Assuming we're all using the word "nasty" to mean spiteful or unpleasant, I think it's quite fair to call that comment by the CFO nasty toward users. The CFO is literally saying that users should not have a choice about how their data is used. Now, that may be a "reasonable" business decision for GitLab to make, but it's still quite fair to call it nasty toward users. Again, it's literally the CFO instructing the GitLab product team to remove a choice from their users about how their users' data is being used. Middle fingers and feelings of entitlement may also be nasty, but this comment from the CFO is, in my view, pretty much textbook nasty.

Gitlab is a wonderful company, but it's still a for profit company, it's not a charity. Everything they're giving away for free is part of the business model, and particularly part of their user acquisition approach. They, and many other companies, have discovered that the open source (or in this case "open core") approach can be very profitable.

I'm not advocating in favor of rudeness, but the same reasoning goes for the middle finger gesture. It's an emoji that Gitlab have (I believe) deliberately included in their commenting mechanism. As far as I understand, it acts as a way to categorize users' anger and vitriol in a much more sanitized manner than if the users were to type their sentiment into the comment box. In general, allowing and encouraging negative feedback of specific parts of the service helps drive user engagement and demonstrably makes good business sense.

If users feel entitled and free to speak up, it's because there is a lot of competition in this area and they can easily leave. The fact that users are providing this feedback to Gitlab, rather than just deleting their users is a sign that they still trust the company and the service, want to keep using it and to drive it to be better.

<disclaimer: founder of a GitLab competitor>

When a C-level fundamentally misunderstands the company's culture and the culture of their target audience, incompotence becomes presumable and maliciousness becomes possible, IMO.

> In what world does a disagreement over the right level of telemetry justify this kind of behavior?

In a world where companies think little of collecting and selling our personal data to make a profit? In a world where companies feel the need to track every part of my life with or without my permission. This is something I can't escape, as every time I interact with someone that does use one of these platforms than they are able to collect data on me.

We both know that there are companies out there that are trying their best to not exploit their users, and sadly these companies are often held to much higher standards. When a company that we trust, and trust enough to recommend to others who value their privacy, it does hurt when a company goes in the opposite direction with your privacy even when they have noble intentions at heart.

It's also completely telling when their engineers are standing up for their users and others at the company are trying to find any excuse to collect certain information for reasons.

Now, I'm never for personal attacks on someone no matter what, but I find it hard to call out people for using a widely used and available emoji. I do agree it's very much on the line and others might take the other opinion in this case.

Then what about the people who are fine with the tracking and selling personal data (I for one) ? I think its great that let say google manage to make money out of my personal data, and in return I get to use their of free service.

Great for you. But please smoke outside so the rest of us don't have to deal with negatives (eg. smell if not health issues).

(Hopefully you get the parallel: some of us consider it harmful, and the fact that you don't care or you actually enjoy it does not mean we should be subjected to it)

In the regards of smoking, sure its great for the non-smokers but its sucks for the rest of smokers.

It's really not too much to ask smokers to not externalize the health problems of their addiction to other people. On the contrary, a decent human being would not willingly expose non-smokers to cigarette smoke. Unfortunately, there's not enough decency around to outweight convenience, so it had to be turned into law.

As for telemetry, I can't find any reason one would willingly subject to it. But even if, that's why laws like GDPR don't ban it outright, just ask for it to be optional and opt-in.

>It's really not too much to ask smokers to not externalize

Sure, from the perspective of non-smokers.

>On the contrary, a decent human being would not willingly expose non-smokers to cigarette smoke

A decent non smoker can also excuse themselves, in order not to disturb the smokers.

>Unfortunately, there's not enough decency around to outweight convenience, so it had to be turned into law

This is nothing to do with decency, the smokers doesn't have enough power/influence to prevent it to become law.

Lets say in a place where 95% are smokers, or even in the place there are 5% smokers but those 5% has a lot of power/influence. Do you think there will be law againts smokers ?

>As for telemetry, I can't find any reason one would willingly subject to it

You mean willingly subject to tracking ? Like I said before, I am fine with tracking because the benefit outweight the cost, it gives me something in return, free or cheap service.

> Sure, from the perspective of non-smokers.

From the perspective of any moral human being. Not intentionally harming others is kind of fundamental.

> A decent non smoker can also excuse themselves, in order not to disturb the smokers.

Non-smokers came first. And there's more of them. Plus, non-smokers are at best inconvenience to smokers, while smokers are a health hazard to non-smokers.

> Lets say in a place where 95% are smokers, or even in the place there are 5% smokers but those 5% has a lot of power/influence. Do you think there will be law againts smokers ?

Not likely. If the smokers are decent people, there won't be a problem; if they aren't, they obviously won't vote in laws that inconvenience them. But that only tells about deficiencies of the regulatory process, which optimizes for the loudest voices instead of maximizing good for everyone.

> Like I said before, I am fine with tracking because the benefit outweight the cost, it gives me something in return, free or cheap service.

And like I said, that's why current legal standard people are leaning towards is not to ban it, but to make it opt-in. So if you're fine with tracking, you can have it. The problem is with the infectious, anticompetitive nature of tracking - once one party does it to offset their costs, all other competitors have to follow suit or risk getting outcompeted.

>From the perspective of any moral human being. Not intentionally harming others is kind of fundamental.

Sure, at least from your perspective. But all human being ? Even now we disagree.

There are some people that to them harming people is the moral thing to do.

You may then say they are wrong, but again you view it from your morality, using your definition of 'wrong'.

>Non-smokers came first.

Sure, for the Non-smokers, Non-smokers came first.

>And there's more of them

Right, so its more to do with which side has more power/influence.

>Plus, non-smokers are at best inconvenience to smokers

Sure the non-smokers can dismiss it as merely inconvenience. But I'm sure there is some smokers that are highly suffer from not able to smoke anywhere anytime.

>Not likely. If the smokers are decent people, there won't be a problem

Again, some smokers can use the same argument, if the non-smokers are decent people, they can excuse themselves and there won't be a problem.

>if they aren't, they obviously won't vote in laws that inconvenience them

While I'm sure within smokers there are people who support the law, but I'm taking about the smokers who againts the law. Unfortunately, they fail or just don't have enough power/influence to prevent the law to exist.

>deficiencies of the regulatory process, which optimizes for the loudest voices instead of maximizing good for everyone

Its not deficiencies because it just the way it is, whichever side who are the strongest get to decide the law.

Maximizing good for everyone is an impossibility. What one human consider as good may be considered bad to other human.

>And like I said, that's why current legal standard people are leaning towards is not to ban it, but to make it opt-in. So if you're fine with tracking, you can have it

Sure if you can gain the power/influence to make it law. But I hope not and I will not support it. why ? It increase friction/inconvenience. Just like the cookie warning, its highly annoying, I would much prefer it to be opt-out or no option at all.

> In a world where companies feel the need to track every part of my life with or without my permission. This is something I can't escape, as every time I interact with someone that does use one of these platforms than they are able to collect data on me.

I find this attitude honestly kind of confusing. I mean, you know that the shops you go to know what products you're buying from them, right? Presumably those shops look at that data in aggregate when thinking about which products to stock. How is this any different? If you're transacting with someone, it's not possible to hide that transaction from them.

"At this point I don't understand why anyone in their right mind would go to the trouble of making their product open-source. It's just not worth it."

Umm...that's their business model. It's not an act of generosity. It was a decision that they thought was in their best interest.

Do you also think Facebook and Google are making their products free out of the goodness of their hearts?

I don't believe I said anything about their motives.

But you said "I don't understand why anyone in their right mind would go to the trouble of making their product open-source." The "trouble" of going open source is the same trouble as any other business expense, whether that is developer time, security audits, etc. If that's Gitlab's business model, and open source really was their only choice for a sustainable business model, it's not hard for me to understand why they went open source. Your phrasing only makes sense if they were doing something they didn't need to do.

Also, beside the point. I agree it is not nasty on the surface. But it sure is a callous sentiment—you will submit to our privacy invasion or take a hike. FU indeed.

The reactions came after the comment was widely publicized. With wide publication comes the trolls. The original comment was thoroughly thumbs-down, but the only ones interacting were people who actually use/follow the product.

How any C level position blindly walks into this kind of thing in a post Cambridge-Analytica world is a different conversation.

> "It's mind-boggling to me how entitled and aggressive the open-source culture is allowed to be."

'Allowed' to be? The "open source culture" is the sum of the participants and participation is open to the general public. If being rude were "not allowed" who would be doing the not allowing and why should they be so empowered over members of the general public?

This assumes all participation is equal. This is not the case. It’s GitLab’s sandbox, their rules (including not being crass if desired).

How is this different than what would be expected with a Code of Conduct? Must one call out “Don’t be a dick”? Vigorous debate is to be expected, being rude is not.

Gitlab is well within the right to ban rude remarks on their platform, but that isn't the same as regulating the open source community as a whole, which they have neither the right nor ability to do.

They have the right to regulate any activity taking place on any forum or digital property they control.

Obviously. The matter I am concerned with is the attitude that anybody is empowered to regulate the 'open source culture', which is worlds apart from regulating one particular forum.

I am absolutely of the mind that Codes of Conduct have been weaponized, but there’s no reason for participants to be so overtly rude in the discussion, regardless of reactji availability.

And we collectively allow this behavior. Do we not?

For example, I don't see anyone stepping up in that github thread and saying that insults and middle finger emojis are not OK. That's because that behavior is normalized. Participants in the thread either a) are OK with it; b) have resigned themselves to it; c) are refraining from speaking up for fear of being attacked too. That is what I mean by "allowed to happen".

What would it mean for me to 'not allow' other members of a free society to speak their mind?

Your right to criticize it and their right to say it are one and the same. Criticizing it and not permitting it are not the same thing.

If you are participant of the Gitlab community, you could speak up in that thread and say that you are not OK with people being insulted over a disagreement. I won't fault you for not wanting to, though. You would probably be attacked too, and have to spend a few hours of your life justifying yourself.

There is a keen difference between criticizing it and forbidding it. Gitlab may forbid it on their platform, but they don't have the ability, let alone right, to regulate the speech of the general public outside their platform.

You're well within your right to write letters to companies complaining that they employ people who use emojis of rude gestures online. What you don't have the right or ability to do is forbid rude behavior in the culture, rather than on a given platform.

Gitlab isn't in the "open-source community" any more than Oracle is. In fact, Oracle probably contributes more to "Open Source" as a movement and in code than Gitlab. Both are closed-source companies that release part of their works as open.

I can't see tears falling for either of those companies' employees as far as the broader community goes.

Thank you. That's exactly right.

Unfortunately the problem has deep roots, and the corporations you mention have a track record of either turning a blind eye to bad behavior when the perpetrator is a popular open-source figure (Google), or actively supporting it because the victims are employed by a competitor (Red Hat).

In general, open-source communities are still stuck in the middle ages from an HR perspective. You can be the victim of terrible behavior, and have no recourse at all, because the project itself has no clear legal requirement to protect you, and none of the corporate sponsors will take responsibility for protecting you in the same way they protect their own employees; even if in practice they are the only ones with the power to do so. The result is a legal limbo where people can get away with terrible behavior. I've seen people get crushed by this, it's kafkaesque.

Authoritarian sentiment at it’s best. Ignore the attacker and focus the discussion on the rudeness of the victim’s response.

No, we do not, because we do not make decisions collectively. Or at least, I wasn't consulted. Maybe everyone else was.

Assuming Free Software was meant to be professional in the first place was a mistake. It may have gained a professional following from sheer utility but it isn't fundamentally professional - there is an expectation for professionals to obey or outright refuse if it crosses some line and be calm either way. Not so for a community.

This doesn't have anything to do with it being open source. It's a separate movement called Open Company, which was tried by Gittip/Gratipay. It's mostly irrelevant to the open source-ness of a product whether the company's website is open source.

It is not just nasty to customers.

It is public evidence of commitment to an illegal policy after the CFO was informed of the legal problems.

Not sure how you can do something worse.

It's a way to send a message across. Before things turn irreversibly nasty.