This is the classic precision versus recall discussion. The discussion centers around how you think about the cost of a false positive versus false negative.
Some people think it's fine for the process to have low precision but high recall. Low precision is that of the number of conversations the process flagged as a positive, some unacceptable (to you) percentage turned out to be a not/false "positive". High recall is that of all the actually positive conversations, the process flagged an acceptable (to you) percentage of them as positive (i.e. only "missed" a few/false negative).
What does it cost to wrongly identify conversation a positive when it's really not a positive (false positive)?
What does it cost to wrongly identify a conversation as a negative when it's really a positive (false negative)?
I think there is a tendency to project the modern era's speed of technological progress back in time, which isn't reasonable. We went from the Wright Brothers to Apollo 11 in 66 years. The first transistor to the iPhone in ~60 years. That rate of development is...new.
In my experience, you can weaponize processes like the Five Whys or the Amazon Leadership Principles. I don’t think that means they don’t have any value.
That being said, in this case, I agree with your manager. Both the QA team and your team had fundamental problems.
Your team (I assume) verified the functionality which included X set of changes, and then your team made Y more changes (the flag) which were not verified. Ideally, once the functionality is verified, no more changes would be permitted in order to prevent this type of problem.
The fundamental problems on the QA team were…extensive.
The problem is that these companies are locked into years long, multi-billion dollar contracts with the sports leagues. Those contracts are predicated on their existing monetization model. The economics of those contracts no longer make sense if the model changes. A lot of money is on the line. So they are going to fight hard.
The government (and/or society?) have already deputized private organizations to enforce various types of controls either implicitly or explicitly. Banks (AML) and Payment Processors (recent Steam content removal news) come to mind. Irrespective of whether it's a good or bad things, it already exists.
The Banks don't determine if you are a terrorist or what not. They comply with the order when a judge gives them a lawful order to freeze accounts.
I think it's okay to deputize corporations for the execution of the law in the digital world. You really, really don't want the federal government or mega corps to determine what is the "truth" vs. "propaganda". It's way too much power in society to be centralized. The decision on these nuanced issues needs to have due process and be de-centralized.
It's not just lawful court orders, over the years many explicit and implicit "suggestions" about "risk" have been issued to banks to discourage activity deemed undesirable. https://en.wikipedia.org/wiki/Operation_Choke_Point
That is not how AML-CFT work. Banks calculate your level of risk. When in doubt, they will cut you off or block individual transactions, unless the benefits outweigh the risks.
I had a bank transfer confiscated by Office of Foreign Assets Control. I think it was because the money (my rent) was going to someone with a foreign sounding name. I filled out all the paperwork to dispute it and was told they (a government agency) had no record of it. This was maybe eight years ago. I gave up on it because one month of rent wasn't worth the enormous hassle of fighting the government (to me, at that time). I changed how I made payments and moved on.
I've been criticized before for not fighting back. I had other struggles at the time. Leave me alone about that. I made the right call for myself.
>The Banks don't determine if you are a terrorist or what not. They comply with the order when a judge gives them a lawful order to freeze accounts.
How do you think this works in reality when the people getting sanctioned are trying to bypass the sanctions by creating shell companies and false identities? You either have a totally ineffective sanctions regime because it can be trivially be bypassed by setting up new shell companies, or a vaguely effective one because banks are deputized to figure out whether their customers are sanctioned or not. Luckily we have the latter.
I'm familiar with how sanctions work wrt advertisers / publishers. It would be totally fine if a court or similar institution said "here is a list of propaganda orgs, please limit what ads they can buy in our jurisdiction" and the ad networks were authorized to find all of their shell companies associated with those named entities. But that is not what the article is advocating for.
I'm objecting to the notion that mega corp ad networks are the best organization to determine what is truth vs. propaganda in our society.
That is not how KYC works. Every account gets screened against hundreds of lists, not just of 'criminals', but of people deemed 'sensitive'. Once you get on such a list, good luck finding any bank.
Bainbridge Island (connected to Seattle by ferry) is like this. There is approximately one Uber driver, at least the last time I was there, and good luck if you get back to the island later in the day. A single Waymo would be amazing.
Some people think it's fine for the process to have low precision but high recall. Low precision is that of the number of conversations the process flagged as a positive, some unacceptable (to you) percentage turned out to be a not/false "positive". High recall is that of all the actually positive conversations, the process flagged an acceptable (to you) percentage of them as positive (i.e. only "missed" a few/false negative).
What does it cost to wrongly identify conversation a positive when it's really not a positive (false positive)?
What does it cost to wrongly identify a conversation as a negative when it's really a positive (false negative)?
You decide.