80 comments

[ 3.3 ms ] story [ 165 ms ] thread
Their old terms of use: "When you click on a link, our server will send you the corresponding page."

I wonder what changed and made them add the new terms of use.

[0]: http://web.archive.org/web/20141020194316/https://www.ycombi...

> I wonder what changed and made them add the new terms of use.

Probably a lawsuit, mandatory arbitration avoids lawsuits. I’m just guessing, I have no concrete info.

> I wonder what changed and made them add the new terms of use.

CCPA's April enforcement deadline, most likely.

Maybe it’s related to their decision to turn YCombinator into a “safe space” for very specific people; or the way YC takes steps to silence some voices while hiding the fact that they’re silenced. These are deliberate decisions that cause the site to work very differently than naive people envision it from working.

I’m not crazy enough to sue over that shit; but somebody might be.

It's hard to tell what these dark insinuations refer to, but there's nothing (that I'm aware of) that hasn't been fully explained many times—nor are there any questions we don't answer. If you're talking about shadowbanning, for example, there's plenty of explanation at https://news.ycombinator.com/item?id=23686672 and the links back from there.
I have multiple accounts that you (or somebody) hell-banned, with real genuine content, and the described process was not followed.

Thank you for, once again, proving that you’re a low integrity individual.

If you're going to make a claim like that, you should supply links so readers can make up their own minds. When people don't do that, it's usually because the real story is rather different than they're making out. https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...

I may be mistaken, but I believe that with your previous accounts that we were aware of, the "real genuine content" was pretty trollish. When users keep creating accounts like that, we stop telling them that we're banning them, because they know perfectly well what they're doing, as do we. This is all explained at the links I mentioned upthread.

We do make mistakes, and when we find out about them, we apologize and try to correct things. But shadowbanning accounts that are innocently posting "real genuine content" isn't anything we normally do.

I don't agree with the post you're replying to, but before you took over it was much more common to be shadow banned for a silly reason.

For example my first account, which admittedly didn't have top quality content, hardly did anything worthy of a ban by today's standards.

https://news.ycombinator.com/threads?id=d3c0d3dab0d3

For sure, the site worked differently prior to 2014. I'm talking about how we've operated since then. 7 years is an internet eternity! Though I suppose I should be thankful that people are still talking about things that happened in 2013 because it means they still care.

HN was moderated differently in the early years because pg was running it in whatever hours he could eke out between running YC and having small children. That was a totally different situation than now. It's a miracle the site stayed up at all.

It's not clear why that account was banned, unless it was related to other accounts that did bad things? (You don't have to answer that.) In any case, I've unbanned it now and restored the affected posts, in case that's helpful.

I always assumed it was because the name looked like spam nonsense, which is why I put the explanation in this one. I got over it pretty quickly, but thank you for the gesture.
I don't think HN ever used to ban accounts for that reason. It must have been something else. We might be able to figure out what from the logs, but that's time-consuming and probably not worth it.
You are, in fact, mistaken. If you go back far enough, you hit a high quality account banned for a stupid reason, without notice, warning, or discussion. After that one you’ll find accounts that shitpost, but before that... good stuff!

But there’s no value in arguing over this. I long ago decided it was more fun to burn the bridge (by rudely stating things that are true) on this set of browser/cookies/account/IPs. I’m not going to dox myself to prove that your second paragraph was wrong. Especially when I concede that _after_ I got banned stupidly and unfairly, I decided to fight back by becoming ban-worthy.

The “optimist” in me thinks your a decent person who happens to have some big blind spots and biases, and you might eventually figure out how to address them if you meet the right set of people and start to learn from folks who don’t look like you. Maybe you’d realize that there are a collection of things that HN encourages, all of which contribute to a “safe space” for certain people, while excluding others.

I hope my optimistic view is eventually right.

Edit: thank you to the peer post to this comment that gives an example of this happening to them a long time ago. I didn’t want to dox myself to show it’s a real thing.

I’m adding this as an ‘edit’ instead of a reply to the peer post because this account is just barely allowed to post at all.

If, like the other commenter, you're talking about something that happened over 7 years ago, the situation back then was different, as I've explained above. When I talk about how we moderate HN, I mean now and in recent years.

7 years is surely long enough to establish a new moderation policy on a website. If that's really the reason why you're still abusing HN after all this time, I think you should reconsider.

(comment deleted)
(comment deleted)
(comment deleted)
Can someone explain the legalese. I'm having a hard time deciphering it
Which part specifically is confusing you? Like, it's a long TOU, so I don't think anyone's gonna write down the whole explanation here, but let's pick one paragraph:

> Commercial Use: Unless otherwise expressly authorized herein or in the Site, you agree not to display, distribute, license, perform, publish, reproduce, duplicate, copy, create derivative works from, modify, sell, resell, exploit, transfer or upload for any commercial purposes, any portion of the Site, use of the Site, or access to the Site. The buying, exchanging, selling and/or promotion (commercial or otherwise) of upvotes, comments, submissions, accounts (or any aspect of your account or any other account), karma, and/or content is strictly prohibited, constitutes a material breach of these Terms of Use, and could result in legal liability.

This means: don't use the content of the site to make derivative works to make money, otherwise we might sue you.

It's mostly straightforward stuff like that. If there's a specific part that you're having trouble with, I'm happy to have a crack at explaining it.

Why anyone has the authority to compel public expectations based on the arrangement of bits.
Not to get too reductive or anything, but the reasons are very similar to why people have the authority to compel public expectations based on the arrangement of atoms (e.g. you aren't allowed to stab me, etc.). Namely: those with the power to enforce those rules think it's a good idea to do so, and the public continues to support that configuration of the legal system.
Absolutely. I think that's how we got here. But, the thought regulation regime is pretty new historically. I don't know why we accept it, on the basis.... That thoughts ... Take up space?
I'm afraid I'm a little confused about what your question is. I don't think the notion that thoughts take up space has anything to do with why TOUs are enforceable in the US. It's more because the relevant stakeholders are either largely not very interested in or impacted by TOUs (the public at large) or are interested in and positively impacted by TOUs (the services offered with TOUs).
ToS;DR has your back: https://tosdr.org/en/service/636 (Though it's not complete yet.)
I like this, curious if the interpretations are legally survivable but still very cool.
If the interpretations are accurate and complete, they'll presumably have the same impact as what is being interpreted. If the interpretations are inaccurate, then your reliance on them will not be a defense. For example, suppose TOU;dr got the arbitration requirements wrong. You could not sue ycombinator then argue that you had relied on TOU;dr, thus you were not bound by the arbitration agreement in the ycombinator TOU.
Wow. That is a brilliant link. Thanks for sharing.

I don't know why terms can't be written that simply in the first place.

Two reasons:

1. Legal contracts are supposed to be as detailed as possible so there's as little room for disagreement as possible when taken to court.

2. It's better for companies if users don't take the time to read and understand their terms, and beyond a certain length and complexity they will just scroll through and click yes.

3. Lawyers are incentivized to write incompehensibly because it helps keep them in business.

4. It's easier to write incompehensible legal text than simple English that a layman can follow, and customers seldomly call lawyers out on it because they've been trained to accept this as the status quo (also see 3).

The "good" answer for why terms of use and contracts are written more complexly is because they encode more complex information, that is less subject to varying interpretations.

Though certainly there is a 'pattern' to these that I think lawyers just fall back into that can be less understandable than needed.

If nothing else, many contracts are written in a somewhat weird frame, where one party is referred to in third person, and the other in second person. And often phrasing is so that the second person needs to recognize a claim of the third person ("you acknowledge etc etc").

In many ways, contracts are like the ultimate reversal of YAGNI. Imagine deploying code that you literally could not fix after release, and you knew that nearly all deviations from intended behavior would just kick you in the butt. Your code (and general product function) would probably get a bit weird too.

'Intellectual property' is mostly just postmodern nonsense...
I'm not sure postmodern is the right word to use here? It's pretty standard liberalism in terms of creating/enforcing property rights over things.
Information is not property. That's the postmodern nonsense. Property takes up space. These are mostly thoughts being controlled under the rubric of property
Whether or not you agree with the notion of intellectual property. It isn’t a postmodern concept.

https://txpatentattorney.com/blog/the-history-of-intellectua...

You'll notice though, that the term 'intellectual property' wasn't invented until the (roughly) mid 20th century. After which time, copyright and patent law were affixed to this construction. There was no intellectual property, prior. I would politely suggest that this piece is a post-hoc justification, based on the ignorance of this arrangement. (Because the author, like all humans, is morally ambiguous. Intellectual property was an assumption going into this piece)

Copy rights, are not property. Patents are monopoly licenses.

Maybe it’s modern nonsense.
Copyrights _are_ property. They can be sold on the market and are enforced by the state. You can _own_ a copyright.
Surely information takes up space too, albeit virtually and as bits?

You're incorrect in your use of postmodern in this and the above statement.

See if you can acquire information without taking up space.
Again, the patent system is mentioned in the constitution. It's not "postmodern". You may not agree with the system (I certainly don't), but "postmodern" is the not correct movement to associate it with
(comment deleted)
> Information is not property.

That’s true, property is exclusive rights. Information is a thing in which property can exist, though.

> That's the postmodern nonsense. Property takes up space.

One might choose to create a property regime in which only tangible items are subjects of property, but neither IP nor intangible property more generally have anything to do with postmodernity; while some forms of intangible property are earlier, the category (including the subcategory now known as “intellectual property”) really flowered as part of the same development of property rights that birthed capitalism.

You can deny its existence if you want, but that’s about as legally helpful and effective as sovereign citizen nonsense.
Zoom out a bit, maybe look at 1602 to the present and ask, "What can and can't be property, who decides what is and isn't property, am I ok with this, and why am I ok with this?" What are the second and third order effects that result from first principles here?
You're making a normative argument about what should be property. I'm making a purely descriptive point.
Yes, I understood this when I replied. Thank you.
So you were intentionally pretending to misunderstand? Cool.
No I was not. Hope you have a good rest of your day.
Weird coming from a site where most members are paid a lot of money for using their brains.
Eh, if IP wasn't a thing we could still make money in almost the exact same way via contract law.
Sure, but the value of the contract would be greatly reduced if no one could claim exclusivity over the output.
You could though, as long as you're careful with contracts. With backend software that just means a contract that you're not going to give a copy to anyone else. With frontend software that means making people sign contracts that they aren't going to further distribute it, before you distribute it to them.

All copyright really does is make these contracts "automatic". I guess that's important for things like web ui's, but it doesn't really matter for anything with an EULA, e.g. appstores like steam could work exactly the same as they do today.

> With backend software that just means a contract that you're not going to give a copy to anyone else. With frontend software that means making people sign contracts that they aren't going to further distribute it

You are basically describing intellectual property

Well yes, that's my point, you can recreate the parts of copyright that matter with contract law... so wanting to get rid of copyright isn't really a contradiction to our profession.
What’s the best practice for making a Terms & Conditions or Privacy Policy page these days? Eg if you start up a social network like hackernews
Lawyer obviously is the best practice.
Who will copy paste it from another site..
Is there a specific kind of lawyer that is best suited for this work?
We run our SaaS on Digital Ocean's backend and their TOS says that anything we allow onto their boxes has to comply, so that means our customers have to comply with DO's TOS.

To handle this, we link to theirs in place of a custom one.

I like this. I imagine it’s roughly similar eg using heroku?
It might be. Worth checking into their TOS to see if your customers must comply. I'd say, "probably."
The first meaningful Terms of Use seems to have gone live Feb 17, 2017. After that, January 1, 2020, and then January 15, 2021.

Pre-2017: http://web.archive.org/web/20161229045611/http://www.ycombin...

2017: http://web.archive.org/web/20170303015020/http://www.ycombin...

2020: http://web.archive.org/web/20200130013739/https://www.ycombi...

2021: http://web.archive.org/web/20210301143626/http://www.ycombin... (current linked)

I'm still doing diffs.

Edit:

2021 (left) v. 2020 (right) diff:

https://imgur.com/a/8LKXKNs

2020 (left) v. 2017 (right): Privacy policy was significantly reworked, not the biggest surprise considering CCPA, but n++ is choking on the compare. Some interesting TOU changes though:

https://imgur.com/a/q4zzm8G

This comment made me notice a small typo in the 2017 version fixed in 2020

> h. Future Changes to Arbitration Agreemen

Someone forgot to dot their Is and cross their Ts :)

Unless it's changed, I remember that there's no agree checkbox on the sign-ups page. How enforceable is this?
Strange that it mentions CCPA but not GDPR. Is HackerNews GDPR compliant? What are they tracking/storing?
I'm guessing being a US organization they don't care about GDPR just as they don't care about adhering to Chinese internet standard laws.
If you serve EU customers, you have to comply with GDPR no matter the jurisdiction you are based in.

Unless you are prepared to completely sever business ties with Europe.

What business ties exist in this case? There's no product being sold nor any ads.
Y Combinator's main business is seeding thousands of private companies many of which do their business in Europe.
According to Article 3 of GDPR, it applies to processing if any of three conditions are met:

1. Processing that takes place in the context of processors and controllers that are in the Union, regardless of whether or not the processing itself takes place in the Union.

2. Processing the data of subjects who are in the Union by controllers or processors who are not in the Union if the processing is related to offering goods or services to such subjects in the Union or the processing is related to monitoring the behavior of such subjects that takes place in the Union.

3. Processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.

If none of those cover an entity, that entity's processing is not covered by GDPR.

#2 would probably be the only relevant one for HN.

Is HN offering goods or services to subjects in the Union? Sure, people in the Union can access HN and even make accounts. But that might not be enough. One of the recitals for Article 3 elaborates:

> In order to determine whether such a controller or processor is offering goods or services to data subjects who are in the Union, it should be ascertained whether it is apparent that the controller or processor envisages offering services to data subjects in one or more Member States in the Union. Whereas the mere accessibility of the controller’s, processor’s or an intermediary’s website in the Union, of an email address or of other contact details, or the use of a language generally used in the third country where the controller is established, is insufficient to ascertain such intention, factors such as the use of a language or a currency generally used in one or more Member States with the possibility of ordering goods and services in that other language, or the mentioning of customers or users who are in the Union, may make it apparent that the controller envisages offering goods or services to data subjects in the Union.

Does HN envisage offering services in the Union, or is it simply a site that happens to work when accessed from the Union but was not envisaged to do so?

Another recital elaborates on the monitoring of behavior of subjects in the Union:

> In order to determine whether a processing activity can be considered to monitor the behaviour of data subjects, it should be ascertained whether natural persons are tracked on the internet including potential subsequent use of personal data processing techniques which consist of profiling a natural person, particularly in order to take decisions concerning her or him or for analysing or predicting her or his personal preferences, behaviours and attitudes.

HN seems to collect minimal data. It might not rise to the level of monitoring that would be needed to count as monitoring behaviour.

Collecting minimal data (or no data at all) is also a way of being 'GDPR compliant' :)
Do they comply with GDPR now?

Here's what HN admins were responding last yeat to requests to have your account deleted (article 17 of the GDPR):

>Our understanding based on the analysis done by YC's legal team is that Hacker News does not fall under the GDPR, so for the time being we're sticking with the approach of not deleting account histories wholesale but helping with privacy concerns in any other way we can. The problem with deleting entire histories is that it guts the threads the account had participated in, which is unfair to the other users who posted.

> You agree to not use the Site to: [...]

> advertise or offer to sell or buy any goods or services for any business purpose that is not specifically authorized;

Heh. I'd say this part is disconnected from reality.

A very significant number of posts and comments recommend aka advertise (in one way or another) various goods or services. Typically third-party goods or services ("I use this"), sometimes first-party ("we made this"). And this is what brings huge value to the website. I get it, ToS are about spam, but it's probably impossible to discern good and bad advertising in legal terms.

Specific authorization is probably fulfilled here:

https://news.ycombinator.com/newsguidelines.html

> Please don't use HN primarily for promotion. It's ok to post your own stuff occasionally, but the primary use of the site should be for curiosity.

Emphasis mine.

---

Edit: It gets more interesting with the WhoIsHiring threads. I haven't seen specific authorizations for them, but considering HN staff have commented in said threads in the past (https://news.ycombinator.com/item?id=26306206), this may also be specifically authorized. (I don't know who owns WhoIsHiring)

WhoIsHiring is a Hacker News bot. Y Combinator created it, so advertising there would plausibly count as explicit authorization.
They allow only California residents to delete their personal information, and they may require proof of residency to initiate a deletion. I am disappointed.
I don't speak legalese, but I can tell you what the actual practice is. For YC data (e.g. applications to YC, participation in Startup School, Work at a Startup, and so on), we delete people's data when they ask us to. For HN data, it's more complicated—we try not to delete posts that got replies, because that's unfair to the commenters who replied, and so on. But we have a lot of tricks to help people in more precise ways than wholesale deletion, and we help people with such requests every day. This is in HN's FAQ: https://news.ycombinator.com/newsfaq.html. There's more explanation at these links from yesterday:

https://news.ycombinator.com/item?id=26962860

https://news.ycombinator.com/item?id=26959559

https://news.ycombinator.com/item?id=26959675

What defines a "criminal enterprise"? Like any corporation that has ever committed a crime?