edit: The user events page is now private, and the bug that could reveal locations is fixed. However, continue responding to the poll to express your opinion.
Up until today, significant information was publicly available about new users- everything they clicked on and interacted with on the site.
Additionally, per the Discord, there may be exploits through which people may be able to figure out your IP/City. Were you aware of this information, and is this on-balance bad?
I just want to say the Manifold team discussed what happened here in our meeting today and came to a consensus that we made a mistake by having user events be shown publicly for new users (and be scrapeable for all users) and for allowing the city you are from to be shown in our Umami analytics.
We hope to do better in the future as we are learning what privacy standards users expect. We will thus expect higher privacy standards from all our team members.
A core piece of Manifold philosophy is (still) that transparency is good, pro-social, and useful. Every startup begins with founders that have some contrarian ideas that they think will change the world in a positive way. @Austin in particular has a sincere belief in transparency, which he has convinced me of. You might be convinced too if you chat with us for long enough. Transparent markets are a public good.
So, thanks for bearing with us. We'll continue striving to make something users want as we push toward our goal of transforming society through the power of prediction markets.
On a personal note, I haven't updated my stance on privacy much, but I do think that violating user expectations around user events was needlessly costly, and that we should always be communicating transparently with y'all about what's going on, whether through our UI or in our messages.
(also maybe this wasn't the best time to get into a philosophical debate on privacy)
I think the simple rules should be :
- What isn’t private, should be clearly not private. (this is about transparency on the Manifold part)
- What is private should be encrypted or not saved at all
- What is private, should stay private forever (otherwise, it isn’t really private).
- Sensible information should be private (obviously password or card number should stay encrypted and private)
You can make a lot of stuff public for philosophical reason, but it should be absolutely clear that it is from the start.
@dionisos +1, was going to write a similar comment, but you totally nailed it
Individuals can totally create companies to explore their philosophical beliefs, but those should be disclosed to ensure they have accurate expectations.
AND, insensitive comments to users about this from manifold employees are not the end of the world, but they are an update towards (1) Manifold not being able to completely own when they make a mistake (2) Not fully grasping how important the disclosure problem is.
I'm pretty surprised by the reaction here - from the comments I had assumed Manifold was publishing user emails / phone numbers or something? But it's just extended user browsing data?
This feels like one of those things it feels good to get worked up about but in reality doesn't matter. Glad that Manifold addressed it quickly to placate users, but...like... c'mon...doesn't this fall below the level of emote-relevance?
@CarsonGale It was the arrogant and disdainful reaction of the team that is most upsetting. That seems obvious to me. Why so focused on the choice that exposed their antipathy rather than the antipathy itself?
@CarsonGale Detailed browsing data, IP, location… that’s a lot of data that can be scraped and used. There’s already enough of that going around that it kinda sucks, especially because most users were definitely not aware and the staff seemed pretty cavalier about it.
@CarsonGale I don’t think Austin could have possibly handled this situation any worse. I am shocked the other two cofounders allow him to treat users the way he has this week. I mean we all knew about his questionable ethics since his SBF piece, but I don’t think we knew he was also a world class jerk who treats users as if they are expendable. Can anyone tell me about a successful startup that treated their users this way?! Of course not.
@CarsonGale Honestly, if you consider the manifold team your friends, you especially shouldn’t excuse their behavior. They might listen to you and you are doing them no favors.
@BTE seems like a lot is getting lost over text here. I do consider the Manifold team friends and I think of Austin in particular as a moral example - not just in what he says or the things he writes, but in the positive ethics of how he acts towards others. I think referring to him as a 'world-class jerk' is just not having enough information (from my admittedly limited perspective).
He probably didn't represent himself as best he could in this comment section, and maybe that has happened in other places to sour your experience. But as best I can tell, this seems like an innocent mistake at limited scale, driven by a misunderstanding of how much users would care about this issue, quickly corrected once made aware.
@CarsonGale The publicly available data included IP address and city, things I have gone out of my way to attempt to keep private to prevent myself from being doxxed (there is a long history of online trans activists being doxxed, and I don't want to end up on that list.) In addition, the fact that the site tracks everything - from clicks to search history to mouse movement - is strange and frankly obsessive in re: personal data. These are data that should be aggregated and kept private, not tied to individual users for an indefinite period of time and made publicly available for God knows how long.
I like that bets, comments, DMs, and market creation are all open and can't be anonymized - it encourages accountability and following community norms. But I also have certain expectations of privacy that I apply (note that these apply under normal circumstances, not hacks/exploits, and that "other users" does not include admins or IT staff):
My IP address should be kept private from other users.
My personal email address should be kept private from other users unless I consent to sharing it publicly. Same goes for my phone number, address, real name, etc.
No site or app should have access to my location data, my camera, or my microphone unless they have a good reason and I have given them consent to access these features.
My search history should be kept private from other users.
No site or app should log my key presses or mouse movements - logging clicks on links is OK, but that information should be kept private from other users.
My general location - city, county, state, country - should only be accessible to other users if I voluntarily choose to disclose that information. If my general location is required to be public, I should be able to set it as a country or state rather than a county or a city.
I should have the option to refuse to allow my data to be sold to advertisers, or otherwise be accessed by any third-party organizations.
Manifold follows some of these, but not all of them. It seems like Austin's ideal website would follow none of them. This has severely damaged my trust in Manifold as an organization, maybe permanently. It has certainly ensured that I will not be buying mana again (I had spent roughly $150-200 on it over the past seven months.) And it's reinforced many of the negative impressions I have of Silicon Valley and the techies who run the place. I suppose I should have learned by now - no social media site respects privacy because most tech bros want to know everything about everyone and have no sense of personal boundaries. I've just never seen it so blatantly said before.
tl;dr Manifold staff create the lack of privacy from the legendary sci-fi novel We Won't Have Privacy In The Future (And That's A Bad Thing)
@BTE I completely agree with you, although I think many successful founders exhibit antisocial and narcissistic tendencies, and maybe the clearest example was Mark "They trust me - dumb f**ks." Zuckerberg.
If anyone doesn't want Manifold to track you, block the https://analytics.umami.is url using something... Umami is the web analysis software Manifold uses.
@bohaska sadly that doesn't block everything. we also use Amplitude and also we directly store user events in our database
The mouse movement stuff is all in hotjor, not in supabase. It was NOT public. I find hotjar kinda useful because it lets me see where new users get stuck.
I doubt we'll ever have third party ads. We do target boosted markets based on people's interests, same as everything else in the feed. I morally think ads are good, but I personally don't like most ads lol.
I agree with your other bullet points though. I think button clicks are more innocuous, but yeah, no particular reason to let just anyone see them.
summary as far as I can tell:
IP, emails are private and never leaked.
camera, mic, location data, keypresses are not logged at all.
search history was a genuine oversight. it's no longer visible now that user events are private as they should be
city of some users may have been visible. but it requires an attacker to use custom queries on umami to deanonymize the data, and it wasn't really scrapable. I think this attack was only discovered very recently and I don't think many people were affected. we have since made umami visible only to us.
Wow, I just read the threads here. I probably will have left before I could but I’d bet that this will be another one of @Austin ’s takes that won’t age well.
I hear it’s been fixed but the display of defensiveness, condescension, and disregard for important user rights and expectations by a founder and some staff is unacceptable. I’m not so surprised by the SBF takes now.
I was already weary of this site for personal reasons but this scandal will accelerate my resolution of /NicoDelon/will-i-retire-from-manifold-before
@NicoDelon Well said. The fact that they would read your comments and be like “good riddance” makes me sick.