Hacker News new | past | comments | ask | show | jobs | submit login
Yahoo's Fight for its Users Earns the Company Special Recognition by EFF (eff.org)
438 points by jasondemeuse on July 15, 2013 | hide | past | favorite | 71 comments



Ironically the only major tech company not to deny NSA involvement, is seemingly doing the most for its users privacy. Fighting against the overreaching arm of the US Govt in secret courts for the last 6 years, without any potential for publicizing their plight exemplifies Yahoo's true stance on user privacy. Actions speak louder than words, what you do when no-one's watching, without any potential of direct benefits or exposure shows Yahoo's true colors.

Which is in stark contrast against other major tech companies strategy of instead deny direct involvement, launch marketing campaigns promoting users privacy as their top priority and go as far as launching anti-privacy campaigns criticizing the privacy policies of their competitors, whilst simultaneously providing an indiscriminate fire-hose of private user data directly to the NSA.


I have hated yahoo because of their poor products, bad user experience, ridiculous design sense, and what appears to be just brand marketing for a brand's sake.

However, I have to say this news gives me a strong reason to reevaluate yahoo. And my own feelings about this makes it clear to me there is a market in customers who are interested in having their rights respected. I'm looking forward to the new wave of strong security, and corporate user rights policies as a feature.


Dunno what your criticisms are about. I've used yahoo, specifically the email for something like 15 years. In all that time, I have had less trouble than any other site. For example, using gmail as an evaluation has caused me more grief in a short space of time than yahoo mail over it's life time.

Like much of this sort of thing, I think its brand hating for the hates's sake.

I have never "liked" yahoo or been a "fan", but I know I use it, I know it works, and I know it has been grief free. It just works.


I'm not hating brand in the abstract. I've had specific technical, aesthetic and business issues with Yahoo throughout it's entire existence.

Technically I've had a lot of trouble with Yahoo mail, and those types of problems have been typical for me with every service of theirs I've ever tried in the past.

For example, I often have trouble emailing people who have yahoo accounts due to bizarre spam filtering policies, some of which have no resolution path. I also have a Yahoo email account, and my mail client complains almost daily that it can't connect or my password is wrong.

It's just my personal taste but aesthetically, I can't tolerate their interface design. I'd be willing to bet Godaddy recruited their web designers from Yahoo.

I started noticing them as a 'brand only' company when I was in Japan in 2003. A local telecom was marketing a Yahoo branded DSL services. I suppose they where trying an AOL play (at least they had a focused business goal, and they've updated their design sense this century), but the combination of all this product noise (i.e. unrelated service offerings), combined with bad UX make the Yahoo brand ephemeral to me. Other then an email service, for the life of me, I can't put my finger on what they do. Crawl around the web and put a yahoo sticker on anything they think is cool?

Now however, maybe their brand can start to represent something I care about, but they'll have to actually do some useful things too.

And then there's this: http://theoatmeal.com/comics/email_address


I think Marissa has recently did a lot of changes to improve Yahoo.


This was 6 years back. When probably Terry Semel or Jerry Yang were at Yahoo!


Makes you wonder about some of Microsoft's undisclosed intentions when Yahoo! was a suitor[1] given what happened when/after Skype[2] entered Microsoft's fold. Though the credible timeline[3] given suggests that Yahoo! may have already been forced to capitulate.

[1] http://en.wikipedia.org/wiki/History_of_Yahoo!#Acquisition_a...

[2] http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-co...

[3] http://thenextweb.com/insider/2013/06/07/microsoft-has-fed-p...


If you're going to bash Microsoft, at least find an accurate point to build your case on. Skype was added to the PRISM program 8 months before being acquired by Microsoft in 2011, and was looking into how to cooperate with wiretaps since 2008 under Project Chess.


She seems to be good at getting nerds talking about Yahoo. I don't think I was ever in the target market for any of their products, and I almost forgot the company existed, until the recent controversy about the ban on remote working.


Even if you don't like their products, almost everyone is in the target market for one of their products. Mail, News, Groups, etc...


I use yahoo for groups (nearly every item of old hardware has a yahoo group[0]) and for auctions on japanese electronics, as ebay never really caught on in japan. I get good use out of yahoo finance aswell.

[0] hyperbole


Uh what do you have against remote working that you're switching to Yahoo just cause they banned it?


I understood that to mean he'd forgotten about the company until the remote-working ban controversy brought it back into the spotlight, not that he's boycotting Yahoo on the basis of its remote-working policy


Actually he thought the opposite, that said user was switching to Yahoo! because they banned remote-working on the basis that said user does not approve of remote-working.

But it is confusing.


Correct. (I have no strong opinion for/against remote working.)


Such as?


Improving the work environment, as only one example.


Probably the biggest improvement: getting the point across to a huge organization that they're not content just sitting back with things as usual. Yahoo had become the behemoth that plodded along, one step after another. Someone needed to come in and whip the company into shape, from the Veeps on down. If nothing else, she's woken the company up. And that right there is something big.


For what it's worth, their iOS weather app is absolutely fantastic and I believe is now being aped or outright used by Apple in iOS7.

Small things, but it is a very nice user experience if what you're after is the weather.


Sportacular for iOS is also great. Provides no-nonsense scores and news for almost every sport (I mainly follow basketball, tennis and soccer, though). It is a much better interface than what Yahoo's own web equivalent (sports.yahoo.com) has become.


Companies should be commended for their efforts to fight these orders. However, let's not forget that Yahoo also handed over information to the Chinese government that led to the arrest and prolonged imprisonment of multiple people, and then tried to cover up their behavior by pretending they didn't know why the information was being requested.

I suspect that the backlash from those actions may have led the company to appeal the FISC orders, fearing similar potential future liabilities.

Source: http://arstechnica.com/tech-policy/2007/11/yahoo-calls-withh...


I don't think that's how it works. Yahoo went all-in with China and has significant staff and hardware and user records located in Chinese jurisdiction. Once you make that initial mistake you're basically fucked when it comes to resisting the Chinese government, because they'll just throw your people in jail, or confiscate servers.

In America there are appeals processes, so Yahoo could avail themselves of those.

So Yahoo may well have had a consistent "fight for the users" policy, but were constrained differently in different jurisdictions.


The complete tally for different companies is here: https://www.eff.org/who-has-your-back-2013


not surprsed to see dropbox rated so well. My friend used to work there, and even though they split over differences, he commended them for truly respecting user privacy and that it is one thing that dbox absolutely gets right.


Not to discredit them completely, but don't forget that dropbox was listed as "coming soon" in the PRISM slides.


I suppose the big empty space on the right is where "Respects users' privacy in their own business practices" should be.

But of course this is only about the Big Bad Government.

It's an interesting cultural difference how privacy suddenly becomes in issue in the US now that it's about the government, and totally fine when people were being tracked an profiled for profit.


There's a key difference.

When it's the government, there's a chance a big black van will pull up next to you and haul you away for the rest of your life.

A corp is likely just trying to manipulate you into buying their worthless junk. Not good, but at least you're not dead or imprisoned.


You're [dead], create a new account. I don't know why you're banned, your comments are mostly pertinent and not boring. Maybe the admins don't like Europeans ^^.


"Yahoo went to bat for its users – not because it had to, and not because of a possible PR benefit"

Good for them, but also perhaps motivated from poor PR resulting from this episode: http://en.wikipedia.org/wiki/Criticism_of_Yahoo!#Outing_of_C...


Even if the incident with screwing over the chinese dissidents is the entire reason they fought the NSA in court that does not subtract one iota from the good karma they deserve for fighting the NSA in court.

People who learn from their mistakes deserve at least as much praise as the ones who got it right from the beginning (the list of which seems to be exceptionally short in this case).


[deleted]


Good luck meeting your GDP numbers after that.

It's ok, that is what the Federal Reserve is for[0]… ;)

[0]: http://www.federalreserve.gov/monetarypolicy/files/BSTcombin...


Because they know that google is very unlikely to simply shut up shop, the shareholders would probably never allow it for one.

A company can always have it's CEO replaced with someone more amenable.


In case of Google?


Well they start by putting all the C level exec's in jail for refusing a lawful request.

I'm not sure how long Larry, Sergey, Steve and Marissa would want to stay in jail but I'm sure they'd have plenty of interesting discussions:)


Only in 2005, Yahoo helped the Chinese regime prosecute a journalist. That wasn't the only time that happened, either. (Source: NYT - http://www.nytimes.com/2005/09/07/business/worldbusiness/07i... )


I'm tired of this example. AFAIR, Yahoo got a valid court order to turn over information, and they complied because they had a presence there. No other company: not Google, not Microsoft, not AOL would have done anything different.


Twitter might have, if they had a presence.

They had this sort of issue in France a while back didn't they?


Yahoo! responded to being put in this situation by, among other things, funding a fellowship at Georgetown (and Stanford I think) for a researcher and 2 students to study human rights issues and communications policy related to the internet: http://isd.georgetown.edu/programs/yahoofellow/


"... While Yahoo still has a way to go in the other Who Has Your Back categories (and they remain the last major email carrier not using HTTPS encryption by default)..."

Why? and how vulnerable to Eve, not using HTTPS?


This is what I'm so confused about. 6 years ago they realized they would need to protect their customers from prying eyes yet they couldn't wrap their heads around encryption being a major player in that system? I'm not buying it.


Subhed: "The truth begins putting its pants on."

https://news.ycombinator.com/item?id=5876108


Except when Snowden actively denies these companies inability to avoid compliance.

I'm not sure who to believe that this point. This whole thing is messier than cold war politics and it was probably orchestrated that way.


Well, this is a little weird... Yahoo that joined PRISM in 2008 gets a gold star from EFF?


I doubt you can "join" PRISM. You're forced in.


"forced in" meaning that in order to continue to conduct business as is without trying to circumvent in the name of their users interests, they chose to align their interests with the surveillance state in order to minimize any potential short term corporate hardships.

It kind of reminds me of how a certain president received a nobel peace prize yet the actions conducted under his policies (or rule) are in contradiction to the ideals of what the prize is named after, but I digress.

There is always a choice to be made…


> potential short term corporate hardships

You mean prison time, like what happened to Joseph Nacchio? http://en.wikipedia.org/wiki/Joseph_Nacchio


Notice I did not say "potential short term individual hardships", regardless of what he was charged and convicted of (which wasn't failure to comply with NSA orders of which he says are in retaliation of)…


So you're completely disregarding the possibility that Qwest was dismantled and Nacchio was just a pawn?


> There is always a choice to be made…

No, there isn't, in case you haven't been paying attention.

When it comes to NSA, there is no "they" anymore. In the eyes of NSA, a company is not a whole, but rather a group of individuals that can face jail time, individually.

And yes, "legally" speaking, companies and individuals supposedly can fight back, but they are coerced into doing it in secret. Doing otherwise can lead to the labeling of individuals as national security threats or even potential terrorists, after which all gloves are off.

So let me ask you this - if the populace at large doesn't do anything, why do you expect a company of a few thousands to be up in arms about it? That's a really screwed double standard.


So Yahoo! "fighting back" apparently was apart of the smoke and mirrors, since apparently they have no choice what so ever except to bend over and take it from the surveillance state?

>Doing otherwise can lead to the labeling of individuals as national security threats or even potential terrorists, after which all gloves are off.

Are you suggesting that if in the event of a CEO or shareholders of multinational corporations deciding not to comply with secret orders then they will be labeled by the state to the public as terrorists and national security threats? Can't wait to see the headlines on Bloomberg for that…

>So let me ask you this - if the populace at large doesn't do anything, why do you expect a company of a few thousands to be up in arms about it? That's a really screwed double standard.

If one needs the populace at large in order to discern whether the actions undertaken by the state or any of it's outsourced entities are reprehensible or not, they we have bigger problems at hand…


"they have no choice what so ever except to bend over and take it from the surveillance state?"

Yep. I guarantee that as well as taking the process through the courts, they have also been obeying the existing law. They have no choice.

"Are you suggesting that if in the event of a CEO or shareholders of multinational corporations deciding not to comply with secret orders then they will be labeled by the state to the public as terrorists and national security threats?"

or child molesters, or rapists, or tax fraudsters, or anything that can be found and has the smallest chance of sticking. There is a pretty good history of this, including Assange, and the CEO of some telco whose name I forget. It is a pretty standard way for Intelligence departmentsto get what they want, see the history of intelligence companies.

The NSA have access to all our communications, finding something to use as blackmail isn't going to be hard.

"If one needs the populace at large in order to discern whether the actions undertaken by the state or any of it's outsourced entities are reprehensible or not, they we have bigger problems at hand…"

we honestly do. The actions of the state are moving beyond the common understanding of the social contract.


>Yep. I guarantee that as well as taking the process through the courts, they have also been obeying the existing law. They have no choice.

True, but by submitting to the will of the court (system), they effectively made their choice. They could have made an public announcement of such secret order and dealt with the legal repercussions, Which in my eyes, would have be more of a blow to the surveillance state (than some golden star given by EFF that they can put on their fridge, while still being complicit with the state) and set a precedent for other companies to do the same…

>or child molesters, or rapists, or tax fraudsters, or anything that can be found and has the smallest chance of sticking. There is a pretty good history of this, including Assange, and the CEO of some telco whose name I forget. It is a pretty standard way for Intelligence departmentsto get what they want, see the history of intelligence companies.

Some would call this getting into tinfoil hat territory, but what you state what has happened is more palpable to the public than to declare such individuals, that so many people look up to, as terrorists (effectively putting them in the same light as those who the state alleges perpetrated the attacks on 9/11 that justifies the ongoing combat in countries that we are not at war with and the death of thousands of civilians caught in the cross-hairs [of whom of which is has been documented that the state has given weapons, aid and intel to on multiple occasions]).

>The NSA have access to all our communications, finding something to use as blackmail isn't going to be hard.

But of course the information the NSA collects, that is outsourced to the BAH's (which apparently any sysadmin can get their hands onto :P) who are owned by the Carlyle's wouldn't dare blackmail their portfolio company CEO's or fellow shareholders in order to not damage the potential profits of their companies… ;)

>we honestly do. The actions of the state are moving beyond the common understanding of the social contract.

Agreed… but somehow, this is the elephant in the room for many people…


There's a huge difference between tail-waggingly complying with a government request, and fighting back with every method available until you are defeated. Many tech companies didn't even raise "arms" against the NSA invasion -- they in fact built systems to make the NSA's surveillance easier than they even needed to.

In a society governed by laws, and enforced with guns, you don't have a choice about complying with laws, unless you want to be hauled off and put in a dank cell (some admirable dissidents do that, but nobody should expect that level of commitment from their email provider).

Let's not mix this up with Obama's Nobel Prize. I don't think anyone outside the Nobel Committee, including even Michelle Obama, thought it was an appropriate selection at the time or today.


>There's a huge difference between tail-waggingly complying with a government request, and fighting back with every method available until you are defeated.

But submitting oneself the court system of the state to overturn the the secret rule of the state, on face value, looks like an exercise in futility…

And like I said below, being rewarded a golden star from the EFF to stick upon Marrissa's Fridge while remaining complicit and receive praise from those in the tech community for "trying", is quite amusing to watch. They could have been much more effective publicly denouncing such secret order and face the ramifications as a multinational corporation… you know, like HSBC's slap on the wrist for laundering drug money that the state says is always going to the terrorists.

>In a society governed by laws, and enforced with guns, you don't have a choice about complying with laws, unless you want to be hauled off and put in a dank cell (some admirable dissidents do that, but nobody should expect that level of commitment from their email provider).

Or you pull a snowden and watch the global state trip all over its own laws and the sovereignty of other nations to try and catch you.


Both Twitter and Apple (Steve Jobs era) refused to participate.


Any source on that Steve Jobs speculation?

It makes more sense that Apple's lack of attractive cloud/internet service presence delayed their eventual adoption.


It definitely has a cool name though. Reminds me of Justice League.


Did you read the article? THEY FOUGHT!


Notice the name of the law used is mentioned in this article.


Modern newspeak and equivalent English terms:

Department of Homeland Security - Department of State Security

Public Safety - Police

Department of Defense - Department of War

Enhanced interrogation techniques - Torture


Public Safety includes way more than Police; there's the fire brigades, the emergency medical services, the DMV and more.


That's true, but to me lumping in the gendarme with firefighters and EMS is pretty Orwellian language engineering.


Protect America Act?


How Orwellian of them. Does that law still exist, though? I thought they replaced it with the FISA Amendments Act or something.


Yes, they did. I read an article about it before.


US legislation often seems to have titles like that - 'America Invents Act' or 'Stop Online Piracy Act'. Legislation here in the UK has much more prosaic, factual titles, like the "Apprenticeships and Skills (Public Procurement Contracts) Bill".


So do US laws. If you actually read the Bill it usually has a factual and direct title and then the second line will be "Also known as the Bunnies Are Cute Act."


You must know by now, all Fed op/act/project names must be read through rot180, or a `clapperSpeak' translator.


Yes, this is what I mean.


It seems like an odd choice to leave the exclamation point out. http://en.wikipedia.org/wiki/Yahoo!


Ironically, the HN auto-linker doesn't pick up on it, either.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: