Topic: Summary of the events last night - And an apology. - page 4. (Read 13011 times)

The issue in this event was that nobody was stealing from blockchain.info.  blockchain.info was not due any funds.  Roger, acting in an employee capacity at blockchain.info abused his access to their database to violate blockchain.info's privacy policy so as to gain leverage in a dispute between BitcoinStore.com and a BitcoinStore.com customer.

If Roger had violated BitcoinStore.com's privacy policy and publicly used personal information stored by BitcoinStore.com in an attempt to resolve what he believed to be a fraudulent action, it would have been less severe (I still hold that it would have been wrong of him, but not as bad as what he did).  Instead, information that only blockchain.info was supposed to have was revealed to BitcoinStore.com to assist them in their investigation and their attempt to determine whether fraud had even occured.

Are you arguing that I should be able to contact blockchain.info and ask them for a list of all bitcoin addresses associated with your email address or phone number so I can check and see if you have engaged in fraud with me?  Even if it violates blockchain.info's privacy policy?

How is blockchain.info supposed to know if I have a valid fraud claim against you or am just fishing for information I can use to blackmail you?

Breaking the nose of someone and running is normally criminal. But if you're breaking the nose of someone and running to avoid a flash kidnapping, that's perfectly justifiable.
Disrespecting a contract is normally criminal. Disrespecting a contract to avoid the other party to steal from you is normally justifiable (unless of course the breach of contract implies you taking much more from the other party than what this party is taking from you, i.e., disproportional reaction).

The main mistake of Roger here was being too impulsive. Perhaps the customer was innocent. So maybe the best action on Roger's part was to only act after some mediation decided he's right - he had the time to do so anyway. On the other hand, professional mediation would likely cost much more than 5BTC. And he was convinced the guy was a liar. If he's really correct, his actions would be justifiable in comparison to the actions of Nethead.

Anyway, it wouldn't hurt to state what you say in the TOS - that they have the right to break their contract with you if you steal from them is something that's ethically deductible anyway, explicitly stating it would help making it clearer.

Pretty much every real world company I deal with explicitly says that they will share information with credit reporting agencies if you don't pay them, as well as with the authorities if presented with a valid request.  Some also state that they will share information with other companies within the same group (often you can opt out of that as it's usually a marketing thing).

The point is that they explicitly state the circumstances under which information will be shared and with whom.  If Bitcoin businesses are going to share information with each other, they need to explicitly state that in their terms of service and privacy policies.  They also need to be very mindful of the types of data which they can legally share and what records need to be kept in terms of data-sharing.

agree with the sentiment against rodger, even if i really appreciate his efforts in the bitcoin world.

protect your customer data, even if they are assholes, or lose the trust of potential customers.

i won't be shopping at bitcoinstore now, as much as i really was looking forward to for my next computer purchases.

No problem with it at all, as long as your company's privacy policy indicates that personal information will be used in this way.  On the other hand if you make an explicit commitment to your customers that their personal information will not be shared with a third party for any reason except as demanded by law enforcement, then violation of that commitment is a big problem.  If you are going to act in that way, why bother lying to your customers with a privacy policy at all?

*bump* http://www.bitcoinstore.com/privacy-policy-cookie-restriction-mode

By the way, general question, but don't want to go OT here, so https://bitcointalksearch.org/topic/business-tos-question-regarding-regarding-privacy-need-opinions-131745

This is absolutely wrong and ethically reprehensible.  You should treat your customer's private information as your greatest secret and carry it to your grave.  This goes for any business, Bitcoin or not.

No, blockchain.info data was not made public by Roger, it was the Nethead himself who did it.
The information Roger made public was provided to Bitcoinstore.

I understand where your coming from. I would lean more so Nethead being the idiot here since he's pretty much a unknown to the community and still hasn't returned the coins despite everything. So I hear where your coming from.

Yes, but with the remark that Nethead was actually holding something that belong to others (theft), while Roger's mistake was simply to act on impulse and publish the liar's personal details publicly - and honestly, I'm tempted to think like Rassah here and ask "What's the fucking problem in that? Should we really be that passive and let thiefs always get away, cleanly, without even some public shaming?"

Roger lost some coins also I'll find the article and edit it here.

Update: https://bitcointalksearch.org/topic/m.1100049     Basically, there in regards to BITCOINICA hack.

Eventually, someone like Roger is going to leave Bitcoin at some point.

I think that was Bruce Wagner, to MyBitcoin, and he supposedly got 50% to 100% of that back.

Thanks but it wasn't broken.

I explained the specific action that both the customer and BitcoinStore took in the events you claim to have fixed, and left it up to the reader to know that lying on customs forms is illegal fraud and that offering a refund or truth on customs forms was a polite thing to do.

FTFY

Well then let's just have all Bitcoin organisations share their user information and make it public whenever they feel they've been wronged.  We could start with a list of people who had negative balances on Bitcoinica, everyone who's ever tried to defraud MtGox, and people who didn't return Nefario's overpayments.


The privacy statement would need to state that your private information can be released to other companies and made public by them -remember it was blockchaininfo's user information, not BitcoinStore's own information, which was made public - the user information of a different company than that which had the dispute with its own customer.  Kind of ironic given how much people worry about the possibility of Bitcoin businesses releasing user information to the authorities without a warrant.

And actually, I'd agree with you, but only on the condition that the privacy statement explicitly states that your personal information will be used against you if the company has a reasonable belief that you are attempting to scam or defraud someone.  You can't have a privacy statement that claims that ALL users personal information will be kept private, and also release that information when you believe that someone is engaging in fraud.  That is fraud in and of itself.

Shit's fair game when you do something like that, IMHO.

Really?  Josh is an investor in the new company which runs Bitcoin Magazine.  Would you be fine with him him having access to BM's user records and using that information if there was a dispute with a BFL customer who received an overpayment on a refund?

Even if accessing that information is an abuse of your position as an employe of another business?

Think of it this way.

You work as a bank teller at your local bank.

At a garage sale you are running at home, someone gives you a sob story about how little money they have, so you cut them a break on a price.

Later when you are at work, you look up their account and discover they have more money than they had claimed.

You call them on it and ask for the full price of the item you sold them.

They call the bank and complain that their private account information was used against them in a transaction.

If I am the bank manager and you work for me, I can assure you I would fire you immediately for mis-use/abuse of company resources.

Man, that is kind of dickish.  Btw: Isn't Roger the guy who lost 25,000 coins to some exchange hack? Maybe, its a bitterness carry over?