>Reserve’s security team conducted an investigation and brought that evidence to OpenTable and started a dialogue between the two rivals. OpenTable confirmed that it fired the employee in question
lesson to the youngsters - never do anything smelly/unethical (dont even mention criminal) without manager approval in writing. Otherwise at the first sign of trouble you'll be made to take one for the team as it seems to have happened in this and countless other cases.
I mean even in normal situation, whenever some details of feature, project, etc. are discussed and decided/assigned in some informal way, i find it is very useful to send a summary note so the manager/PM/etc wouldn't come later with the very different version of what happened.
They will be verbal about it. If you request it in writing or email their own request to them, you will be fired or 'burned'.
Source: Worked in finance. Most inappropriate requests was verbalised. They not only came from management but from other members of team (ie, bullying). I had a coworker get really angry at me when I 'confirmed the task' to her and cc'd my manager for a task she was offloading to me that wasn't related to my department.
If you're concerned about that, pull it back one step, and go "sure, I'll confirm in an e-email". And watch lots of excuses for why the request suddenly isn't essential anyway.
The point is that if you don't create a paper trail, you risk being set up as a fall guy for much worse than being fired. They know it, and you know it, and your safest way out is to make sure that they know that you know that they're asking you to do something inappropriate and that you're smart enough to ensure there's evidence implicating them if they force the issue.
If they get angry or keep making those kind of requests it's a good reason to look for another job anyway, before they find a way of pinning something else on you.
I've done the "confirm in e-mail" thing. I highly recommend it. I also brought in other folks on the request via email mentioning the name of the person and their request etc. Over communication is key, before you act. NEVER leave it up to just you even if it is typically a one man action
I'll never know what the full story was but the one time I had a request I wasn't comfortable with and communicated like crazy.... sales manager dude who was brought in with lots of fanfare moved on to other opportunities within two weeks.
Yes, pretty much anything that innocently announces your intent to put it in writing somewhere, and gives them an opportunity to back off and pretend the conversation never happened will do.
Hilarious! Can you say more about that situation. I love these kinds of stories and been bullied myself especially by last boss.
It was "regular job" in IT but if you left home before 9pm people were looking wierd at you. Plenty of good folks work there but you know how it is when environment rots you either lower your standard or you out (thats why Im personally out)
My favorite comments by my bullying boss:
If you have family, dont work here.
Everyone here knows they dont see their family till late night, except of you.
You are not C-level managment, you are on a McDonald salary here (altho wasn't tru)
Fine leave at 8 (job description said 8-5), i will write it in your report. Will see how its stacks up against others.
There's a few issues with what you said. People will bully you when you start the paper trail, that's a fact. That shouldn't stop you.
The problem though is that people tend to start the paper trail when something fishy happens. That's too late. You have to "train" management to accept email confirmation on good days. The resistance will be lower, so that on a bad day, when things are fish, they are less inclined to pester you about it. Paper trails in general also help you in legal settlements when you do end up getting fired.
It's never a bad idea to follow up after all meetings -- both team and 1-1 -- with an email that goes, "As per our discussion, I do X,Y; someone else does Z, 3rd person does W, and project A is blocked on B." Then everyone is definitely on the same page as to DRIs and commitments. Or you can hash out disagreements then and there.
I wish I had this advice sooner. The new part for me here, beyond merely keeping a paper trail, is to make sure that everyone knows about your consistently kept paper trail, so that it wards off bad behavior before it starts.
But this seems like a really toxic place to work. I routinely send a short summary of key points whenever we have a talk with someone that impacts our work/course of action. If not needed, I try to stay polite and relatively informal "Hi Steve, here's a short summary of what we talked about in the morning as my memory tends to fail me these days. If I got something wrong, please correct me." If someone gets back angry at me after receiving such an e-mail, I don't want to work in such a place.
Hence why most meetings have "minutes" sent after them. I don't see what you're doing as any different, so good on you. Also, if someone gets angry about you "confirming" your discussion with them, well then, maybe you want to make sure everything you talk about with them is confirmed.
> I 'confirmed the task' to her and cc'd my manager
That's exactly the way to handle gratuitous or fishy tasks - creates a paper trail and discourages any further attempts of the same kind. It may get you fired though :)
Fired or "burned" is the easy things. If they manage to get something illegal pinned on you, you are sitting in jail instead.
I think that in such toxic work-conditions you can only benefit from getting fired. Do not accept bullying. And on many companies and state the paper trail is mandatory and if it doesn't exist, you get frowned upon.
If it gets to that point, you need to quit, because the alternatives are quite clearly headed in a get-fired or do-something-unethical or get-burned direction anyway. Just accepting it remaining verbal is only a temporary option while you're on your way to other options.
While it is possible that this was 'sanctioned' activity by OpenTable, I think it is more likely the result of sales/bonus targets. There is plenty of documentation on why targets/bonuses can lead to unintended consequences and more often than not lead to cheating/gaming the system to achieve the targets rather than actually delivering the outcome intended.
I would argue that this sort of thing is the intended outcome.
This is how smart modern businesses break the law. They don’t tell you to do it. They’ll probably be quite explicit that you are never supposed to break the law and that the company is serious about this. At the same time, they’ll give you incentives and requirements that you cannot meet legally. Then they’ll let you figure it out on your own. If SHTF, they’ll be able to tell investigators, with all honesty and sincerity, that you did this on your own and there was never any approval from management.
A really common example is working off the clock. This is super illegal and they’ll tell you never ever under any circumstances to do it. Then they’ll give you X hours and 2X work for the week and let you figure it out for yourself.
Yes, this argument certainly doesn't absolve OpenTable of any wrongdoing. Especially in sales it should be fairly obvious what the outcome of these ridiculous targets will be.
But sometimes it can be more subtle. For example, a delivery driver may be targetted to make 10 deliveries an hour. However what happens when they are short of their target. They cheat. Suddenly people aren't home. They hit their target, but now the company has to reattempt delivery which increases their overall costs. But many companies, instead of looking at what they are really trying to achieve, will just add more rules (only successful deliveries count) which will just lead to more sophisticated cheating.
In Mountain View, I’ve seen the USPS fake attempted delivery on packages at least 50% of the time, to a business that’s open from 7am to 7pm. I’ve heard this isn’t the driver so much as the postmaster gaming their stats from the office, so they don’t fall below SLAs with Amazon packages for instance.
Not sure the reason exactly, but incredibly aggravating to get an email saying they attempted and business was closed when you’ve been sitting there with the door open all day.
I run a fulfillment center and we recently acquired a client’s business: DonaldTrumpDogPoopBags.com
For now I’m running support for that myself. My most common email is explaining early delivery notifications to confused customers. I’ve taken to just emailing this link w a quick one-line explanation:
https://lifehacker.com/why-you-have-a-delivery-confirmation-...
The amount of time wasted by this one specific ‘cheat’ is astronomical.
Say you give an estimate on a project that includes work to address side-effects and other problems, and they ask you to provide a revised estimate assuming you didn't address those problems, you know, just so they understand the costs and can perhaps invest in other solutions to those problems. Not illegal, not even really unethical, but it's fishy because they're probably setting you up to be the engineer who didn't address those problems.
"If you're going to go down, take people with you."
Best management advice I ever received. They mean, always partner with people above you when a decision with consequences has to be made. And as others have said, confirm in email. Make sure you have a public trail that can be followed.
This advice is valid even if you're at a great company with great people because one bad decision and people will try and save their own jobs before they worry about you.
I worked at a company about 5 years ago where the word "sue" was frequently used. Their previous lead engineer left and they had had a chain of contractors since his departure. When I came in I found several security holes and also discovered their payment system has been hacked, exposing thousands of customers to fraud and identity theft.
I started documenting all of these things in emails right from the start.
When I informed my manager the first thing out of his mouth was "Can we sue the former lead/contractors?" I had no idea, I'm an engineer. Whenever some contract with a third party service didn't seem to be what he expected: "Can we sue them?" This went on for about 6 months before I quit. It was a toxic workplace that left me mentally and physically drained each day.
After I left I'm sure they asked the next guy if I could be sued. I'm sure the paper trail I left saved me, because they would go down too.
The best part was when one of their favorite employees embezzled over 100k and disappeared. They sued him, or at least tried.
> you'll be made to take one for the team as it seems to have happened in this and countless other cases.
Is there any evidence that this employee took one for the team? Who is to say that it wasn't simply a lone sales employee looking to win a few new accounts to meet bonus quota.
Reasonable people may disagree about what counts as unethical, but I don't see any gray in this scenario: if you're convinced that something is bad enough that you need written cover from a superior before you'll do it then you just shouldn't do it. Likewise if an employee comes to you and says "I want to do this thing but it seems smelly so I want written approval from you" you shouldn't approve it.
There are things you shouldn't do because they're plainly unethical.
There are also things that are ethically fine, but maybe your boss' boss, or some other department, or the customer, might not like. In those cases, it can be a good idea to document that you didn't come up with this on your own.
Stuff that requires a SOx audit trail (or equivalent local, or even internal, equivalent) is definitely not OK to do if asked verbally but (probably) fine to do with the correct paper-trail in place.
And I've definitely used "please put that in a ticket" as a stalling mechanism so I can go away and check that what's being asked for is legit.
But whether or not you should create fake reservations to harm your potential clients so they give you money is pretty damn simple. Sure you can find complex ethical dilemmas, but most issues at work are either right, wrong, or unclear. Getting stuff in writing helps keep honest people honest, and can help make things clearer. I think GP's point is that getting it in writing doesn't move it from wrong to right.
> We extend our sincerest apologies to the restaurants in Chicago that were impacted by the disgraceful, unsanctioned activity of a lone OpenTable employee.
I have a hard time believing he/she just thought of such scheme without silent knowledge, approval, and/or encouragement of others.
I believe them because that's my default position, and I don't see enough evidence to believe otherwise. A poorly-incentivized rogue employee sounds perfectly plausible. But I don't think something like that happens without some culpability on the companies part (poor incentives, lack of oversight), which is why I'd like to see them take responsibility for that.
As an other commenter notes, it's also believable that they started playing to the incentive without being specifically asked to behave that way. In my experience of sales people, ethics are the first thing to go out the window when bonus is on the line.
And just to be clear this doesn't absolve the company in any way, they're the ones who set incentives up, commonly expecting & hoping for misbehaviour.
I love how many of the Gervais Principle examples are actually something you can see in real life. Also hating it though. I wish we would live in a better world.
It seems a great many people believe that everyone else, and particularly, everyone in management, is unethical; the system is corrupt, all management is corrupt, and the only way to advance is to sacrifice one's values. I used to believe this too.
To the ethical people out there, I'd like to say that there is a battle and we haven't lost yet. It sure looks that way, given the behavior of the government, large corporations, even NGOs. But its a battle. And the first front in the battle is mindshare. If ethical people believe that everything is corrupt and hopeless, then the unethical people have won.
Consider this: the rogue employee at OpenTable could genuinely be a rogue employee. They might even be a nominal ethical employee who perceived behavior around them as unethical, or who believed that the only way to success given their performance targets was to behave unethically. They may have believed that the only explanation for the performance targets were that OpenTable wanted them to act unethically, when in fact they were just impossible targets set by an aggressive, but ethical manager.
I'm sorry to say that ethical behavior is something we have to fight for continuously. We don't get to create a constitution a few hundred years ago and call it done. But it doesn't help if we declare, as I used to, that the government has been "rooted", and the US is just an unethical cesspit now. Get involved. Demand ethical behavior. Call out moral hazards. Talk about ethics.
The Computer Fraud and Abuse Act is such a broad and poorly written law that even common behavior can be called a CFAA violation, such as breaking terms of service.
It was created during the enduing moral panic after the movie Wargames was released (1983 release, 1984 law). The House Committee Report about the bill literally references the movie.
I don't think so, TOS violations are probably not CFAA violations [0].
It does sound like tortious interference (civil law that would allow recovering damages).
I'm rather of the opinion that it should be criminal, this sort of action does real harm to society and is the exact sort of thing criminal laws should target.
The recent Nosal cases seem relevant, since they were specifically about an employee violating the internal computer policy, and the government arguing that violated the CFAA. After some rounds and a divided court, the Ninth Circuit reviewed it en banc and decided against the government: https://www.wilmerhale.com/pages/publicationsandnewsdetail.a...
The SCOTUS refused to hear the appeal, but since the Ninth has jurisdiction over California, it seems fairly secure. But IANAL either.
> We extend our sincerest apologies to the restaurants in Chicago that were impacted by the disgraceful, unsanctioned activity of a lone OpenTable employee.
This is one aspect not addressed in the article; just because tables were falsely reserved, doesn't mean they were actually responsible for the lack of business - if no customers were going to show up anyway. No real way to ever gauge that though.
I've been to the same restaurant on other nights and it's always been packed, so it was quite suspicious that it was so empty on what should be an even busier night...
Why isn't this a thing already, just like hotels, pre-authorize a minimum table charge to a debit/credit card (ensure AVS and/or names matches - most CC processors fraud systems provide this info - so you have correct details to blacklist in the event of a chargeback) - infact actually the reservation provider should be handling and swallowing the chargeback risk - they have the aggregated data and taking a big fee for essentially a risk free SaaS.
They probably don't want to raise the bar any more for potential customers: too many hoops and I'll just use the phone instead; it'll take less time to call than type my CC#
The idea would be that they do the same on the phone, it's much easier to type than have someone try to process a CC over the phone 5494 2442 what was that again 5494 242.. etc.. It's almost impossible to secure a hotel without a CC nowadays even for pay on arrival, it will take some first movers but I'd suspect most would follow suit pretty quickly.
I wouldn't put it past SV VCs to throw money at something like that in the name of "disruption", ethics be damned. I can almost picture the founders talking about "changing the world" and "disrupting the restaurant reservation cartels" in interviews.
The point already made in my post was that there is no way of us knowing that many, or even a few customers actually called and couldn't get a table. Evidence is anecdotal.
Reservations is what EVERYBODY calls it. I've made thousands of reservations in my life. I had no clue what a "reserve bookings" is. You can figure it out from context... but why go out of our way to make things so difficult to understand.
Title case (which is itself an abomination before the Lord and a destroyer of communication) is the problem here.
It is not “fake reserve bookings” but “fake Reserve bookings” (that is, in longer form, “fake bookings on Reserve”.) As GP pointed out reserve is a proper, not common, noun in this use.
FWIW I submitted it under the original title, "OpenTable Infuriates Restaurants With Fake Reservations Scheme", but I'm guessing it was changed to clarify that in the article, blame has so far only been assigned to an individual employee, and only the company Reserve was targeted.
With all the silly things people want to regulate, I'm always baffled how intentionally deceiving people with the intent to cause harm isn't just plain illegal, and your only recourse is civil court. It seems to me it would cover a lot of situations that people try to fix with very specific (and thus loophole-y and high-overhead) regulations.
My non-lawyer opinion: I would be shocked if a motivated Illinois Assistant State's Attorney couldn't turn this into a criminal conviction. The definition of wire fraud in Illinois (720 ILCS 5/17-24) is "A person commits wire fraud when he or she... devises... a scheme or artifice to defraud or to obtain money or property by means of false pretenses, representations, or promises" and as part of that scheme communicates using a wire or radio waves. Basically, if you lie in connection with a financial transaction and use a telephone or the internet, you've committed wire fraud. The state doesn't prosecute many wire fraud cases as far as I know, but nearly every white collar federal case includes a wire fraud charge, because basically anything nefarious is wire fraud in addition to whatever else it may be.
Of course, just because a prosecutor _could_ prosecute someone for a crime doesn't mean they will or should. And I think Reserve's lawyers have probably come to the conclusion that the State's Attorney probably has better things to do with her staff's time than prosecute this case.
"Reserve’s software engineers noticed a spike in prospective fraudulent activity on the afternoon of February 14"
Interesting that they would be monitoring for fraudulent reservations. Are fraudulent reservation 'wars' between these companies pretty common that they would be tracking such behavior?
Also, if this isn't criminal, is DDoSing a SaaS competitor not criminal then, since they are pretty similar?
I don't know about the restaurant business, but I've been told by people in the flower trade that the long-stemmed rose business right before Feb. 14 is full of antics, deceptions, broken promises, dummy orders, etc. that are absolutely terrifying if you're new to the game.
So much money to be made so fast. It tends to attract . . . operators.
It would make for a fine bit of investigative reporting. Wish I had an article to recommend.
My source is a medium prominent tech executive who tried to disrupt the Valentine's Day flower business (with its high mark-ups). His plan was to set up his own, lower-priced regional alternative -- which would bring in planeloads of flowers from Central America, right on time.
Things did not work out the way he had hoped. Everything went sideways the first year. He tried again, and the second year was catastrophically worse. There was no third year.
That's why you should always have a domain expert on board when trying to enter a business you deem ripe for disruption. Chances are very high that you do not completely understand it.
NPR's Planet Money did an episode on the Valentine's Day rose craziness. I don't recall it being about particularly offside tactics, but it's from three years ago.
Its also rival restaurants, not just rival apps attempting to undermine their competition. Happens all the time on Amazon too apparently in the form of fake ratings right before a holiday.
I'm wondering how they found out it was someone from OpenTable.
Detecting someone using multiple fake accounts (maybe from the same IP) is one thing, but how to track its origin? Did they use approximate location of the IP and saw it's close to OpenTable offices?
So they were too aggressive. They should have used fake bookings much less and increase them much more slowly, and don't show with "hey, wanna switch?" right after.
Should have? You realize you're arguing for something that's morally reprehensible and legally questionable (fake bookings) in the context of something else whose morality is dubious at best (how should OpenTable know about sagging sales in the first place if they're not already affiliated with OpenTable?)
Seeing this from another perspective, shouldn't Reserve's engineering team have been able to pre-empt this kind of attack? If they could do a postmortem and determine the requests came from a single range of IP's (assumption), they could have foreseen it. Or if they had set up alerting around frequency of reservations, they would seen an outsized number of requests which they could further look into. These are pretty easy to set up, so I'm surprised they're so naïve about this kind of vector.
I suspect there are some restaurants who are just now finding out what that mandatory binding arbitration and class action waiver clause in Opentable's terms[1] really means, today.
On the other hand, there's an Opentable lawyer who is getting an extra martini at lunch today for saving the company by including that text.
Yeah, but this could break some restaraunts. OpenTable should be compensating those restaraunts affected, at the very least. And this is different in that it didn’t just affect OpenTable’s rivals, affected the third party business directly.
You mean such as in the case of e.g. police brutality or mishandled prosecution? The government is indeed on the hook. It is OpenTable's responsibility to ensure that it hires ethical people and that it encourages them to behave ethically and verifies they are doing so. Anything else would be insanity.
Why do people always believe the story that there was a solo perpetrator who acted alone and without the consent of the organization? Most likely they were nothing more than a sacrificial pawn in this scheme.
Are you saying that you think that I believe the story of a solo perpetrator? My only comment was that I gave Open Table props for firing the employee. Whether or not the company was complicit it is pretty clear to other employees that 'losing your job' is a very real possibility here. And that, in my experience, reinforces 'rule following' and 'ethical' behavior on the part of employees.
If the company was complicit or directed the behavior, firing an employee over it for PR sake makes their actions worse not better. That's what I read when I read "sacrificial pawn".
I agree with you that if the company did this to "get away with it" that it would be reprehensible. That said, by actually firing people it makes it hard for the company to do this again in the future, even if it wants to, because employees who remain are more careful about being compliant with activities.
In my experience watching company cultures, companies that fire employees for bad behavior (as opposed to reassigning or sending them for additional training) are less likely to be complicit in that behavior. And when this sort of behavior is uncovered at a higher level, more likely to fire the senior leader as well.
It's irrelevant whether anyone was actually fired - there's now a news article saying that someone was fired over this, which is the same (if not wider reaching).
If they didn't actually fire anyone, you don't think word would get around a 625-person company that the PR statement that a rogue employee was fired was BS?
I was not stating what you believed. Your comment set off a knee jerk reaction to this narrative that is all too common in today's media coverage of corporate malfeasance. It seems, to me, that the PR play book is to blame a single individual and then fire them.
Fair enough. As you can read, I am (gently?) pushing back against the narrative that all corporations are evil. :-)
I find I too have a knee jerk reaction to narrative arguments which seek to assert a generalization (as most of them do) against their enemy target. We are flooded with them these days pretty much everywhere we look.
I observe that a simple statement, "I give credit to companies that fire employees they discover have engaged in actions which violate their stated values.", is pretty standalone without narrative. And yet, it is contextualized by the reader into the narratives they either endorse or oppose.
And since narratives are crafted from a curated set of truths, things that would either disprove or dismiss the conclusions of a narrative are most vigorously opposed or pushed back upon.
It almost seems to me that the reality of a more nuanced and textured reality where many things are true, corporations can be both good and evil, and everything is evolving through experience and time, is the most frightening place of all.
Even if you're right, it's the kind of stunt the company can only pull once. No employee in their right mind would be the fall guy for this scheme again once they've shown that they'll throw someone under the bus.
So they believe the employee acted alone eh? His name wasn't Oswald by any chance? Well I'm glad they got rid of the only dishonest person in the company. Phew!
If true, I don't see the equivalence. If we take OT's response as credible, then it'd be the product of one rogue employee whereas you're claiming Uber did this as company strategy. Time will tell if this was one OT employee's doing or if it was a don't tell and we won't ask policy that accounted for these actions.
So there are four different start-ups that focus on making restaurant reservations... I had no idea it was so difficult to call a restaurant and make a reservation, I guess the person would need access to a phone in order to make the call.
It's pretty awful. Hold times, the potential for multitasking staff to forget to log a RSVP, determining how to best allocate tables... Not only is online reservation a necessary component, it's just one piece of a multi-component automation solution to the many problems that arise from a desire to efficiently and effectively seat and serve as many people at once as possible.
I recognize your comment is in jest, but I appreciate you making it. This challenge is rarely understood.
In our household, we make a fair number of restaurant reservations at 11:30 p.m. . . . and some more at 9 a.m. (Two-career couple; hard to align schedules, etc.) Online services like Open Table don't mind this at all. By contrast, restaurants are not eager to keep staff by the phone at those hours, just in case we call.
Not only that, but you have the ability to make a reservation during non-business hours, which is huge.
If you're making a reservation last minute, its a god-send to not have to call 10 places just to ask if they have tables available. You can just look for yourself online in the time it takes you to dial a phone number and have someone answer. Think about the difference between calling up and asking a business a question vs just reading the answer on their website.
Since almost zero restaurants pay a staff member to sit by the phone doing nothing but taking reservations (it wouldn't be practical), by definition, your phone call is interrupting the restaurant staff - which leads to a poor experience on both ends. I imagine the staff certainly appreciate reservations being made without phonecalls.
Plus it is a huge benefit to the deaf and hard of hearing.
Kokonas' Tock system is built to correct these problems. It's also why Tock is not exactly the same as systems like OpenTable and Reserve (although the parent article implies so).
Kokonas believes the other sites are taking millions of dollars of revenue away from restaurants when other options work better.
- Repeat my incredibly common, single syllable, three letter name for the umpteenth time just for them to still get it wrong.
- Ask for a high-chair and ask them to please write that down somewhere, only to arrive and find they didn't do so and there's no longer any available.
- Have staff mess up the time and/or number of people I've booked for, all because they can't hear over the kitchen noise?
Yeah, I'll just fill out a few fields and hit submit, thanks.
I tend to be pretty far in into the "Seriously, you need an app for that?" camp. But using OpenTable is so easy compared to poorly designed restaurant web sites, busy signals/no answer, language barriers especially when traveling, etc. To say nothing of the fact that, you can immediately see if your desired slot is available and maybe check a couple other places before making a decision.
I'll just add to the list that making a reservation is even more difficult if you're in a wheelchair or otherwise mobility-impaired - for some reason a lot of places have difficultly answering "are you wheelchair accessible?" with yes or no.
The answer to 'who needs an app for that' is not so much the diner but the restaurant. Sure, you can call, but the restaurant doesn't really want to take that call. They want to deal with the people who are in the restaurant. For these services, the restaurants are the customer, not you.
For myself, one of the features I like is being able to search by area or type of food; you can check availability at a bunch of places at once.
lesson to the youngsters - never do anything smelly/unethical (dont even mention criminal) without manager approval in writing. Otherwise at the first sign of trouble you'll be made to take one for the team as it seems to have happened in this and countless other cases.
I mean even in normal situation, whenever some details of feature, project, etc. are discussed and decided/assigned in some informal way, i find it is very useful to send a summary note so the manager/PM/etc wouldn't come later with the very different version of what happened.