102 votes

Time to delete your Glassdoor account and data

37 comments

  1. [8]
    kenc
    Link
    I personally don't have an issue with including my real name, but the fact that an employee updated the profile with their real name and location (which they didn't consent to sharing on their...

    The TL;DR is: Glassdoor now requires your real name and will add it to older accounts without your consent if they learn it, and your only option is to delete your account. They do not care that this puts people at risk with their employers. They do not care that this seems to run counter to their own data-privacy policies.
    ...
    After I responded to that support email last week, I found that they had updated my profile to add my real name and location, the name pulled from the email From line I didn't think to cloak because who does that?

    I personally don't have an issue with including my real name, but the fact that an employee updated the profile with their real name and location (which they didn't consent to sharing on their profile) after replying to a support email is just really scummy.

    I went to check my Glassdoor account and sure enough, you can't edit or remove your name anymore without sending in a request.

    If you're looking to delete your Glassdoor account, check out justdeleteme.xyz for instructions.

    65 votes
    1. [7]
      DarthYoshiBoy
      (edited )
      Link Parent
      This is just so misinformed as a policy too. Like you can set the name on your emails with Glassdoor to anything. There's no ensuring that the name in an email From: header is the legit sender of...

      This is just so misinformed as a policy too. Like you can set the name on your emails with Glassdoor to anything. There's no ensuring that the name in an email From: header is the legit sender of the message. That's more or less the whole reason we have spam in the first place, you can just make up whatever shit you want in email and the whole thing was built from the start to be a trust first, interoperate as much as possible philosophy so there's no way to validate that information. Now there are some standards that can at least prevent full stop email spoofing if everyone involved is adhering to the standard, but none of those ensure that the name that the sender has set for themselves is their actual name.

      I could set my name in my emails with Glassdoor to that of a co-worker I want fired, go leave a tirade on the company I work for, and Glassdoor is just going to slap that co-worker's name on the tirade with no other checks?

      32 votes
      1. kenc
        Link Parent
        As far as I'm aware, there is no identity verification process on Glassdoor so anyone could create a spoof account or give a fake identity. As with all anonymous review sites, this depends on the...

        As far as I'm aware, there is no identity verification process on Glassdoor so anyone could create a spoof account or give a fake identity.

        As with all anonymous review sites, this depends on the good will of their users. Its possible that people are leaving fake reviews or leaving reviews with fake identities. I could even see some organizations creating fake accounts to boost themselves or forcing their employees to leave positive reviews. This is all just speculation but I could see it being a problem, which might be one of the reasons Glassdoor is trying to mandate a real name now.

        Don't get me wrong - its a terrible solution since its the antithesis to the entire premise of their site, even if they claim that giving your real name has no effect on the identity of your reviews.

        15 votes
      2. [2]
        updawg
        Link Parent
        Couldn't you do it under their name before?

        I could set my name in my emails with Glassdoor to that of a co-worker I want fired, go leave a tirade on the company I work for, and Glassdoor is just going to slap that co-worker's name on the tirade with no other checks?

        Couldn't you do it under their name before?

        4 votes
        1. DarthYoshiBoy
          Link Parent
          I honestly don't know. I've only ever used Glassdoor to check prospective employers out, never to kvetch, so I was basing my analysis on the first line of the TL;DR which claims they're now...

          Glassdoor now requires your real name

          I honestly don't know. I've only ever used Glassdoor to check prospective employers out, never to kvetch, so I was basing my analysis on the first line of the TL;DR which claims they're now requiring a "real name." I assumed that they've never had any validation ever but they're now trying to claim that they're getting real names?

          2 votes
      3. [3]
        Chobbes
        Link Parent
        I don't think there's any protections at all for the name in the From field. But at least for the e-mail addresses themselves, this is getting less true over time. I still wouldn't fully trust it...

        There's no ensuring that the name in an email To: header is the legit sender of the message.

        I don't think there's any protections at all for the name in the From field. But at least for the e-mail addresses themselves, this is getting less true over time. I still wouldn't fully trust it and it's not something most users are capable of verifying, but if the domain for the sender has set up SPF and DKIM and the receiving mail server actually checks those things, then anybody trying to spoof an e-mail from your address should get sent to oblivion, at least... But it's not quite a guarantee.

        1 vote
        1. [2]
          DarthYoshiBoy
          Link Parent
          Wow. I hadn't noticed until you quoted it that I said To: when I meant From: so I went ahead and fixed that. Thanks. That said, I did address SPF and DKIM when I said the following: I didn't...

          Wow. I hadn't noticed until you quoted it that I said To: when I meant From: so I went ahead and fixed that. Thanks.

          That said, I did address SPF and DKIM when I said the following:

          Now there are some standards that can at least prevent full stop email spoofing if everyone involved is adhering to the standard

          I didn't figure it was worth bothering with naming the standards specifically since most people outside of IT/Admin circles will never have to think about them, but the sentiment still correlates with what you're saying. The server on the both ends has to be deploying those standards or the mail more or less just slides on by in most cases.

          ...and even then, if your email domain has DKIM and SPF setup correctly, and Glassdoor's email server has done likewise, none of that stops you from saying in the From: header that your name is John Doe when it's actually Jane Smith. So even with proper email standards implemented, just taking the sender name from an email as gospel about who you're talking to is an absurd failure.

          1 vote
          1. Chobbes
            Link Parent
            I think I legit just missed that sentence when I was reading it, lol. Apologies :). Yeah, absolutely. In theory the sending mail server could enforce names for senders... but like... no personal...

            That said, I did address SPF and DKIM when I said the following:

            I think I legit just missed that sentence when I was reading it, lol. Apologies :).

            ...and even then, if your email domain has DKIM and SPF setup correctly, and Glassdoor's email server has done likewise, none of that stops you from saying in the From: header that your name is John Doe when it's actually Jane Smith. So even with proper email standards implemented, just taking the sender name from an email as gospel about who you're talking to is an absurd failure.

            Yeah, absolutely. In theory the sending mail server could enforce names for senders... but like... no personal e-mail services will enforce that.

            Anyway, this was all just me tangenting to nerding about e-mail. At the end of the day none of this matters, and the point is that this is kind of a crazy decision on many levels. I can understand glassdoor wanting to ensure you actually worked at the company... But people should absolutely be allowed to be anonymous on that platform.

            2 votes
  2. [2]
    kenc
    Link
    After I posted this, I went ahead to delete my account since I wasn't really using it anyway. Just cleaning up my digital footprint and all. This morning, I was greeted with the email "Your...

    After I posted this, I went ahead to delete my account since I wasn't really using it anyway. Just cleaning up my digital footprint and all.

    This morning, I was greeted with the email "Your Glassdoor Personal Data Has Been Deleted", which is all good, except this second paragraph:

    Please note, however, that despite your request to delete data, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes, enforce our agreements, and exercise the right of freedom of expression and information. We will also keep a record of your request for legal and compliance purposes.

    which doesn't really instill any confidence that my data is really deleted. I don't delete many accounts so I don't know if this is common practice for other sites and I don't know if they are just obligated to include this for legal purposes.

    31 votes
    1. psi
      Link Parent
      The first three reasons are arguably in "cover your ass" territory, but this one? What does that even mean? I'm not being rhetorical here; I genuinely do not know what terms they're trying to...

      The first three reasons are arguably in "cover your ass" territory, but this one?

      we reserve the right to keep any information in our archives that we deem necessary to [...] exercise the right of freedom of expression and information.

      What does that even mean? I'm not being rhetorical here; I genuinely do not know what terms they're trying to convey. I mean, is the implication here that they can use the data for anything? If that's the case, they might as well have ended that paragraph at "...we reserve the right to keep any information."

      34 votes
  3. [6]
    kingofsnake
    Link
    Is it just me or are all social networks entering this phase? Yes, I'm familiar with the Doctorow term, but seeing it play out in real time is amazing. Like, isn't the writing on the wall?...

    Is it just me or are all social networks entering this phase? Yes, I'm familiar with the Doctorow term, but seeing it play out in real time is amazing.

    Like, isn't the writing on the wall? Facebook turned a thriving social network into a dumpster fire of ads, data mining and outrage with its algorithm and people all but abandon it.

    I'm sure that boards run the numbers and decide that the monetization model is worth substantially changing the product, but it sincerely surprises me that an alternative - something similar to what we all used in 2012 - isn't being cooked up somewhere.

    19 votes
    1. [5]
      ShroudedScribe
      (edited )
      Link Parent
      Yep, I've come to terms with the fact that nearly every business decision is fueled by number crunchers who determine how to make 0.05% more profit even if they anticipate the loss of some number...

      I'm sure that boards run the numbers and decide that the monetization model is worth substantially changing the product

      Yep, I've come to terms with the fact that nearly every business decision is fueled by number crunchers who determine how to make 0.05% more profit even if they anticipate the loss of some number of their customers. This applies across industries too - fast food price increases (but only at stores in specific zip codes), charging an extra $1 per oil change, reducing employees to work check-out lanes in stores even if it adds an extra 5 minute customer wait time.

      Edit: I think this will get worse as some of the number crunchers are replaced by AI.

      And I do believe alternatives are built and fall regularly. The problem is scale - either they can't gather enough of a user base to create an engaging website, or it becomes too popular too fast (which happens much less) and they can't figure out the best way to host the site to keep up. (Or, if they scale up for a boost in traffic, then it never hits that level again, they may start losing money.)

      16 votes
      1. [4]
        kingofsnake
        Link Parent
        It's such a challenge in this space. For starters, the selling feature of 'online community' isn't what it used to be (legacy players know this all too well), and for users today, there's zero...

        It's such a challenge in this space. For starters, the selling feature of 'online community' isn't what it used to be (legacy players know this all too well), and for users today, there's zero desire to establish themselves on yet another new platform.

        I don't think that it'll catch on, but I'm currently super keen on platforms like Mozilla and Signal who sell themselves on openness and privacy, and in some ways, outfits like Protonmail that build that guarantee into their pricing model.

        6 votes
        1. [2]
          ShroudedScribe
          Link Parent
          Mozilla has a pretty big black mark in my mind right now. I posted an article about it, but a service they're selling is super scummy.

          Mozilla has a pretty big black mark in my mind right now. I posted an article about it, but a service they're selling is super scummy.

          2 votes
        2. [2]
          Comment deleted by author
          Link Parent
          1. kingofsnake
            Link Parent
            Oh, I just put that sentence together sloppily. What I meant was that Proton isn't necessarily about openness, but rather extreme confidentiality. Signal operates in much the same way, I suppose....

            Oh, I just put that sentence together sloppily. What I meant was that Proton isn't necessarily about openness, but rather extreme confidentiality. Signal operates in much the same way, I suppose.

            Proton has server outages here and there, but overall it's a very strong product. They're building out VPN, cloud file storage and a host of other common web applications too - I'd very much recommend making the switch. If it meant saving some money id love an email option that wasn't encrypted, but just guaranteed that my emails wouldnt be used to train AI or sell ads.

            I never thought I'd say this, but I'm sure glad that I pay money for email.

            7 votes
  4. winnietherpooh
    Link
    Account deleted. Thanks for the heads up!

    Account deleted. Thanks for the heads up!

    16 votes
  5. [15]
    maple
    Link
    Interestingly the full name that Glassdoor has assigned me is the unique, heavily truncated version of my name that I use on Facebook and nowhere else. I use the same email address on both sites,...

    Interestingly the full name that Glassdoor has assigned me is the unique, heavily truncated version of my name that I use on Facebook and nowhere else. I use the same email address on both sites, so I guess they’ve learned it through some shady backroom data purchasing arrangement. That’s gross, so goodbye account.

    15 votes
    1. [14]
      tauon
      (edited )
      Link Parent
      Agreed, very uncomfortable practice. While I don’t use “social media” anymore*, there is a principle which I am glad to have already learned about back then, and which I am now summarizing anew in...

      I use the same email address on both sites, so I guess they’ve learned it through some shady backroom data purchasing arrangement. That’s gross, so goodbye account.

      Agreed, very uncomfortable practice. While I don’t use “social media” anymore*, there is a principle which I am glad to have already learned about back then, and which I am now summarizing anew in the hopes of it being useful to someone out there. Having my email on my own domain enabled me to do (or at least, made it easier) this: Separate your concerns.

      Without doxing myself, here is how I currently do it:

      • firstname@domain.tld is for friends & family strictly
      • fl@domain.tld (first letters of first & last name) is for business, that is banks, job applications, and similar
      • purchases@domain.tld – for (mostly physical) products, you can also add an orders@ to separate in-store digital receipts or vacations bookings from random webshops)
      • socials@domain.tld is for the Facebooks, Snapchats, etc. of this world; and depending on how you feel, also for stuff like e.g. Tildes?
      • accounts@domain.tld – everything else, at least not super shady (my go-to examples are Spotify, my municipality’s public transport account, password manager, Duolingo, you get the idea)
      • newsletter@domain.tld is self-explanatory. This one is purely optional, really a luxury, but sooo useful if you’re into the whole email newsletter thing
      • git@domain.tld – again, specific to what you do, these are just example ideas. My current plan allots me 25 email inboxes, which is even enough for 1-3 per family member – most of whom do not care about this topic all that much, so a basic division in “good” and “bad” email addresses is already a success.

      So far (≈2 years), this transition has been working out very well for me.

      All of this costs me in the region of $4 per month (would be less had I chosen a domain that didn’t include my last name), which comes out to maybe one half drink not purchased.
      Unfortunately still not quite affordable enough for everyone, but I’d argue a majority in the “western” world could manage these expenses, but doesn’t see the need to or doesn’t want to.

      Today I am of the opinion that everyone should have a setup similar to this, or at least the mentioned basic version of one address to give out to every service, and one to… not. It’s one of the most effective tools we can employ with reasonable effort against these companies, and I wish having multiple phone numbers were a thing, but obviously that doesn’t work for practical reasons.

      *Two nitpicky notes: First, I strongly disagree with the term social media in its current meaning… it’s really neither, but I digress. Secondly, I really mean that I practically don’t use any – the full list is Signal, iMessage, Discord (unfortunately needed for hobby programming nowadays) and sparsely/passively LinkedIn. And obviously Tildes :-)

      Edit: Wow this turned out longer than I thought. I apologize for derailing, but happy to respond to questions.

      8 votes
      1. [2]
        DefinitelyNotAFae
        Link Parent
        You have a different domain/suffix in one of your examples and I am worried you included information you didn't want to in this post!

        You have a different domain/suffix in one of your examples and I am worried you included information you didn't want to in this post!

        5 votes
        1. tauon
          Link Parent
          Uh oh, brain autopilot took over. Thank you! While it wasn’t my address, you were correct in that it obviously didn’t belong there. It was a friend’s new domain – who I recently helped create this...

          Uh oh, brain autopilot took over. Thank you!

          While it wasn’t my address, you were correct in that it obviously didn’t belong there. It was a friend’s new domain – who I recently helped create this exact setup.

          4 votes
      2. [3]
        ShroudedScribe
        Link Parent
        One outlier to think about is that people may ponder your email address if it doesn't end with gmail, hotmail, outlook, etc. My professional (job applications, etc.) email address is...

        One outlier to think about is that people may ponder your email address if it doesn't end with gmail, hotmail, outlook, etc.

        My professional (job applications, etc.) email address is <firstname>@<first><last>tld and a recruiter once asked me "do you have your own business?" only because of my domain name. When I told him no, he pushed back and insisted I must because I have my own domain. It was a pretty silly conversation and I ended up having to block that recruiting company from both emailing and calling me since the quality was poor, to say the least.

        But it serves as a reminder that people will view it as outside of the norm.

        2 votes
        1. [2]
          tauon
          Link Parent
          That is a true point, and has already come up for me as well (albeit in the less drastic variant of getting a strange look over the counter when asked for a receipt email address). I guess the...

          That is a true point, and has already come up for me as well (albeit in the less drastic variant of getting a strange look over the counter when asked for a receipt email address). I guess the more “techy” you’re already perceived as, the less likely this is going to come up.

          If I ever switch domains again, I’m definitely prioritizing differently though. When I was younger my focus was on as-short-as-possible (think untaken dictionary word on a .cc, .io, …) – very cool, but can be a bit hard to communicate, especially across a phone to older/unfamiliar people. Nowadays I feel like a longer .net, .eu (or similar regional, e.g. state or country) domain would be preferable. Either way realistic .com’s are still too expensive :D

          1. ShroudedScribe
            Link Parent
            I'm fortunate enough to have the com version (used for emails) as well as <first>tld for a couple less popular ones. (They're still publicly available though, I don't bother with country-specific...

            I'm fortunate enough to have the com version (used for emails) as well as <first>tld for a couple less popular ones. (They're still publicly available though, I don't bother with country-specific domain names.)

            1 vote
      3. [4]
        Akir
        Link Parent
        You don’t really need multiple mailboxes to do this kind of thing; most email providers are going to offer you aliases and filters, so you can simply set up an alias of your choice and use a...

        You don’t really need multiple mailboxes to do this kind of thing; most email providers are going to offer you aliases and filters, so you can simply set up an alias of your choice and use a filter rule to move emails that are sent to that address into a folder.

        1 vote
        1. [3]
          tauon
          Link Parent
          How you implement the specifics is not the majority portion of the work here. The first steps are figuring out what “buckets” one needs or wants, and making the move for existing...

          How you implement the specifics is not the majority portion of the work here. The first steps are figuring out what “buckets” one needs or wants, and making the move for existing services/accounts, which usually takes a while to complete.

          Setting that aside… I feel like aliases aren’t as nice to hand out, since they are typically, at least from what I remember, these long randomized strings – hard to dictate, hard to give to a human friend or potential business contact. And having an email provider that’s not Gmail/Apple/… is already something that, I’m assuming, 9 out of 10 non-techy people don’t know or care about.

          2 votes
          1. [2]
            Akir
            Link Parent
            It’s just an alternative. Most dedicated email providers charge by the mailbox, to my knowledge. An alias can be anything you want as long as it is on a domain pointing to their servers. Though I...

            It’s just an alternative. Most dedicated email providers charge by the mailbox, to my knowledge. An alias can be anything you want as long as it is on a domain pointing to their servers. Though I suppose they all have their own policies.

            1 vote
            1. tauon
              Link Parent
              Great point. In my case specifically, I knew I wanted more than the lowest plan (either 3 or five, I forget) due to supplying family members as well… And the next cheapest plan immediately had 25...

              Great point. In my case specifically, I knew I wanted more than the lowest plan (either 3 or five, I forget) due to supplying family members as well… And the next cheapest plan immediately had 25 mailboxes included. But in circumstances other than these specific ones, this might not have happened, I agree.

              1 vote
      4. [4]
        Shahriar
        Link Parent
        I don't see how this makes your information more anonymous when it links to one centralized domain that doesn't masquerade with others. I believe a more effective approach is using an email alias,...

        I don't see how this makes your information more anonymous when it links to one centralized domain that doesn't masquerade with others. I believe a more effective approach is using an email alias, ideally with multiple users linked to the one domain - or at least appears to be, with software like addy.io or SimpleLogin.

        1 vote
        1. [3]
          tauon
          (edited )
          Link Parent
          Yes, also in talking to @Akir, I now feel like aliases might be the smarter move. However, I don’t necessarily think many services analyze and draw connections between users of the same domain,...

          Yes, also in talking to @Akir, I now feel like aliases might be the smarter move.

          However, I don’t necessarily think many services analyze and draw connections between users of the same domain, especially across multiple tech companies. And even if so, I’d prefer a potential lack of masquerading any day over using Gmail, where you have to assume your mail is just… getting read along outright, all for the sake of “turning invisible” by supporting the monopoly.

          Edit:

          with software like addy.io or SimpleLogin

          Obviously I don’t know if this is an issue with the providers you mentioned, but from my experience using TrashMail and similar years and years ago, they would end up getting known to companies rather quickly, and subsequently blocked from many services, where you could not use them any longer at signup. Maybe addy.io is able to prevent this from happening with the use of subdomains… but again, I don’t know. I’d be worried about the longevity of such a project if I really were to switch all of my accounts’ associated emails for the years to come.

          2 votes
          1. [2]
            Shahriar
            Link Parent
            The software I mentioned can be self-hosted and is open-source.

            The software I mentioned can be self-hosted and is open-source.

            1 vote
            1. tauon
              Link Parent
              At which point you’ll need either (or both) technical know-how and dedication to maintenance to the point where regular people are better off getting email inboxes at a commercial provider; and/or...

              At which point you’ll need either (or both) technical know-how and dedication to maintenance to the point where regular people are better off getting email inboxes at a commercial provider; and/or (I’m assuming) your own domain, which makes the point kind of moot.

  6. Moogles
    Link
    I hadn’t logged into glass door in awhile but when I did I couldn’t help but notice my negative reviews had been removed. I’m guessing they’ve gone the Yelp path of paying to remove remove bad press.

    I hadn’t logged into glass door in awhile but when I did I couldn’t help but notice my negative reviews had been removed. I’m guessing they’ve gone the Yelp path of paying to remove remove bad press.

    9 votes
  7. hagi
    Link
    Any recommendations for platforms like glassdoor that aren't as scummy? Kununu seems better, but I'm not sure.

    Any recommendations for platforms like glassdoor that aren't as scummy? Kununu seems better, but I'm not sure.

    6 votes
  8. [2]
    kej
    Link
    The delete page appears broken on Firefox on Linux, so that's also not instilling much confidence in the deletion process.

    The delete page appears broken on Firefox on Linux, so that's also not instilling much confidence in the deletion process.

    4 votes
    1. Nsutdwa
      Link Parent
      I found the deletion process to be incredibly obfuscated in general. The pages guide you to FAQs, to a "Privacy centre" and then talk about affiliates (later referred to as "the Platforms") with...

      I found the deletion process to be incredibly obfuscated in general. The pages guide you to FAQs, to a "Privacy centre" and then talk about affiliates (later referred to as "the Platforms") with whom they share data, and you have to go to them to get your data deleted there, and they link to others. All in all, they make enforcing your rights an absolute nightmare, which means you can't give them the benefit of the doubt throughout.

      2 votes
  9. freestylesno
    Link
    Man I just created an account and gave some bs answer to a question just to see what was said about a company by my employer is acquiring that could affect my job.

    Man I just created an account and gave some bs answer to a question just to see what was said about a company by my employer is acquiring that could affect my job.

    1 vote