Their CFO showed that he has little regard for the privacy of their users. I highly doubt that has changed. Many devs and compliance folk were on the right side of this in the MR and feature threads, but they were overruled.
I highly doubt the CFO has changed his viewpoint, and he's still in power over there. They only backtracked after the "insane" reaction. They anticipated some amount of pushback, but obviously hoped it would be smaller and they could move forward.
Yet, the CFO was given authority to make an important product decision, over the objections of engineering and product design. Can you name any successful tech company that sells a highly technical product to a highly technical audience that give the CFO final decision authority on product decisions -- decision authority over and above marketing, product design, and engineering?
The root-cause screw-up here is delegating product decisions to F&A. A good CFO adds huge value to a company, but should not have final decision authority over product decisions. That is not the role of a CFO. Any company that makes it so is organizationally dysfunctional from the C-suite down.
Privacy? Their users are companies building software. The CFO is right -- they can agree or disagree to the terms of use and choose whether or not to use the new software.
No, the CFO is dead wrong. I'm a very vocal Gitlab advocate and would have stopped promoting them if they did this. There are 100's if not 1000's of people like me and we help build Gitlab value. And then there is the GDPR to contend with.
The only sense in which he's "wrong" is as you describe: people won't want to use the software, and it's a bad decision when it comes to making money. He's not wrong on some principles-based reason.
Since GitLab have operations, sales and other employees inside the European Union, and the assertions from the CFO are contrary to European law, he is wrong for legal reasons.
It's strictly illegal under GDPR, the agreement is void as it contradicts the law (you cannot have terms and conditions superseding the law). The policy - "agree to tracking" must be explained and justified, consent must be given (affirmative action by customer/user).
Failing to do that and holding user's data as hostage would be compliance breach. GDPR fines are no joke and set forward to prevent abuse. (up to 20m euro or 4% global revenue) GitLab is no small business any more and a fine would outweight the 'tracking profits'
>Privacy? Their users are companies building software
Not sure I follow your logic there.
First of all, he's not right. As stated by the compliance officer in that thread, his plan would have violated the GDPR. It also would have violated existing contracts with enterprise customers.
Secondly, it's a scummy thing to do. just because you have the right to do something doesn't make it the right thing to do.
I'm not talking about existing contracts or the law in some far-off land, and neither are you. You deserve nothing. You aren't entitled to Gitlab releasing software the way you'd like them to. Maybe your brain tells you otherwise. Instead, just don't use their software. For example, I wish Windows 10 didn't have telemetry. But it does, so I don't use Windows 10.
The world doesn't owe you a free Git issue tracker.
Oh, so you're not talking about the two ways in which he is objectively wrong in arguing to implement this feature, only that a vendor has the right to add user hostile terms to their ToS. Ok, well you've convinced me!
Honestly, who here is arguing that they can't implement some form of this? No one. Exactly no one. We don't like what it, and we're the consumer! It's not entitlement to pushback when a vendor changes their terms in a way you don't like.
I have no idea what point you're trying to make here.
> Their CFO showed that he has little regard for the privacy of their users.
Their users are companies, who can put on their big boy pants and decide what they think of Gitlab earnestly gathering usage information, not deep personal secrets, that it uses to help it improve its own product so that it can better serve the customer.
Throwing this all under the same category of "privacy" that one might use for private content -- the content of emails, the content of messages, copyrighted material, trade secrets, and the like -- as if this is a great moral issue, is just not a clear-minded way of operating.
People store copyrighted code and trade secrets in their repositories with gitlab, if the third party tracker is compromised those secrets can also be compromised.
I highly doubt the CFO has changed his viewpoint, and he's still in power over there. They only backtracked after the "insane" reaction. They anticipated some amount of pushback, but obviously hoped it would be smaller and they could move forward.