Comment by arnaudsm
5 years ago
As usual, some Googler browsing HN will reactivate his account, everyone will forget and Google won't change a thing to his unbanning process.
5 years ago
As usual, some Googler browsing HN will reactivate his account, everyone will forget and Google won't change a thing to his unbanning process.
Hopefully, more devs will do what this dev is (said to be) doing.
> Consider it burned. #Terraria for @GoogleStadia is canceled. My company will no longer support any of your platforms moving forward.
Of course, it's very difficult for small devs to do this. It takes an already solid business to be able to stand up like this. As always, I think this is the only way for Google to change, but I don't think it can happen.
I think it's also probably easy to do this with stadia since it's effectively 0 users. What would he say if steam treated devs like google does?
If Valve treated game developers like Google does, Steam would have followed the path of Stadia which is failing despite being technically a good product.
That's my personal take on the current situation: despite owning one of the largest digital store, Google sucks at being a publisher. The actual automated ban is mostly inconsequential. Every large publishers have technical issue from time to time. What's unique to Google is that you can't effectively contact anyone to have them sorted out.
If you are an indie dev with a track record and works with Steam, XBLA, Epic or Nintendo, you will be in touch with a company representative.
15 replies →
Many smaller devs have pivoted to leverage alternative platforms like Itch, Epic Games Store, Game Pass, etc alongside Steam for monetization, and some have ditched Steam entirely based on complaints with Valve's developer relations and pricing. Valve seems unlikely to ever make any concessions to win back the hearts of smaller developers, but they did panic once Epic Games Store and other storefronts started capturing exclusives for large titles by offering big studios a reduced cut (20-25% in some cases) to keep them around.
Another way to look at this: Valve's treatment of developers (not nearly as bad as Google, to be clear) is mostly tolerated because of Steam's inertia and market share. Google is acting like Stadia has inertia and market share when it has neither.
His post implies he's dropping support for all Google platforms, presumably including Android, where Terraria is consistently one of the top selling games. That seems like a much more difficult decision.
It's interesting you don't consider Android one of Google's platforms.
Agreed about small devs, but other small devs also have to make countless decisions about which platforms/products to use for their app/platform/website. At the very least, Google should be worried that a good tie-breaker is "Is it a Google platform?".
Good on him. Takes courage and an established product to do this.
Good example of standing up.
Not really, Terraria has already been ported to all systems, including Android.
the amount of people using Stadia that don't have access to a device that could play terraria is likely very small.
> Good example of standing up.
But he won't pull Terraria from the Play Store I guess. Because he has no choice unless he wants to wreck his business.
16 replies →
Unfortunately this opens the door to unscrupulous devs publishing their own knock-off versions - or even repackaging the official Terraria Windows game and passing it off as their own work (resource/asset swaps, etc).
My impression from reports I've read about all the major App Stores is that they won't put much effort into processing violation notifications or takedown requests when the publisher or developer filing the complaint doesn't have an account of their own on the store - even less when they're banned (like how Terraria's devs were) - so it could be weeks or even months and the publisher of the knock-off or pirated copy gets to keep all the money they've made provided they've transferred it out of their payment account, I think?
8 replies →
Makes you wonder whether that is their unbanning process.
Or the @GoogleStadia Twitter account will forward this to someone who knows about it. The Stadia Twitter account is uncharacteristically active on customer support for a Google product.
Twitter seems to be the worst platform ever created to get customer support.
If any entity requires a huge amount of Twitter followers to get support, count me out.
I think twitter is last time I checked (looking at guidelines maybe 3/4 years ago) pretty amazing for customer support, even if you drop the fact that well-followed people might get better support. The expected reply time for twitter support queries is on the order of minutes. Compare that to phone or email customer support on many platforms.
2 replies →
It's no different than pre-internet. Complaining publically has been around since TV, it's a staple of local news to have "exposes" on bad local businesses to shame them when they won't do right privately. Before that it was radio. Before that it was newspaper. Before that, it was just gossip.
Humans have been using social pressure to right wrongs.... for millenia.
Twitter is nothing more than a common social square.
This is probably because in the beginning they want publicity.
People at Google really do want to fix this... But it's a minefield of:
* Legal stuff (eg. some algorithm detected child porn in his account, is an employee legally allowed to look at it to confirm the algorithm was correct? no.)
* Internal Politics (eg. one team has found this account DoSing their service, while the account is perfectly normal in all other ways, but due to Googles systems being so complex a single-service ban is very hard to implement)
* GDPR/Privacy laws (The law requires the deletion of no-longer needed data. As soon as his account gets banned, the data is no longer needed for Googles business purposes (of providing service to him), so the deletion process can't be delayed.
* Stolen/shared accounts. All it takes is one evil browser extension to steal your user account cookie and go on a spamming spree. Figuring out how it happened is near impossible (user specific logs are anonymized). Usually just resetting the users logins doesn't solve it because the malware is still on the users computer/phone and will steal the cookie again.
* Falsely linked accounts. Some spammers create gmail addresses to send spam, but to disguise them they link lots of real peoples accounts for example via using someone elses recovery phone number, email address, contacts/friends, etc. In many cases they will compromise real accounts to create all these links, all so that as many real users as possible will be hurt if their spamming network is shutdown.
* Untrustable employees. Google tries not to trust any employee with blanket access to your account. That means they couldn't even hire a bunch of workers to review these accounts - without being able to see the account private data, the employee wouldn't be able to tell good from bad accounts.
* Attacks on accounts. There are ways for someone who doesn't like you to get a Google account banned. Usually there are no logs kept (due to privacy reasons) that help identify what happened. Example method: Email someone a PDF file containing an illegal image, then trick them into clicking "save to drive". The PDF can have the image outside the border of the page so it looks totally normal.
Yes, it's solvable, and Google should put more effort into it, but it's hard to do.
> * Legal stuff (eg. some algorithm detected child porn in his account, is an employee legally allowed to look at it to confirm the algorithm was correct? no.)
If you had experience with this, you would know that you just described the polar opposite of how that process works in the United States. Federal law requires human verification as part of the mandatory NCMEC reporting process. If you’re employed by Google and have that impression of how it works it means the green badges doing the work aren’t known to you, which isn’t a huge shock since TVCs are barely one step above disposable barcode at Google.
Source: I’ve forensically verified enough child exploitation in the course of tech employment to make me thoroughly and irredeemably despise humanity as a species. (Fighting insurance to pay for therapy I now need, against their will, was fun too.)
Many other companies of similar size manage to provide customer service just fine.
This is a solved problem - you just have to be willing to realise that magic AI sprinkles aren’t the answer.
As for cost - this continual stream of screwups is costing them a ridiculous amount of goodwill and future business. It’s probably the best ad for AWS there is.
I suspect they don't have the combination of strict privacy so employees can't look into the account, massive spam potential, and billions of users...
1 reply →
Even if all of that is completely true, failing to engage in any form of communication with a business partner whose services you cut off without any notice is reprehensible.
Communication is one thing, but not having any appeals process other than hoping a social media post goes viral enough for Google to take action is ridiculous.
> due to Googles systems being so complex a single-service ban is very hard to implement
Now that sounds like a technical problem that could be solved!
Indeed - and they have made a little headway here...
* You can be banned from Google Pay and all payment based services, yet still have a Google account which works for free services. There are lots of gnarly corners and bugs for users in this category, since any call to a billing API will fail. Want to use google Meet for a video call? You can't because that calls Google Voice to check your balance for phone calls, and that fails... You can end up on this list if your bank tells Google that they have evidence of committing fraud for example.
* Adwords can be banned separately. Usually done for accounts who abuse the "$100 of promotional credit" things... Prevents use of paid chat in youtube as a side effect.
* Various Youtube features can be banned separately from the account. Used for copyright strikes etc. Causes side effects like for example Google photos can't sync videos as part of an android backup because it's the same backend and rules.
A GSuite admin can set domain-wide policy and per-user exceptions on what Google services the GSuite domain users can use.
Of course, there's some stuff you can disable that completely breaks how you'd expect e.g. Android integration to work with that account.
Doesn't seem an issue at all for almost every other company in the world.
Only seems to be an issue for companies like Google who ideologically don't provide any way to talk to a human and escalate. Amazon manages to have some of the best customer service in the world while operating on similar scales with far more things that can go wrong.
There is no excuse.
3 completely different points:
1. Ignore the downvotes. The reality (poor customer service perception) is what it is. Objectively looking at the problem and what can be done about it, without cynically assuming it's impossible, is the most practical focus going forward. Thanks very much for this insight, it was really interesting to read.
2. I've noticed various glitches and bugs over the years with various services - two I can remember right now are a) misspelling a search then clicking "did you mean" won't update the titlebar (been watching this one since ~2012), and b) accidentally sending an in-progress draft from one device will cause followup edits made on another device to sent to /dev/null. Well... I look at the kind of time-wasting junk input that makes it into Issue Tracker, I look at random app feedback, etc, and I know my feedback is never going to be seen. I can understand why things need to impact 10K people to be noticed. I thought I'd ask you: what's a good recommendation here?
3. Extremely specific question that I happen to be worrying about at the moment :) - I wasn't sure which Google account I wanted to use to play with GCP some months ago so I ended up enabling billing on more than one account using the same card. I have an idea I'd like to play which would call for a new account (since it would be tied to a YouTube channel) and would require me to use the same card yet again. All of this would be staying within the free tier, but I still wonder if I shouldn't run data takeouts first...? (I can't deny that the current state of Google services feels a bit like Russian roulette with extra servings of superstition - what doesn't kill your account, makes it stronger, or something??)
> * GDPR/Privacy laws (The law requires the deletion of no-longer needed data. As soon as his account gets banned, the data is no longer needed for Googles business purposes (of providing service to him), so the deletion process can't be delayed.
This is simply wrong since the account is always "banned" and not "deleted". So the data is still there, not providing it is going against GDPR. Evidence for this is all the accounts that were unbanned and still had their data. Make the account read-only for all I care but don't think for a second that this data has to be deleted immediately (It definitely does not, there are reasons and reasonable ways for data to be retained for some time)
> * Untrustable employees. Google tries not to trust any employee with blanket access to your account. That means they couldn't even hire a bunch of workers to review these accounts - without being able to see the account private data, the employee wouldn't be able to tell good from bad accounts.
But somehow accounts get unbanned if they get enough attention... so this does not seem to be a problem.
> * Attacks on accounts. There are ways for someone who doesn't like you to get a Google account banned. Usually there are no logs kept (due to privacy reasons) that help identify what happened. Example method: Email someone a PDF file containing an illegal image, then trick them into clicking "save to drive". The PDF can have the image outside the border of the page so it looks totally normal.
So simultaneusly you can look at the image to ban the account but can't look at it to unban it? I get that the first one is done by algorithms and the second one presumably is not but calling this a privacy issue is laughable since you don't have to look at the content in the first place.
All of your points don't adress the issue of "The user does not even know why he was banned" at all. Luckily there are EU laws in the pipeline for that.
> But somehow accounts get unbanned if they get enough attention... so this does not seem to be a problem.
Having 10 highly paid long-tenured engineering employees who can look at small parts of a users account data is clearly better than having 10,000 call center workers be able to access user private data.
The end result is high profile incidents get handled in a way that it would be too risky to do for everyone.
Even with the small pool of engineers, there are incidents[1] where user data is used inappropriately. Would you make this pool larger?
[1]: https://www.businessinsider.com/google-engineer-stalked-teen...
4 replies →
I'm no expert on Google and I don't have a PhD but from my time working there (and my time working at other internet services companies), multiple of your assertions here are false or absurd.
Child porn detection and enforcement literally does not work that way. I'm not sure how you even think that would work. How do you think the algorithm gets trained? Humans feed data into it. All the major social media companies (Facebook, etc) have paid human moderators that have to screen flagged content in many cases to determine whether it is illegal and then escalate to the relevant staff or authorities, and in some cases this is a legal requirement.
The GDPR one is especially ridiculous. Why would you be required to delete a user's data the moment you suspend their account? That's utterly absurd, it completely eliminates the user's recourse in the event of an error. No reasonable human being would interpret the laws that way and the relevant regulators (yes, GDPR is enforced by humans) would never require you to do that.
Google already has measures to deal with malware on machines, typically temporary or permanent bans of the hardware and/or IP address. They don't have to permanently delete your gmail account to lock out Chrome on a single malwared PC. If you've ever done any automation or browsed on a shared network you've probably seen Google Search throw up the 'automated traffic' warning and block you for a bit.
Being able to review conduct of an account (i.e. browse logs) is not "blanket access to your account" and neither is being able to examine the details on why the account was banned and reverse them. The account owner could also authorize the employee to access their data - any time you talk to a Customer Service representative for a company, you're doing this.
> If you've ever done any automation or browsed on a shared network you've probably seen Google Search throw up the 'automated traffic' warning and block you for a bit.
Normally that happens to me when I start to adjust my query to get Google to do what it used to do.
> * GDPR/Privacy laws (The law requires the deletion of no-longer needed data. As soon as his account gets banned, the data is no longer needed for Googles business purposes (of providing service to him), so the deletion process can't be delayed.
That's absolutely not how GDPR works.
> * GDPR/Privacy laws (The law requires the deletion of no-longer needed data. As soon as his account gets banned, the data is no longer needed for Googles business purposes (of providing service to him), so the deletion process can't be delayed.
I do not think GDPR works like that. You can absolutely store information pertaining to "why" questions because that is still a service they will be providing. Also, whenever they restore some's service they give data back. So they have obviously not deleted the data.