I was clueless. The posts I made Friday night were what I thought at the time (which was badly wrong). I was still focused on what I'd been thinking while we were developing the feature (still trying to make it "work"). What it took was a bunch of friends and mentors reaching out Saturday morning (and basically telling me I'd made a big mistake and betrayed the trust of our users). I wish I'd been able to understand this sooner based on the original HN thread. But it took me some time.
I think the issue is that many (most?) posters can't understand how this decision could have ever been made in the first place and how could it have been so strongly defended? It speaks to some sort of fundamental disconnect about what is acceptable handling of user data and privacy. This naturally leads to mistrust about less visible policies that are in place or will be created. What decisions have been made in the past and/or will be made in the future that are less visible to users that will similarly abuse users personal data? I think everyone appreciates the apology very much, but the unfortunate truth is that this business requires trust and this debacle has eroded that trust in a way that can't be quickly repaired by a simple mea culpa.
It seems convenient to be clueless. Certainly makes for a better apology than "Of course I knew the issue but wanted to try to push it through."
To me it doesn't seem credible that you as the CEO of a recruiting company didn't realize the issue of "default public" profiles. You literally have a section about confidentiality on the front page of your website so you must have known it was important to users.
I'm just as upset as the next guy, but it's a bit silly to presume that he knew how bad this would be. If that were the case, even if he were a greedy, evil, selfish bastard, he wouldn't have rolled out the feature because he would understand the backlash.
