I used to work at Gusto (ZenPayroll back in my day) and dealing with Zenefits was always a pain for this reason.
They were the consummate hackers, using screen scraping and automation to do whatever the hell they wanted. One nightmare example was when a bug in their "automated" system rewrote bank account information for tons of employees to just be the last 4 digits of their account number. Such a mess.
Even if this weren't a tightly regulated industry, you're dealing with how people are paid and covered for health conditions.
We didn't hire hackers[1] because that attitude just doesn't fit for certain classes of problems.
Hats off to the investigative journalism by BuzzFeed, uncovering some frightening immaturity pervasive in Valley companies.
That blog post is one of the best advertisements I've ever seen for a tech company. If I weren't happy where I am, I'd apply for a position immediately.
I get that moving fast and breaking things works for some products, but I wish more companies had the same attitude as you.
Your values page is interesting, though the quotes may be a bit excessive. If you don't mind my drive-by critique, I would suggest listing those quotes at the end of each one as a kind of an "alternate telling."
For the "empathy" value:
> Oftentimes, this means acknowledging weaknesses and having difficult conversations. Feedback should come from a place of love and respect, under the assumption that everyone has acted with the best of intentions.
May I ask how this differs from the management consulting practice called "front-stabbing"?
And for the "Don't Always Be Right":
> We recognize that experimentation is crucial to innovation. We will not accepts “it works” as good enough.
Being right may be orthogonal to taking risks + building a legendary product. Perhaps a better wording would be "Don't settle for just right"
This is great feedback: constructive and substantive.
I like your idea framing the quotes as an alternate telling. They were listed first out of habit (ex-philosophy major), but you're right that this is primarily our story to tell.
Empathy
The difference between front-stabbing and giving good feedback is one of maturity. If you've had many conversations with young kids, they are incredible at giving blunt feedback, but it's only funny because they are tiny humans. Some of what they say would be unconstructive coming from an adult.
Front-stabbing, to me, is someone trying to justify being an asshole. Your comment is a great example of the difference, of being honest and direct but mature. The opposite of the kumbaya culture isn't telling someone they suck, even if you do it because you want them to be better.
Don't always be right
This is my fault, I mixed too many concepts. This value is about not getting complacent with success or being afraid of failure. I don't want us to get it right every time, because experimentation (where the magic happens) involves making mistakes. As you point out, that failure isn't the same as taking the right risks. This value is counteracting our need to be perfect, about pushing back if we seem to always be getting what we expected.
Happy to dive deeper if I didn't answer your questions. Thank you for the thoughtful consideration!
Thank you in return for thinking through my suggestion :-)
Everything you said sounds fine, with the exception of what makes front-stabbing, front-stabbing.
I agree that maturity is important for giving constructive feedback; just as important, in my opinion, is closeness. That closeness is certainly achievable in a small startup, but the company scales, I have strong doubts that it will match the level of honesty Empathy, the company value, demands.
More to the point: when unleashed in a social context where all parties aren't friends, I believe that "true" honesty (concerning a person's work) will inevitably transform into front-stabbing (attacking a person via their work) .
If someone who I was not close with was uncomfortably honest to me in the middle of a meeting, in front of many other people, I would probably ask myself "Is this person saying this because I'm actually doing something wrong? Or is he just trying to make me look bad?"[1]
When many ears are listening and many eyes are watching, I know I would feel less inclined to reflect on her or his words, and more inclined to worry about my loss of face. Especially if this person has made a habit out of being vocally honest with others. In my opinion, maturity isn't 1:1 with morality; a person can act like an adult and also be ruthlessly ambitious enough to take advantage of and hurt others.
The deep, deep end of being uncomfortably honest among others in a workplace is a struggle session, where one person is in the middle of the room being berated by everyone else. No one wants to let it go that far, at least not initially, but I certainly believe the basic social lubricant of politeness must be valued, and applied in most contexts[2]
Privacy, maturity and closeness are the makings of a real heart to heart, where both sides can learn from each other. Missing one, or having any in deficiency and, as the company scales, the risk of front-stabbing grows exponential[3]. Said another way by a Wall Street Journal commenter: "You better not front-stab your boss."
[1] There was an article recently that surmised that all public apologies are purely P.R; any demonstration of heartfelt guilt is quickly exploited as an act of weakness, so the apologizer is as tightlipped as she or he can be. Can't seem to find it...
[2] Of course, the other deep, deep end is a Japanese firm where the knives are under the table instead of on the plates!
[3] It's 1:40a.m. in NYC so I hope I'm coming across as explaining my perspective instead of as some kind of internet troll.
I love this conversation, and I'd like to give my feedback. First, no, you are coming across as a person who thought deeply about this concepts.
I like the idea of closeness but, as you noted, it is not always possible. I think that empathy is the right word, but should be better characterized. Empathy is trying to establish a connection, is to bring the two people close when giving the honest feedback so that it is perceived correctly. How to do it, that's another story.
One technique that I found very powerful is called feedforward. The idea is, instead of saying what someone has done wrong, suggest a way he could make it right the next time. Example, you sent an email without the attachment. I could tell you: "you should be more careful!" or I could give you a constructive idea, maybe creating a connection: "I understand that sometimes it happens to forget an attachment. I developed the habit of putting the attachments in the email before writing it, so I don't forget them". It is not a perfect example. But even if we aren't close, it gives you a sense of closeness, a feeling that I understand you, and I care about you.
The problem with this approach is that the receiving party should be receptive. I used this method and I received answers like "But I believe I was right because...". And this is the end. You could ignore the answer, knowing that your feedback was useless, or you could try to explain, but you have lost. Nevertheless, if the feedforward is ingrained in the company culture, it is something known and actively practiced (that means the example starts from the CEO), it helps to create a positive environment.
I'm not sure if that's what he means by empathy, or maybe his company uses a different technique. You are right: closeness, privacy, and maturity are essential for a positive culture were front-stabbing (or worse, backstabbing) is impossible. And empathy is the ability to bring someone close, especially when it is relevant to provide important feedbacks.
I like the idea of empathy being a bridge between two sides-- closeness helps in building that bridge. If the sides are way too distant, the bridge will inevitably collapse into the abyss. But if the bridge itself is made of strong stuff, constructed in good faith, then absolute closeness isn't so big deal. So long as trade of ideas can safely go back and forth across that bridge, in equal measure. I might be stretching a metaphor a bit there.
Feedforward is indeed quite powerful between two receptive parties; the last time I got a peer review the person I was doing with did it to me, which made me all the respectful of him.
"empathy is the ability to bring someone close" indeed!
I understand more where you're coming from and I absolutely agree. Part of it is my vocabulary, specifically co-opting the word feedback.
In public situations, like giving a presentation or a meeting with multiple parties, a huge part of empathy is understanding people's sensitivity to being ganged up on or feeling embarrassed in front of other. Politeness, specifically around being less brutally honest in group settings, is meant to deter this.
Feedback, to me, is a 1-on-1 activity. Much closer to a heart-to-heart, which requires both the confidence to stand by your values and the vulnerability to be open to change.
Ah; I now understand your position better, and see that it is not too different from my own. I feel like what you wrote here would work perfectly as another paragraph in the Empathy section.
I'll be keeping tabs on Seneca Systems regardless; best of luck to you, Mr Founder!
CRM for government reminds me of the Ted Talk where a guy said the government should use source control. We're not there yet but it's a step in the right direction.
You guys should seriously consider using resellers and distributors btw. Gov't purchasing agents always request three competitive bids.
That's true if you try to sell into the municipalities via the RFP process. However, we sell directly to the departments who will be using our software. We've met with great success doing it this way.
In fact, we managed to close a department in Miami in only six days--that's basically unheard of in local government software sales.
Without knowing much about the situation... how much was this necessary? The industries Zenefits are working with aren't exactly tech-friendly, and I just always assumed Zenefits was doing some gross things on the backend in order to make things easier for the user.
(This doesn't excuse bad testing or bad code, but it's not like the insurance industry has well-documented public APIs for Zenefits to use)
Reminds me of mint.com. I used to work at Venmo and they tried to integrate with us, but then without even reaching out to us they decided they couldn't because of the 2fa on our web login. We had a documented developer API but they seemed to never even consider using it.
> uncovering some frightening immaturity pervasive in Valley companies.
This is one of the dark sides to having an entire engineering team in the 25-30 age range. They can sling http just fine, but sometimes don't fully grasp the consequences of their work.
I was 22 when I started and cared very deeply about the consequences of what I was doing.
It's more about heavily interviewing for alignment with your mission. If people care deeply about the problem you're solving — not just the technical problem, the people problem — then you're far less likely to have these issues.
I interviewed dozens if not hundreds of people at ZP and there were two red flags for engineers:
1) They only care about the technical problems. In this case, they're likely to make decisions more aligned with "that's interesting" than "that helps our customers"
2) Once we raised our Series A, we had a lot of applicants wanting to join a rocket ship. I literally heard that in an interview with a Facebook engineer who found us by "googling startups with 9 figure valuations." If you care about growth at all costs, you're going to cut corners and fuck over your customer.
Mission matters. Values matter. Interview for them.
This is the essence of why Zenefits is in trouble. One of the mantras Parker would frequently state around the office was something very close to "growth is responsible for all of our problems and also the solution to all our problems".
His view, if I'm recalling correctly, was that hypergrowth makes customer problems more visible due to scale while making the company inherently more valuable. There was absolutely no downside to growing as fast as your imagination could manage - despite an accumulation of red flags, technical debt, and unhappy employees.
As you mentioned in your comment, values absolutely matter. I think Sacks gets this, but a company this deep in with so many employees is a big, unwieldy ship that's hard to turn.
> There was absolutely no downside to growing as fast as your imagination could manage - despite an accumulation of red flags, technical debt, and unhappy employees.
I worked at LivingSocial early in my career and this is so true. There is a limit to how quickly organizations can grow (given our current understanding) and still be healthy.
Employee happiness and related metrics (e.g. retention) is the biggest indicator of health. I don't care that you hired 400 people this year. Can you retain 40 world-class people?
Thanks for that tidbit. I work for a non-profit and sometimes it's hard to make the call when someone is technically sound but doesn't seem to get the mission. So far we've managed to get mission oriented people on board, but I'll make more of a conscious effort in the future.
At 12 I was a hacker.
At 22 I was very serious + responsible.
At 35 I've learnt when I should act like a 12 year old.
So hacking is reserved for research project and the odd on-off script which gets nowhere further than my PC ;)
I've had hackers in my team, they've always been strong technically (they take risks so learn fast) but they have always been a net negative in the long run if left uncontrolled. But put them into the right environment and they can be very effective (as they tend to be very creative).
The question is will an ex-Facebook hacker accept being kept at arms-length production and treated like a junior developer? It works for me because there aren't any AAA employers here in The Netherlands.
I know what you mean, and most of the people I hire end up skewing older. For engineers, experience usually tames the "ooh let's try this shiny thing!" because they have had experience trying to maintain that beta JS framework or been paged at 3am to deal with their hacked together nightmare.
It is absolutely more rare to find younger people who are already aligned with that mentality. That's not good or bad, just a matter of fit.
I bailed mentally at an interview with a YC startup in SF because, as part of the technical portion, they had me write a scraper to pull information from searches on other sites. This was against each site's legal/usage terms (and so was defeating the basic obstacles the companies put in the way of being scraped in bulk). When I asked about their business model they revealed that they were making money by doing exactly this and had zero intention of changing that or partnering with the other sites to legally obtain the data.
Their recent series A made them so cavalier; they landed money to do this, so of course it was right. It would eat into profits if they negotiated contracts to do it aboveboard.
While there may or may not be a darker side to having an entire engineering team in the 25-30 age range, according to the reporter that wrote the article, this hacking came straight from the CEO, who also set the tone for this type of behavior:
I realize it's the law, but that is an interesting question. I'm a page-at-a-glance reader (not to brag) and sitting in front of something for 52 hours would make me feel like a character from "Harrison Bergeron".
The 52 hours is meant to be spent exploring inside of an LMS (Learning Management System). You aren't simply reading a manual, but rather going through lessons, taking quizzes on them, working through different scenarios, etc. It's supposed to be an interactive process where you're familiarizing yourself with the information, learning to identify how to handle different situations, learning what "gotchas" to watch out for, and generally reinforcing your recall of the rules and regulations around the industry.
The LMS has the actual license exam locked until you've clocked 52 hours inside of it, so the macro just ran out that timer until the broker could get directly to the exam. Scraping by an 80% on that license exam (especially with all of your colleagues around that have taken it already) is ridiculously easy.
Insurance companies are sticklers for technicalities and love to deny claims, so as a consumer I'd consider the 52 hours / 6.5 work days worth of required training to be an absolute necessity for an insurance broker.
Disclaimer: My current company got our insurance royally screwed up in the short period of time we used Zenefits thanks to their corner cutting, so I'm a bit jaded.
I started my career working on software where serious bugs could get people killed. You do need experienced mentors, but they certainly could be under thirty.
You don't have to be old to build things safely. You just have to care.
...and have time, and funding, and patience. 2 out of those 3 are in short supply in Silicon Valley. Robust software is eminently possible, but it requires a development culture that is often incompatible with shipping lots of things quickly and seeing what sticks.
I recall that when Parker Conrad spoke at the Stanford startup class, he said that he'd been turned down by many VCs, at least one of which said "Well, if you were Twitter, this would be a different conversation." His take-away from that is "Well then, what can I do to become Twitter?" Only problem is that health insurance and 140-character text messages are wildly different industries.
As an aside this is something people absolutely do not get. MongoDB haters were always quick to point out how the database can lose data; even after the journal was introduced and that became much harder. But MongoDB failed to explain this same thing well: if you are storing payroll information you need a very robust data storage solution. There's a cost to robustness, however, which you probably don't need to pay when storing 140 character messages. Write concern is a very fundamental business decision.
In other words, when I picked MongoDB to store NowPublic SCAN data, before the word NoSQL was in vogue, even, then it was scanning various streams (including the Twitter gardenhose so many years ago) for bits of news and the ability to store lots and lots of small bits of text quick as hell was much more important than keeping all of them. Noone really cared about every single one, we were in the business of surfacing breaking news and we were a very small startup so not needing lots of expensive servers were a huge plus.
Obviously I picked a very different data storage model when I needed to store payment data at a TV station's video store...
We used Facebook as an example all the time. For them, moving fast and breaking things is a good value. If someone's status update got lost, that isn't ideal, but it isn't the end of the world.
When people don't get paid, that's a Big F-ing Deal.
It's an easy trap to fall into as an engineer. There are many cool problems to solve, but when you join a team you're agreeing to solve their problems. Focus on the customer.
I wish it was just the 20 something programmer that did this. I know more than a few 40 somethings that never evolved out of the good enough phase of development. They can't even be bothered to test their own code before hitting submit. Everything is just a small bug that can be easily fixed later.
The guy on my team who's a 'hacker' is in his mid 30s. Some people just never grow up. I'm 27, and I'm the guy always arguing with my near-40 boss about trying to do things the right way, not the way that's easiest today. Age is probably the generalization to make, but cargo-cult mentality isn't in any way limited to then young.
This is a very low bar for success. When you're working with sensitive information or financial transactions, it isn't just about "working". If your code "works" but is impossible to reason about or untested, you're asking for people later on to introduce bugs.
Code is not written in a vacuum. The hardest part, for three nines of software problems, is not just getting it to work. It's architecture and building an engineering team that functions together. People are a major component of software development.
Issue you are talking here seems to be about pushing software with a critical bug (a logical mistake by the developer). This issue looks to me as a test scenario that wasn't covered before. I guess these kind of issue could happen at anywhere else too, irrespective of their working (hacking) culture.
My problem isn't the bug. Bugs happen. It's that a developer thought that screen scraping a payroll system and setting up a recurring job to overwrite all bank account information in the middle of the night was a good idea.
If you care about security and stability, that should have set off major alarms.
Scraping data and pushing to internal APIs in another product have no spec, so any tests you write are either wrong or not wrong yet.
Another source[1] had more info about "The Macro":
Many of our California sales representatives received access to a software tool called a “Macro” that may have allowed them to complete mandatory online pre-licensing education courses offered by a third-party test preparation provider in less than the legally required 52 total hours. The Macro functioned to keep a person logged into the course and prevented the person from being logged out for inactivity. The Macro did not advance through the required material or quizzes in the education course -- the Macro only kept the person logged in. The Macro only pertained to the prelicensing education course and did not affect the broker exam taken later. Use of the Macro enabled -- but did not cause -- a person to spend less than the 52 hours of required time in the prelicensing course.
Ok, I have no judgement about the morals of this but I think the "hacker" mentality is hilarious.
I was at a Fortune 100 company that had an obligatory "security training" webcast that you had to watch and then at the end, answer some test questions. This was required to get a door badge and network id. Well, one programmer simply wrote a script to "watch" the video and automatically answer the questions. The manager knew we all used it and condoned it because the security video was out-of-date and irrelevant.
I can see someone at Zenefits using that mentality and justifying it because skipping the training material gave them no benefit to passing the actual exam.
There is a bit of fun to be poked at startups/the hacker mentality in this case, sure.
But what's appears to be a refreshing break from what happens when big corporations are caught red-handed, is that the leaders responsible have been fired/disciplined, while the employees on the floor have been told they will not be punished (though they will be if such things happen again).
At least that's what I understand from the email reproduced in the BuzzFeed article linked in another comment.
Love the passive voice "may have received access to" -- OK, who gave them access I wonder?
I would normally applaud the hacker mentality of using a computer to automate stupid or repetitive tasks, as long as any dishonesty is limited to a white lie. Like the obligatory security training video watching. But running a compliance company that doesn't comply seems more fundamentally problematic.
Sounds to me like the real problem was in the test. If someone can get by without actually absorbing the material then they should be given the pass, if they can't then it's a different story. Of course as soon as the program starts answering test questions or something like that it is a different matter but to spend less time than required and still pass means that either the test is inadequate or the course is needlessly fluffy.
Because while company A is lobbying for change through the front door, company B is eating A's lunch by innocuously bending the law through the back door.
History won't remember that A did the right thing; only that B made it to their next round of funding and A folded.
The "hacker" and "hustler" mentality is also largely driven by expectations of growth when you take $500M in a Series C. When you have that much riding on a company you've built and you have been told to hustle, then you're going to do whatever it takes even if that means breaking the law.
Well, you might. And perhaps that's the difference between you and people who realize that going to jail is considerably worse than going out of business.
The article directly references one of the steps taken by management once this became an issue being a company wide ban on all use of "iMacros" -- not just "the Macro", so that's probably the case.
FWIW my company had a terrible, terrible experience with Zenefits and ditched them after less than a year. Incompetent customer service, crappy software (one problem we had was a result of a corrupted database record, according to one of their reps, that had to be manually corrected by a developer), no one seemed to know what they were doing. As a founder I told their reps multiple times that we were a startup too -- ostensibly their target market -- and that we were willing to work through some problems with them, but they didn't seem to care and frankly just kept fucking up. Once we hit 5 people we switched to TriNet and have gotten great service AND we're saving tons on the insurance side, even accounting for TriNet's monthly per-employee fee.
Generally I avoid rooting for others to fail, but I can't help but feel just a teeny bit of schadenfreude with this recent news. For the last couple years I've been rolling my eyes with each new piece of breathless coverage. The Zenefits people are talking about now sounds a lot more like the one I experienced dealing with.
I guess this is a useful lesson to any would-be founders who want to make a business out of breaking the law: make sure you don't break laws higher than those on the municipal level. The difference between Uber and Zenefits/Theranos is that cities have limited resources and angry citizens can convince them to back down (and if you lose, hey, just ignore that city and try somewhere else), whereas state and Federal agencies can nuke you at any time and don't really have to worry about the vox populi.
In general, laws are not something you want to fuck around with as a startup. You can break proprieties, you can do things that will piss certain people off (you're almost guaranteed to piss off your competitors if you're doing anything interesting, for example), and typical business ethics assumes that everybody is looking out for their own interests and can advocate for themselves. But when someone has explicitly said where the boundaries are - and particularly if that "someone" is a government - it's good to respect those.
because I remembered reading it, there's a wee bit more to the story than Ben shares. It took a while to find it since Bloomberg reorganized their site [1] but here you go [2].
tl;dr: what Sharlene really went to jail for was more than shifting grant dates around (some by more than 60 days, which is more than a month last time I checked.) She appears to have changed grant and exercise dates both to increase income and to shift exercise income to long term capital gains, and then mislead auditors about these practices. Specifically, she want to jail for listing a false exercise date on her income tax return.
The point is, according to the reporter, what she went to jail for was more clear-cut than Ben is claiming.
Ben doesn't share that backstory, but it's irrelevant to his point. He is suggesting that he might have gone to jail by association with her and having done something illegal at his own company. Hence his statement:
"Since we had the same head of finance, we almost certainly would have been investigated.... The whole thing was a case of the old saying: “When the paddy wagon pulls up to the house of ill repute, it doesn’t matter what you are doing. Everybody goes to jail.” Once the SEC decided that most technology company stock option procedures were not as desired, the jail sentences were handed out arbitrarily."
So even if she did much worse things at her old company, the SEC could have decided that he broke the law too (even if in a less major way), and should go to jail too.
> The difference between Uber and Zenefits/Theranos is that cities have limited resources and angry citizens can convince them to back down (and if you lose, hey, just ignore that city and try somewhere else), whereas state and Federal agencies can nuke you at any time and don't really have to worry about the vox populi.
Aren't a substantial share of Uber's legal issues state-level employer vs. contractor issues (which also potentially have federal counterparts)? So I'm not sure they are a good example of a company restricting its testing of legal boundaries to the municipal level.
I think the difference between potential (and likely) costs and consequences is far more complicated that simply the level of government involved.
The employee/contractor thing probably gets a lot less attention than the legal status of call-a-ride services and whether they need a medallion and the additional hurdles taxis meet, given that they don't pick up randos off the street.
Not to defend Zenefits conduct here, but I'd hardly compare them to Theranos. Not passing broker certifications doesn't mean the insurance policies were invalid. It's not giving people bogus test results based on claimed Area 51 black turtleneck technology.
I don't think any of their sales tactics fell under "misleading, illegal, or dishonest." It was their California pre-certification practices that was blatantly illegal.
Well, that still falls under the "Not behaving in a way that damages the reputation of his/her company or of YC" and "Generally behaving in a professional and upstanding way" rules listed on that page.
In this one particular instance, good for them and its a shame that they got caught. I've had to watch quite a few of these "unskippable" videos for various government mandated trainings and there are a complete waste of time so that some bureaucrat can check a box and some company's lawyers can mitigate some liability. They don't educate the captive viewers and they don't protect consumers.
Lets see how any customers were actually harmed by this.
The value of training videos is on the back end. Whenever shit goes wrong, peoples' first reaction is to plead ignorance. "Oh I didn't know that, I wasn't told that." These sorts of things eliminate that excuse in a way that leaves a paper trail, making it easier to hold someone accountable if they do fuck up. It's not about making sure they know all of these things that are mostly obvious, it's about ensuring you can fire them, sue them, or defend yourself in a lawsuit if someone sues you, by eliminating their plausible deniability.
Often there is a certification to go along with the video or manual, so the next question could be "so you lied when you signed this certification saying you watched the video?" And even when there isn't failure to follow established procedures can be devestating to someone's credibility. Even if the procedure is stupid, it looks really bad in front of a decision maker or jury when someone says "oh yeah I just blew off that thing I was supposed to do." It's this clear-cut self-contained transgression that makes it easy for people to question your whole character (maybe more easy than is justified).
Sure, obviously that looks bad for both the company and the individual in question.
But I think maxcan's point is that at no point in the process has the cheating really lead to any actual consumer harm. Which is a pretty important point.
I mostly agree with that. I was trying to explain why these videos exist in the first place--so that when the underlying rules are broken, the regulatory authority can make the rule-breaker look like a liar instead of merely someone ignorant of the rules.
Ya, I think your clarification was great but it mostly supports maxcan's point that these programs exist so that "some company's lawyers can mitigate some liability."
Either every individual who used the script, or the entity that created or promulgated it, is held culpable/liable. When an employer is tacitly encouraging employees to ignore a legal requirement, and the employees are happily doing so, there's plenty of blame to go around.
Yes, it should absolutely be up to the individual to decide whether they've met the legal requirements for their job. I hope my surgeons self-certify that they're ready to operate, and the technician that repairs the airline I'm flying on should have the last word on whether he's qualified to start tinkering with the ailerons!
There are a few tasks/requirements at issue here, 1) the legal requirement that the individuals be sufficiently trained, which then requires 2) the legal requirement that training be provided. If the individual in (1) is "phoning it in" by avoiding watching the provided video, it could also be that the individuals who are providing the training are "phoning it in" by considering a video to be sufficiently fulfilling the requirement for providing training.
As is the case with a lot of these kinds of things, one ends up without any value after taking the training compared to where they were before taking the training. If this is the case, the training is meaningless. The only way to asses the value of the training is through some kind of testing as part of or after the training occurs. This is like requiring attendance of driving school for traffic violations. It is very rarely the case that anyone in driving school actually didn't know the law, but rather they were skirting it and ended up getting caught. They are only in driving school to satisfy the requirements of getting the limits on their driving lifted (being licensed or being able to get cheaper insurance). The driving school ends up being a burden because it takes time, and doesn't necessarily end up making anyone a better driver (although, you could use the lack of further infractions as the metric that the training was successful, but there's a lot of other influences here).
If both the trainer and the trainee are phoning it in, does it matter? If the trainer is phoning it in, is the trainee really doing anything worse by also phoning it in? If the trainer fails at their job because they are providing pomp and circumstance, we end up at the same place we were without doing any training at all, even if the trainees do make a concerted effort to be trained. That is, the trainee could bust their butt watching this video, but in the end, no one has actually been trained.
This isn't meant to get the trainees off the hook for phoning it in, but let's call a rose an rose and acknowledge that there might not actually be much value in 52 hours of video watching.
The spirit behind the hatred of the "you must stare at this screen for 52 hours" type requirements isn't that anyone should be able to do anything they want, but that it's a stupid requirement. Acknowledging the existence of a stupid requirement doesn't at all require thinking that all requirements are stupid.
That said, I'd never want to do business with a company that thought it could choose to ignore certain requirements, and deceive regulators about their fulfillment of them, even if they're stupid requirements.
There is a requirement that someone spend 52 hours in a pre-licensing course. There is a separate requirement that someone pass a broker exam.
If it is possible for someone to do the latter without the former, what purpose does forcing them to do the former serve? Some people will need 100 hours of preparation for the exam and some will need 10. Forcing the latter group to spend an additional 42 hours in prep simply wastes their time.
The exam tries to ensure that you know enough to be competent. The required hours are there to discourage people from trying to pass the test without actually internalizing the information. Sure, you could try to just make the test arbitrarily harder, but that's not always possible, and even if it is possible, it's unfair to the people who are capable of learning the required material, but not the material needed to pass the harder test.
Also, as has been mentioned, it's partially a liability issue for the state and the company if/when they get sued.
Part of their defense can't be that "Oh, well the state licensing exam is super easy, so I only spent an hour cramming the material before the test and then immediately forgot everything, so really you should be going after the state and not me." The required hours
If, after 8 years of med school, your surgeon had to sit through a 2 hour video made 15 years ago about "The importance of surgery" and "where to keep the scalpels", he's probably be a bit frustrated.
You've pretty much described what happens when a surgeon joins a hospital. Well perhaps that is an exaggeration, but my wife sat through several required classes on basic procedures before starting her surgery job. Hospitals, like any dysfunctional bureaucracy driven partially by lawyers, thrive on this stuff.
The situation isn't really the same; these are valley sales-types making decisions about how to provide medical insurance to thousands, and it's likely that they haven't had any formal training on what (and what not) to do.
Its the same kind of restriction that would tie programmer pay to lines of code written.
I understand it though to some extent - its more of a "cheating prevention" program, but I'll bet a very very very high percentage of test takers would find it a very large waste of time.
However arbitrary or dumb it might be, it's still a rather low bar.
edit: which I think might not sound how I intend it. I meant to get at it not requiring a great deal of investment of time or other resources to become an insurance broker.
It shows a real lack of faith in the exam, I think. If the exam is testing the requirements of being an insurance broker correctly, why have an "x hours of training" requirement as well?
The interesting discussion from the occupational licensing story was whether a given licensing requirement creates an undue barrier to people that want to pursue the career. That's what I was getting at, regardless of how terrible this hours requirement might be, it doesn't create much of a barrier to people that want to become insurance brokers. It's little more than an inconvenience.
(There's an argument to be made that an inane hours requirement is unfair to people that must work long hours to support themselves, but in this case it was the company urging paid employees to spend their time otherwise)
I wonder if this incident and others such as the recent Homejoy / Flymaids kerfuffle have caused PG to rethink whether he's still looking for "naughtiness" in founders [0].
That's not meant passive-aggressively. I completely get why naughtiness might be indicative of a propensity toward innovation -- it's a pretty straightforward and intuitive concept. I'm just wondering whether PG still puts as much faith in the heuristic as he used to.
I doubt it. "Naughtiness" is creativity combined with a lack of conscience, which is a good way to make a quick buck. Regulatory arbitrage or capture, exploiting known cognitive biases, and creating subtle information asymmetry should all feature prominently in "YC 1[6-9]."
If we're trying to define the better side of naughtiness, I'd substitute "an irreverent and inquisitive attitude" for "a lack of conscience" in your definition above.
If you've worked at a big, regulated company, you know there are tons of trainings that you have to do.
Often said training provide little to no value, other than covering the ass (CYA'ing) of the employer.
But what's worse: these programs will sometimes log you out if you're not paying 100% attention.
Everyone I knew working at our Big 4 accounting firm would do our real work while these "training" videos played in the background.
Some engineer likely thought s/he was helping everyone out. And rightly so...their time was likely much better spent in other places given their incredible growth.
Unlike professions where you are expected to get a post-college degree and pass a multi-day difficult test given once or twice a year, all you need to become a health insurance broker is take some classes (in person or online) for a few hours, pass a test (which you can retake as often as you like) and pay ~$100. That's it!
Zenefits is large enough they could actually not treat licensing as a nuisance (gotta SELL SELL SELL) but could have had a full time in-person instructor give a week+long onboarding/training/prelicensing class for every new sales-person. You know, so that people who are expected to be explaining the intricacies of health care laws and pro and cons of $100,000+ yearly group policies might actually know a little of what they are talking about.
How many of those accountants didn't study ACCOUNTING for at least 52 hours?
What on earth does spending x hours on something prove? If someone spent their 52 hours zoned out while the video played, just aware enough to click the "I'm still watching" button that shows up every 5 minutes or whatever, how would that make them any more qualified than the macro?
It sounds like the real problem is that the test is grossly inadequate. The regulations should specify a test that's stringent enough. Specifying x hours of training isn't helping anyone.
There's a huge difference between this happening and the CEO actively building the work around. When the CEO demonstrates this behaviour is appropriate, the whole company adopts this culture of "what laws?!".
>That was how executives discovered the macro, which Conrad had created based on a belief that 52 hours was too long to spend in training, the lawyer for Sacks said.
You are mistaking annual compliance training for things like "don't insider trade" for training on how to do the job legally to gain entrance into the profession.
There is a bit of a difference between the training videos the big co's force you to watch and the training required to get certified by the state to do business in a highly regulated industry.
I too created "macros" for the insufferable training they put you through, but it was for training videos on the "new" HTML4 standard and about the "new" invention ajax requests -- all while I was working on a team using angularjs every day.
Can someone give me a good explanation of how the COO wasn't responsible for this kind of stuff? It's mind boggling to me how hard Sacks is throwing Conrad under the bus, despite possibly being just as guilty.
I mean, I get it - power plays and all. But aren't they both responsible?
According to the article, Sacks discovered the issue in January, and then forced the company to report it to the California regulator - if you believe that sequence of events, he can't really be held accountable for the action of Conrad.
Let's say you are an engineer, take a new role at a company to work on their database, and then discover that one or your managers has stolen money, do you think you should be held accountable, assuming that you report the issue immediately when you discover it?
You're questioning the reality, when all of this is about perception.
The board needed to hold someone responsible for this mess in order to satisfy the regulators that they're taking the problem seriously, and things are different now.
Effectively, the message they want to send is that the adults are in charge now.
There was no way Conrad could stay. Even if they could somehow hide any evidence that he knew about the violations (and they probably couldn't), it's very clear from his public statements that he had built the fast and loose culture the had allowed and sustained the problems. He had to go and the message needed to be that the company has no place for him anymore. He's not stepping into a reduced role, he doesn't have a board seat, it's over, he's dead to us.
Sacks has a different record. He wasn't there from the beginning, he hasn't been the public face of the "ready, fire, aim" culture, there's plausible deniability. And he has credentials to justify his position - Yammer, Microsoft, PayPal - he can be painted as a safe pair of hands.
And, since he's been the COO for a year, he can step straight in an take over without needing a handover period from Conrad.
The board need Sacks to stay on and be the new face of Zenefits. And they've decided that the regulator investigations are not going to find damning evidence against him. Maybe because he had no idea. Maybe because he was smart enough not to leave any evidence. Maybe because there's a paper trail of him reporting the issues up the chain in way that makes him look like the good guy.
You're asking the question "How can a COO not know about all this stuff, and not have had some responsibility over it?" and that's a good and fair question - the regulators will ask it too. I take it the board will be able to provide a plausible answer to that question when the regulators come knocking.
But that's not really the #1 question that the board's worried about. They want to know "who has the best chance of saving this company?" And what Sacks provides is:
- Plausible deniability
- Credibility in the market
- Credibility with the regulators
- Knows the business
- Can do the job
- Ready to start now
There's no one else with those credentials, so Sacks needs to take the job.
Once that's decided it's a matter of execution - almost literally. If Sacks is going to save Zenefits then he needs to look innocent, and blame Conrad for everything. That might actually be true, but that's actually not the key question for the board. They just need something that they can sell to the market and regulators.
Not to say Sacks shouldn't be responsible but, to my understanding, all of these issues being reported on are coming out of the sales org (which is what Parker primarily focused on) where as Sacks primary focus as COO was on post sales customer success (product, ops, support, etc.)
I think the focus on "TheMacro" is a bit overblown. "TheMacro" sounds sinister, but AFAICS it just keeps a web session from expiring. Depending on Session timeout length, the 52 hour requirement can still be gamed by having multiple browser windows open.
One aspect of this whole debacle that needs to be highlighted more is the culture that allowed Zenefits to behave in shady ways.
The culture I'm referring to is the "give me complex software, and host and maintain it for me, but have someone else pay for it" culture.
Whether it's through intrusive ads, creepy data practices, and/or Zenefits-like shadiness, insisting that software should be paid for by anyone but the people using it is a disaster waiting to happen.
I'm founder of a startup building an application that is free (as in freedom) for small businesses. If future customers want us to support and maintain the software for them, they will need to pay for it the old-fashioned way. Any other arrangement would compromise both our customers' interests, and our company's integrity.
How is Sacks able to assert moral authority when he was the COO working side by side with Conrad? Are there any Zenefits employees here who can tell us what the internal opinion is of the two?
I moved in USA recently, so maybe can help me understanding the impact of this beyond not respecting the law. What value this license provides to american workers? Do the healthcare system get better with the help of trained brokers? Thanks!
Yeah it does, especially now in the USA because new healthcare laws don't allow insurance companies to refuse coverage to consumers for any reason. If you have medical issues, or your spouse does, or your kids do, a licensed knowledgeable health insurance professional will take the time to help you select a plan that will actually be beneficial for you and your family.
Zenefits was hiring people who worked at the Yellow Pages and Yelp, previously selling advertising, and was turning them into "insurance brokers". Apparently in very short order.
Healthcare is complicated, and assuming that it could be treated in such a careless and reckless manner, or that 52 hours of training is a waste of time, it is beyond irresponsible, it shows an incredible lack of respect for the companies that Zenefits is supposed to serve, people who are relying on them for advice on the most important benefit employers provide, and finally their families. It's shocking and sad that Parker, someone who survived cancer, would be careless with peoples lives.
If Zenefits ended up being the "hub" that millions of consumers within the USA had to rely upon, there would be a lot of people hurt by that.
There are lots of companies who not only struggled to get coverage for their employees via Zenefits, but some didn't end up getting coverage through them at all. I have heard direct from CEO's of some small but successful companies who very much wanted to support Zenefits, that they gave up on working with them after exhaustive efforts to get coverage that in some cases went on for as long as seven months. Not providing coverage for your employees for seven months, that's disgraceful. I can not imagine how the CEO's of these companies felt.
Parker had to go, as should Sam Blonde, his right hand. Parker just cared about scaling the business, at any cost, he didn't care about the collateral damage.
Let's just forget about the entire ethical argument around breaking an existing policy/legal condition of doing business, as important as that is wrt health insurance.
Who in their right mind thinks taking the time to design, then publish, a way to defeat a relatively straightforward education requirement is in any way a worthwhile thing to do? There is a level of ego there that goes beyond rational decision making: you aren't cheating the system for an advantage; you're cheating just because you can, because it makes you feel better than others. That's some borderline psychopathic behaviour really.
Did Zenefits employees really gain anything from not having to complete the required 52 hours? Was it really that big of an ordeal? Or was this a matter of just being smug about 'not needing' to do some very basic requirement they felt was beneath them? There is an element of hubris there that is unbecoming in and of itself.
These are (very minimal, really) licencing requirements. There is a minimal amount of effort that an employee should be expected to put in to do their job legally. The assumption is that exposure through time to the subject matter will increase knowledge. That may not be true in every situation, but it likely is in a majority; the rule exists. The exposure generated from choosing to "fight this battle" and losing is miles greater than any particular payoff achieved in victory. That alone indicates to me that the person in charge has a poor grasp of weighing risks/rewards, regardless of personal ethics.
Some things just aren't worth fighting because the risks in losing are so disproportional to any net gain from winning. This is a perfect example. A good CEO needs to know how to pick and choose the hills to fight on.
Lesson learned here: Not every component of your business needs to be disrupted. Some things aren't worth disrupting at all, really.
> Did Zenefits employees really gain anything from not having to complete the required 52 hours? Was it really that big of an ordeal?
That was my first thought as well. I can see the appeal in streamlining (what at first glance seems like) an arbitrary process if the final exam is passed legitimately, but a one-time commitment of 52 hours at the start of employment (a good chunk of which you'd probably need to do anyway for the exam) barely seems worth bothering with. As you say, the risks are disproportionate - it certainly makes me wonder what other corners are being cut.
Well, based on what I read elsewhere it seems like they didn't think licencing was that big of a deal at all really, which is an even larger demonstration of hubris than this.
I do feel bad for their employees who may end up being blacklisted from insurance period for practicing without a licence.
It could easily have been a bottom-up effort - someone got tired of watching the videos, wrote the macro (doesn't require a lot of programming expertise), passed it around to their friends who also used it, passed it up to their manager and eventually it became widespread.
Have you ever had to watch 52 hours of mandatory training videos? I think that could easily be more unpleasant than 104 hours of hard labour.
Buzzfeed is one of a class of sites that produce a lot of dreck as well as the occasional high-quality article. There are many such sites, mostly media outlets. HN's solution is to penalize them (a little) by default, but take the penalty off under different circumstances, such as if a moderator sees than an article is good or the submitter has a solid track record.
This has proven to be a reasonable compromise. The alternatives—not penalizing these sites at all or banning them altogether—are a lot more problematic, which is how we arrived at this strategy in the first place.
Buzzfeed has proven itself by now to be a legitimate news source, even if the money is coming from the other division (clickbait). And not just tech stories: when big-name publications cut their education coverage entirely, Buzzfeed hired a reporter dedicated to it.
I would expect similar penalizing treatment of other "mixed-quality" sources like Quora, Forbes, Techcrunch, Business Insider, etc.
The problem isn't the legitimacy of Buzzfeed; it's that the low-quality content comes from the same domain as the high-quality stuff, and so if you do nothing to penalize that domain, you get cat pictures on the front page. It's not a moral judgement, but rather a practical measure.
It's really funny. People say Buzzfeed? And I'm like, who do you think is making money right now, our national newspaper or Buzzfeed? Who do you think is hiring instead of being forced to let go of high quality journalists, our national newspaper or Buzzfeed?
Look beyond the brand and into the details and the journalist. Buzzfeed News is legit. Unlike a lot of media sources, they've found a way to be profitable and output quality articles.
Buzzfeed's curious chimaera of its trademark virally-targeted fluff content and a burgeoning hard news organization probably merits at least some kind of reconsideration of the penalty applied to submissions on HN.
It would be nice if Buzzfeed had something like a separate subdomain for its non-trivial content, but I'm not aware of any such thing that would enable automated differentiation.
Just curious - since you switched the URL, why did you credit this version instead of the one I submitted about an hour earlier? My submission was even referenced in a thread you'd replied to.
When a link from a HN post is changed, and the link it's changed-to had previously been submitted by another user, should the "posted by" and karma attribution get re-assigned to the user who submitted the link to-which the story is re-pointed, or does attribution and karma continue to credit the user who submitted the link which was replaced? Just curious how the internals of link-replacement works.
It's the latter. We do try to privilege the original submission when we can, but that's not always easy.
It's a bit of a lottery who gets the karma in any individual case, but in the long run it evens out. We would like to make the duplicate detection system give more credit to original submitters. I used to think that didn't matter, but have changed my mind, because doing that would incentivize users to find good stories that no one has submitted yet, and that seems like it would be in the community's interest.
Thanks for the answer. Karma, while fun, isn't personally that big of a deal. Appreciate the clarification, and thanks for your continued oversight of the HN community.
All I can say is way to go! Buzzfeed journalist. Literally nothing positive came out of this for anyone. It sounds like all of the brokers were capable of completing the training material in under 52 hours. Now this is getting blown up #bureaucracy
I think Parker is really, really smart. If you hear him talk he sounds like he's somewhere on the intelligence level of Patrick Collison. It's too bad he tried to shortcut a regulated industry but I'm curious what his next ambitions are.
They were the consummate hackers, using screen scraping and automation to do whatever the hell they wanted. One nightmare example was when a bug in their "automated" system rewrote bank account information for tons of employees to just be the last 4 digits of their account number. Such a mess.
Even if this weren't a tightly regulated industry, you're dealing with how people are paid and covered for health conditions.
We didn't hire hackers[1] because that attitude just doesn't fit for certain classes of problems.
Hats off to the investigative journalism by BuzzFeed, uncovering some frightening immaturity pervasive in Valley companies.
[1] I authored this post about our hiring at the time: https://gusto.com/blog/zenpayroll-is-not-hiring-hackers/