business to a punishment for illegal behavior.
Having executives be personally responsible for decisions and go to a real jail would be even a stronger motivator.
The current problem is that there's no real deterrent.
> Most studies pretty clearly show that harsher punishments are not an effective deterrent.
It doesn't need to be harsh, 3 days in jail with a review in six months to see if they've fixed it. Then an additional 3 days in jail. Pretty much any jail time would be adequate for typical C-Level execs. Also, not "Raped in the ass" prison time, just a mellow 3 days to contemplate their shiftiness locked in a comfortable room.
Your source doesn't actually apply well here. It talks about things like substance abuse and addiction being reasons that criminals don't act rationally to punishment as a deterrent. For white collar crime, there's a very different set of circumstances in play. Crime is often just a business decision based on risk and reward. Raise the risk and the reward becomes less worth going for.
This should be punishible by law, jailtime included. The intent of the law is to give the consumer a choice. What these companies are doing are trying to circumvent the law by making it extremely difficult and annoying to exercise that choice.
Very similar to trying to cancel a spammy subscription (but that's not mandated by law, so)
I wonder if justice has improved over time because we've gotten better at tolerating things that make us angry, or because we've gotten better at not getting angry.
Jail might be a bit much, but giving them the maximum fine allowed under the GDPR seems quite reasonable to me. I'd even go so far as to try and transfer the debt to the individuals responsible if this causes the company to go bankrupt, as this is clearly malpractice.
> I'd even go so far as to try and transfer the debt to the individuals responsible if this causes the company to go bankrupt
So who's liable in this scenario? Someone in the C suite? The coder monkey who implemented it? Someone in between? All of the above?
Unless I'm mis-remembering, the maximum fine under GDPR is a % of the total revenue of the company, so depending on the size of the company, this could result in bankruptcy of any individuals deemed responsible too.
If the risk of investing is goes from (Value of your investment can drop to zero) and is now (Your entire personal fortune is at risk), what do you think is the outcome? Thinking 1 month, 6 months, 12 months, 5 years.
Or to put it another way, is causing another massive economic shock the correct response to a dark patterns on websites?
The stock market is not the economy. All you are ultimately advocating for is keeping the exiting corrupt corporate leadership in charge and preventing market forces from replacing them with ethical leaders.
When you give someone money to do a thing you have responsibility about that thing. If someone is running a clearly illegal business (trafficing illegal drugs, humans) and you are aware of this and invest in their business then you become an accessory you are not immune to liability for crimes you were aware of before investing - you are immune to liability for actions taken without your knowledge (which is what we assume the great deal of actions taken by investees are).
Causing another massive shock to the stock market is the correct response here because nearly everyone is engaged in behavior that harms society and should be stopped. Also, the market will recover and really isn't that important. If a small proportion of actors were engaged in this activity then getting an industry compact or other token gesture might be good enough to correct it.
If people were affected by the things they give companies money to do, perhaps they'd be a lot more careful about what they give companies money to do.
To the point where it's not worth giving companies money at all. Stockholders aren't involved in day-to-day ops, anyway, so you're placing the blame at the wrong place. It should be placed on the C-suite.
The alternative seems like a strange land where we imprison waste management workers for their pension funds being invested in companies they have literally have no control over and no ability to discover the behavior of.
Or should we restrict the stock market only to the rich and powerful?
I mean... how much of the world do you want to feel like you married a sociopath (aka people who deliberately make the better option miserable), before someone can say 'lets disincentivise this behavior
Edit: jail time is not for anger obviously, but for intentionally swindling people. It'll be handled on a case by case bases obviously, but data is worth something, people who swindle you out of your data are like those who scam you in the street for your wallet, and as far as I know, there's jail time for that.