Yes, every time I get message that some dependency is needed to update, I get anxious what could go wrong not to mention recent situation with malware or robware silent distribution.
It doesn’t matter whether it is Wordpress, Python, Nodejs, PHP, to name a few.
I understand that updates are necessary but we need to change the way we do them.
Most companies would bury this change in a deceptively boring T&Cs update, but we value transparency, so here's what you need to know in an internet-friendly numbered list:
Users on our EU cloud instance are opted out by default
So too users with agreements that prevent training (e.g. BAA, MSA, or similar)
All other users on our US cloud instance are opted in by default
We will anonymize all data before it's used for training
We will only use data that already exists in your PostHog instance
We will do all the model training ourselves, which means...
We won't sell or send your data to third-party model providers
You can opt out at any time via your org settings in PostHog (admin access required)
Training won't start until June 29, so there's plenty of time to decide
> All other users on our US cloud instance are opted in by default
Cool, cool. Glad to see that you are the arbiter of what your users have "opted" to do, and their input isn't required.
While we're at it, I'm going to "volunteer" your time to rebuild my patio this weekend. You don't need to worry about volunteering, I've done it for you.
If you send a postcard by Friday 5:00 PM, you can opt out of helping me with my patio. This is a one time offer; if you don’t, you have to help me every weekend for forever.
If "we will opt everyone in because otherwise we won't get enough data because we know users won't opt in" is your business model, maybe it's time for a rethink.
Agreed but "it's always been shitty" isn't a reason to do nothing about it.
For much of human history slavery was fine too, but thankfully that's been dealt with in many nations. I know some folks argue that capitalism is just the next iteration of slavery but that's different.
not sure why you think stating facts implies nothing should be done about it
slavery is still fine in the US as long as you're incarcerated, and the US still does business with countries that regularly use the old fashioned kind — hell, some people still want to bring chattel slavery back here and still proudly display the confederate flag
these are just very slow things to change... in the timespan of centuries if you're lucky, but in the case of wealth bringing privilege we haven't cracked the issue for thousands of years
I'd recommend at least doing a short spike to see if you can build your own in some way. We did that for the purpose of experimentation and now we've built our own metrics platform that we completely own.
I sincerely hope this never comes to pass, but you or your loved ones may someday find themselves in the position of wishing more people were opted in for organ donation.
The same cannot be said for some random corporation training AI models off your data to make a buck or two.
I think it might be better to get rid of the organ *donation* system entirely.
Organ transplant surgery costs hundreds of thousands of dollars, yet donors get zilch, which is completely unfair when everyone else in the value chain gets paid.
If instead it was "allow my organs to be sold for my estate" I think the supply of organs would greatly increase, which would be win/win.
there are a number of problems with people selling their organs for profit, it's a perverse incentive — the people in the chain who otherwise get paid don't get paid for the organs, they get paid for the labor of doing their jobs
If you keep commenting like this, we'll have to ban you. We've asked you before, not to do this, and you've been using HN long enough to know that this is unacceptable. If you keep it up, we'll have to assume that you want to be banned.
Off topic but I'm curious what's evil about that article. Bizarre, sure, but evil? They took a brain (an organ) from a dead person who had previously given consent to use their organs for that purpose.
I think most people, and definitely myself, when they sign up to be an organ donor, they think of the liver, kidney, and heart. Things that will help other people.
Not the brain, the center of conscience, being kept in some sort of horror-movie half-alive state. I do not think we understand consciousness enough to rule out what those brains are experiencing.
That's fair. Personally I wouldn't mind, but when you put it that way it makes sense people would be wary. Kind of reminds me of the series Pantheon, which is amazing but also kinda disturbing for similar reasons.
There is no such thing as opt in by default - and burning that amount of customer goodwill because you want something instead of say, giving a discount to people who are willing to do it is a choice for people who have a lot more market share and their customers would have more trouble leaving.
> Most companies would bury this change in a deceptively boring T&Cs update, but we value transparency, so here's what you need to know in an internet-friendly numbered list:
This feels like a really bad defense. It’s great you provide transparency but I don’t want my analytics system writing my code. There are already so many other first movers that are better that I would rather connect to your analytics.
Hey man, respectfully, opt-in by default is not opt-in. That's opt-out, and it's scummy.
I feel like you either know that already, or should, but either way I won't be using your product anymore. Just pulled it out of the projects I'm personally in charge of and in the future I'm going to recommend against using it both internally and for clients.
> We will anonymize all data before it's used for training
Anonymize by what definition? GDPR? Do note that this very high bar.
> All other users on our US cloud instance are opted in by default
Including end users in the EU? You should remember that you are obtained the personal data directly from data subject meaning Article 13 obligations apply. Article 13 omissions cannot be cured retroactively. Can you show all of your customers have provided sufficient Article 13 notice to cover this processing?
And do note that you are almost definitely within the scope of 3(2)(b).
> Users on our EU cloud instance are opted out by default
> All other users on our US cloud instance are opted in by default
Perfectly demonstrating that we need regulation to protect the general public, most companies will not do the right thing but the thing that benefits them first and foremost.
I don't want to support a company that's going to do everything they can possibly legally get away with, I want to support companies that do the right thing where they can.
What concrete difference is being made here? If a site is hosted in the US but accessible by EU citizens AND using a PostHog US server isn't the data still being used for training?
Legitimate question, I am not trying to prove a point.
Not really, it's slimy because it should be obvious that it's the morally wrong thing to do. There's no tangible benefit to the users, only risk.
The fact that they only opt-out EU users, because regulation forces them, tells you all you need to know about the moral compass of PostHog.
This shouldn't even require regulation, but apparently expecting companies to act morally is a bloody pipe dream. Profit over morals and concerns for your costumers, apparently.
There is definitely some confusion on the EU part. I am a European citizen, but some of my activity data on some of the sites I host is logged in US Posthog, which means Posthog is subject to the GDPR, even if the data is US hosted!
I think it would be better if there was an EU browser that provided a warning if accessing sites outside of the EU. If an origin site is in the EU then it could be subject to EU regulations.
as a user i dont like it, and am disappointed. it will take a bit of time to transition our systems off of posthog, but we will need to.
if you are looking at your metrics, I want to be clear that this transition will not happen overnight, but it _will_ happen for this reason, so just be aware that your short-term metrics won't tell the full story
I would rather hear the answer “I don’t know. I had to look it up.” (And I don’t care what you have used as sources, as citing counts with norms/laws or in academics.)
If you really rewrite LLM’s response in your own words, I will know that you have learnt something.
Because if you tell me directly that you have asked Claude, next time I will probably ask Claude directly as I don’t need you.
And we won’t be able to distinguish what is yours and what is claude’s so I’ll be subconsciously suspicious that the whole answer is ai-generated (/skill me-persona-answer-descriptive)
That is the reason why doctors wear white and have stethoscope. In many cases people don’t argue with their opinion as they know that doctor had to spend 6 years to earn it. But if they admit LLM as a source they are becoming replaceable.
The emphasis should be on “rewriting”, even kids know copy-paste and it doesn’t count :)
Back in the day, you couldn’t ask stack overflow about your specific business or project. You were forced to build at least some level of understanding of what you were doing on the job or risk your lack of knowledge being obvious (and obviously holding you back).
What we’re seeing now is industrial grade ignorance that can only be observed in in-person or video meetings.
Actually that's fine. StackOverflow, Reddit, HN are or at least were populated by people. Looking to them for answers is doing a survey of best practices for a topic and will at least tell you what is popularly true.
Asking AI sometimes gives you the same answer as AI is trained on these same forums, but not always.
Your prompt structure and/or inference bugs (which is a lot more common in smaller providers or local hosting) can change the answer AI gives.
And ofcourse, if there's low/no data, AI will still give an answer even though it's not in the safe zone.
Hard disagree. If I only cared about immediate results, I'd just ask Claude myself, sure. But I care about developing people's judgement, longer term. And if they're just parroting back what Claude says, I'm not doing that.
Another approach is to refuse to hire employees with poor judgment in the first place, or rapidly terminate them if they display bad judgment after hiring.
If you assume that good judgement is an inherent attribute that can't be developed, that might be a sensible option.
I've found that it's a thing that develops over time with experience, though. And I want people I'm training to develop that skill rather than farm it out to an LLM that never gets it right.
I care about developing people's judgment, longer term. You care about developing people's judgment, longer term. Does capitalism, or the managerial-business class that only sees 6 months out?
> If you really rewrite LLM’s response in your own words, I will know that you have learnt something.
What a waste of time. Do you treat your coworkers like students trying to do homework that you assigned?
> Because if you tell me directly that you have asked Claude, next time I will probably ask Claude directly as I don’t need you.
I should be upfront about the use of AI when providing an answer. You in turn would learn that you can find the solution using AI yourself next time. You learn something and so do I. What is wrong with this interaction?
> That is the reason why doctors wear white and have stethoscope. In many cases people don’t argue with their opinion as they know that doctor had to spend 6 years to earn it. But if they admit LLM as a source they are becoming replaceable.
And don’t get me started with doctors. I hate when someone just tells me to trust them just because they are a professional. If they are worth their salt then they can defend their position without using their costume or degree to intimidate me.
I don’t see an issue with quoting an AI and citing it. Are you defending the parent post’s position of rewriting the AI answer to hide the fact that you used AI to find the solution?
I’m not condoning simply taking the first answer that AI spits back at you and regurgitating that as a response. But if the answer is correct then there’s no need to rewrite it. I just feel that rewriting the answer is trying to hide the fact that you had to use AI to help you find the solution, which to me, is dishonest.
The fact that people vet the AI answer before responding is the value added not the process of rewriting the response to protect frail egos.
You should abso-fucking-lutely use sources and cite them when trying to answer questions.
What is this macho bullshit of pretending like you have memorized all information you might ever need and looking something up is a sign of inadequacy?
And yes Claude or whatever is just another source, to be verified just like any other.
No one is saying to pretend you memorized everything. They’re saying they’d rather have an “I don’t know” than a half-assed ai response (or stack overflow cut and paste).
Or, if you get nerd-sniped by the question and spend some time figuring it out, that’s fine too.
But if you want to be helpful but don’t want to take the time to figure it out yourself, don’t just forward the question to AI or send me a link to the first result in Google because I could have done that myself(and may have done it already). Just say you don’t know, which is a paradoxically more useful response.
Besides just not wanting to look insecure, there are good reasons to include sources, even in cases where you actually have the info memorized.
It shows someone where they can find that information for themselves in the future. That way they don't have to bug you later if they forget and it can give them a useful resource they can explore. If nothing else it demonstrates that at least one other person had the same understanding of something that I did which could be reassuring.
> If you really rewrite LLM’s response in your own words, I will know that you have learnt something. Because if you tell me directly that you have asked Claude, next time I will probably ask Claude directly as I don’t need you.
On the other hand, it's nice when someone tells you an answer is AI generated so that you can apply an appropriate level of skepticism to that answer. Maybe you can even reply to let the person know when inevitably the something they just "learned" was entirely bullshit.
Part of the problem with people sending text/screenshots right out of AI chatbots is that it suggests that not only were they so lazy that they went to a pathological liar chatbot instead of thinking about what you asked, but they likely didn't bother to review/fact check any of it
I am thinking to make canned encyclopaedia of stackoverflow answers.
Claude/Grok/Gemini/Chatgpt answers are often so… how to say it… misleading? I have to stop the conversation as it leads nowhere (and it is not a skill issue :)
Imho most of professional coders trade their time for oblivion.
The problem is that you really don’t remember anything about the code. It is not your creation.
It’s like a monkey in front of a slot machine, just pulling the lever and waiting to see if it hits the jackpot.
At the end of the day, it remembers that it pulled the lever. And how many times it won :)
Agentic-based coding with /goal and multiple agents coding together is another level…
But the issue remain imho - if there is an error, who is going to repair it?
reply