In this day and age, sharing this community forum discussion here is the only way to get resolution. I'm happy helping people out and tweeting my displeasure with companies, but we need some way to scale this. We can't just help the people that get enough publicity. We think we're helping, and we are, but only a small amount of situations end up getting front paged.
Interesting idea re: scaling. I agree this is a pattern we see time and time again with different companies on here. I wonder what a service built around this idea might look like? It’s basically outsourced customer service, isn’t it?
It seems like HN is in a sort of Goldilocks zone, where it isn’t as crowded as Twitter but gets enough attention that companies are pressured to respond. I’m not sure how replicable these characteristics would be to a platform tailored specifically to this customer service problem.
I don't think technology will be a long term solution. What I think the industry needs is tighter regulation and incentives for companies to not "move fast and break things", lest they get slapped with large fines. The issue is that I don't think the majority of politicians are informed on the social cost of, say, not serving a website over HTTPS or encrypting data at rest. Until then, this sort of thing will keep on happening because ultimately companies don't have a disincentive to do otherwise.
Companies in markets at scale are very much 80/20. That's one of the reasons government services are so expensive. If these services were fair to everyone, they would be orders of magnitude more expensive.
For example, it's hard to believe that an organisation not only handing over an obviously personal account to enterprise management but then failing to fix the problem when explicitly notified isn't in flagrant breach of the GDPR in Europe. The entire account tied to a personal identity could reasonably be considered personal data, which brings obligations in terms of properly managing and safeguarding that data and in terms of allowing the user to retrieve it and erase it, among other things.
I'm not generally a fan of how the GDPR was implemented in practice, but in cases like this, the sledgehammer-nut principle might well work in favour of the little guy. Going after both the hosting service and the former employer if they fail to disconnect the personal account and retain control over it when notified seems like exactly the sort of thing the regulators ought to be doing. This is such a flagrantly inappropriate policy that some sort of punitive fines to make an example don't seem out of the question.
