Hack Club has been handling children's data for 4 years without a privacy policy
9 days ago
- #teen-empowerment
- #nonprofit-critique
- #data-protection
- Hack Club's mission is to empower teenagers to build and ship projects they care about, fostering a supportive community.
- The organization has faced significant data protection failures, including exposing users' full legal names, emails, and home addresses through unprotected API endpoints.
- Hack Club staff, including full-time employees, relied on ChatGPT for legal advice regarding GDPR compliance, leading to mishandling of sensitive data.
- The 'vibecoding' culture prioritizes speed over security, resulting in repeated data breaches and insecure infrastructure.
- Minors are placed in critical legal and compliance roles without proper training, leading to poor handling of sensitive data and security reports.
- Exploitative labor practices include underpaying teenage interns and regional managers, with some roles paying as little as $2.69/hour.
- Hack Club has millions in funding but fails to invest in proper data protection, legal counsel, or fair compensation for workers.
- The community has noticed a decline in quality, with programmes feeling rushed and technical conversations drying up.
- Despite criticism, Hack Club has shown potential for positive impact, with teenagers landing internships and building meaningful projects.
- The path forward includes removing minors from critical roles, implementing proper data protection, and returning to genuine transparency.