this says nothing about the company values; a person made the wrong decision. you’re blowing it up in a fantastical way, like the author of the editorial.
i don’t make purposeful email addresses; i don’t have time for that.
…during the course of that person's work duties, for which the company, therefore, owns responsibility. Literally every single thing any company has ever done wrong boils down to "a person made the wrong decision."
> i don’t make purposeful email addresses; i don’t have time for that.
Yes, but security and privacy researchers make time for this specifically to validate whether companies follow their own privacy and usage terms as well as to quantify and gauge the risks in interacting with a company, such as the risk that the company will misuse that information or the risk that the company may be breached, resulting in user account details being used in attacks against the individual users themselves.
It's fine if you don't do any of this or, for that matter, if you don't even care. But don't belittle the work when you don't understand the reasons for it.
> It's fine if you don't do any of this or, for that matter, if you don't even care. But don't belittle the work when you don't understand the reasons for it.
Maybe don't over invest your emotions in something that isn't really important in the scheme of life? shrug. I don't think this is belittlement, but advice on how to manage stress.
Even if that were true, they doubled down on their decision:
"Hi Chris, Thanks for reaching out. We've removed you from our email list."
That is not acknowledging they made a wrong decision here, it's an attempt to re-frame what they did as as simple opt-in/opt-out mailing list business.
It's not that hard either:
"This shouldn't have happened. We're looking into it. We're sorry (and here's cake for your trouble)." Not this "I'm sorry you feel sad because I ran over your cat (but not for running it over)".
I wish you good luck :) I, like many other people in this community, make sure everywhere I register I use a unique username/email. It is also safer as to have a different email for each service. This way I know which * sells my data left-right-and-center.
As for the Company Values, these are the ones _practiced_ by its people. No point having an adamant privacy policy if your staff actually disregards them.
On the later subject: I have a catch-all on a subdomain, so I do that on a regular basis with zero time effort (amortized). Just enter "${websitename}@antispam.[...].com" during registration.
I'm actually surprised that only a handful of these addresses receive spam; but misconduct as described here never happened to me.
(Website and service operators claiming they were not pwned, however, is pretty usual).
> i don’t make purposeful email addresses; i don’t have time for that.
I do, because I can make them automatically. With Fastmail, if your address is name@fastmail.com you can make an email somerandomcompany@name.fastmail.com and it will automatically make it to your inbox. Fast, convenient and zero effort.
