| |
| ▲ | wferrell 8 hours ago | parent | next [-] | | It is not genuine to say that Notion cannot listen in. Notion can listen in. Anytime it wants. Yes on Macs an indicator will be displayed - but not always prominently depending on what other apps/devices are being used (for example using continuity camera) Source: I built the same listening infrastructure into other meeting note taking apps. Our team spoke at length about this security issue with Apple. | |
| ▲ | chinathrow 10 hours ago | parent | prev | next [-] | | Make it opt-in and this would be not an issue. | | |
| ▲ | jitl 10 hours ago | parent | next [-] | | Our PMs don't like making things opt-in. I pitched a fit when we added global shortcuts to launch the Notion app search window, but I wasn't able to change any minds. A feature that's opt-in will get like 1% of the use of a feature that's opt-out. A happier middle ground would be to enable by default and showed a "I don't like this, pls turn it off" button the first few times. | | |
| ▲ | sturza 9 hours ago | parent | next [-] | | Your PMs should not decide what your software does with my hardware without me giving my informed consent. Our PMs don't like making things opt-in. -> Your users don't like making things opt-out. Low usage metrics is a UX problem. Activating it without informed consent gives you bloated metrics anyway. | | |
| ▲ | fiddlerwoaroof 9 hours ago | parent [-] | | It’s just not true that users don’t like making things opt-out. HN Users tend not to like it but I think a lot of users dislike the alternatives: either because they’re undiscoverable (toggle in settings or a menu) or intrusive (various sorts of what’s new overlays). Imo, the question of when to make things opt-in vs. opt-out is fairly subtle and largely depends on the feature and pre-existing trust. | | |
| ▲ | sturza 9 hours ago | parent [-] | | There are infinite ways on how to inform users of a new feature and ask to activate it. | | |
| ▲ | fiddlerwoaroof 9 hours ago | parent [-] | | And nearly all of them are annoying and disrupt my flow. | | |
| ▲ | bayindirh 6 hours ago | parent | next [-] | | The same thing disrupts your flow allows me to make informed decisions, and I'm happy to be offered a choice, and ability to change my mind later. | |
| ▲ | graphememes 9 hours ago | parent | prev [-] | | cookie popups that don't even work |
|
|
|
| |
| ▲ | FuriouslyAdrift 9 hours ago | parent | prev | next [-] | | Make a pop-up with the opt-in/out for all the features on first launch with everything defaulted to on so people can turn features off and get notified that such features exist. You can also use this to gather metrics on what features people are actually interested in. Good compromise. | | |
| ▲ | threetonesun 9 hours ago | parent | next [-] | | Nothing makes me not want to use software more than it asking questions about how I want to use the software before I've used the software. Runner up is the "what's new" tutorial overlays. | | |
| ▲ | brookst 9 hours ago | parent | next [-] | | Just seeing the words “got it” raises my blood pressure. | |
| ▲ | falcor84 9 hours ago | parent | prev [-] | | Well, I suppose everyone is different. The first thing I do after launching a new software is inspect its options, and if it doesn't have a good range of tunable options, there's a good chance I'll immediately abandon it. So I actually really love the recent trend in video games putting you into the options at the start. |
| |
| ▲ | jitl 9 hours ago | parent | prev [-] | | Yep, completely agree. |
| |
| ▲ | mbreese 6 hours ago | parent | prev | next [-] | | Get better PMs. Seriously. Users shouldn’t have to opt-out of something for privacy. Respecting privacy should be the default. If a user finds value in letting you listen to the microphone, then great! But you have to inform them! There are also other ways to get the same information — such as if the user also shares their calendar. This is sneaky and evasive behavior. But none of this conversation makes me want to use Notion. We used to use it at $OLDJOB for meeting notes and light DB work for non-technical users. Now I’m happy we stopped. | |
| ▲ | chinathrow 9 hours ago | parent | prev | next [-] | | Your new feature is privacy invading. It's none of your business to detect if someones mic is on unless they invite you to do that. What is so hard about that? > Our PMs don't like making things opt-in. Lamest excuse ever. I wouldn't be surprised if you phoned back home about that mic activation - do you? I recently joined an org where Notion is in use - I will actively lobby them to not install the desktop app, at all or to quit Notion alltogether. | | |
| ▲ | hackinthebochs 7 hours ago | parent [-] | | What exactly is the privacy issue with detecting when a process begins using the microphone? | | |
| ▲ | bayindirh 6 hours ago | parent [-] | | Following my habits, and reporting to a data broker that how I use my microphone, allowing even more precise profiling of my life circumstances or habits. | | |
| ▲ | jitl 4 hours ago | parent [-] | | We don’t report your habits to any data broker. This information use used purely for local UI. | | |
| ▲ | mbreese 3 hours ago | parent [-] | | Yet... you don't report habits to a data broker yet. It is currently used for local UI. Once you already are in the habit of evading user-privacy, it's a only a couple of down quarters before you start tracking and sending data to data brokers or someone else. This is why no one here likes this behavior. | | |
| ▲ | developerDan 2 hours ago | parent [-] | | Delta Airlines has entered the chat. As more and more companies start to use AI for “personalized”/targeted pricing, offers, advertising, etc. The more this exact type of data will be useful and therefore lucrative. |
|
|
|
|
| |
| ▲ | jjulius 8 hours ago | parent | prev | next [-] | | > A feature that's opt-in will get like 1% of the use of a feature that's opt-out. Well... yeah. It's either because the benefits of opting in aren't communicated well enough or that users just don't actually want it. For AI meeting notes, I'd imagine it's the latter. | |
| ▲ | rchaud 8 hours ago | parent | prev | next [-] | | > Our PMs don't like making things opt-in. Thank god the web browser was developed in an era where PMs weren't stack-ranked on rubrics like "feature engagement". Imagine a world where every website was granted access to your filesystem, webcam, microphone, and geolocation by default so that PMs could report back on how many websites were making use of those browser APIs. | |
| ▲ | meindnoch 9 hours ago | parent | prev | next [-] | | >Our PMs don't like making things opt-in Then refuse implementing it. Have some dignity for God's sake. | | |
| ▲ | callalex 9 hours ago | parent | next [-] | | Having that kind of power as an implementer requires the backing of a union. | | | |
| ▲ | thih9 9 hours ago | parent | prev | next [-] | | Depending on the company culture, this may not be allowed. As in: PMs will ask another dev to implement it; if this happens more often then they will replace you. Also, searching for dignity in a post-“don’t be evil” startup environment seems unusual. | |
| ▲ | d4mi3n 9 hours ago | parent | prev | next [-] | | While I agree with your sentiment, I'll note that ethics are hard to hold when it's your livelihood on the line. Expecting a shift in corporate culture to come from a short list of individuals making great personal sacrifice (of their careers, reputations, whatever) is not reasonable, sustainable, or realistic. I know there are a lot of folks who abhor regulation in many contexts, but stuff like this is most effectively handled by such mechanisms. | |
| ▲ | crysin 9 hours ago | parent | prev | next [-] | | And then what, be out out of a job because you were insubordinate? If you have the personal wealth and security to lose your job and possibly not have a new opportunity for the next year or so, then that's great. Not everyone has that security, and a roof over their head just may be more important than personal convictions about how to treat users. | |
| ▲ | JadeNB 7 hours ago | parent | prev | next [-] | | While I personally wish that there were more people who had the ability to make such decisions, and exercised that ability, I think that this is a hostile response to someone who didn't have to spend the time to come on HN and describe the situation to the best of their ability. Calling people undignified because they, or their company, isn't perfect is just going to close down channels of communication. | |
| ▲ | graphememes 9 hours ago | parent | prev [-] | | what an emotional response to work |
| |
| ▲ | impish9208 7 hours ago | parent | prev | next [-] | | > Our PMs don't like making things opt-in. “Ze engagement metrics must go up on ze dashboard every quarter, jah!”
I can’t wait for the day PMs and other parasites find a new industry to move to. They sure have sucked the fun out of this one. | |
| ▲ | unsui 8 hours ago | parent | prev | next [-] | | >Our PMs don't like making things opt-in That is an implementation detail. What matters is the outcome: Notion leadership has signed off on this being opt-out. The calculus here, as you indicated, was that opt-in has little buy-in. What leadership didn't take into account was the risk of this being publicized, and the blowback from this awareness. That, or leadership has already calculated that not enough people will care (possibly true). I suppose it's then up to those that do care to make more noise about this, to tilt the odds?, so this specific calculus (also known as enshittification) doesn't keep occuring (i.e, if the blowback costs are disproportionate to the value provided by default opt-out....) | |
| ▲ | dman 9 hours ago | parent | prev | next [-] | | thats a red flag imho | |
| ▲ | eddythompson80 9 hours ago | parent | prev [-] | | > Our PMs don't like making things opt-in. Whenever people on HN and else where present you the mustache twirling evil Microsoft or Apple or Google C-suite/board who are trying to enshitificate a product or a tool because they don’t care, always keep in mind that the reality is often a lot more mundane than that. The application that is “sneakily” listening to you and transmitting everything you say to their servers can be a legitimate product of a mustache twirling villain, but it’s a lot more likely (in my experience) that a group of 5 engineers and a PM were tasked by “Present relevant products from our company to the user” task and someone was like “what if we record what they are saying (or just zip-up their entire ~/Documents folder), run it through an LLM on our server and prompt it to analyze their convo or documents and recommend one of our products to sell to them? Sounds good to me, no?” | | |
| ▲ | owebmaster 9 hours ago | parent [-] | | No Eddy, this simpleton scenario of yours is not more likely to be true than the evil scenario where the evil tech company invades users privacy and collect data it wasn't directly allowed for an extra profit. | | |
| ▲ | eddythompson80 9 hours ago | parent [-] | | I admit I haven’t been in any of the mustash twirling meetings. They probably happen, but I have also been in the room with engineers and PMs discussing solving problems with analytics attribution to user. | | |
| ▲ | pksebben 8 hours ago | parent | next [-] | | Given the structure of hierarchical orgs, both can (and likely are) true. Moustache-twirler A: We've identified these metrics that correlate with increased shareholder value Moustache-twirler B: But what do those metrics say about user privacy? (both laugh. This is very funny) MT A: no but really, fire any PMs that don't make these go up and let the survivors figure out why MT B: sounds great. See you at golf this weekend (some time later, in a less fancy conference room) Engineer: This new feature is great, but could be construed as an invasion of privacy. Can we make it opt-in? PM (panicking): Oh good heavens, no! Also send the opt-out button to the UX team, that way it doesn't come down on us. | | |
| ▲ | eddythompson80 7 hours ago | parent [-] | | It's probably more telling how you had to invent the cartoonishly evil MTA and MTB, a bootlicker PM, and an honest (but maybe just slightly clueless) engineer. |
| |
| ▲ | owebmaster 8 hours ago | parent | prev [-] | | It is because when you get your attention fixed to the execution level you miss the strategic. |
|
|
|
| |
| ▲ | weego 8 hours ago | parent | prev [-] | | If they made borderline "features" like this opt-in, no one would and then the people driving this won't get the career prospect boost of shipping a new feature. |
| |
| ▲ | dakiol 9 hours ago | parent | prev | next [-] | | Thanks for the explanation. I was about to install Notion Desktop today. I Won’t install it. | | |
| ▲ | XCabbage 9 hours ago | parent [-] | | Why? I don't understand the objection to this. If the app was sending off any data to Notion without consent, that would obviously be a privacy issue, but why is it a problem for a desktop app to simply check if your mic is being used and offer to record? | | |
| ▲ | const_cast 9 hours ago | parent | next [-] | | The application is almost certainly sending off data to Notion without consent, you just wouldn't be able to tell. If a company is willing to do even small privacy violations, I do not trust them at all. Feel free to run OpenSnitch or LittleSnitch - most apps are opening connections to many domains you won't recognize. Your guess is as good as anyone's what data they're exfiltrating. That is, of course, unless you use more privacy-preserving apps that are typically opensource. | | |
| ▲ | viraptor 8 hours ago | parent | next [-] | | That's just entirely based on the "almost certainly" doing all the work. You're complaining about a hypothetical situation. > you just wouldn't be able to tell. You can setup a local web proxy and tell us. Also check the sources since it's an electron app. | | |
| ▲ | const_cast 8 hours ago | parent [-] | | I don't use notion, but it would be a fun experiment to install a root CA and see the traffic. It's probably not always this easy. I see many connections on apps using UDP, so who knows how, exactly, they are encoded. The data may also be "encrypted", similar to how Zoom "encrypted" data. That is to say, the data is encrypted, but the private key is on the same server. So, if you MITM, it looks encrypted - but there's no security. |
| |
| ▲ | brookst 9 hours ago | parent | prev [-] | | Any evidence for “almost certainly”? That seems a huge leap of faith to build a whole worldview on. Kind of circular, really. | | |
| ▲ | const_cast 8 hours ago | parent [-] | | Yes, virtually every commercial application I've ever seen allows exfiltration of data, usually close to all of it, and you agree to it by signing both an EULA and privacy policy. Based off of that, I then assume that other companies are exfiltrating as much data as possible off my devices. I mean, even your car, which, keep in mind, is a multi-tens-of-thousands dollar product, exfiltrates your location, all your texts, all your phone calls, and as much data from your phone as possible. Yes, this is a "leap of faith". I am not bound by a purely evidence-based worldview - I consider that naivety. I do not need strong irrefutable evidence of bad things happening. When people are untrustworthy, I approach them with skepticism in order to protect myself. For example, I have absolutely no proof that the NSA is surveilling SMS and telephony right now. None at all. But I know Prism was a thing. It is safe to assume the NSA is absolutely surveilling SMS and telephony. And, I'm almost always right, in my experience. |
|
| |
| ▲ | jraph 7 hours ago | parent | prev [-] | | This could be a good feature in open source software packaged by Debian and whose build is reproducible. People being angry here shows how they distrust software they use and distrusting always online software causes fear and stress. The best these people can do is relying on free software distributed in a sane way because that's what can help trust software, and, in a professional setting, to push their companies or their providers towards free software as well, and demand guarantees that their privacy is respected. These matters are not theoretical and this discussion is a witness of this. If Notion wants to be trusted, they should go open source. I see Notion people are here. Do it! Stop doing closed source software! That doesn't bring anything worth and see what badness it brings. Your value is elsewhere. It's in you expertise, your vision and how well you do things. I work for an open source competitor (or at least in the neighborhood) and that works out well for us and has been for 20 years. The day you open source your desktop client, you'll be able to show us the code and show that you indeed don't send audio records or related logs to your headquarters. We won't have to reverse engineer, sandbox just to be sure, and hope for the best. Knowledge management software shouldn't hide knowledge. |
|
| |
| ▲ | colechristensen 9 hours ago | parent | prev | next [-] | | Yeah, no. You don't get to monitor my anything in order to provide features. I was never a user of notion and I definitely won't be. It is just an oversight of the OS that your process is allowed to see the list of other processes. I do not want to be spied on and have 0 trust for any company wishing to do any kind of monitoring of my usage in order to provide or advertise "features" to me. | |
| ▲ | combyn8tor 8 hours ago | parent | prev [-] | | While you're here - can you tell your PM's that your auto update on windows is annoying. Every time I start the app there's a prompt asking me to either "Install and Relaunch" or "Remind me later" (which seems to just hassle me again on next app start). The worst part is the pop-up doesn't show until 5-10 seconds after I start the app. So I'll start the app, start clicking around and then I'm interrupted by this pop-up. This seems to happen every day because you push a lot of updates. I'd prefer an option to silently grab non-security/non-fix updates once every [Day, Week, Month] in the background, and install automatically on next app start up. Urgent updates can happen immediately. The default should be every week as every update is around 85mb. You could go a step further and have an option to only download over WiFi. As for the mic "issue", I'm not sure what everyone's on about. Acting like it's the first app on Windows to monitor what the system is doing to provide a feature. |
|
