At least, to succeed in substantive illegality, it becomes necessary to skirt and even cross the line of procedural illegality to conceal the substantive illegality.
Whether substantive illegality is necessary to succeed in business is another question, but it seems to be a common choice.
> Whether substantive illegality is necessary to succeed in business is another question, but it seems to be a common choice.
You'd hope not. But there is this proverb that 'at the root of every great fortune lies a great crime' which has been around for long enough that even if it may not be a necessity it may well be strongly correlated.
Also this: "When asked under oath about the attempted deletion of the message, Mr. Pichai had no explanation, testifying “I
definitely don’t know” and “I don’t recall.” "
> Would it have been better if they had these conversations in person
Probably because they weren't in the same room? Same building? Same state? Same country? The value of chat is that it's a very lightweight conversation; especially in a distributed team. It's also a good way to start a conversation with someone if they might be concentrating and need a few minutes to put down what they're doing. Either way, I would assume that in-person communication was impractical.
(Granted, I can see the need for "history off." Perhaps you need to discuss a personal matter, like an inappropriate advance of another co worker.)
> Not saying what they did is ethical but why would anyone have an expectation of forthrightness here?
Many people have different values than me.
Personally, whenever I communicate through any electronic means I assume that whatever I say might be recorded and used against me. It basically makes it hard to do crime; and I really don't want my employer to do crime; and I am not a criminal or politically persecuted.
I think the fact that much of our workplace day-to-day communication is recorded may expose that some people treat these matters different than you and I.
So who wins exactly if this precedent is set and companies all move back to less efficient but "safer" channels of communication? That would represent a huge loss of productivity and efficiency for society.
Because there will always be such channels used in private business. Or is the government going to enforce mandatory private monitoring?
Someone in this thread mentioned that the financial sector records all history for anything work related. What's wrong with that?
> That would represent a huge loss of productivity and efficiency for society.
Are you arguing that corporations need to violate laws in order to be productive and efficient?
> Because there will always be such channels used in private business.
Yes. But look at how much leaked out in Google's case.
What do you think would happen if Google's policy was to only use personal means of communication? (IE, personal cell #, personal email, text messages instead of chat...) What do you think would be happening now?
I think you're confusing personal liberties and the right to privacy with the delicate balance of corporate regulation.
> If everyone’s forced to speak under the fear that anything they say can and will be used against them, a lot of communication won’t happen.
There's a very clear difference between our right to privacy as individuals, and how we communicate in our jobs as employees or contractors of a corporation.
The "If you have nothing to hide, you have nothing to fear" statement is a fallacy when it comes to an individuals right to privacy. In contract, because corporations are not people and do not have the same rights as people, thus "If you have nothing to hide, you have nothing to fear" applies to corporate email, chat, ect.
ugh, yes. Google creates a new type of 'space' (unthreaded/threaded v1/threaded v2) - and... you can't change the space's type. You have to make a new space.
They released a 'new threading system' a while ago. So you now have rooms with two types of threading systems and can't 'upgrade' the old ones. So one organization has at least 3 types of spaces depending on when they were made and they can't be changed at all. (Also, you can't switch from unthreaded to threaded or the other way around.)
Your only solution is to kick everyone out of the space (can't be made read only) and make a brand new space (losing any history/context/shared files in the space). No one's going to do that so you just live with having all these different room types even if another would work better.
Recently, Google rolled out a new 'announce only' setting where only "Space Managers" can post messages. Cool! Let's apply it to an existing space that we are already using for that purpose (company announcements) and prevent other people from... polluting it as they sometimes do. NOPE - you can't! Either "live with it" or create a brand new space with that setting and abandon the existing one.
I could maybe see you not changing space types but something as 'simple' as changing who can send messages to a space? Force everyone to leave the old one and make a new one??? Really Google???
Are they just super lazy over there with developing features or what's their major malfunction?
Pardon my ignorance, but why isn't Pichai allowed to have chat conversations that don't record history? Was there a case against Google already that bans this or something?
And couldn't this just be circumvented by having an in-person meeting?
The complaint details the reason it was not allowed in this case, though would be normally: the topics were subject to legal holds.
> Like Mr. Pichai, other key Google employees, including those in leadership roles, routinely
opted to move from history-on rooms to history-off Chats to hold sensitive conversations, even though
they knew they were subject to legal holds. Indeed, they did so even when discussing topics they
knew were covered by the litigation holds in order to avoid leaving a record that could be produced
in litigation. As the examples below make clear, Google destroyed innumerable Chats with the intent
to deprive Plaintiffs and other litigants of the use of these documents in litigation
Note: that's the argument the plaintiff's lawyers are making, not the final word on the matter
mmm i'm looking for the legal documentation/language that requires google to hold the data for this particular topic.
because i'm in agreement with the grandparent comment that why is the topic subject to legal holds vs just having a meeting in person? Are in person meetings rquired to have a voice recorder present? it seems like a weird legal precedent.
You aren't required to make recordings. But if you made a recording, then you can't slate it for deletion. By disabling history, they're setting it up so records are deleted after 24 hours, instead of kept indefinitely.
In the court's eyes, it's analogous to writing notes to each other, only to burn them the next day.
> routinely opted to move from history-on rooms to history-off Chats to hold sensitive conversations
The way this is worded there's no record, so there's no "slated for deletion"?
I guess the question becomes, if it exists inside computer memory, is that legally equivalent to "writing down piece of paper" and thusly is considered destroying evidence?
If I write something in disappearing ink (let's say it perfectly disappears), it's not destroying evidence? is it?
There is a record. It exists for 24 hours. It’s not in just your local computer’s memory. It’s in the cloud, and you can see that history on any of your devices.
Who gets to decide what is "potential evidence"? If we're going to play language games, turning the chat history off doesn't really destroy anything, just prevents the paper trail from being created.
Well, I think the physical mechanism of turning off chat history on most of the modern chat platforms is to have a database delete each message after everyone in the conversation reads the message, which is a lot closer to destroying evidence than not making records.
Also, if you destroy evidence that may be under litigation hold, the judge will instruct the jury to infer that what you deleted was harmful to your case.
> What Google called off the record chats were 24 hour history chats.
Ah, I missed that part, that's a very compelling argument. I disagree these are not language games though. The way the chat application was kept from preserving history is an implementation detail that doesn't reflect the action the user of the chat performed in the UI.
It sounds like the truth is whatever a human judge can be convinced into deciding is true.
> It sounds like the truth is whatever a human judge can be convinced into deciding is true.
I mean, that’s literally the judges job. It’s why they are called a judge. They make a judgement as to where the truth lies, and where the law lies (except for issues that are delegated to a jury, in which case the jury is responsible for determining the factual record).
But, yes, judges make judgements and a lot of the “well, technically” semantic games that people play will be met with an annoyed scowl and a negative opinion (but, critically not all semantic games; there are some semantic differences that are of critical importance to a judge)
I am getting the feeling you are being disingenuous: a record is a record, a records that gets deleted after 24 hours was still a record. This is a truth based only on the meaning of the word "record". The chat application was not kept from preserving history, it was designed to actively delete history after 24 hours
If there is a court order to not delete history, then the application was designed to do the opposite, and if a technical detail meant the application could not be changed, then the only way to respect the order would have been to stop using the chat application. Instead, there was a decision to use it more ...
I admit I am playing the devil's advocate, but not trying to be disingenuous. The intention behind an ephemeral chat application is to allow private communication without creating a record. From the end user's perspective, the messages are thought to be self-destructing objects that are kept just long enough to be read by their recipient. The way this is achieved in practice is an implementation detail that end users are not necessarily aware of. I don't see how the users of the chat application can be expected to be aware of the implementation or proactively find ways for these private conversations to be recorded.
An analogous real-world situation would be a meeting in a room where someone uses the whiteboard to draw some diagrams and erases it at the end. If we apply the same logic, you would be under obligation to take pictures of the whiteboard and send them to the court? Or even that you should record the whole meeting? Something just doesn't feel right with the idea that you can be under obligation to help make a case against yourself in a legal proceeding.
> Something just doesn't feel right with the idea that you can be under obligation to help make a case against yourself in a legal proceeding.
Well that’s kind of the whole thing with discovery - the court is asking the company to disclose relevant information (some of which will be against the company). Companies here have different disclosure requirements to an ordinary individual.
And if new evidence is being created, that new evidence would be subject to the same data request.
> I don't see how the users of the chat application can be expected to be aware of the implementation or proactively find ways for these private conversations to be recorded.
Most corporate messaging apps have built in functionality to handle litigation holds. This is a requirement for legal compliance, so the company would have to train and brief employees on their legal responsibilities to not destroy evidence during the litigation.
> I don't see how the users of the chat application can be expected to be aware of the implementation or proactively find ways for these private conversations to be recorded.
The company must educate its employees because the company has obligations. A limited-liability corporation is a legal fiction granted extraordinary protections by a society. That corporation had damned well better be a good citizen of that society. If that means erring on the side of caution? Good.
Everything you do on a computer is recorded, at least ephemerally, in the computer memory. Does deleting stuff from the memory count as destroying evidence? If not, how is it different from deleting stuff from somewhere else? I mean, deleting information that is not used is part of how computer operate, if you're going to disallow that, you better have a pretty huge tech infrastructure to store all those memory dumps from every workstation Google has every second or so.
> Does deleting stuff from the memory count as destroying evidence?
Maybe? The line is more blurry here, but there are probably cases where it's more or less easy to make the distinction.
If data is recorded on a permanent medium, it can be arbitrarily retrieved, an explicit delete operation is needed to get rid of it, and this deletion can be scheduled to happen at an arbitrary time - that might easily be understood as "destroying evidence".
If you want asynchronous communication, you will need to produce records of some kind, which can be evidence. That's nothing new.
Maybe if you have a system where the information must be exchanged live and falls off a cliff immediately no matter if it was observed or not, say, like a video conferencing tool - I wonder how the courts see that. It gets much closer to an interesting edge case than something with a 24-hour retention policy.
RAM is permanent as long as you don't pull the plug. If you've been told to preserve evidence, and still pull the plug, then you did not do what you were told to do.
Silly analogy: person on lit hold writes a message in the sand on a beach with the tide out. Are they obligated to preserve the message before the tide erases it naturally?
If a judge thinks so, yes. So you should err on the side of caution, while being a good and ethical participant in the judicial process, and take a picture of it.
If this would be detrimental to your case, perhaps stop doing shady shit.
You have constructed a hypothetical case where the answer would likely depend on facts and circumstances beyond what's written.
That such cases can exist doesn't mean it's not clear-cut here.
In the vast majority of cases, two engineers will agree on the question "is this data persisted or ephemeral" and the fact that the line is blurry doesn't mean we can't know when it's been crossed.
> Who gets to decide what is "potential evidence"?
Ultimately, the courts do, but if something is possibly related you’re supposed to preserve it.
> turning the chat history off doesn't really destroy anything
IANAL but courts tend to view all written conversions the same way. Turning off chat history is viewed the same as throwing away all the mail you receive, and both are very much frowned upon when the court has specifically asked you not to. These rules are set through longstanding precedent.
What is the chat happens in a software that didn't have chat history feature in the first place? I mean it's Google, surely they could cook up a separate internal chat tool just for this purpose. And if the chat history didn't exist in the first place, can the court order the company to switch to a chat software that has it? If not, how is it that different from toggling chat history on/off in a single software?
IANAL but my reading is that by transmitting chat messages you are generating potential evidence so discarding those is destruction of that potential evidence.
Presumably this does not apply to audio-visual real time communication as you're not transmitting entire messages but fragments in real time that don't convey any information by themselves. Sending back and forth recorded audio messages OTOH would presumably produce potential evidence. Sending each letter as it is typed presumably would not.
That said, usually these things are ruled based on the spirit of the law as much as the letter of the law so trying to game this by working around technicalities would likely be considered ... bad.
> Not a lawyer. When a legal hold is issued, the company is instructed not to destroy potential evidence related to the case.
Not a lawyer, but I have helped implement record management systems, and a requirement is always support for legal holds.
If the reg affairs or legal people were told "oh, yeah, we're deleting all these company records even if they have holds" they'd have strokes. Or quit. Or both.
No, absolutely not. Legal holds prevent you from destroying evidence, they don't require you to produce new evidence and make it available. The legal theory of the plaintiffs in this case is that using 24-hour-expiring chats is tantamount to destroying evidence every 24 hours. I'm not a lawyer and can't comment on how well this matches with previous precedent in this area, but I get the general vague sense that using "off-the-record" to specifically avoid discovery is often something courts take a very dim view of—even when those chats are replacing in-person conversations and meetings the court would have no way of knowing about before the advent of IM.
> At the heart of this dispute is a simple question: did Google do the right thing with respect to preserving Chat communications in this case? There is no doubt that Google was perfectly free to set up an internal IM service with any retention period of its choosing for employees to use for whatever purposes they liked. The overall propriety of Chat is not in issue here. What matters is how Google responded after the lawsuits were filed, and whether it honored the evidence preservation duties it was abundantly familiar with from countless prior cases. The record establishes that Google fell strikingly short on that score. Several aspects of Google’s conduct are troubling. As Rule 37 indicates, the duty to preserve relevant evidence is an unqualified obligation in all cases. The Court’s Standing Order for Civil Cases expressly spells out the expectation that “as soon as any party reasonably anticipates or knows of litigation, it will take the necessary, affirmative steps to preserve evidence related to the issues presented by the action, including, without limitation, interdiction of any document destruction programs and any ongoing erasures of e-mails, voice mails, and other electronically-recorded material.” Google clearly had different intentions with respect to Chat, but it did not reveal those intentions with candor or directness to the Court or counsel for plaintiffs. Instead, Google falsely assured the Court in a case management statement in October 2020 that it had “taken appropriate steps to preserve all evidence relevant to the issues reasonably evident in this action,” without saying a word about Chats or its decision not to pause the 24-hour default deletion.
Normally a document (chat) deletion schedule is completely fine and standard practice at most corporations. The problem is that it continued (without exception for those with data retention holds) once litigation had started.
TBD whether using OTR exclusively (like having in-person real time meetings) for all chats would violate this. I guessing no, it's the choice to use OTR selectively by participants that causes problems.
Is that really irony though? It kind of seems like self-preservation. Based on what I merely suspect Google knows about me, it wouldn't be a surprise at all if I receive a letter of acceptance/rejection for employment there, despite having never applied nor considered doing so. "The algorithm" knows the plans that I haven't even thought about thinking about.
However, these are not people that can merely speculate; they live at the bottom of the rabbit hole.
Imagine you work for a company that has records about you with enough depth and granularity to have already calculated (with fp64 precision) everything you will ever do and contribute in your life (i.e. is your actual future cost/benefit ratio, not an estimated value, favorable enough to allow you to continue exist).
Would you NOT make at least some sort of effort to stop "the algorithm" from consuming you? Would you just keep feeding "the algorithm" pieces of yourself until it eats enough of your being that it becomes you?
It seems they've decided to save themselves by not saving their chats. I'm not a lawyer or anything, yet I'm getting a vibe like this kind of stuff prolly looks "kinda legally bad." Law things like this happen because there simply isn't time to waste worried about looking "kinda legally bad." It's natural to prioritize taking care of higher magnitude existential threats like getting processed by "the algorithm."
No, if you actually read the messages, many of the employees want to turn history on, because it’s useful, but turn it off (or are instructed to turn it off) specifically to avoid being subject to legal discovery.
How do you know they actually honor your requests? What about any of your data that's gone into training one of their ML models? You can't just delete the effects of training data from your model weights.
True although in the EU at least I'm pretty sure that retention of the effect of some data after aggregation is ok as long as the originating data is deleted and the aggregation is such that the original data couldn't be reverse-engineered afterwards. So that would cover use of your data in an ML training set. They would need to remove it from the set for future trainings but the weights of existing models wouldn't need to be altered. That's my understanding anyway.
> why isn't [...] Was there a case against Google already that bans this or something?
According to [1], "The DOJ maintains Google should have suspended its auto-delete practices by 2019, when it was clear litigation was coming."
I found more details in [2] on the legal topic of evidence spoliation that might be interesting, though I'm not a lawyer and don't know what which law(s) are relevant in this case.
> And couldn't this just be circumvented by having an in-person meeting?
Yes, but there's presumably a difference between deleting evidence vs. not having it in the first place.
Thanks. The law is kind of silly. A chat system that doesn't store history is functionally equivalent to an unrecorded call, but I'm guessing they would not consider an unrecorded call destruction of evidence.
It does record "history" - if it didn't, the recipient would see it appear and then immediately vanish in the next refresh of the screen, which is not the case. The thing is, it only keeps the history for a short period of time (hours/days). That's not the same thing as an unrecorded call, which isn't recorded for any period at all.
That is understood. However the medium begets a conversation around how most communication isn't recorded anyways, in this example if it were a phone call.
If you have two internal phone systems, one of which logs calls and is the default, the legal system would look on moving to the other unrecorded system in the middle of a call with the same kindness. Intent matters in law and the intent was to evade evidence rules.
> the legal system would look on moving to the other unrecorded system in the middle of a call with the same kindness.
I don’t know about that. Not producing evidence and destroying evidence are very different actions, even though the intent (of not leaving evidence) is similar.
In the US, moving conversations from a recorded to an unrecorded medium would likely be covered under the 5th. Having conversations on a recorded medium then destroying the record, not so much.
No, the chat system recorded history for 24 hours and then deleted it. Google had a legal obligation to proactively find and turn off all the automatic deletion system that could delete potentially relevant records. That's just how the law works, every big corp knows how to do it.
> Yes, but there's presumably a difference between deleting evidence vs. not having it in the first place.
In the article it seems Google's "history off" feature isn't really history-off so much as it simply auto-deletes after 24h. If the chats were never logged, would they have avoided this?
Also how far does the law go regarding deletion - I mean if a message was stored in memory and then released/garbage collected does that still count as "deleting evidence"? Because if so, then virtually any means of electronic communication might be counted as "deleting evidence". For example a voip call audio buffer that gets deleted.
(Just thinking out loud, not that I would ever want to circumvent the law)
Not a lawyer, but my amateur guess is the answer to your first question would be yes, and the answer to your second question would be no, because of the common-sense understanding of how computer storage works and what it means to delete something. There's no need to have an information-theoretic definition of "destruction" here.
Relevant law cited elsewhere in the thread: "(e) Failure to Preserve Electronically Stored Information. If electronically stored information that should have been preserved in the anticipation or conduct of litigation is lost because a party failed to take reasonable steps to preserve it, and it cannot be restored or replaced through additional discovery, the court ..."
The key word is "reasonable", which is what the court must decide happened here. OTOH deliberately enabling "history off" doesn't sound like a reasonable steps to preserve records under legal hold. Having said that, I wonder if it also means voip/video calls must be recorded, especially if the feature is available in whatever app they use. Further, even if they use a purpose built "off the record" app, deliberately choosing to use such an app could be argued as failure to reasonably preserve records, if a regular history-preserving app is available. So I think the answer to my first question could be a no.
I’m not a lawyer, but my understanding is that remote work doesn’t create a discoverable record if the conversation happens by unrecorded methods such as a video chat or phone call where the recording feature has not been enabled.
The problem with Google Chat in this context is that even history-off Chats are kept for at least 24 hours before being destroyed (I’ve sometimes seen longer due to caching), so a record is created and then destroyed. That isn’t allowed when an obligation to preserve the record exists.
I admit I don’t know whether something like un-logged IRC would be allowed, but at the very least, any IRC clients that do log the history even for the purpose of displaying it locally after a crash and restart would themselves create a discoverable record subject to any applicable preservation obligation.
If you mean that remote workers are more likely to use Google Chat for sensitive information topics than in-person workers, yes, that could be an example of a peril of remote work. But, from the perspective of society rather than the company, making it harder for companies to hide misbehavior is actually an advantage of remote work.
Disclosure: I have worked for Google in the past, but not for more than 8 years now, and I have no inside knowledge of or connection to anything discussed in the submitted PDF.
>I admit I don’t know whether something like un-logged IRC would be allowed, but at the very least, any IRC clients that do log the history even for the purpose of displaying it locally after a crash and restart would themselves create a discoverable record subject to any applicable preservation obligation.
This logic gets absurd when you push it to the limits. For instance, any sort of VOIP call would imply deletion, since the voice packets have to be buffered in memory for it to be decoded and played back. At least with respect to copyright law, the interpretation is reasonable. For instance, intermediary routers that copy packets as they pass through do not commit copyright infringement. pictures/videos that get cached on your device also doesn't count as copyright infringement.
> This logic gets absurd when you push it to the limits.
Judges won’t push the logic to its limits. They’ll look for a reasonable line, and give an annoyed look to people who go off on a technical “well actually VOIP packets are briefly in memory and then deleted, so it’s the same thing”.
Judges recognize that arguments that are reasonable and logical in some domains aren’t perfectly generalizable to all cases. They’ll just (if it’s relevant to the case) make a ruling on whether transistory packets count as recording, and create a litigation hold (they’d almost certainly decide it doesn’t) and move on with their lives.
Why does everyone just assume that the software Google/Slack/other video/chat platforms use actually respect any of those settings? For all we know they simply mark this data as "deleted" and the GUI won't show it to you.
In the USA there is practically no recourse users have if SAAS/PAAS simply decides to keep this data and not tell you about it. Google won't be investigated or punished, and you'll never get anyone on the phone to yell at about it. Taking them to court is like throwing money into a well. The truth is, if they decide to do it in secret you'd probably never even find out about it.
Google is large enough to design its own hardware/firmware. They could probably implement this without many of their own internal teams being aware of it.
I don't see a functional difference between a video chat and a text chat beyond the technical limitation that if a text message isn't kept for a short period of time then the recipient will likely not be able to read it.
Where would you draw the line?
Telling another human to deliver a verbal message only within the next 24 hours is okay. Training a parrot to do it is okay. Programming a robot to do the same is okay? Programming a computer to do that is not?
Is it okay if it's a one hour delay? Four hours? Until it detects that the user has read it? Until the user manually marks it as read (does that count as explicit deletion)? If it's stored in RAM? On an HDD? On an SSD in swap? On ticker tape?
I will admit that I suspect some of the reason does indeed lie in having 'impromptu' conversations, which are helpfully not recorded anywhere. The other two pieces are real estate and 'feeling' of control. I am not sure which one bears more weight.
I'm not so sure - there was a lot of talk about "impromptu hallway conversations" and "the magic of bumping into your colleagues in the kitchen." I assume they surveil everyone's computers very heavily, too.
None of this is particularly surprising, but it's very amusing to see the litigation go this route. It's incredible common for corporate legal to recommend purging data or communications no longer relevant, or to advise avoiding specific means of communication (like email) due to retention challenges.
It's incredibly dumb to explicitly discuss avoiding leading a paper trail with respect to subjects where litigation is imminent or already in progress.
The point of these legal policies is generally to avoid unnecessary risk. From a legal perspective it's impossible to control communication completely but advice to reduce the scope or volume of legal holds is almost always reasonable. Legal holds can be really painful, and it's not uncommon for a lot of unrelated communications to become in-scope.
This is exciting to see, I hope it triggers real change in corporate culture but I suspect it might simply make it even worse.
I think worse they were under injunction to retain all communications. They were essentially destroying discoverable material. AFAIK the result is in the court the court can assume the material was damaging to their case and treat it with prejudice.
I am not a vengeful type. But people need to be punished to a shocking degree until this is fixed. It should be surprising. And it should have terrible, if not horrific, consequences.
"The court has already declined to issue terminating sanctions against Google"
"the Court would like to see the state of the evidence at the end of fact discovery"
You can see the dilemma in that last statement. There is practically no discovery malpractice large enough to ever have a judge blow up a case, which is why it happens over and over again.
It happens. The Feds changed the rules of civil procedure back in 2006-2008 to eliminate most excuses to produce information.
Prior to that, you could go the court and say your Exchange backup restorations would be difficult or impractical to do at reasonable cost and try to get the other party to pay or share cost. Now, the judge would laugh at you if you responded that way.
Google culturally has a small company mindset about this stuff, plus they are really rich so they can buy their way out of trouble. Now that HN people are talking about these issues, you can be sure some attorney or regulator will find a way to screw the company over good, as things like this are dumb.
At least in the past they were spending a few pennies for lobbying to various legislators on both sides of the isle. With a bit of luck and they’d be calling in some favors.
They might be punished but it may be a slap on the wrist.
Google, as a company, can easily afford any kind of sanction they may face on this.
It was individuals at the company engaging in blatantly illegal activity. I can guarantee they will face no consequences whatsoever over this. Unless for some reason there was some peon class employee involved in it, in which case s/he will be made the scapegoat.
who in particular would you punish? All this behavior is required by company policy, presumably set by Google's legal department: "Google employees are instructed that chatting “‘off the record’” is “[b]etter than sending . . . email” specifically because Google destroys off-the-record Chats every 24 hours, whereas it retains emails to produce in litigation".
The judge can tell the jury in a jury scenario to make an adverse inference; ie assume that whatever “bad” thing in question was said in the missing communications.
This is an area where individual conduct doesn’t matter until it does. Irritating judges is a risky affair.
All of the parties involved need to be sanctioned. The employees following the bad instruction and the lawyers issuing the instruction. Violating a court order at the instruction of your employer's lawyer doesn't give you a free pass. Remember: they are the company's lawyer, not the employees'. But, the lawyers definitely need to be hit and hard. Not sure if disbarring is an option here, but should be on the tablem
>It's incredibly dumb to explicitly discuss avoiding leading a paper trail with respect to subjects where litigation is imminent or already in progress.
I'd say it's incredibly dumb to do that on a platform that can record the interaction.
I never understood why folks use platforms like slack/email/etc. to discuss stuff they don't want others to know about.
The ideal for that, of course, is to have in-person conversations in a place either known to be free of surveillance and/or difficult to surveil.
Failing that, assuming you trust the other party (which, in a case like the one we're discussing, you'd think would be the case), an unrecorded telephone call (yes, you can actually still do that) will work in a pinch.
I don't know how many times (many, though), I've met with someone in person or spoken via telephone about stuff that might be less than flattering (for me, at least, nothing illegal/unethical -- usually more about discussing my or the other party's activities/behavior that might reflect poorly on either of us or the organization) to avoid any record of such conversation.
I'm not suggesting that people should organize/discuss unethical/illegal things on any platform (in person included). Rather, I am surprised that folks have and continue to do so on recorded (or even potentially recordable) media.
Especially someone as obviously (how else could he have come to head GOOG) smart and savvy as Pichai.
Australia has recently had multiple data breaches across a number of large groups that saw decades of user data copied .. that should have been PURGED.
Some of it arguably should never have been retained - proof of identity data, addresses, passport numbers, etc.
Obviously this isn't the same as internal emails, chat histories, etc but I'm hoping we here in Australia see a solid swing away from data retention "just in case", "because we can".
The default setting on all such things and software really needs to be nothing is saved unless specifically and knowingly set to be saved (for a solid recorded reason) and then for only the minimum neccesary duration.
If you have a policy or procedure, what you’re suggesting is ok in most companies.
There’s no law that says that you need to keep security camera footage for any length of time. If your practice to to retain for 7 days, and you get a subpoena to provide it 10 days later, no problem. But if you are directed to retain footage from February 30th, or have a reasonable foreknowledge that you should keep the footage, you’re in trouble.
The answers vary by company. If you sue or investigate people all of the time, you want to keep everything forever. If you get sued frequently, you want to get rid of the data as soon as practical. If you consciously don’t create records for matters that aren’t confidential, people are probably going to infer something.
> If you consciously don’t create records for matters that aren’t confidential, people are probably going to infer something.
I'm suggesting that software companies that provide products and companies that use them adopt a default position of NOT creating records | histories | customer interactions and only engage record keeping by an explicit action that has a time limit and is logged with a reason for retention.
I have no issue with legally required | meeting minute keeping | security footage for a month | etc | records.
If that becomes the norm then people would no longer why (for example) worker to worker chat conversations "across the bench" aren't being kept for 50 years (or even longer than a month | current project duration).
Mechanics working on a car have no need to be recorded in perpetuity (although its handy to retain footage for XX weeks in case of an accusation of theft from a vehicle) just as shop floor software workers have no need to be recorded "forever".
The product in a mechanics shop is labor and parts. These get tracked via inventory.
In knowledge work, the knowledge is the commodity. If you keep nothing beyond formal deliverables, you best have a system to capture the knowledge.
Most organizations are very bad at that. It requires a lot of rules, policies and people to enforce those policies. Google for a government retention schedule. It’s probably a 100 page document for a state or large city.
Relevant, from Matt Levine's Money stuff (regarding SEC recordkeeping rules, which are similar but not quite the same as litigation holds):
> We have talked before about the SEC’s probe into how the employees of big banks discussed their work in text messages and chat apps like WhatsApp on their personal cell phones. The SEC has collected big fines from the biggest banks because, it has said, these chats violated the SEC’s recordkeeping requirements. When the SEC fined 15 banks and brokers for this stuff in September, SEC Chair Gary Gensler said:
> > Since the 1930s, such recordkeeping has been vital to preserve market integrity. As technology changes, it’s even more important that registrants appropriately conduct their communications about business matters within only official channels, and they must maintain and preserve those communications.
> From the perspective of the banks, I have argued, this is a novel expansion of the SEC’s authority. When the SEC created its rules on recordkeeping, it required banks to retain copies of their “inter-office memoranda,” but it was 1948 and those memoranda were produced with carbon paper; they were formal business records memorializing serious policies. In the 2020s, WhatsApp chats are, in large part, substitutes not for formal memoranda but for talking to someone in person. When I was a banker, I have written, “There were some mornings when I sent more than 100 inter-office memoranda, though like 20 of them would be ‘lol’ or ‘fml.’” In 1948, the SEC would not have dreamed of demanding a searchable archive of all of the informal chats held at a brokerage: That was not technologically feasible, and also did not seem to be the point of its rules. In 2022, it was feasible, and the SEC did demand it, and when the brokers were missing some chats they paid a billion dollars in fines.
> From the perspective of the SEC, as a fine-maximizing business, this series of investigations is so attractive:
> - Every bank has some bankers who did WhatsApp chats, so you can fine all of them, and they all have a lot of money and depend on the SEC’s goodwill, so they’ll pay.
> - You don’t have to prove bad intent, or harm: Simply finding some WhatsApp chats about deals, or clients, or market conditions, or anything, is enough to extract a big fine. If the SEC had gotten the personal messages of a bunch of bankers and found them doing a bunch of crimes, it surely would have extracted more fines from them, but as far as I can tell it never found anything like that. The bankers had normal businesslike chats about client meetings or markets or whatever, but the fact that they were on WhatsApp was enough to incur a billion dollars of liability.
> - Banks will learn their lesson from these enforcement actions, and the lesson is “keep all communications on official channels and preserve all of them,” which will make it easier for the SEC to catch future misbehavior and fine it comprehensively.
> If I worked at a bank I’d be very annoyed by the WhatsApp stuff, but as it is I sort of admire it: It is, for the SEC, a clever bit of business, a bold expansion into a lucrative and growing market, and an investment in making its future business easier.
> The SEC clearly agrees, because its WhatsApp Fines Division keeps moving into new markets:
> > Major hedge funds have been asked by US regulators to review certain employees’ personal mobile phones as part of a mushrooming probe into Wall Street’s use of unofficial messaging platforms like WhatsApp to conduct business.
> > The Securities and Exchange Commission recently asked Steve Cohen’s Point72 Asset Management, Ken Griffin’s Citadel and several other firms to search through the devices for evidence of business dealings on unapproved channels, according to people familiar with the matter who asked not to be identified discussing the private requests. The SEC is also probing the practices of brokerages, money managers and private equity fi...
I moved from an HFT firm to Google. The attitude difference with respect to document holds was hilarious.
At the HFT firm, the attitude was, "we're constantly being sued (by the SEC and others), so we treat all of our records like they're under litigation holds, just in case the SEC claims they wanted them, even the off-topic slack channels."
At Google, the attitude was, "we're constantly getting sued, so we treat all of our records as being as ephemeral as possible so we can avoid having a record of what we're doing."
At my company (not finance, and never gotten sued), documents are ephemeral
primarily due to GDPR reasons.
Many of them contain various personal data of clients and/or employees, legal makes us specify for how long each service needs to hold on to it, and purge as soon as possible to minimize chance of leaks.
It’s a funny intersection of hold requirements. Litigation and one set of compliance requires holding records for at least this much time, GDPR and other such things require keeping records no more than some particular time. I haven’t seen the case when the intersection is an empty interval. But I imagine then one would choose to justify breaking one of the least important ones.
It's where being able to have strong guarantees about how customer data is being used becomes critical.
I'm required to keep evidence about your KYC information and your financial transactions for compliance purposes for (e.g.) 7 years after you stop doing business with me. If I'm using them for that purpose I'd be in the clear GDPR-wise.
However, the day I break off doing business with you I need to stop using them for marketing or sales leads - that would be a GDPR breach.
Where I suspect it will get very messy for companies is the sexy new "hoover all the data into ML models" is going to come a GDPR cropper because I doubt most of the people doing it can show that they purged it when their relationship with the data owner ended, if they even had one in the first place. They're sure as fuck violating copyrights all over the place.
I think its rather disingenuous or modest for tech to fall back on "whats the worst that can happen, maybe you lose some pictures from the cloud" as a defense for such a light touch.
There's many areas in which tech competes directly with, or has attempted to build shadow parallel systems to other more regulated industries - payments, exchanges, various medical plays, media, etc.
all of those "disruptors" just makes me cringe every time i hear it now. there have been so many bad actors. paypal still seizing accounts because some automated thing made a decision that can't be shared as to why. seems like Stripe as been in the news for similar topics. then you get the ones like Uber just flagrantly doing shady things to get that disruption.
now, when i hear someone say disrupt, i immediately assume they are cutting corners on whatever regulation that is needed to gain a leg up over the incumbent companies following the regulations.
Tech thinks it is "disruption" when they are breaking laws they don't like / they deem outdated / they deem "unfair" / that prevent them from making more money more quickly.
Tech wanted people to think this was different from Wall St somehow, but I think the average American no longer sees the difference.
Paypal and Stripe's actions like seizing accounts automatically is probably more due to complying to industry rules rather than avoiding them. The "shady" things are what any bank would have to do, not just the techs.
No way. Any time I've had a debit card shut off, they made several blatant attempts to contact me, and when I called them they immediately connected me to the fraud department to help solve the issue.
Getting a paypal/google/whatever account flagged is basically the death of that account.
You aren’t running a business, and you haven’t really dealt with your bank much beyond the e consumer level. They will cut you off as quickly as possible if they suspect anything nefarious going on. Banks are less reasonable than techs in this regards, you’ve just never used them to sell something.
Really they don't. They will cut you off and then maybe take your phone call. Google and Apple don't actually run their own financial services, they partner with the banks that you think are actually better, but aren't really.
> now, when i hear someone say disrupt, i immediately assume they are cutting corners on whatever regulation that is needed to gain a leg up over the incumbent companies following the regulations.
This is.. not new at all. We were talking about Uber doing that about a decade ago lol.
> There's many areas in which tech competes directly with, or has attempted to build shadow parallel systems to other more regulated industries - payments, exchanges, various medical plays, media, etc.
If we are just talking about the USA, then I think both Apple and Google had to partner with entities in the financial industries to do payments, they didn't just bypass regulation in those industries. Then there is Stripe and Square (erm, whatever Square is called now), I'm not sure what regulations they fall under.
This probably isn't because of litigation holds, actually, this is because finance firms are under SEC record-keeping rules, which require the preservation of ALL internal written communications, regardless of whether they're currently being sued or not. It's a bit of a different beast. See https://www.bloomberg.com/opinion/articles/2023-02-02/the-se... which covers some ... interesting recent developments of this rule and its application
Yeah, as I understand it though, the SEC rules are to allow investigations (and "enforcement actions"/lawsuits) to happen quickly. I saw one of these "investigations" happening at one point and had no idea it was an investigation until I was casually informed that the strange people in the office were from the SEC and they had some questions about some trades, and that it happens all the time.
In a 100-person company full of T-shirt wearers, ~4 random men walking around the trading floor in the middle of the day (a big no-no for any sort of guest) in suits is strange.
As I understand it, the bankers and regulators who came around and knew the territory usually dressed down for the occasion (polos and slacks). Asking people to dress up would never have worked at this firm, and the SEC never went past the "investigation" phase anyway, so it wasn't a big deal. People who worked there were never told there were visitors - it apparently was actually a frequent occurrence, but they were using a different conference room that one day.
The guy who handled the regulators wore button-down shirts when they were around, and any traders/engineers who had to talk to them often were told to wear a button-down, but that was it.
People from "real Wall Street" who joined usually had a phase of dressing up before they adopted full casual dress. One person lasted months before showing up in a t-shirt. I kind of assumed that they were all buying new wardrobes during that period, but there may have been a culture shock of sorts.
Today, we use instant messaging like we use voice conversation - especially for people who work remotely. Banning the use of ephemeral IM is sort of like saying “you need to record all of your discussions, no matter how trivial”.
Levine’s article makes a great point:
“It really is wild that the SEC’s official position is now that it is illegal to “use unofficial communications to do things like cut deals, win clients or make trades.” “Conduct their communications about business matters within only official channels”! Imagine if that was really the rule! You can’t have lunch with a client and talk about business, or have beers with your colleagues and gripe about work, because that does not create a searchable archive for the SEC to review.”
There’s a difference between avoiding discovery by tacitly moving conversations offline versus saying that you are doing so, in writing, in a discoverable channel, specifically to avoid discovery.
The spirit of the latter crosses a line of showing deliberate contempt for the legal process. Doing it in writing seems just as ill advised as discussing sensitive information in writing.
It just shows how problematic all this "surveillance" (voluntary and involuntary) has become. And it will become even worse. We now have cameras/door cameras at almost every private home/apartment and every street corner. We have cars who record audio and image/video inside and outside of the vehicle. There is almost no real privacy anymore. Everything can be used against you.
Honestly, it's getting a bit insane I think.
If we cannot communicate digitally in private and we cannot communicate physically in close vicinity to a car or a building, the only place left is in a remote forest.
As we have seen with Tesla engineers having access to videos inside cars (how can this even be legal) and we saw the 21 year old who leaked the secret Pentagon data, it's not that there has to be a decision by lawyers or government agencies that the data has to be provided. Any devops or admin can access this kind of data and spread as they like.
And how come Tesla and the Pentagon has no precautions in place to stop this kind if abuse?
To me it looks like a clearly-defined line between text and real-time voice/video. What the user experiences, not the technical background.
Ie it would have been perfectly fine for google to ban text chats, and just use calls/meetings; even with the same software. As inefficient and unpleasant as it would be.
Yeah, FAANG gang has no idea the level of surveillance and record keeping that bank/fund/wall st tech is under.
I worked at one shop that if you said "call my cell" in a slack to someone, you'd get a call from compliance within days ask to explain why you did this, what the conversation was about, why it wasn't on a work phone.. and to never, ever, ever do it again... because you know we are watching, so we will find you.
Every bank I’ve worked at issued a company cell phone. To be pedantic if you say call my personal cell, then compliance will be on you like flies on poop
I said something like "call my cell at __" and put my personal cell number, but didn't say "personal".
Which gives you an idea of the level of monitoring they are doing to tie that together probably automatically given how quickly I was called. And this was almost 10 years ago.
I'm also old enough to recall the little background hum & beep the bank landlines used to make when you were on a recorded line.
Are you allowed to have in-person meetings? Do you have to record and preserve them?
If you are allowed to be off the record only in person, this seems like the perfect commercial real estate subsidy program from the federal government.
Yes but there's almost always someone on zoom/conference line in the meeting, which is recorded, so..
The penalties are so stiff for a lot of infractions, there is far less attempts to workaround the letter of the rules than you would immediately expect.
There's also classes of in-person meetings with externals that you need pre-approval permission to attend and to write up what was discussed after the fact.
Like people at asset management firms attending a dinner with a broker.
Another example, at a hedge fund I worked, emails, meetings or phone calls to public companies required pre-approval from compliance, and for them to be on the email or call. The emails would also require a preface reminding the moron on the other side that you are a hedge fund and they should not provide you with any material non-public info.
I can only think to myself, well, yeah, that's what that industry gets for all of the bullshit shenanigans that have been pulled in the past. Is everyone commit flat out illegal shit like Wolf Of Wall St? No. But this is the only way to allow any semblance of trust by anyone. That being said, I personally believe every company if finance/banking is doing something shady somewhere, even if only a small number of people are involved. There is no trust whatsoever from me to that industry
I’ve heard stories of people saying things like “at our (highest) levels, we only talk face to face, and then as little as possible.”
It wasn’t about regulation, but protectionism. If you want to do business with us, you need to hire people to deal with us - people we approve of, or no access.
This was in an unregulated industry, with strong protectionist instincts (Hollywoods movie industry).
Couldn’t these sorts of “in person only” rules also be a protectionist gatekeeping technique?
Reportedly, many firms had an SSL MITM server in place and also recorded your private Facebook messages if you made them from the office wifi. Signal conversations may have been safe, but that's it.
No it’s not possible in the way or manner you described unless it’s an office phone.
Banks aren’t creating a super secret MVNO to comply with regulations and the telcos aren’t cutting breaks for a bank or a 3rd party spy network. I’d imagine saving all employees cellphone calls for 7 years is a very expensive project.
You can encode voice with quite acceptable quality at 8kbps. (With recent advancements even 3kpbs is reasonably good.[1]) That’s 3.6MB per hour. Assuming an average of one hour per workday on the phone, a single employee generates less than 1GB a year. That’s peanuts. Even eight times that is lower than what I personally generate every day.
Not a great example for nefarious off the records communication & coordination, as it wasn't required for this to occur.
CDO credit ratings were a perverse incentive race to the bottom in terms of quality, because it was issuer-paid.
The ratings agencies essentially bid on future business with the banks by issuing rosier ratings than their competitors.
Also, they paid billions in fine settlements after the fact.
The record keeping likely contributed to them being able to piece together the agencies becoming more and more lenient, and the internal dialogue between analysts & sales.
Right, still stupid to be issuer paid, but there's also not a lot of great alternatives I suppose.
Ideally it would be buyer paid, but then you have a chicken&egg problem that buyers don't want to pay for ratings on securities they don't buy, and they don't know which to buy if they aren't rated yet.
Security purchasers were obviously doing insufficient due diligence & research on products, taking ratings at face value.
It's like if you saw CNBC mention some upgrade of Rivian to a "buy rating" by Goldman, and said "OK then I am buying it", without doing any research.
Anyway, some structure was put in place by the government settlements.
For example in Moodys government they agreed to:
* Separation of Moody’s commercial and credit rating functions by excluding analytical personnel from any commercial related discussions and excluding personnel responsible for commercial functions from determining credit ratings or developing rating methodologies;
* Changes to ensure that specified personnel are not compensated on the basis of the company’s financial performance;
and a few other things
The separation of concerns seems similar to the Dotcom implosion era settlements to how equity research could be paid, and that they had to be firewalls off from the parts of the bank bidding on equity/debt/loan offerings with the companies that research reports were being written on.
Probably the biggest outcome was that the market now understood credit rating agencies are barely worth the bytes they are recorded in, and they are taken with large grains of salt now.
So far from perfect, but also far from the narrative of "nothing changed".. like much in life.
I guess smoke signals, semaphores, hand gestures, and communicating via silly walks is not covered by the SEC. Also, white handkerchief out at 9 am means meet me at the pub tonight?
Only half-joking. I really wish I knew how this works.
It would be difficult just to target FAANGs. If the law changed to include them, it would probably include everyone else as well. They aren't in any activity that is regulated by a special agency like banks/traders are.
Yes because the minute that someone from the “other” (whichever side you don’t like) party gets in control do you think they are going to do things that you want?
Desantis just tried to push through a law that said you have to register with the state if you report on politicians. Do you like that proposed law?
Do you want the government to have access to all communications between you and your coworkers? Do you want to be questioned every time that you tell a coworker over Slack “maybe we should talk about this at lunch?”
It amazes me that people want the only organization that has a “monopoly on violence” to have more power.
Does that amaze you? Because you should look at the unanswerable moneyed interests that got DeSantis elected in the first place.
There's currently an investigation going on about how one particular former President may have broken the reporting law. But for that law, his "catch-and-bury" agreement to keep unpalatable stories about him out of the public eye was perfectly legal.
So yes, I do want the organization with a monopoly on violence to have more power of oversight of people with power through money. Especially as long as who has control of those levers changes with the frequency it does.
And we see what the people with “over site” do in Florida. Do you also believe that it was right that the government in Florida went after Disney because the company spoke out against the “Don’t Say Gay” law? Do you think the government has any right to try to have “over site” because the (Democratic) VPs wife got in a tizzy in the 80s because her little ears couldn’t handle NWA releasing a song called “Fuck the Police”?
Are you one of those people in power? Because the scenario that someone said was that I financial firms that are highly regulated was that if any employee said on chat to a friend at work, “hey give me call on my cellphone and let’s talk about where we are going after work”, you could be talked to by legal.
You are saying that you want an increase by the surveillance state. Have people learned nothing about how the government abuses power from the “War on $x”?
> Do you think the government has any right to try to have “over site” because the (Democratic) VPs wife got in a tizzy in the 80s because her little ears couldn’t handle NWA releasing a song called “Fuck the Police”?
Sure. I was there; I remember. I think it was a waste of time but ultimately harmless; it resulted in a few (private, moneyed) corporations deciding not to sell some music that the government had mandated be labeled (which, to be clear, is a wide power the government has; perhaps overused here, but it's no a violation of anyone's rights that they make companies put the ingredient lists on food). Then the Internet happened and that whole thing became irrelevant.
Florida is a great example to study these money-power-vs-political-power effects, because were the tables reversed people currently supporting Disney would be horrified. Imagine it was Rupert Murdoch and Fox World with an ultra-right-white-national enclave utterly immune to legal oversight, and the duly-elected Democratic government trying impotently to reign them in. Much as I like the result of Disney;s pushback, the means are deeply disquieting and speak to a completely-dysfunctional corporate-power-vs-state-power relationship that is ripe for abuse. And the wheels of corporate power turn glacially relative to government power; DeSantis, barring a state constitutional amendment, is gone in 2024 as a state governor, but Rupert Murdoch was CEO of News Corp / Fox for 36 years.
I'm not 100% for corporate power or 100% for government power. I'm for balancing and pitting the two against each other because they're both effective tools for checking the worst abuses of the other. And make no mistake: when it comes to the FAANGs, what we're seeing is patterns of abuse that need to be reigned in. Requirements for auditing and oversight can be overdone, but in practice, in 2023, the tech sector has been allowed to run with a laissez-faire attitude for decades and has become a vital piece of the modern societal fabric; as a general principle, anything that vital to daily human experience for most citizens needs government oversight to ensure its legal compliance before it becomes Standard Oil or Bell Telephone or Microsoft or Fox Media or, indeed, Disney... Something unanswerable to all but itself.
This era of existence is marked by humanity trying to forge a path between a 1984 future and a Brave New World future. There are no simple answers for power allocation.
> it resulted in a few (private, moneyed) corporations deciding not to sell some music that the government had mandated be labeled (which, to be clear, is a wide power the
So you think it is okay that the government trampled on the free speech rights of rappers who were talking about police corruption and there experience years before the internet became ubiquitous where anyone could get it out?
> Imagine it was Rupert Murdoch and Fox World with an armor, always taste no and the duly-elected Democratic government trying impotently to reign them in
And the government only tried to “rein them in” by punishing them after they spoke out.
> when it comes to the FAANGs, what we're seeing is patterns of abuse that need to be reigned in.
Well the difference is that no corporation has ever stopped me because I “looked suspicious” because I was walking through my own neighborhood that I looked like I didn’t belong. Nor does it have qualified immunity to get away with doing almost anything. I have agency to not be under the auspices of any corporation - especially a search engine. I don’t have that power under the government. There is no balance on government power except not to give it anymore than absolutely necessary.
I’ve never had to worry about my son being harassed by any corporation just for driving down the street.
And do you think the government is just going to be happy with surveiling employees?
> So you think it is okay that the government trampled on the free speech rights of rappers
Did they though? I mean, to be clear, I'm sure they tried. But both back then and now, the songs were easy to get and is still easy to get. If anything, the whole affair Streisand Effected the hell out of them.
I think the story's a good example of a failed attempt at abuse of power because the system of checks and balances worked (it would have failed harder but for a single, powerful, monolithic corporation agreeing with the goal and de-stocking the product from its shelves).
> Well the difference is that no corporation has ever stopped me because I “looked suspicious” because I was walking through my own neighborhood that I looked like I didn’t belong
No; they merely cut access to your account because you look suspicious, such as having pictures in your private Drive account that their algorithm decided were child pornography, locking up or deleting all data you had hosted by them, with no recourse and no hope of retrieval. Google's within their rights to cut an account, but there's no arguing there's a difference in kind of the experience someone online has if they have a Google account vs. being banned from having one. It's not nearly as bad as government abuse of power; it's really quite bad, and only government has the authority to make it better because the corporations are otherwise unaccountable.
> Nor does it have qualified immunity
Who backstops the terms of service violation system? When Google demonetizes trans-friendly or trans-inclusive content because their inscrutable TOS and algorithm decide such content is "sexually explicit" (read: offends the sensibilities of schoolboards and advertisers), who has the power to say that's not what that term means? Nobody. I guess with YouTube, we can always take our business to its competitor, doesnt-exist.com.
> I have agency to not be under the auspices of any corporation
Yes; you have the digital equivalent of the freedom to live in a van down by the river, banished from the nice neighborhoods. Vive Liberte.
(To be clear, I don't have concrete answers here. There are no easy answers; it's a complicated problem. But that means the answer also isn't as easy as "Government already has too much power." Perhaps it currently has too much of the wrong kind of power, and not enough of the right kind).
> Did they though? I mean, to be clear, I'm sure they tried. But both back then and now, the songs were easy to get and is still easy to get. If anything, the whole affair Streisand Effected the hell out of them.
In the 1980s how did you produce or distribute music without the internet and computers that could produce music? The police arrested NWA at a concert for rapping “Fuck the police”.
> No; they merely cut access to your account because you look suspicious, such as having pictures in your private Drive account that their algorithm decided were child pornography, locking up or deleting all data you had hosted by them, with no recourse and no hope of retrieval.
I can and do have multiple backups of my media (Google Drive, iCloud, Amazon Drive, and they are stored using a separate account in AWS S3 Glacier. Are you really comparing losing some pictures and data with losing your freedom or being harassed by a cop?
> Yes; you have the digital equivalent of the freedom to live in a van down by the river, banished from the nice neighborhoods. Vive Liberte.
Yes guess how hard it is to live a good life after getting arrested because you got on the wrong side of an overzealous Justice system? Or got shot by a trigger happy cop?
So we are in agreement that abuse of corporate power and abuse of government power are both bad things to be avoided.
I agree with you that the monopoly on violence requires more scrutiny than the soft-power of money. My argument is that certainly doesn't imply no government oversight, nor does it imply we don't have enough government oversight right now. Especially of corporations - your argument appears to be government power is dangerous to use because it can be abused vs. individuals and vs. music acts; can you think of an example where too much government oversight of corporate process has led to improper deprivation of liberties (jail time and the like)?
We can acknowledge government power is abused against individuals while still asserting it is the most effective tool against corporate overreach and should be wielded as such.
> So we are in agreement that abuse of corporate power and abuse of government power are both bad things to be avoided
No comparing government power and the harm they can inflict (taking away your freedom) to corporate power (they can take away pictures of little Johny) are night and day. I can live my whole life without dealing with Google.
> can you think of an example where too much government oversight of corporate process has led to improper deprivation of liberties (jail time and the like)?
In a very realistic scenario that someone said happens in highly regulated industries is that if you ever tell a friend on a company communication channel to call you even if it’s something personal you will be called by lawyers.
States are trying to pass laws where social media companies have to verify your identity and your age before you can post.
Government is trying to have back doors to all of your chat.
Government is arresting people based on their chat messages where they are talking about using pills that facilitate abortion between grown people?
Do I need to go on?
Is it worth having the government intrude in your life to protect your pictures of little Johny?
> if you ever tell a friend on a company communication channel to call you even if it’s something personal you will be called by lawyers.
So what? So you have to explain that you didn't violate the auditing laws? That's hardly a huge burden. Don't use corporate assets for personal communication, problem solved.
> Government is trying to have back doors to all of your chat
And they shouldn't. But the point is: for most users who haven't bothered to set up something like IRC, corporations already do. And you continue to harp on the ways that government can impact personal civil liberties when I am still talking about the ways government can restrict corporations from using unchecked power to make people's lives hell. For the purposes of this discussion, chat logs and abortion are irrelevant. Unless you think the personal right to have an abortion is somehow analogous to the corporate right to, what, Dodge tax law? Use dark money to fund a candidate like DeSantis getting into office?
If you're concerned about government overreach and a resulting threat to personal civil liberties, the best defense we have against it is strengthening and enforcing existing corporate auditing law. Because everything you're concerned about regarding civil liberties gets exponentially worse when corporations can buy politicians.
Government and corporate power aligning behind a common goal is on the road to fascism. I'm advocating for setting those power bases against each other.
> So what? So you have to explain that you didn't violate the auditing laws? That's hardly a huge burden. Don't use corporate assets for personal communication, problem solved.
So are you okay with the government subpoenaing your private phone communications because they think when you asked your coworker to call you on your personal phone to talk about where you wanted to go out drinking?
Fascism is when the government controls every area of your life and of corporations. Do you think giving the government more control of the private sector will lessen the chance of fascism?
> So are you okay with the government subpoenaing your private phone communications
You keep bringing it back to personal civil liberty because you don't have an answer to the question "So why is more government oversight of corporations bad?"
I actually have no problem with such a subpoena being attempted (it is part of the regular process of investigating a crime), but I have a problem with a court rubber-stamping it. I have no problem with the corporation I'm working for being obligated to track and furnish similar records for any corporate assets I use, and to be obligated to ask questions if they catch wind that I might be trying to skirt auditing law by pushing conversations that should be legally audited private. Catch the difference?
> Fascism is when the government controls every area of your life and of corporations. Do you think giving the government more control of the private sector will lessen the chance of fascism?
I actually do because the definition you gave is not actually what fascism is.
Fascism is a political movement emphasizing extreme nationalism, a supremacy mythos of that nation, and the militarism necessary to support such an inherently unstable structure. Among its tools can be usurpation of corporations. But tight control of corporations is also a hallmark of socialism and communism, among other structures. You may as well say its wrong to breathe air because fascists do that too.
A healthy democracy reigns in the excesses of an unfettered corporate sector. Those excesses, left unchecked, can (not will, but can) result in, among other things, fascist-leaning private company owners throwing in the power of their corporations behind like-minded politicians and building the machine that facilitates a Mussolini or Hitler rising to power. Mussolini, in particular, was funded by Italian industrialists.
> You keep bringing it back to personal civil liberty because you don't have an answer to the question "So why is more government oversight of corporations bad?"
I just gave you a real example of where corporate oversight leads to giving the government access to your personal communications.
> I actually have no problem with such a subpoena being attempted (it is part of the regular process of investigating a crime), but I have a problem with a court rubber-stamping it.
Have you not been paying attention to what the government has been doing in the name of the War on Drugs, the War on Crime and the War on Terrorism?
> Fascism is a political movement emphasizing extreme nationalism
Have you not been paying attention to what’s been happening since 2016?
> A healthy democracy reigns in the excesses of an unfettered corporate sector
Exactly what power are you afraid that Google can have over you compared to the government?
Let's assume, ad argumento, that they have monopolized digital ad tech, meaning other digital advertisers are excluded and almost all the ads you see are single-source.
Gosh, it sure would suck if fascists gained control of that single source, wouldn't it? And as we've seen, we can't trust that won't happen just because they nailed up "Don't be evil" above the door (and then it fell off later).
We should probably enforce the laws that are in place to keep a market diverse and healthy.
... I think I see your position though. You're concerned, given current political climate, that increased government oversight could give fascists more power. I echo that concern... Except that I believe we got here because fascists recognized that nobody was watching the tech henhouse and weaponized that. We had an awful lot of tech firms thinking they were bigger than political concerns and should be a world apart from government oversight right up until they realized they aided and abetted those who organized Jan 6th, then... Oops.
So if we take the top 10 companies by revenue, we get Apple, Google, Amazon, but also Walmart, CVS Health, UnitedHealth Group, Exon Mobil, Berkshire, McKesson, AmerisourceBergen. It still feels pretty random to me.
It is literally a scalar with an easy comparison operator. These companies have too much power just by their size. If we won't make them smaller and not "too big to fail" we should make them operate better.
No. You are allowed to communicate by voice and it isn’t recorded and compliance will allow it. However it depends what you are doing. If you are trading, it better be on a recorded line. See FINRA Regulatory Notice 20-16 for reference.
In fact, many Zoom conversations are expressly forbidden from being recorded at many financial firms. Again, that’s because no one is using zoom to make trades so there isn’t a requirement to record them and financial firms also don’t want to have to pay to keep things stored just so some lawyer can hit them with discovery.
A big current issue is when you use written correspondence that is not part of a system of record. See Finra Regulatory Notice 17-18 for details on that.
And trading via WhatsApp is also possible. And also illegal
The point of the regulation isn’t to cover every conceivable alternative. The point is to specify what avenue you can use to accomplish a task in a regulated manner
... and by the company enforcing it the way they enforce it, they can prove the employee bypassed the rules knowingly and purposely without the company being at fault.
> Why is trading via Zoom impossible, voice maybe, and text mandatory?
Because trading conversations have to be recorded (legally). It's easy for corporate policy to say "we don't record Zooms, (therefore) you cannot trade over Zoom". It's also easy to say "we record all text communications, (therefore) you can trade over text". Meanwhile, the phone rules predated any other modern form of communication so they have the complexity of "sometimes record and trade, sometimes don't" grandfathered in.
You're entirely correct but I think GP was referring to personal cell: phone doesn't need to be recorded (if not trading), but you can't use your personal cell. Anything work-related must be on firm systems.
The lack of any kind of effective legal standards in the tech industry is batshit crazy considering the the primary business model and what they are investing in. Its an actual tragedy and by far the thing the scares me the most about living in the US.
I would go with the police, health care 'system' or the curiously large proportion of the population who think qanon > democracy, but you do you, I guess.
I work at a big tech company (not Google) and this flagrant contempt for the legal hold is absolutely shocking to me. We're also under a legal hold. It has nothing to do with anything relating to my work. I will never have anything responsive to any kind of discovery request, I don't even work on a product team, only infra. The company is preserving everything that could even hypothetically be responsive to some future discovery request. If I need to reimage my work laptop, I can't, current company guidance is to return the laptop to IT and get a new machine because they need to preserve any data on the laptop. Email is being archived, there's regular communications about making sure everyone from top to bottom knows to preserve anything tangentially related to the legal hold.
During yearly compliance training one thing that was stressed was not to mark anything A/C Priv unless it actually was. They made sure to call out that including someone from legal in an email chain does not make it A/C Priv and not to try anything like that. At the time I thought it was silly that the training went over such obvious things as "don't commit white collar crimes" in essence but apparently that's not how they do things at Google. I just can't wrap my head around why any of the many different people involved could ever look at what they were doing and think "yes, this is fine, I should continue this behavior". WTAF.
Paraphrasing: "What policy? I'm on multiple legal holds as well. I ignore them every day [smileyface] But if you want to follow the rules, I'll respect your decision. I'll just communicate with the others off the record. I only included you for optics reasons."
Some would say that company culture starts at the top. Here's the 50-year-old CEO:
Wow, that's not just "hey let's be careful", it's "hey, screw all that legal hold stuff, lol!"
What kind of legal guidance were these people getting? When I worked at a big corp, we had regular meetings with legal that were reminders of how to treat sensitive subjects and it was taken very seriously.
>> “please do not
share sensitive information here where possible . . . . Until we fix room architecture, content
here is searchable/discoverable within the corp.” (Id. Ex. 27, GOOG-PLAY5-000163640.)
Exactly.
When 'fix' means ensure conversations that are already under current legal hold are destroyed, it's clear what legal guidance and training are.
I hope the court nails their execs to the wall for pulling shit like this as a matter of corporate policy.
We've all (externally) seen Google do extremely dodgy shit over the years, claiming the whole time "it's legal, we're fully compliant with all needed legislation".
The internal legal guidance they've been getting for this case is likely exactly the same as their internal legal guidance for everything else.
eg "completely full of shit" that they're complying with things
Seems like a bad internal culture, maybe stemming from their weird self belief and exceptionalism because "we're smarter than everyone else"?
Either way, when Google claims things like "We're fully compliant with GDPR, or [other legislation/requirements here]", the documented examples above is why many people don't believe them in the slightest.
> What kind of legal guidance were these people getting?
The kind that looked at the Microsoft anti-trust lawsuits in the 90s, and instead of saying, I dunno, "let's not try and gain and wield illegal monopoly powers" but "let's delete all the evidence of us gaining and wielding illegal monopoly power".
I assume my private messages are always public record, so I don’t get this mindset. My first thought when messaging someone is, “What if they screenshot or leak this conversation?” or “What if their message history is subpoenaed?” It never makes sense to assume confidentiality with other coworkers.
jsinouye@google.com: "Hi, please use this chat for ops/policy/BD/escalations issues that need faster response. Please note: I would like to keep history off. Members are Shie, Camille, Dan, Court, Sherry, Jintae, Ash, Jami, me."
Google operates exactly like a criminal organization would. It's that simple, and we should talk about it in that way, because that is what it is. A huge portion of their business is effectively racketeering, and we should be putting Larry, Sergey, and Sundar in prison. RICO provides some tools to effectively bring in the heads of the organization based on the actions of people under their employ.
"Nice website you got there. It'd sure be a shame if your competitors all were listed above it in search even when looking for it by exact name."
"Wow, that would suck for me. Guess I'll be telling my customers to find me on Bing. Not to mention supporting the trade and industry organizations that will be putting the message out, via ad campaigns, that Bing is the better option."
Heh, well aware. The MADA and AFA are insane reads, especially when you realize they apply to over half the mobile phones on the planet. It's one of those things they keep confidential not because they have any real trade secrets, but because they're flagrantly illegal and they want to keep government officials from seeing them.
Yeah, imagine if Apple banned their manufacturing and sales partners from selling devices with forks of the iOS open source project too. Or if Microsoft banned Windows forks.
yeah its not nearly the same thing. Google is built on the opensource OS called AOSP (android open source project), then they have all the proprietary google stuff on top of it. they use sleazy legal tactics to force anyone using the AOSP variant on any device to not be allowed to ship with any google service. mind you the AOSP is completely legal and developed under the guise of create open platform and supporting community. this is nowhere like microsoft banning reactos or apple banning .. well pretty much everything outside of their walled garden.
I think we are far too afraid of upsetting tech employees to admit that it's exactly what it is. They apply somewhere near a double-digit-percentage tax to most businesses globally. They are under investigation for illegal practices in nearly every jurisdiction that has laws against certain business practices, and now their CEO has literally been caught specifically requesting to take business conversations off the record so they can't be used as evidence against them in a court of law. It's been a few years since people talked about it, but how much money were they hiding offshore in a island nation bank account again?
Like... I'm hard pressed to find a scenario where Google has not appeared to be a bunch of outright gangsters.
If we could put executives from Volkswagen in prison for cooking the books on some environmental regulations, shuttering Google and arresting the entire C-suite should be way more obvious.
This was my experience as well. (Well I didn't come from an HFT company but on arriving at Google and then seeing some "dubious" things get diverted to ephemeral media, because possibile suits, was a thing.)
What I found interesting was the rationalization that "people would just cherry pick data and use it against us." Which belied the idea that if you saved all of it, you would be able to reconstruct it.
Also the storing of live traffic not to "look at" but to have a model of live traffic to test changes against. I once asked "why not create a statistical model of the traffic and use that?" and was responded "#1, people wouldn't believe you if you said this was 'just like actual traffic', and #2 we get live traffic for free with no engineering effort so its a win to use it instead."
They weren't wrong but they didn't really prioritize privacy or safety either.
This is the same story in the medical space. Chat history is deleted after 7 days. Emails are deleted after 18 months. Cloud store documents are deleted after 3 years. Is all about legal downside. Of course, quality approved necessary documents are retained for the, entire duration of the company
I dont think that is accurate at all. Lawsuits often turn on quality docs specifically. A simple example would be be something like a memo that states a defective product can still be released to market that goes on to kill someone.
Another example would be a quality approved design document that shows infringement on competitor IP.
Most quality docs must be retained by law for the life of the company, even if they discontinue a product. So it isn't really judgement call from the legal department.
You should see the aspiring middle managers, they saw managers doing this, insisted you could never turn on history with them, and then tried 10x’ing by claiming…its wrong to ever attribute a statement to anyone personally in meeting notes lmfao. I’m not kidding.
At Google in 2006, the SVP of Engineering was presenting to the entire engineering org during an all hands meeting. A question came up as regards retaining emails related to a pending lawsuit. He told everybody:
"Do NOT delete any emails. <chuckles>. Let me say that again to make sure everyone has understood me correctly: do NOT delete any emails!"
The way it was said, the chuckle, and the way it was repeated with the extra emphasis on NOT, sent a clear message: delete all such emails.
Where are you getting this from? Is this from the complaint? Or a personal anecdote?
I worked there in 2006. The SVP of Eng was Alan Eustace. He's a jolly guy, he chuckles a lot. I don't remember this specific exchange but I can hear his chuckle in my head. Knowing him, the chuckle would almost certainly be laughing at what an obviously terrible idea it would be to delete the emails. Alan Eustace certainly would not have instructed people, explicitly nor implicitly, to delete messages subject to legal hold.
Personal anecdote, personal interpretation (though shared by colleagues I discussed this with at the time who also heard the tone and phrasing of the words first hand). The SVP would never tell anyone to delete emails, and he did not do so! Did I make that clear? He did NOT do so. He definitely DID NOT want us to DELETE ANY EMAILS! No SVP would have publicly instructed anyone to do so.
Unrelatedly, I would not have believed you at the time if you told me that the then CEO had entered into an illegal mutual non-solicit agreement with Apple (and Intel, Adobe, and others), suppressing employee pay by agreeing not to recruit or hire each other's workers. History and a successful class action lawsuit revealed a different story.
I can see how an awkwardly-delivered statement could by misconstrued, regardless of the speaker's true intent. However, doesn't this play out pretty poorly for the rank-and-file anyhow? Anyone caught deleting emails would get thrown under the bus by management citing the explicit instruction.
At that time, all corporate email was already being hosted on an internal version of Gmail, so yes, both were technically possible, and external Gmail accounts were in fact backed up. To do so would have rendered any instructions not to delete any emails moot and unnecessary. Evidently they decided not to do so, and instead, tell everyone to NOT delete any sensitive emails. One can only speculate why that might have been.
This seems like an ineffective way to either comply or not comply, since the actual result is clearly the fault of the legal hold team for not handling it themselves.
The way you described it, I cannot imagine any way to interpret that as "delete all such emails". Perhaps I lack imagination, or perhaps you grossly misunderstood him.
It's even funnier reading than famous McKinsey email:
In one internal email sent in July 2018, a McKinsey executive appears to acknowledge the growing legal risk faced by Purdue Pharma over its opioid business.
"It probably makes sense to have a quick conversation with the risk committee to see if we should be doing anything other that [sic] eliminating all our documents and emails," McKinsey senior partner Martin Elling wrote in an email sent to another executive at the company. "As things get tougher here someone might turn to us."
> "It probably makes sense to have a quick conversation with the risk committee to see if we should be doing anything other that [sic] eliminating all our documents and emails,"
Gah that is so incredible dumb and the fact that he didn't check himself before hitting 'send' is just perfect. Nothing like a bit of hubris to go with the mindset of a criminal. It makes you wonder what 'anything other' referred to.
The tech firms seem to have a very cavalier attitude about this. Only a matter of time before they get aggressive rules & fines around this like the finance firms.
The US can regulate monopolies, it just doesn't want to.
When the Sherman Antitrust Act was originally passed in the 1890s, the American judicial system systematically refused to apply it to business trusts. They didn't strike them down as unconstitutional, of course - they just argued that, oh no, poor old Congress doesn't know what words mean, they really meant to ban labor unions and not the monopolistic businesses they were trying to combat. This continued through several decades and multiple follow-up bills explicitly prohibiting courts from doing this (they did it anyway).
For a few decades this practice stopped; mostly because the monopolists drove the world economy off the Marianas trench and there was a social democrat in the White House willing to do unspeakably authoritarian shit to the courts[0]. Also, WWII happened.
This, however, was just a diversion from the mean. In 1980s a bunch of federal judges decided to pull a similar stunt, reinterpreting antitrust law not as a prohibition against economic concentration but merely one against raising prices. The resulting "consumer welfare" standard wound up getting adopted by the executive branch[1] and since then we don't regulate monopolies at all.
Because here's the thing: monopolies don't raise prices. They lower them.[2]
The east has worse monopoly problems than we currently do. China doesn't have a solution to monopoly, it is the monopoly. Every major Chinese corporation is extremely exploitative of their workers, and has major ties to the government and Chinese Communist Party. Chinese law has a broken welfare system, no internal freedom of movement, and bans labor unions. South Korea is democratically run[3] but the chaebols are so large that they form their own voting blocs. 11% of the country's labor force is employed by Samsung. Japan had similar problems - after Matthew Perry forced open their borders, they saw America's monopolists and, not wanting to be eaten by them, formed their own. The zaibatsu reigned until the end of WWII, where America, having now forced Japan's unconditional surrender at the threat of nuclear annihilation, used their position as Japan's occupiers to hack the companies in question up into little pieces.
The solution to monopoly is to destroy the monopoly. No more and no less. It's not a problem of not understanding the new technology. The problem is that monopolists tend to be several steps ahead of you; deposing them requires sustained focus and an economically enfranchised democracy. In the case of the Internet, many very well-meaning and intelligent hacker types were pushing for keeping the Internet unregulated, because they were worried about social conservatives censoring us in the name of the moral panic of the day, or the RIAA censoring us in the name of music still being a saleable commodity. This was co-opted by the monopolists to carve out vast swaths of the Internet for themselves.
The EU didn't make this same mistake and actually enforced their antitrust laws on US tech companies. Problem is, they could only really fine Google, not break them up, so for a good decade tech enthusiasts had this idea in their heads that this was just a revenue generating exercise for the EU. The amount of consumer good-will Google and Apple had (and still has), especially in the tech space, was (and is) downright obscene.
[0] If that wasn't bad enough for the monopolists, there were a bunch of capital-f Fascists trying to seize power as well. The monopolists considered front-running the Fascists and having Smedley Butler assassinate FDR and crown himself dictator, but fortunately for us he had a change of heart and defected.
[1] Thanks, Reagan.
[2] When a large portion of goods are made by a handful of companies, those companies have significant negotiating leverage and economies of scale. Competitive free markets are actually more inefficient because you're paying a redundancy and freedom premi...
I don't think what I wrote disagrees with your comments. China doesn't have the same type of monopoly problem we do. It's a different kind.
The point I am trying to make is that the effectiveness of the systems are constrained by their structure. It's not that we just have some monopolies that need to be destroyed. Because we keep getting new ones that hang around.
We need to improve the structure so that there is less tendency for monopoly and for monopolies to become entrenched.
Its like I am saying, look, to deal with this flat tire, we need to design a better tire. And you are saying, no, all we need to do is keep checking our tires. But this is the 15th flat tire we have had in the last two years. We need to design a better tire.
Fundamentally the problem is that there is a lack of metacognition. Governmental structure tends to be something that becomes part of a belief system. You need to have a good metacognitive sense of the difference between belief and objective reality before you can start to regularly examine and question your beliefs. This just requires a certain amount of exposure to the idea.
What's necessary is for people to fundamentally understand what money, government, and technology are and how they relate. And all of those concepts should evolve in a high tech direction.
The most likely way that is really going to happen at this point is probably via transhumans with higher intellect and better communication built-in.
Save the transhumanism for when we need to increase Dunbar's Number to overcome the tyranny of structurelessness[0]. If you want a proactive fix ("better tires") for monopolization, then bring back ownership caps and start scrutinizing mergers & acquisitions again.
The thing is, monopolies tend to be on the wrong side of the Innovator's Dilemma, but they short-circuit it by just buying the disruptors out. Think about how many technologies Google has developed internally versus bought and scaled up. If we prohibited them from buying startups, then the company, being a slow and lumbering monopoly, would eventually crumble like Kodak did.
Some scrutiny at the current banking system for keeping interest rates at 0% for a decade and change might also be deserved. Cheap capital makes it cheaper to buy your competition out.
[0] The Tyranny of Structurelessness is an essay that alleged that leaderlessness in various radical feminist and other left-libertarian movements was a smokescreen for unaccountable and undocumented leadership structures. This also applies to right-libertarian movements, Bitcoin, Ethereum DAOs, etc.
Point being that those ownership caps being removed etc. happened inside of a framework. The fact that so many things like removal of ownership caps happened and persisted is evidence that the framework is insufficient.
Not sure if it matters, but all chats at Google default to history off (deleted after 24hrs). Turning on history only keeps messages for 30days and you have to do this for every single group chat, private chat, etc. There is no archive or long held messages like Slack.
Yes, these settings were chosen specifically to destroy evidence, and the courts are increasingly unhappy with that. All conversations involving people on legal holds (such as the CEO!) should be retained indefinitely.
In-person and video/audio/phone conversations do not have the same requirements. What makes text chat that is meant to be ephemeral to be different than an in person chat?
I'm kinda sympathetic to Google in this case because the law makes it basically impossible to communicate with writing in a way that doesn't leave a paper trail. Messages being at minimum temporarily stored so you can read them is inherent to the medium.
It does seem reasonable that there should be some way, (outlined by the courts) to ephemerally text that gives it the same protections as an unrecorded phone call. Because in a world where it's not the 60s and business is done over text instead of phones we lost a lot of privacy with no change in the law itself.
It's the reverse. Phone calls and in person are loopholes that the government doesn't have a way to force recording of.
Fundamentally, the law is paradoxical. Freedom is in tension with law enforcement.
> What’s amazing to me is that they didn’t just use a phone call or video chat.
I don't know anything about these specific conversations, but one obvious difference between phone/video and chat is that the former has to synchronous whereas the latter can be async.
Async can be more practical people who are very busy, are travelling, are located in different timezones etc.
> What makes text chat that is meant to be ephemeral to be different than an in person chat?
It's not inherently ephemeral though. You can add deletion rules on top of that to try to pretend that it is, but the courts see right through that.
I'm struggling to think of any text-based communications that are inherently ephemeral. Generally anything committed to text is long lasting, and has always been (way pre-computer era).
That's a rather biased way of phrasing it. Did humans evolve mouths and ears specifically to destroy evidence? Those settings were chosen because the platform was designed to emulate hallway chats, and the "records" are an implementation detail.
If this goes through, all that will happen is that Google will re-engineer the backend to evade whatever standard set by the ruling. Who wins from this outcome? Perhaps the engineers getting paid and promoted to work on said project. Certainly not the courts or the "people".
Would MicroSoft Teams meetings (including 1:1 private calls between individual employees) be converted from Voice to Text and stored? Could those turn up in FOI's or SEC requests one day, or even just be viewed by higher-ups at the company with access? I'd guess what's said in 1 on 1 calls could be quite sensitive
I distinctly remember conversations with my very down-to-earth & practical tech friends in SV. they all were totally bought into the notion that google can do nothing wrong .. because conscientious engineers & management. I kept telling them all it takes is a few bad quarters & all that goes out the window. of course people looked at me like am a cynic & out of touch.
I don’t see a problem with this. If they spoke in person in a conference room would all of their conversations be recorded? Are they required to record all phone conversations?
401 comments
[ 3.0 ms ] story [ 293 ms ] threadlol
Whether substantive illegality is necessary to succeed in business is another question, but it seems to be a common choice.
You'd hope not. But there is this proverb that 'at the root of every great fortune lies a great crime' which has been around for long enough that even if it may not be a necessity it may well be strongly correlated.
This is the conclusion of those with short memories. It’s why we consistently see idiotic insider-trading schemes.
Not saying what they did is ethical but why would anyone have an expectation of forthrightness here?
Probably because they weren't in the same room? Same building? Same state? Same country? The value of chat is that it's a very lightweight conversation; especially in a distributed team. It's also a good way to start a conversation with someone if they might be concentrating and need a few minutes to put down what they're doing. Either way, I would assume that in-person communication was impractical.
(Granted, I can see the need for "history off." Perhaps you need to discuss a personal matter, like an inappropriate advance of another co worker.)
> Not saying what they did is ethical but why would anyone have an expectation of forthrightness here?
Many people have different values than me.
Personally, whenever I communicate through any electronic means I assume that whatever I say might be recorded and used against me. It basically makes it hard to do crime; and I really don't want my employer to do crime; and I am not a criminal or politically persecuted.
I think the fact that much of our workplace day-to-day communication is recorded may expose that some people treat these matters different than you and I.
Because there will always be such channels used in private business. Or is the government going to enforce mandatory private monitoring?
Someone in this thread mentioned that the financial sector records all history for anything work related. What's wrong with that?
> That would represent a huge loss of productivity and efficiency for society.
Are you arguing that corporations need to violate laws in order to be productive and efficient?
> Because there will always be such channels used in private business.
Yes. But look at how much leaked out in Google's case.
What do you think would happen if Google's policy was to only use personal means of communication? (IE, personal cell #, personal email, text messages instead of chat...) What do you think would be happening now?
> If everyone’s forced to speak under the fear that anything they say can and will be used against them, a lot of communication won’t happen.
There's a very clear difference between our right to privacy as individuals, and how we communicate in our jobs as employees or contractors of a corporation.
The "If you have nothing to hide, you have nothing to fear" statement is a fallacy when it comes to an individuals right to privacy. In contract, because corporations are not people and do not have the same rights as people, thus "If you have nothing to hide, you have nothing to fear" applies to corporate email, chat, ect.
They released a 'new threading system' a while ago. So you now have rooms with two types of threading systems and can't 'upgrade' the old ones. So one organization has at least 3 types of spaces depending on when they were made and they can't be changed at all. (Also, you can't switch from unthreaded to threaded or the other way around.)
Your only solution is to kick everyone out of the space (can't be made read only) and make a brand new space (losing any history/context/shared files in the space). No one's going to do that so you just live with having all these different room types even if another would work better.
Recently, Google rolled out a new 'announce only' setting where only "Space Managers" can post messages. Cool! Let's apply it to an existing space that we are already using for that purpose (company announcements) and prevent other people from... polluting it as they sometimes do. NOPE - you can't! Either "live with it" or create a brand new space with that setting and abandon the existing one.
I could maybe see you not changing space types but something as 'simple' as changing who can send messages to a space? Force everyone to leave the old one and make a new one??? Really Google???
Are they just super lazy over there with developing features or what's their major malfunction?
And couldn't this just be circumvented by having an in-person meeting?
> Like Mr. Pichai, other key Google employees, including those in leadership roles, routinely opted to move from history-on rooms to history-off Chats to hold sensitive conversations, even though they knew they were subject to legal holds. Indeed, they did so even when discussing topics they knew were covered by the litigation holds in order to avoid leaving a record that could be produced in litigation. As the examples below make clear, Google destroyed innumerable Chats with the intent to deprive Plaintiffs and other litigants of the use of these documents in litigation
Note: that's the argument the plaintiff's lawyers are making, not the final word on the matter
because i'm in agreement with the grandparent comment that why is the topic subject to legal holds vs just having a meeting in person? Are in person meetings rquired to have a voice recorder present? it seems like a weird legal precedent.
In the court's eyes, it's analogous to writing notes to each other, only to burn them the next day.
The way this is worded there's no record, so there's no "slated for deletion"?
I guess the question becomes, if it exists inside computer memory, is that legally equivalent to "writing down piece of paper" and thusly is considered destroying evidence?
If I write something in disappearing ink (let's say it perfectly disappears), it's not destroying evidence? is it?
For argument's sake, let's say it's not. It's a tunneled connection and all stops in between are only acting as relays.
Is it still wiping it then if it only exists in memory and then gets garbage collected? is that destroying evidence?... maybe...?
It sounds like you are looking for the laws “that requires google to hold the data for this particular topic.”
They don’t have to perform additional recordings and minutes. But they exist, they can’t destroy it.
Also, if you destroy evidence that may be under litigation hold, the judge will instruct the jury to infer that what you deleted was harmful to your case.
You have an obligation to proactively figure that out yourself. There is then oversight by the court.
> If we're going to play language games
Judges don't play that sort of language games
> turning the chat history off doesn't really destroy anything
What Google called off the record chats were 24 hour history chats. So the history was deleted after 24 hours, when it should have been preserved.
Ah, I missed that part, that's a very compelling argument. I disagree these are not language games though. The way the chat application was kept from preserving history is an implementation detail that doesn't reflect the action the user of the chat performed in the UI.
It sounds like the truth is whatever a human judge can be convinced into deciding is true.
I mean, that’s literally the judges job. It’s why they are called a judge. They make a judgement as to where the truth lies, and where the law lies (except for issues that are delegated to a jury, in which case the jury is responsible for determining the factual record).
But, yes, judges make judgements and a lot of the “well, technically” semantic games that people play will be met with an annoyed scowl and a negative opinion (but, critically not all semantic games; there are some semantic differences that are of critical importance to a judge)
If there is a court order to not delete history, then the application was designed to do the opposite, and if a technical detail meant the application could not be changed, then the only way to respect the order would have been to stop using the chat application. Instead, there was a decision to use it more ...
An analogous real-world situation would be a meeting in a room where someone uses the whiteboard to draw some diagrams and erases it at the end. If we apply the same logic, you would be under obligation to take pictures of the whiteboard and send them to the court? Or even that you should record the whole meeting? Something just doesn't feel right with the idea that you can be under obligation to help make a case against yourself in a legal proceeding.
Well that’s kind of the whole thing with discovery - the court is asking the company to disclose relevant information (some of which will be against the company). Companies here have different disclosure requirements to an ordinary individual.
And if new evidence is being created, that new evidence would be subject to the same data request.
> I don't see how the users of the chat application can be expected to be aware of the implementation or proactively find ways for these private conversations to be recorded.
Most corporate messaging apps have built in functionality to handle litigation holds. This is a requirement for legal compliance, so the company would have to train and brief employees on their legal responsibilities to not destroy evidence during the litigation.
See: https://learn.microsoft.com/en-us/microsoft-365/compliance/e... or https://slack.com/intl/en-gb/help/articles/4401830811795-Cre... or https://support.google.com/vault/answer/7657594?hl=en
Which conversations are subject to legal hold would be discussed in court.
Are you literally appointed by the Pope? Part of the process of canonisation?
The company must educate its employees because the company has obligations. A limited-liability corporation is a legal fiction granted extraordinary protections by a society. That corporation had damned well better be a good citizen of that society. If that means erring on the side of caution? Good.
Maybe? The line is more blurry here, but there are probably cases where it's more or less easy to make the distinction.
If data is recorded on a permanent medium, it can be arbitrarily retrieved, an explicit delete operation is needed to get rid of it, and this deletion can be scheduled to happen at an arbitrary time - that might easily be understood as "destroying evidence".
If you want asynchronous communication, you will need to produce records of some kind, which can be evidence. That's nothing new.
Maybe if you have a system where the information must be exchanged live and falls off a cliff immediately no matter if it was observed or not, say, like a video conferencing tool - I wonder how the courts see that. It gets much closer to an interesting edge case than something with a 24-hour retention policy.
That's not permanent.
If this would be detrimental to your case, perhaps stop doing shady shit.
That such cases can exist doesn't mean it's not clear-cut here.
In the vast majority of cases, two engineers will agree on the question "is this data persisted or ephemeral" and the fact that the line is blurry doesn't mean we can't know when it's been crossed.
You are expected to act in good faith as an executive or legal officer of a publicly-traded company.
If messages are being deleted 1 day after being sent, despite being subject to a litigation hold, that’s… going to often make judges mad.
Ultimately, the courts do, but if something is possibly related you’re supposed to preserve it.
> turning the chat history off doesn't really destroy anything
IANAL but courts tend to view all written conversions the same way. Turning off chat history is viewed the same as throwing away all the mail you receive, and both are very much frowned upon when the court has specifically asked you not to. These rules are set through longstanding precedent.
Presumably this does not apply to audio-visual real time communication as you're not transmitting entire messages but fragments in real time that don't convey any information by themselves. Sending back and forth recorded audio messages OTOH would presumably produce potential evidence. Sending each letter as it is typed presumably would not.
That said, usually these things are ruled based on the spirit of the law as much as the letter of the law so trying to game this by working around technicalities would likely be considered ... bad.
Not a lawyer, but I have helped implement record management systems, and a requirement is always support for legal holds.
If the reg affairs or legal people were told "oh, yeah, we're deleting all these company records even if they have holds" they'd have strokes. Or quit. Or both.
EDIT: And the court in this case took a dim view of it as well: https://storage.courtlistener.com/recap/gov.uscourts.cand.37...
> At the heart of this dispute is a simple question: did Google do the right thing with respect to preserving Chat communications in this case? There is no doubt that Google was perfectly free to set up an internal IM service with any retention period of its choosing for employees to use for whatever purposes they liked. The overall propriety of Chat is not in issue here. What matters is how Google responded after the lawsuits were filed, and whether it honored the evidence preservation duties it was abundantly familiar with from countless prior cases. The record establishes that Google fell strikingly short on that score. Several aspects of Google’s conduct are troubling. As Rule 37 indicates, the duty to preserve relevant evidence is an unqualified obligation in all cases. The Court’s Standing Order for Civil Cases expressly spells out the expectation that “as soon as any party reasonably anticipates or knows of litigation, it will take the necessary, affirmative steps to preserve evidence related to the issues presented by the action, including, without limitation, interdiction of any document destruction programs and any ongoing erasures of e-mails, voice mails, and other electronically-recorded material.” Google clearly had different intentions with respect to Chat, but it did not reveal those intentions with candor or directness to the Court or counsel for plaintiffs. Instead, Google falsely assured the Court in a case management statement in October 2020 that it had “taken appropriate steps to preserve all evidence relevant to the issues reasonably evident in this action,” without saying a word about Chats or its decision not to pause the 24-hour default deletion.
TBD whether using OTR exclusively (like having in-person real time meetings) for all chats would violate this. I guessing no, it's the choice to use OTR selectively by participants that causes problems.
However, these are not people that can merely speculate; they live at the bottom of the rabbit hole.
Imagine you work for a company that has records about you with enough depth and granularity to have already calculated (with fp64 precision) everything you will ever do and contribute in your life (i.e. is your actual future cost/benefit ratio, not an estimated value, favorable enough to allow you to continue exist).
Would you NOT make at least some sort of effort to stop "the algorithm" from consuming you? Would you just keep feeding "the algorithm" pieces of yourself until it eats enough of your being that it becomes you?
It seems they've decided to save themselves by not saving their chats. I'm not a lawyer or anything, yet I'm getting a vibe like this kind of stuff prolly looks "kinda legally bad." Law things like this happen because there simply isn't time to waste worried about looking "kinda legally bad." It's natural to prioritize taking care of higher magnitude existential threats like getting processed by "the algorithm."
They let you change collection settings and delete your data.
It’s a lot better than most companies do.
This is not true anymore. The judge in the case determined that the DOJ was right.
See: https://news.ycombinator.com/item?id=35363095
It gets a bit tricky privacy-wise if you cannot do same online. Though Google is probably the last company deserving any privacy.
According to [1], "The DOJ maintains Google should have suspended its auto-delete practices by 2019, when it was clear litigation was coming."
I found more details in [2] on the legal topic of evidence spoliation that might be interesting, though I'm not a lawyer and don't know what which law(s) are relevant in this case.
> And couldn't this just be circumvented by having an in-person meeting?
Yes, but there's presumably a difference between deleting evidence vs. not having it in the first place.
[1] https://gizmodo.com/google-employee-chats-deleted-evidence-j...
[2] https://www.americanbar.org/content/dam/aba-cms-dotorg/produ...
Mail, messages, chat, ticketing systems…phone calls are definitely an outlier in my world. Even face to face is rare.
I don’t know about that. Not producing evidence and destroying evidence are very different actions, even though the intent (of not leaving evidence) is similar.
In the US, moving conversations from a recorded to an unrecorded medium would likely be covered under the 5th. Having conversations on a recorded medium then destroying the record, not so much.
Hmm, so what if the chat said “let’s continue this discussion in the conference room”?
In the article it seems Google's "history off" feature isn't really history-off so much as it simply auto-deletes after 24h. If the chats were never logged, would they have avoided this?
Also how far does the law go regarding deletion - I mean if a message was stored in memory and then released/garbage collected does that still count as "deleting evidence"? Because if so, then virtually any means of electronic communication might be counted as "deleting evidence". For example a voip call audio buffer that gets deleted.
(Just thinking out loud, not that I would ever want to circumvent the law)
The key word is "reasonable", which is what the court must decide happened here. OTOH deliberately enabling "history off" doesn't sound like a reasonable steps to preserve records under legal hold. Having said that, I wonder if it also means voip/video calls must be recorded, especially if the feature is available in whatever app they use. Further, even if they use a purpose built "off the record" app, deliberately choosing to use such an app could be argued as failure to reasonably preserve records, if a regular history-preserving app is available. So I think the answer to my first question could be a no.
There’s a general obligation to preserve records pertaining to the subject of actual ot reasonably anticipated litigation, and chats are records.
here I present you a case for the perils of remote work
The problem with Google Chat in this context is that even history-off Chats are kept for at least 24 hours before being destroyed (I’ve sometimes seen longer due to caching), so a record is created and then destroyed. That isn’t allowed when an obligation to preserve the record exists.
I admit I don’t know whether something like un-logged IRC would be allowed, but at the very least, any IRC clients that do log the history even for the purpose of displaying it locally after a crash and restart would themselves create a discoverable record subject to any applicable preservation obligation.
If you mean that remote workers are more likely to use Google Chat for sensitive information topics than in-person workers, yes, that could be an example of a peril of remote work. But, from the perspective of society rather than the company, making it harder for companies to hide misbehavior is actually an advantage of remote work.
Disclosure: I have worked for Google in the past, but not for more than 8 years now, and I have no inside knowledge of or connection to anything discussed in the submitted PDF.
This logic gets absurd when you push it to the limits. For instance, any sort of VOIP call would imply deletion, since the voice packets have to be buffered in memory for it to be decoded and played back. At least with respect to copyright law, the interpretation is reasonable. For instance, intermediary routers that copy packets as they pass through do not commit copyright infringement. pictures/videos that get cached on your device also doesn't count as copyright infringement.
Judges won’t push the logic to its limits. They’ll look for a reasonable line, and give an annoyed look to people who go off on a technical “well actually VOIP packets are briefly in memory and then deleted, so it’s the same thing”.
Judges recognize that arguments that are reasonable and logical in some domains aren’t perfectly generalizable to all cases. They’ll just (if it’s relevant to the case) make a ruling on whether transistory packets count as recording, and create a litigation hold (they’d almost certainly decide it doesn’t) and move on with their lives.
In the USA there is practically no recourse users have if SAAS/PAAS simply decides to keep this data and not tell you about it. Google won't be investigated or punished, and you'll never get anyone on the phone to yell at about it. Taking them to court is like throwing money into a well. The truth is, if they decide to do it in secret you'd probably never even find out about it.
Google is large enough to design its own hardware/firmware. They could probably implement this without many of their own internal teams being aware of it.
- Eliot Spitzer to CNN Money, an updated version of a much older saying by Martin Lomasney
Where would you draw the line?
Telling another human to deliver a verbal message only within the next 24 hours is okay. Training a parrot to do it is okay. Programming a robot to do the same is okay? Programming a computer to do that is not?
Is it okay if it's a one hour delay? Four hours? Until it detects that the user has read it? Until the user manually marks it as read (does that count as explicit deletion)? If it's stored in RAM? On an HDD? On an SSD in swap? On ticker tape?
It's incredibly dumb to explicitly discuss avoiding leading a paper trail with respect to subjects where litigation is imminent or already in progress.
The point of these legal policies is generally to avoid unnecessary risk. From a legal perspective it's impossible to control communication completely but advice to reduce the scope or volume of legal holds is almost always reasonable. Legal holds can be really painful, and it's not uncommon for a lot of unrelated communications to become in-scope.
This is exciting to see, I hope it triggers real change in corporate culture but I suspect it might simply make it even worse.
I am not a vengeful type. But people need to be punished to a shocking degree until this is fixed. It should be surprising. And it should have terrible, if not horrific, consequences.
You can already see that in his previous findings: https://www.documentcloud.org/documents/23731433-23-03-28-go...
"The court has already declined to issue terminating sanctions against Google"
"the Court would like to see the state of the evidence at the end of fact discovery"
You can see the dilemma in that last statement. There is practically no discovery malpractice large enough to ever have a judge blow up a case, which is why it happens over and over again.
Prior to that, you could go the court and say your Exchange backup restorations would be difficult or impractical to do at reasonable cost and try to get the other party to pay or share cost. Now, the judge would laugh at you if you responded that way.
Google culturally has a small company mindset about this stuff, plus they are really rich so they can buy their way out of trouble. Now that HN people are talking about these issues, you can be sure some attorney or regulator will find a way to screw the company over good, as things like this are dumb.
They might be punished but it may be a slap on the wrist.
It was individuals at the company engaging in blatantly illegal activity. I can guarantee they will face no consequences whatsoever over this. Unless for some reason there was some peon class employee involved in it, in which case s/he will be made the scapegoat.
This is an area where individual conduct doesn’t matter until it does. Irritating judges is a risky affair.
What was the specific court order? I see it generally referenced in the brief but don't know the whole story. Were employees violating it here?
I'd say it's incredibly dumb to do that on a platform that can record the interaction.
I never understood why folks use platforms like slack/email/etc. to discuss stuff they don't want others to know about.
The ideal for that, of course, is to have in-person conversations in a place either known to be free of surveillance and/or difficult to surveil.
Failing that, assuming you trust the other party (which, in a case like the one we're discussing, you'd think would be the case), an unrecorded telephone call (yes, you can actually still do that) will work in a pinch.
I don't know how many times (many, though), I've met with someone in person or spoken via telephone about stuff that might be less than flattering (for me, at least, nothing illegal/unethical -- usually more about discussing my or the other party's activities/behavior that might reflect poorly on either of us or the organization) to avoid any record of such conversation.
I'm not suggesting that people should organize/discuss unethical/illegal things on any platform (in person included). Rather, I am surprised that folks have and continue to do so on recorded (or even potentially recordable) media.
Especially someone as obviously (how else could he have come to head GOOG) smart and savvy as Pichai.
It's not like this is something new, is it?
Edit: Removed extraneous text.
Now I’m imagining tech executives having meetings in the bathroom with all the faucets going full blast whispering like the mafia dons of old.
I suppose. Although, I'd think it'd be more like out in the parking lot, in a car or an exec's private office.
But I do have to say your vision is definitely an amusing one. But I'd have a flunky or two handy to flush the toilets every minute or so too. :)
Australia has recently had multiple data breaches across a number of large groups that saw decades of user data copied .. that should have been PURGED.
Some of it arguably should never have been retained - proof of identity data, addresses, passport numbers, etc.
Obviously this isn't the same as internal emails, chat histories, etc but I'm hoping we here in Australia see a solid swing away from data retention "just in case", "because we can".
The default setting on all such things and software really needs to be nothing is saved unless specifically and knowingly set to be saved (for a solid recorded reason) and then for only the minimum neccesary duration.
In the event of a data breach can an excess of silo'd communications prove harmful and lead to regret that it was ever kept?
There’s no law that says that you need to keep security camera footage for any length of time. If your practice to to retain for 7 days, and you get a subpoena to provide it 10 days later, no problem. But if you are directed to retain footage from February 30th, or have a reasonable foreknowledge that you should keep the footage, you’re in trouble.
The answers vary by company. If you sue or investigate people all of the time, you want to keep everything forever. If you get sued frequently, you want to get rid of the data as soon as practical. If you consciously don’t create records for matters that aren’t confidential, people are probably going to infer something.
I'm suggesting that software companies that provide products and companies that use them adopt a default position of NOT creating records | histories | customer interactions and only engage record keeping by an explicit action that has a time limit and is logged with a reason for retention.
I have no issue with legally required | meeting minute keeping | security footage for a month | etc | records.
If that becomes the norm then people would no longer why (for example) worker to worker chat conversations "across the bench" aren't being kept for 50 years (or even longer than a month | current project duration).
Mechanics working on a car have no need to be recorded in perpetuity (although its handy to retain footage for XX weeks in case of an accusation of theft from a vehicle) just as shop floor software workers have no need to be recorded "forever".
In knowledge work, the knowledge is the commodity. If you keep nothing beyond formal deliverables, you best have a system to capture the knowledge.
Most organizations are very bad at that. It requires a lot of rules, policies and people to enforce those policies. Google for a government retention schedule. It’s probably a 100 page document for a state or large city.
> We have talked before about the SEC’s probe into how the employees of big banks discussed their work in text messages and chat apps like WhatsApp on their personal cell phones. The SEC has collected big fines from the biggest banks because, it has said, these chats violated the SEC’s recordkeeping requirements. When the SEC fined 15 banks and brokers for this stuff in September, SEC Chair Gary Gensler said:
> > Since the 1930s, such recordkeeping has been vital to preserve market integrity. As technology changes, it’s even more important that registrants appropriately conduct their communications about business matters within only official channels, and they must maintain and preserve those communications.
> From the perspective of the banks, I have argued, this is a novel expansion of the SEC’s authority. When the SEC created its rules on recordkeeping, it required banks to retain copies of their “inter-office memoranda,” but it was 1948 and those memoranda were produced with carbon paper; they were formal business records memorializing serious policies. In the 2020s, WhatsApp chats are, in large part, substitutes not for formal memoranda but for talking to someone in person. When I was a banker, I have written, “There were some mornings when I sent more than 100 inter-office memoranda, though like 20 of them would be ‘lol’ or ‘fml.’” In 1948, the SEC would not have dreamed of demanding a searchable archive of all of the informal chats held at a brokerage: That was not technologically feasible, and also did not seem to be the point of its rules. In 2022, it was feasible, and the SEC did demand it, and when the brokers were missing some chats they paid a billion dollars in fines.
> From the perspective of the SEC, as a fine-maximizing business, this series of investigations is so attractive:
> - Every bank has some bankers who did WhatsApp chats, so you can fine all of them, and they all have a lot of money and depend on the SEC’s goodwill, so they’ll pay.
> - You don’t have to prove bad intent, or harm: Simply finding some WhatsApp chats about deals, or clients, or market conditions, or anything, is enough to extract a big fine. If the SEC had gotten the personal messages of a bunch of bankers and found them doing a bunch of crimes, it surely would have extracted more fines from them, but as far as I can tell it never found anything like that. The bankers had normal businesslike chats about client meetings or markets or whatever, but the fact that they were on WhatsApp was enough to incur a billion dollars of liability.
> - Banks will learn their lesson from these enforcement actions, and the lesson is “keep all communications on official channels and preserve all of them,” which will make it easier for the SEC to catch future misbehavior and fine it comprehensively.
> If I worked at a bank I’d be very annoyed by the WhatsApp stuff, but as it is I sort of admire it: It is, for the SEC, a clever bit of business, a bold expansion into a lucrative and growing market, and an investment in making its future business easier.
> The SEC clearly agrees, because its WhatsApp Fines Division keeps moving into new markets:
> > Major hedge funds have been asked by US regulators to review certain employees’ personal mobile phones as part of a mushrooming probe into Wall Street’s use of unofficial messaging platforms like WhatsApp to conduct business.
> > The Securities and Exchange Commission recently asked Steve Cohen’s Point72 Asset Management, Ken Griffin’s Citadel and several other firms to search through the devices for evidence of business dealings on unapproved channels, according to people familiar with the matter who asked not to be identified discussing the private requests. The SEC is also probing the practices of brokerages, money managers and private equity fi...
At the HFT firm, the attitude was, "we're constantly being sued (by the SEC and others), so we treat all of our records like they're under litigation holds, just in case the SEC claims they wanted them, even the off-topic slack channels."
At Google, the attitude was, "we're constantly getting sued, so we treat all of our records as being as ephemeral as possible so we can avoid having a record of what we're doing."
It's on a high speed train heading in that direction now.
Many of them contain various personal data of clients and/or employees, legal makes us specify for how long each service needs to hold on to it, and purge as soon as possible to minimize chance of leaks.
> Processing shall be lawful […] if […] processing is necessary for compliance with a legal obligation to which the controller is subject;
I'm required to keep evidence about your KYC information and your financial transactions for compliance purposes for (e.g.) 7 years after you stop doing business with me. If I'm using them for that purpose I'd be in the clear GDPR-wise.
However, the day I break off doing business with you I need to stop using them for marketing or sales leads - that would be a GDPR breach.
Where I suspect it will get very messy for companies is the sexy new "hoover all the data into ML models" is going to come a GDPR cropper because I doubt most of the people doing it can show that they purged it when their relationship with the data owner ended, if they even had one in the first place. They're sure as fuck violating copyrights all over the place.
There's many areas in which tech competes directly with, or has attempted to build shadow parallel systems to other more regulated industries - payments, exchanges, various medical plays, media, etc.
now, when i hear someone say disrupt, i immediately assume they are cutting corners on whatever regulation that is needed to gain a leg up over the incumbent companies following the regulations.
Tech wanted people to think this was different from Wall St somehow, but I think the average American no longer sees the difference.
Getting a paypal/google/whatever account flagged is basically the death of that account.
Nonsense. Banks have someone you can get on the phone, usually 24/7. Good luck getting anyone at Google on the phone.
This is.. not new at all. We were talking about Uber doing that about a decade ago lol.
If we are just talking about the USA, then I think both Apple and Google had to partner with entities in the financial industries to do payments, they didn't just bypass regulation in those industries. Then there is Stripe and Square (erm, whatever Square is called now), I'm not sure what regulations they fall under.
What made them strange, other than the fact you didn't know who they were?
The guy who handled the regulators wore button-down shirts when they were around, and any traders/engineers who had to talk to them often were told to wear a button-down, but that was it.
People from "real Wall Street" who joined usually had a phase of dressing up before they adopted full casual dress. One person lasted months before showing up in a t-shirt. I kind of assumed that they were all buying new wardrobes during that period, but there may have been a culture shock of sorts.
For some reason this question is geeking me out, what sort of answer were you expecting?
Levine’s article makes a great point:
“It really is wild that the SEC’s official position is now that it is illegal to “use unofficial communications to do things like cut deals, win clients or make trades.” “Conduct their communications about business matters within only official channels”! Imagine if that was really the rule! You can’t have lunch with a client and talk about business, or have beers with your colleagues and gripe about work, because that does not create a searchable archive for the SEC to review.”
The spirit of the latter crosses a line of showing deliberate contempt for the legal process. Doing it in writing seems just as ill advised as discussing sensitive information in writing.
Honestly, it's getting a bit insane I think.
If we cannot communicate digitally in private and we cannot communicate physically in close vicinity to a car or a building, the only place left is in a remote forest.
As we have seen with Tesla engineers having access to videos inside cars (how can this even be legal) and we saw the 21 year old who leaked the secret Pentagon data, it's not that there has to be a decision by lawyers or government agencies that the data has to be provided. Any devops or admin can access this kind of data and spread as they like.
And how come Tesla and the Pentagon has no precautions in place to stop this kind if abuse?
It's really quite crazy on many levels.
To me it looks like a clearly-defined line between text and real-time voice/video. What the user experiences, not the technical background.
Ie it would have been perfectly fine for google to ban text chats, and just use calls/meetings; even with the same software. As inefficient and unpleasant as it would be.
I worked at one shop that if you said "call my cell" in a slack to someone, you'd get a call from compliance within days ask to explain why you did this, what the conversation was about, why it wasn't on a work phone.. and to never, ever, ever do it again... because you know we are watching, so we will find you.
Which gives you an idea of the level of monitoring they are doing to tie that together probably automatically given how quickly I was called. And this was almost 10 years ago.
I'm also old enough to recall the little background hum & beep the bank landlines used to make when you were on a recorded line.
If you are allowed to be off the record only in person, this seems like the perfect commercial real estate subsidy program from the federal government.
The penalties are so stiff for a lot of infractions, there is far less attempts to workaround the letter of the rules than you would immediately expect.
There's also classes of in-person meetings with externals that you need pre-approval permission to attend and to write up what was discussed after the fact.
Like people at asset management firms attending a dinner with a broker.
Another example, at a hedge fund I worked, emails, meetings or phone calls to public companies required pre-approval from compliance, and for them to be on the email or call. The emails would also require a preface reminding the moron on the other side that you are a hedge fund and they should not provide you with any material non-public info.
It wasn’t about regulation, but protectionism. If you want to do business with us, you need to hire people to deal with us - people we approve of, or no access.
This was in an unregulated industry, with strong protectionist instincts (Hollywoods movie industry).
Couldn’t these sorts of “in person only” rules also be a protectionist gatekeeping technique?
This is in addition to all email and slack/IM messages.
Route it all through VoIP and record it there?
Maybe theres some bank-compliance phone vendor that operates its own MVNO and does the recording for you?
here's something like that - https://www.teleware.com/products/mobile-voice-recording/
Banks aren’t creating a super secret MVNO to comply with regulations and the telcos aren’t cutting breaks for a bank or a 3rd party spy network. I’d imagine saving all employees cellphone calls for 7 years is a very expensive project.
[1] https://ai.googleblog.com/2021/02/lyra-new-very-low-bitrate-...
CDO credit ratings were a perverse incentive race to the bottom in terms of quality, because it was issuer-paid.
The ratings agencies essentially bid on future business with the banks by issuing rosier ratings than their competitors.
Also, they paid billions in fine settlements after the fact.
The record keeping likely contributed to them being able to piece together the agencies becoming more and more lenient, and the internal dialogue between analysts & sales.
Yet this remains unchanged.
Anyway, some structure was put in place by the government settlements. For example in Moodys government they agreed to:
* Separation of Moody’s commercial and credit rating functions by excluding analytical personnel from any commercial related discussions and excluding personnel responsible for commercial functions from determining credit ratings or developing rating methodologies;
* Changes to ensure that specified personnel are not compensated on the basis of the company’s financial performance;
and a few other things
The separation of concerns seems similar to the Dotcom implosion era settlements to how equity research could be paid, and that they had to be firewalls off from the parts of the bank bidding on equity/debt/loan offerings with the companies that research reports were being written on.
Probably the biggest outcome was that the market now understood credit rating agencies are barely worth the bytes they are recorded in, and they are taken with large grains of salt now.
So far from perfect, but also far from the narrative of "nothing changed".. like much in life.
Only half-joking. I really wish I knew how this works.
[0]: https://en.wikipedia.org/wiki/Libor_scandal
[1]: https://www.businessinsider.com/read-the-bloomberg-chats-tha...
Seems like it might be time.
Desantis just tried to push through a law that said you have to register with the state if you report on politicians. Do you like that proposed law?
Do you want the government to have access to all communications between you and your coworkers? Do you want to be questioned every time that you tell a coworker over Slack “maybe we should talk about this at lunch?”
It amazes me that people want the only organization that has a “monopoly on violence” to have more power.
There's currently an investigation going on about how one particular former President may have broken the reporting law. But for that law, his "catch-and-bury" agreement to keep unpalatable stories about him out of the public eye was perfectly legal.
So yes, I do want the organization with a monopoly on violence to have more power of oversight of people with power through money. Especially as long as who has control of those levers changes with the frequency it does.
Are you one of those people in power? Because the scenario that someone said was that I financial firms that are highly regulated was that if any employee said on chat to a friend at work, “hey give me call on my cellphone and let’s talk about where we are going after work”, you could be talked to by legal.
You are saying that you want an increase by the surveillance state. Have people learned nothing about how the government abuses power from the “War on $x”?
Sure. I was there; I remember. I think it was a waste of time but ultimately harmless; it resulted in a few (private, moneyed) corporations deciding not to sell some music that the government had mandated be labeled (which, to be clear, is a wide power the government has; perhaps overused here, but it's no a violation of anyone's rights that they make companies put the ingredient lists on food). Then the Internet happened and that whole thing became irrelevant.
Florida is a great example to study these money-power-vs-political-power effects, because were the tables reversed people currently supporting Disney would be horrified. Imagine it was Rupert Murdoch and Fox World with an ultra-right-white-national enclave utterly immune to legal oversight, and the duly-elected Democratic government trying impotently to reign them in. Much as I like the result of Disney;s pushback, the means are deeply disquieting and speak to a completely-dysfunctional corporate-power-vs-state-power relationship that is ripe for abuse. And the wheels of corporate power turn glacially relative to government power; DeSantis, barring a state constitutional amendment, is gone in 2024 as a state governor, but Rupert Murdoch was CEO of News Corp / Fox for 36 years.
I'm not 100% for corporate power or 100% for government power. I'm for balancing and pitting the two against each other because they're both effective tools for checking the worst abuses of the other. And make no mistake: when it comes to the FAANGs, what we're seeing is patterns of abuse that need to be reigned in. Requirements for auditing and oversight can be overdone, but in practice, in 2023, the tech sector has been allowed to run with a laissez-faire attitude for decades and has become a vital piece of the modern societal fabric; as a general principle, anything that vital to daily human experience for most citizens needs government oversight to ensure its legal compliance before it becomes Standard Oil or Bell Telephone or Microsoft or Fox Media or, indeed, Disney... Something unanswerable to all but itself.
This era of existence is marked by humanity trying to forge a path between a 1984 future and a Brave New World future. There are no simple answers for power allocation.
So you think it is okay that the government trampled on the free speech rights of rappers who were talking about police corruption and there experience years before the internet became ubiquitous where anyone could get it out?
> Imagine it was Rupert Murdoch and Fox World with an armor, always taste no and the duly-elected Democratic government trying impotently to reign them in
And the government only tried to “rein them in” by punishing them after they spoke out.
> when it comes to the FAANGs, what we're seeing is patterns of abuse that need to be reigned in.
Well the difference is that no corporation has ever stopped me because I “looked suspicious” because I was walking through my own neighborhood that I looked like I didn’t belong. Nor does it have qualified immunity to get away with doing almost anything. I have agency to not be under the auspices of any corporation - especially a search engine. I don’t have that power under the government. There is no balance on government power except not to give it anymore than absolutely necessary.
I’ve never had to worry about my son being harassed by any corporation just for driving down the street.
And do you think the government is just going to be happy with surveiling employees?
Did they though? I mean, to be clear, I'm sure they tried. But both back then and now, the songs were easy to get and is still easy to get. If anything, the whole affair Streisand Effected the hell out of them.
I think the story's a good example of a failed attempt at abuse of power because the system of checks and balances worked (it would have failed harder but for a single, powerful, monolithic corporation agreeing with the goal and de-stocking the product from its shelves).
> Well the difference is that no corporation has ever stopped me because I “looked suspicious” because I was walking through my own neighborhood that I looked like I didn’t belong
No; they merely cut access to your account because you look suspicious, such as having pictures in your private Drive account that their algorithm decided were child pornography, locking up or deleting all data you had hosted by them, with no recourse and no hope of retrieval. Google's within their rights to cut an account, but there's no arguing there's a difference in kind of the experience someone online has if they have a Google account vs. being banned from having one. It's not nearly as bad as government abuse of power; it's really quite bad, and only government has the authority to make it better because the corporations are otherwise unaccountable.
> Nor does it have qualified immunity
Who backstops the terms of service violation system? When Google demonetizes trans-friendly or trans-inclusive content because their inscrutable TOS and algorithm decide such content is "sexually explicit" (read: offends the sensibilities of schoolboards and advertisers), who has the power to say that's not what that term means? Nobody. I guess with YouTube, we can always take our business to its competitor, doesnt-exist.com.
> I have agency to not be under the auspices of any corporation
Yes; you have the digital equivalent of the freedom to live in a van down by the river, banished from the nice neighborhoods. Vive Liberte.
(To be clear, I don't have concrete answers here. There are no easy answers; it's a complicated problem. But that means the answer also isn't as easy as "Government already has too much power." Perhaps it currently has too much of the wrong kind of power, and not enough of the right kind).
In the 1980s how did you produce or distribute music without the internet and computers that could produce music? The police arrested NWA at a concert for rapping “Fuck the police”.
> No; they merely cut access to your account because you look suspicious, such as having pictures in your private Drive account that their algorithm decided were child pornography, locking up or deleting all data you had hosted by them, with no recourse and no hope of retrieval.
I can and do have multiple backups of my media (Google Drive, iCloud, Amazon Drive, and they are stored using a separate account in AWS S3 Glacier. Are you really comparing losing some pictures and data with losing your freedom or being harassed by a cop?
> Yes; you have the digital equivalent of the freedom to live in a van down by the river, banished from the nice neighborhoods. Vive Liberte.
Yes guess how hard it is to live a good life after getting arrested because you got on the wrong side of an overzealous Justice system? Or got shot by a trigger happy cop?
I agree with you that the monopoly on violence requires more scrutiny than the soft-power of money. My argument is that certainly doesn't imply no government oversight, nor does it imply we don't have enough government oversight right now. Especially of corporations - your argument appears to be government power is dangerous to use because it can be abused vs. individuals and vs. music acts; can you think of an example where too much government oversight of corporate process has led to improper deprivation of liberties (jail time and the like)?
We can acknowledge government power is abused against individuals while still asserting it is the most effective tool against corporate overreach and should be wielded as such.
No comparing government power and the harm they can inflict (taking away your freedom) to corporate power (they can take away pictures of little Johny) are night and day. I can live my whole life without dealing with Google.
> can you think of an example where too much government oversight of corporate process has led to improper deprivation of liberties (jail time and the like)?
In a very realistic scenario that someone said happens in highly regulated industries is that if you ever tell a friend on a company communication channel to call you even if it’s something personal you will be called by lawyers.
States are trying to pass laws where social media companies have to verify your identity and your age before you can post.
Government is trying to have back doors to all of your chat.
Government is arresting people based on their chat messages where they are talking about using pills that facilitate abortion between grown people?
Do I need to go on?
Is it worth having the government intrude in your life to protect your pictures of little Johny?
So what? So you have to explain that you didn't violate the auditing laws? That's hardly a huge burden. Don't use corporate assets for personal communication, problem solved.
> Government is trying to have back doors to all of your chat
And they shouldn't. But the point is: for most users who haven't bothered to set up something like IRC, corporations already do. And you continue to harp on the ways that government can impact personal civil liberties when I am still talking about the ways government can restrict corporations from using unchecked power to make people's lives hell. For the purposes of this discussion, chat logs and abortion are irrelevant. Unless you think the personal right to have an abortion is somehow analogous to the corporate right to, what, Dodge tax law? Use dark money to fund a candidate like DeSantis getting into office?
If you're concerned about government overreach and a resulting threat to personal civil liberties, the best defense we have against it is strengthening and enforcing existing corporate auditing law. Because everything you're concerned about regarding civil liberties gets exponentially worse when corporations can buy politicians.
Government and corporate power aligning behind a common goal is on the road to fascism. I'm advocating for setting those power bases against each other.
So are you okay with the government subpoenaing your private phone communications because they think when you asked your coworker to call you on your personal phone to talk about where you wanted to go out drinking?
Fascism is when the government controls every area of your life and of corporations. Do you think giving the government more control of the private sector will lessen the chance of fascism?
You keep bringing it back to personal civil liberty because you don't have an answer to the question "So why is more government oversight of corporations bad?"
I actually have no problem with such a subpoena being attempted (it is part of the regular process of investigating a crime), but I have a problem with a court rubber-stamping it. I have no problem with the corporation I'm working for being obligated to track and furnish similar records for any corporate assets I use, and to be obligated to ask questions if they catch wind that I might be trying to skirt auditing law by pushing conversations that should be legally audited private. Catch the difference?
> Fascism is when the government controls every area of your life and of corporations. Do you think giving the government more control of the private sector will lessen the chance of fascism?
I actually do because the definition you gave is not actually what fascism is.
Fascism is a political movement emphasizing extreme nationalism, a supremacy mythos of that nation, and the militarism necessary to support such an inherently unstable structure. Among its tools can be usurpation of corporations. But tight control of corporations is also a hallmark of socialism and communism, among other structures. You may as well say its wrong to breathe air because fascists do that too.
A healthy democracy reigns in the excesses of an unfettered corporate sector. Those excesses, left unchecked, can (not will, but can) result in, among other things, fascist-leaning private company owners throwing in the power of their corporations behind like-minded politicians and building the machine that facilitates a Mussolini or Hitler rising to power. Mussolini, in particular, was funded by Italian industrialists.
I just gave you a real example of where corporate oversight leads to giving the government access to your personal communications.
> I actually have no problem with such a subpoena being attempted (it is part of the regular process of investigating a crime), but I have a problem with a court rubber-stamping it.
Have you not been paying attention to what the government has been doing in the name of the War on Drugs, the War on Crime and the War on Terrorism?
> Fascism is a political movement emphasizing extreme nationalism
Have you not been paying attention to what’s been happening since 2016?
> A healthy democracy reigns in the excesses of an unfettered corporate sector
Exactly what power are you afraid that Google can have over you compared to the government?
There were an awful lot of people concerned about the time they colluded to depress wages (https://www.latimes.com/business/technology/la-fi-tn-tech-jo...).
And the people they fired to break unions (https://www.bbc.com/news/technology-55173063).
And they're currently under investigation for monopolizing digital ad tech (https://www.justice.gov/opa/pr/justice-department-sues-googl...).
Let's assume, ad argumento, that they have monopolized digital ad tech, meaning other digital advertisers are excluded and almost all the ads you see are single-source.
Gosh, it sure would suck if fascists gained control of that single source, wouldn't it? And as we've seen, we can't trust that won't happen just because they nailed up "Don't be evil" above the door (and then it fell off later).
We should probably enforce the laws that are in place to keep a market diverse and healthy.
... I think I see your position though. You're concerned, given current political climate, that increased government oversight could give fascists more power. I echo that concern... Except that I believe we got here because fascists recognized that nobody was watching the tech henhouse and weaponized that. We had an awful lot of tech firms thinking they were bigger than political concerns and should be a world apart from government oversight right up until they realized they aided and abetted those who organized Jan 6th, then... Oops.
In fact, many Zoom conversations are expressly forbidden from being recorded at many financial firms. Again, that’s because no one is using zoom to make trades so there isn’t a requirement to record them and financial firms also don’t want to have to pay to keep things stored just so some lawyer can hit them with discovery.
A big current issue is when you use written correspondence that is not part of a system of record. See Finra Regulatory Notice 17-18 for details on that.
The point of the regulation isn’t to cover every conceivable alternative. The point is to specify what avenue you can use to accomplish a task in a regulated manner
Because trading conversations have to be recorded (legally). It's easy for corporate policy to say "we don't record Zooms, (therefore) you cannot trade over Zoom". It's also easy to say "we record all text communications, (therefore) you can trade over text". Meanwhile, the phone rules predated any other modern form of communication so they have the complexity of "sometimes record and trade, sometimes don't" grandfathered in.
During yearly compliance training one thing that was stressed was not to mark anything A/C Priv unless it actually was. They made sure to call out that including someone from legal in an email chain does not make it A/C Priv and not to try anything like that. At the time I thought it was silly that the training went over such obvious things as "don't commit white collar crimes" in essence but apparently that's not how they do things at Google. I just can't wrap my head around why any of the many different people involved could ever look at what they were doing and think "yes, this is fine, I should continue this behavior". WTAF.
megcampbell@google.com: "it needs to be history off"
https://ia802501.us.archive.org/21/items/gov.uscourts.dcd.22...
schramm@google.com: "should we have history off for this?"
https://ia802501.us.archive.org/21/items/gov.uscourts.dcd.22...
margaretlam@google.com: "Hi Tim, if OK, can I ask you to turn history off :)"
https://ia802501.us.archive.org/21/items/gov.uscourts.dcd.22...
margaretlam@google.com: [interesting exchange with another employee who is trying to follow the rules]
https://ia802501.us.archive.org/21/items/gov.uscourts.dcd.22...
Paraphrasing: "What policy? I'm on multiple legal holds as well. I ignore them every day [smileyface] But if you want to follow the rules, I'll respect your decision. I'll just communicate with the others off the record. I only included you for optics reasons."
Some would say that company culture starts at the top. Here's the 50-year-old CEO:
https://ia802501.us.archive.org/21/items/gov.uscourts.dcd.22...
What kind of legal guidance were these people getting? When I worked at a big corp, we had regular meetings with legal that were reminders of how to treat sensitive subjects and it was taken very seriously.
Exactly.
When 'fix' means ensure conversations that are already under current legal hold are destroyed, it's clear what legal guidance and training are.
I hope the court nails their execs to the wall for pulling shit like this as a matter of corporate policy.
The internal legal guidance they've been getting for this case is likely exactly the same as their internal legal guidance for everything else.
eg "completely full of shit" that they're complying with things
Seems like a bad internal culture, maybe stemming from their weird self belief and exceptionalism because "we're smarter than everyone else"?
Either way, when Google claims things like "We're fully compliant with GDPR, or [other legislation/requirements here]", the documented examples above is why many people don't believe them in the slightest.
The kind that looked at the Microsoft anti-trust lawsuits in the 90s, and instead of saying, I dunno, "let's not try and gain and wield illegal monopoly powers" but "let's delete all the evidence of us gaining and wielding illegal monopoly power".
https://ia601707.us.archive.org/28/items/gov.uscourts.cand.3...
jsinouye@google.com: "Hi, please use this chat for ops/policy/BD/escalations issues that need faster response. Please note: I would like to keep history off. Members are Shie, Camille, Dan, Court, Sherry, Jintae, Ash, Jami, me."
https://ia801707.us.archive.org/28/items/gov.uscourts.cand.3...
"Nice website you got there. It'd sure be a shame if your competitors all were listed above it in search even when looking for it by exact name."
But I wouldn’t even go that far.
Like... I'm hard pressed to find a scenario where Google has not appeared to be a bunch of outright gangsters.
If we could put executives from Volkswagen in prison for cooking the books on some environmental regulations, shuttering Google and arresting the entire C-suite should be way more obvious.
What I found interesting was the rationalization that "people would just cherry pick data and use it against us." Which belied the idea that if you saved all of it, you would be able to reconstruct it.
Also the storing of live traffic not to "look at" but to have a model of live traffic to test changes against. I once asked "why not create a statistical model of the traffic and use that?" and was responded "#1, people wouldn't believe you if you said this was 'just like actual traffic', and #2 we get live traffic for free with no engineering effort so its a win to use it instead."
They weren't wrong but they didn't really prioritize privacy or safety either.
Most quality docs must be retained by law for the life of the company, even if they discontinue a product. So it isn't really judgement call from the legal department.
"Do NOT delete any emails. <chuckles>. Let me say that again to make sure everyone has understood me correctly: do NOT delete any emails!"
The way it was said, the chuckle, and the way it was repeated with the extra emphasis on NOT, sent a clear message: delete all such emails.
I worked there in 2006. The SVP of Eng was Alan Eustace. He's a jolly guy, he chuckles a lot. I don't remember this specific exchange but I can hear his chuckle in my head. Knowing him, the chuckle would almost certainly be laughing at what an obviously terrible idea it would be to delete the emails. Alan Eustace certainly would not have instructed people, explicitly nor implicitly, to delete messages subject to legal hold.
Unrelatedly, I would not have believed you at the time if you told me that the then CEO had entered into an illegal mutual non-solicit agreement with Apple (and Intel, Adobe, and others), suppressing employee pay by agreeing not to recruit or hire each other's workers. History and a successful class action lawsuit revealed a different story.
In one internal email sent in July 2018, a McKinsey executive appears to acknowledge the growing legal risk faced by Purdue Pharma over its opioid business.
"It probably makes sense to have a quick conversation with the risk committee to see if we should be doing anything other that [sic] eliminating all our documents and emails," McKinsey senior partner Martin Elling wrote in an email sent to another executive at the company. "As things get tougher here someone might turn to us."
Gah that is so incredible dumb and the fact that he didn't check himself before hitting 'send' is just perfect. Nothing like a bit of hubris to go with the mindset of a criminal. It makes you wonder what 'anything other' referred to.
"Face to face meetings" = History off
"We are an office culture" = We are an off-the-record culture
The east doesn't have the same problem to that degree but in a way their solution is probably worse. Depending on who you ask, much worse.
We need a new paradigm for government. It needs to be nuanced, sophisticated, balanced and yet holistic, and integrate well with technology.
Or maybe due to the incompetence of current governments, the technology itself with take over.
When the Sherman Antitrust Act was originally passed in the 1890s, the American judicial system systematically refused to apply it to business trusts. They didn't strike them down as unconstitutional, of course - they just argued that, oh no, poor old Congress doesn't know what words mean, they really meant to ban labor unions and not the monopolistic businesses they were trying to combat. This continued through several decades and multiple follow-up bills explicitly prohibiting courts from doing this (they did it anyway).
For a few decades this practice stopped; mostly because the monopolists drove the world economy off the Marianas trench and there was a social democrat in the White House willing to do unspeakably authoritarian shit to the courts[0]. Also, WWII happened.
This, however, was just a diversion from the mean. In 1980s a bunch of federal judges decided to pull a similar stunt, reinterpreting antitrust law not as a prohibition against economic concentration but merely one against raising prices. The resulting "consumer welfare" standard wound up getting adopted by the executive branch[1] and since then we don't regulate monopolies at all.
Because here's the thing: monopolies don't raise prices. They lower them.[2]
The east has worse monopoly problems than we currently do. China doesn't have a solution to monopoly, it is the monopoly. Every major Chinese corporation is extremely exploitative of their workers, and has major ties to the government and Chinese Communist Party. Chinese law has a broken welfare system, no internal freedom of movement, and bans labor unions. South Korea is democratically run[3] but the chaebols are so large that they form their own voting blocs. 11% of the country's labor force is employed by Samsung. Japan had similar problems - after Matthew Perry forced open their borders, they saw America's monopolists and, not wanting to be eaten by them, formed their own. The zaibatsu reigned until the end of WWII, where America, having now forced Japan's unconditional surrender at the threat of nuclear annihilation, used their position as Japan's occupiers to hack the companies in question up into little pieces.
The solution to monopoly is to destroy the monopoly. No more and no less. It's not a problem of not understanding the new technology. The problem is that monopolists tend to be several steps ahead of you; deposing them requires sustained focus and an economically enfranchised democracy. In the case of the Internet, many very well-meaning and intelligent hacker types were pushing for keeping the Internet unregulated, because they were worried about social conservatives censoring us in the name of the moral panic of the day, or the RIAA censoring us in the name of music still being a saleable commodity. This was co-opted by the monopolists to carve out vast swaths of the Internet for themselves.
The EU didn't make this same mistake and actually enforced their antitrust laws on US tech companies. Problem is, they could only really fine Google, not break them up, so for a good decade tech enthusiasts had this idea in their heads that this was just a revenue generating exercise for the EU. The amount of consumer good-will Google and Apple had (and still has), especially in the tech space, was (and is) downright obscene.
[0] If that wasn't bad enough for the monopolists, there were a bunch of capital-f Fascists trying to seize power as well. The monopolists considered front-running the Fascists and having Smedley Butler assassinate FDR and crown himself dictator, but fortunately for us he had a change of heart and defected.
[1] Thanks, Reagan.
[2] When a large portion of goods are made by a handful of companies, those companies have significant negotiating leverage and economies of scale. Competitive free markets are actually more inefficient because you're paying a redundancy and freedom premi...
The point I am trying to make is that the effectiveness of the systems are constrained by their structure. It's not that we just have some monopolies that need to be destroyed. Because we keep getting new ones that hang around.
We need to improve the structure so that there is less tendency for monopoly and for monopolies to become entrenched.
Its like I am saying, look, to deal with this flat tire, we need to design a better tire. And you are saying, no, all we need to do is keep checking our tires. But this is the 15th flat tire we have had in the last two years. We need to design a better tire.
Fundamentally the problem is that there is a lack of metacognition. Governmental structure tends to be something that becomes part of a belief system. You need to have a good metacognitive sense of the difference between belief and objective reality before you can start to regularly examine and question your beliefs. This just requires a certain amount of exposure to the idea.
What's necessary is for people to fundamentally understand what money, government, and technology are and how they relate. And all of those concepts should evolve in a high tech direction.
The most likely way that is really going to happen at this point is probably via transhumans with higher intellect and better communication built-in.
The thing is, monopolies tend to be on the wrong side of the Innovator's Dilemma, but they short-circuit it by just buying the disruptors out. Think about how many technologies Google has developed internally versus bought and scaled up. If we prohibited them from buying startups, then the company, being a slow and lumbering monopoly, would eventually crumble like Kodak did.
Some scrutiny at the current banking system for keeping interest rates at 0% for a decade and change might also be deserved. Cheap capital makes it cheaper to buy your competition out.
[0] The Tyranny of Structurelessness is an essay that alleged that leaderlessness in various radical feminist and other left-libertarian movements was a smokescreen for unaccountable and undocumented leadership structures. This also applies to right-libertarian movements, Bitcoin, Ethereum DAOs, etc.
It does seem reasonable that there should be some way, (outlined by the courts) to ephemerally text that gives it the same protections as an unrecorded phone call. Because in a world where it's not the 60s and business is done over text instead of phones we lost a lot of privacy with no change in the law itself.
I don't know anything about these specific conversations, but one obvious difference between phone/video and chat is that the former has to synchronous whereas the latter can be async.
Async can be more practical people who are very busy, are travelling, are located in different timezones etc.
It's not inherently ephemeral though. You can add deletion rules on top of that to try to pretend that it is, but the courts see right through that.
I'm struggling to think of any text-based communications that are inherently ephemeral. Generally anything committed to text is long lasting, and has always been (way pre-computer era).
If this goes through, all that will happen is that Google will re-engineer the backend to evade whatever standard set by the ruling. Who wins from this outcome? Perhaps the engineers getting paid and promoted to work on said project. Certainly not the courts or the "people".
I distinctly remember conversations with my very down-to-earth & practical tech friends in SV. they all were totally bought into the notion that google can do nothing wrong .. because conscientious engineers & management. I kept telling them all it takes is a few bad quarters & all that goes out the window. of course people looked at me like am a cynic & out of touch.