I wish that Shelley had co-written this letter with either a tech employee or a more tech-focused librarian. The problem that she mentions is real: I've worked in her position and can confirm. But the way the letter is written makes it clear that she's not very familiar with the tech industry or how things are developed.
If I were a Google engineer, this would read like one of dozens of pleas we get constantly to change X, Y, or Z for some small portion of the served population. And software devs in general find those demands annoying, particularly given some of the language that Shelley uses.
I think this would have gotten more reach and been better received if Shelley had a co-writer that acknowledged the reasons for 2FA from a security standpoint and emphasized the trade-offs that are being made + suggest other security measures. Likewise, having someone with a better understanding of tech would mean being able to do things like present some solutions that don't amount to "Oh most magic of Google Oracles, please fix this." Also the suggestion that they could contact her to learn about where patrons get stuck made me cringe slightly.
Basically, there's a misaimed moralizing tone throughout the letter that I think is at odds with its stated purpose, and it could have been written better, but the problem is real.
My goodness, I think you just might be lacking in empathy. I honestly recommend that you take a step back and reread what you have written here.
> But the way the letter is written makes it clear that she's not very familiar with the tech industry or how things are developed
And she should not have to be familiar with the tech industry. The tech industry's job is to figure out what the users want, by understanding what they do.
> And software devs in general find those demands annoying, particularly given some of the language that Shelley uses.
No no I hope not! I hope that engineers who possess some empathy will see a letter like this and feel their pain and feel compelled to do something for them. If someone feels nothing after reading this letter, they are lacking in empathy.
I'm a colleague of Shelley's, loosely: I've been working in libraries since 2004, a fair amount of it in public service, and my first job was literally teaching people basic technological skills in a public library.
I don't think it's 'lacking empathy' to focus on whether or not the tactics or strategies my allies are using are likely to, you know, work. I would consider it more important that the letter be taken seriously and lead to actual change than people pat themselves on the back for their empathy in agreeing. It's because I have empathy for the people affected by this issue that I care more about effectiveness than the feelings of the people reading/writing the letter.
> And she should not have to be familiar with the tech industry. The tech industry's job is to figure out what the users want, by understanding what they do.
I mean, she's a librarian. I do expect people in our profession to be able to look at an issue, understand where our experience is lacking, and seek to either remedy it or find someone with complementary skills. For a librarian to run into a problem and not act to acquire relevant information is something I (as another librarian) am pretty comfortable judging as 'unwise'.
> The tech industry's job is to figure out what the users want, by understanding what they do.
The tech industry's job is to make money.
> No no I hope not! I hope that engineers who possess some empathy will see a letter like this and feel their pain and feel compelled to do something for them. If someone feels nothing after reading this letter, they are lacking in empathy.
I would like the world to be that way. It would be great. I would feel much more optimistic!
Focusing on tactic and strategy is the opposite of empathy. An empathetic response communicates that you understand the feelings and experience of someone else. Your comment did the opposite by only focusing on your own thoughts/desires/experience. You may find it useful to research emotional intelligence so that you can respond appropriately and productively to another's emotional state.
I strong disagree. This isn’t a tech issue, it’s a poorly delivered solution that didn’t consider the needs of the users. The solution is so poorly delivered librarians are an ad hoc support team for thousands of people.
Google in particular created a moral problem by choosing to implement a security solution that doesn’t serve people who depend on the services. They have the metrics to know better, but didn’t consider the use case.
I provide services to users in these use cases. It’s very possible to serve them in a way that is both secure and respectful to humans.
I honestly can't remember who implemented 2FA in this case first, but it's not only a Google problem. People also end up locked out of their Yahoo and AOL accounts fairly regularly.
> The solution is so poorly delivered librarians are an ad hoc support team for thousands of people.
Well, yes. We're also expected to be teachers, social workers, etc. Everybody has been outsourcing/dumping the unprofitable work on us for decades now, why would Google and other tech companies act any differently? It's a problem that goes deeper than Google and the tech companies; it's a general assumption that infrastructure design can ignore the worst off parts of society and that people like volunteers and librarians will step in without considering whether or not we have the capacity for that as a society.
I just think instead of 'Google, fix it', it would have been wiser to make clear that this is a general problem (not a Google specific one) and to suggest things like partnerships between the GMail team and the PLA, etc.
I'm saying this in the spirit of 'yes, we need to take this territory but maybe a cavalry charge isn't the best way to do that given the other side has machine guns'.
yikes. old poor people are having their lives upended because technology has infiltrated the processes by which basic business is conducted and the designers of said technology had not bothered to consider them as a real use case, and your response is "she's not asking nicely enough."
Maybe I should have mentioned I'm a programmer and a librarian, and my suggestion is one of tactics/strategy.
I care more about getting the problem fixed than the writer's feelings not being hurt, and I think that things would be more likely to change if she'd written it differently.
sure, maybe you do get more bees with honey. or more often than not you never get seen. we live in a sad era where the only way to get real attention from large companies is to embarrass them in public. this is by their design.
> I care more about getting the problem fixed than the writer's feelings not being hurt
i don't really follow how the writer's feelings could be hurt in any case. you seem to have an odd perspective on all of this.
So we disagree on the best tactics to take here. In particular, I think the embarrassing tech companies in public works when it's done by either other tech people OR it gets into the media where the bottom line could be impacted. This
That doesn't make me 'cringe^inf' or boil down my tactical critiques to '"she's not asking nicely enough'. I presumed you were attempting to call me out for tone policing, and usually the point of that call out is to protect the feelings of the person being critiqued. Or to prevent the person making the tone argument from making it for biased reasons, but as I am ALSO a female librarian, that doesn't really apply here.
> you seem to have an odd perspective on all of this.
Yes, I imagine I would. I differ from both HN's average readership and the average librarian enough that my views on things are odd. I also did some time in communications work and I can't turn that off either. It's like seeing poorly written code for me.
the call out was more in line with a general disagreement with what i saw as a tech industry apologist take. i don't think people who work in the tech industry are bad people, but if people are losing housing because of their products, inventions, or service policies, then it appears that they have certainly (possibly inadvertently!) done some very bad things and that needs to be acknowledged plainly and clearly.
no masters need to be pleased, no egos massaged (it's time for that obnoxious culture to die). they done bad and it's time to make it right.
embarrassing companies in public is an old tactic that predates consumer technology companies by a large margin. in the old days letters would appear in trade rags or newspapers to the same effect.
That's fair, that would be a decent read on the comment assuming average HN demographics. I am a librarian who was raised by hackers, so I was programming and playing around online for years before starting library work and eventually getting my MLIS. So I was critiquing her from a colleague's POV of 'this clearly isn't your area of expertise, why didn't you ask a colleague who does know this area so the letter was stronger?' I wouldn't write a letter about, say, the impact of social media on kids' media without talking to some of the children's librarians I know, since I don't know much about children's services.
Also libraries have a major cultural issue of their own, which is that they love credentialism and gatekeeping, and part of that manifests through assumptions that they and only they know the right thing to do (you'll note she suggests that Google contact her for more information rather than perform their own research or, God forbid, asking the userbase directly). Related to this, librarians, because of their vocational awe, are very, very susceptible to forms of communication that affirm their righteousness, and I see signs of that in this letter. From a communications standpoint, it's just not ideal to ask people do something by shaming them and assuming a stance of superiority while ignoring some context. That's just asking to be dismissed.
So that's where I'm coming from.
I actually greatly agree that tech culture needs to change.
> embarrassing companies in public is an old tactic that predates consumer technology companies by a large margin. in the old days letters would appear in trade rags or newspapers to the same effect.
Same problem, though. Embarrassing a company in a trade rag means that your employees are going to be judged by their peers and you're going to have a hard time hiring new employees. Using a newspaper meant that it went through some sort of editorial gatekeeping and the newspaper determined it was an issue that was likely to blow up. There were also plenty of cranky letters to the editor/opinion pieces in newspapers (especially smaller ones) that were dismissed as 'lol old people be cranky'. You have to have a strategy there.
And I think she's wrong, as another librarian who's worked in public services.
I think Google's poor implementation of 2FA is a result of misaligned incentives, unknown unknowns in the product development cycle (because she's right that engineers assume a baseline technological literacy and access that isn't there for everyone), and deeper social issues.
Lying it directly at Google's feet and implying that they made that choice maliciously rather than ignorantly (or to maximize their actual goal, which is $$$) + not noting that the bad decisions have also been picked up by their competitors makes it read more as a judgment than an invitation for collaboration/plea for help. I think a different approach would have been more effective.
I have a tactical disagreement with Shelley. No disagreement on the actual issue, which she's right is a huge problem and one I've personally encountered hundreds of times.
If I were a Google engineer, this would read like one of dozens of pleas we get constantly to change X, Y, or Z for some small portion of the served population. And software devs in general find those demands annoying, particularly given some of the language that Shelley uses.
I think this would have gotten more reach and been better received if Shelley had a co-writer that acknowledged the reasons for 2FA from a security standpoint and emphasized the trade-offs that are being made + suggest other security measures. Likewise, having someone with a better understanding of tech would mean being able to do things like present some solutions that don't amount to "Oh most magic of Google Oracles, please fix this." Also the suggestion that they could contact her to learn about where patrons get stuck made me cringe slightly.
Basically, there's a misaimed moralizing tone throughout the letter that I think is at odds with its stated purpose, and it could have been written better, but the problem is real.