Jay Lake v. PayPal
Posted on January 12, 2013 Posted by John Scalzi 49 Comments
Last night, just before close of business, PayPal locked up Jay Lake’s account because of suspicious activity, namely, about $50k rolling into his account in the space of about two days because of two separate fundraisers (one of which you probably know about from here). Fair enough; the company has an interest in making sure its services are not being used for nefarious ends. But then it looked like they would have no one available to deal with the issue on their end until Monday at the earliest, and that rather emphatically was not fair enough — you don’t freeze up someone’s account and then go “whoops, sorry, no one here to deal with the problem we just made for you.”
The good news is that Jay has friends, and they have Twitter, blogs and Facebooks accounts, and combined they made enough noise online to get PayPal’s attention and have it resolved in a couple of hours. Jay has all the details and some personal thoughts on the experience, which I really recommend people read as a useful piece on what can happen when a community and a corporation get into a tangle online. Here’s also a TechCrunch piece on it, with quotes from PayPal folks.
My thoughts on the matter run similarly to Jay’s: It’s great that once Jay’s friends shook the tree online, PayPal put his account in focus and resolved the problem quickly. It’s a fine case study in how a company can turn a potential bad PR event — and it could have been very bad indeed, since most of the people complaining were writers, with native audiences and the ability to call down the attention of media — into an example of how quick, smart response can make the company look good.
But it’s also the case that Jay was in the position of calling on several dozen friends with large online footprints to be upset on his behalf — at least one of whom was able to ping someone at the executive level in the company. That’s great for him, but left unasked is the question of what would happen to someone who was not Jay. To quote the man himself:
Yet I cannot help wondering how this would have gone without my own social media footprint and widespread network of friends and fans. Would I be looking at weeks of paperwork and a continually frozen account, as my friend has experienced? Fame, even as modest as my own ration, is itself a significant form of privilege. That privilege was exercised in spades late yesterday afternoon.
PayPal’s famously dropped the ball on the fraud detection front several times in its history, and still has requirements that make it difficult to unlock frozen funds. PayPal has a right (and responsibility) to keep its service from being used for scams and other such things. But it’s in its interest to make it easier for every legitimate user — not just the ones with lots of noisy friends — to deal with the service’s systems. That includes having people to talk to and address a frozen account on a Friday evening as a matter of course, not as an exception.
I don’t have any particular ax to grind with PayPal: I’ve been using the service for more than a decade and I’ve not had a problem with them that I can recall, and I think they provide a good service for a fair cut. But as a person who does use the service and appreciates the convenience of it, I really am puzzled why at this point they still seem to find themselves stepping onto the same landmine over and over when it comes to freezing accounts. I hope they get it figured out. I really do appreciate the speed with which the company dealt with Jay’s issue. It would have been better if it could have been addressed with the same speed, without all of us raising our voices to complain on his behalf. Some people who use the service won’t have that. They’ll still need their money, however.
Do they have a service that allows for people doing these fundraisers to give them a heads up as well as some bonafides? “Hi, we’ll be doing this for Jay and this is why and this is what we hope to raise and, by golly, maybe we’ll get lucky and raise a whole lot more, and here are some of the people involved.” It’s similar to the first time I went off on a trip overseas as an adult, and didn’t think to tell Visa that I was doing so. Good for them, though, they phoned my house and talked to my aunt who was house sitting, because they’d noticed strange purchases far away, and she had me contact them. Something I now do any time I travel off in an odd direction.
A good way for Pay Pal to handle something like this is to set up some way to identify a sudden deluge of funds into an account especially for fundraising. Many people are doing online fundraising for a number of different causes and projects, so you would think Pay Pal would be quick to address that. Publishing a number people could call if they expect unusual activity on their account so Pay Pal can watch and follow without locking things up. That would be the best form of customer service.
The trouble with Pay Pal is it is a bank/payment system that has none of the legal controls that oversee the more traditional versions of these things. One reason why credit card companies address these situations so much faster is that there are regulations that force them to.
This is nothing. Just wait until the IRS gets involved. I would suggest that Jay hold off on spending any of the extra proceeds until after speaking with a tax accountant.
PayPal faces the same problem as a lot of banks and financial services in their attempts to prevent fraud. Having recently been through something like this–my wife’s debit card was placed on hold because a gas pump shut off while she was pumping gas before a long trip–it seems like they’re stuck on the horns of a dilemma. Not that I’m excusing PayPal–like John, I’m incredulous at the thought they’d shut down the account late on a Friday and then walk away for the weekend–but these companies have to simultaneously make it hard to defraud them while also making it easy for legitimate customers to get their money.
However, the measures they came up with to meet these opposite needs could be material for an MBA thesis on how bad policy gets made.
Case in point: When my wife’s card got shut down we were driving on a 9-hour trip. I called the bank. Before I could talk to a customer service person I had to enter my wife’s card and social security numbers and answer a security question. Once I got the rep on the phone and told her the problem, she wouldn’t talk to me to resolve it. She insisted on speaking to the card owner even though my name is on the account too. Since my wife was driving I tried to make the rep see reason, but no. OK, that kinda makes sense. I put the cell on speaker and held it up for my wife to talk to the rep.
How did the rep confirm that my wife was the actual card holder? She asked for her name and the security code on the back of the card. Once my wife gave it and confirmed some recent purchases they unlocked the card.
I’m sure you’ve all spotted the idiocy of this policy. To confirm her identity they asked my wife for information on the card. If I had illegally obtained the card I’d have that information! But to get to the rep I had already provided identity info that wasn’t on the card. As for confirming that it was a woman…well, I’m pretty sure even an identity thief could find some woman to get on the phone.
Ebay sellers and buyers are constantly at war with Paypal over the way their customer service is implemented. You would think that, since Paypal and ebay are so intertwined, a problem on one side relative to the other would be easy and fast to resolve. Not so; I have heard many horror stories about how Byzantine it can be to fix a relatively simple issue. I will not go into details here, but in trying to “protect” both buyers and sellers, they have ticked off both bigtime.
Like you, Scalzi, I’ve never had a problem personally with PayPal – but I’ve heard the horror stories. TEKZILLA co-host Patrick Norton had a really bad experience with PayPal freezing a bunch of money while he was on TechTV’s THE SCREEN SAVERS (I think), and despite his mentioning it on-air repeatedly nobody at the company seemed inclined to resolve the issue. Now, he categorically refuses to use them for anything.
The fact that he can raise $50,000 for cancer treatments is a pretty big piece of privilege too.
@Dave Smith: Jay makes that point towards the end of his blog post, which is worth a read anyway:
Derryl Murphy: “Do they have a service that allows for people doing these fundraisers to give them a heads up as well as some bonafides?”
Yes, they do — and it always kinda stuns me that people doing big charity fundraisers never seem to avail themselves of this. As Paypal has said in pretty much every case where this has come to the public attention, all it requires is calling Paypal ahead of time and informing them that a large influx of cash is likely to be coming soon.
Hell, in the days before I switched to using Square for my convention sales, I used to do this before attending big shows, just to cover the possibility that my sales would spike high above my normal rate and trip the anti-fraud measures.
Paypal did the same to us when we were selling of all our belongings on EBay prior to expatriating. As there wasn’t social media then, well, I had only Paypal to complain to.
Same process as mentioned in Jay’s post, plus they required a signed affidavit from my biggest customers that they were satisfied with the transactions.
I did get my money, but it took weeks. Months?
Rhetorical question: How many dollars of legitimately raised-or-earned money has Paypal refused to distribute to those who own it? Millions? Billions? Tens-of-billions?
Why aren’t they regulated like a bank?
A little over a year ago, Teresa Nielsen Hayden over at Making Light chronicled a similar-sounding incident between Regretsy and PayPal. Even assuming Jay and/or his contributors had followed whatever guidelines PayPal has for fundraisers, there’s no guarantee this wouldn’t have happened anyway because I’m not sure the employees in charge even understand the rules.
I also have a frozen PayPal account for over a year now, which happened after a purchase dropped my balance to zero. I have e-mailed them several times of the last year asking for details why and what I can do to fix it, but get nothing but standard form letters back. They tell me to refer to my case number for the incident, but when I go to my account resolution page there is no case number. Luckily, they aren’t holding any of my money locked up. I just don’t use them any more and have not really been inconvenienced by online life without them.
I haven’t had much dealing with PayPal, but in my experience, Twitter is a good way to get action from a company, even if you’re just a random, faceless, unhappy customer like me. I’ve had responses from Adobe and Nikon that way. It’s ridiculous that it takes making a potentially embarrassing fuss on social media to get decent customer service, but there you go.
PayPal attempted to defraud me, years back- not so much out of maliciousness, but, rather, by lazy incompetence, followed by deaf stubbornness. I will never use them again; I just wish that there were more alternatives out there.
I’ve heard all kinds of horror stories about PayPal, and I refuse to use them. From them allowing a fraudster to go on draining someone’s bank account even though he’d informed them multiple times not to allow that payee any more, to them actually ordering someone to destroy a violin because they couldn’t resolve a pay dispute.
They consider themselves a bank whenever it’s convenient, and not when it isn’t. I will never trust them.
Yeah, paypal horror stories abound. Mine is the usual, I pumped through some minor purchases using a credit card, then people deposited some money. When I tried to withdraw that money PayPal locked the account for “fraud”, and eventually said that to unlock it I would have to get a document notorized in the USA, which would require both me and the person who sent me money to travel to the USA. For an “international funds transfer” company they’re awfully bound to the idea that absolutely everything and everyone is in the USA (and no, going to an embassy was not enough for them, even though that was ~800km and ~2300km for me and the sender respectively (and different embassies)). So I wrote off that account.
Since then I’ve used a bunch of non-PayPal transfer services, from eGold to BitCoin, and never had a problem. I also periodically buy foreign credit card gift cards and use those to bypass geographic restrictions. That works surprisingly well, and seems to be fairly common, or at least common enough that there are retailers who will sell them then email you scans of the card after they scratch off the scratch-and-sniff panel. Yes, it’s risky, but even losing the card is cheaper than flying halfway round the world to purchase downloadable content.
Broke Moz, that’s appalling. They’re just plain bad. I’m glad alternatives are arising.
This sounds almost exactly like what happened on Regretsy last year: http://articles.cnn.com/2011-12-06/tech/tech_web_regretsy-paypal-gifts_1_paypal-refund-donations-holiday-gifts?_s=PM:TECH
I think the takeaways here are that a) Paypal is a bank, and b) Paypal is not the best resource for fundraising. I’ve been noticing a shift to Indiegogo for this type of stuff, however even they have issues that need addressing. At any rate, Paypal continuously proves that they’re better as a bank service and not a tool for fundraisers.
PayPal … don’t get me started. Doesn’t have to be a huge amount, the most recent one I know of was for a Christmas gift, a little under $us1200, locked three days before Christmas. It was straightened out … ten days later, kind of spoiling the surprise. I don’t like using it, and don’t, unless there’s no choice.
I remember the violin story from last year. If you haven’t seen it before, it’s pretty egregious:
http://consumerist.com/2012/01/03/paypal-tells-buyer-to-destroy-purchased-violin-instead-of-return-for-refund/
Do not get me started on PayPal. I will keep my horror story to myself, but I never, ever, ever use them. Nevertheless, there’s an account with my name on it that I had to get the Wash State Attorney General involved in to get shut down….sigh.
i cant help but wonder what would it have mattered if this would have waited until Monday to get resolved. The “little guy” who is not famous and have fans certainly would have had to wait.
Minor correction: the Lakeside documentary fundraiser went to Waterloo Productions, not into Jay’s pocket directly. At the time that Paypal froze Jay’s account, he’d received around $35k in funds.
Great post!
Since I do use Paypal extensively, I wish I knew what I was doing right that when a six-figures-total set of payments (business, not fundraising) came pouring into one of my accounts last summer it did NOT get locked up in any way. I didn’t take any special precautions beforehand. I’m a little uneasy depending on random chance, if that’s what it was.
So they get the intarwebs dumped on their head a year ago with Regretsy, yet they do this again.
You’d think they were incapable of using this thing we call Google to investigate WHY some of these accounts suddenly get a burst of input.
Lurkertype, it’s probably an automatic trigger. Obviously not as simple as just “too much money, too fast: BANG,” because of Susan de G’s experience, but it’s probably software, and it probably takes a human to undo (to prevent bots from triggering the undo mechanism).
Hell of a way to run a railroad, but that’s what this looks like to me.
I use PayPal for eBay, mostly for discontinued car parts I can’t get anywhere else. But I wouldn’t trust them with anything sizeable (more than a few hundred USD) and I sure as heck wouldn’t keep a balance in my PayPal account. Fortunately, in the unlikely event that PayPal decided to try to drain either of the cards linked to my account, I can count on my credit union and USAA to take my side in any dispute. PayPal is convenient. Trustworthy it is not. I use alternatives whenever they’re available, but eBay is a walled garage sale.
@ Xopher Halftongue
There have been alternatives for years. But, as with megabanks, most customers think a large high profile institution is inherently superior to smaller operators. It’s an example of the bigger = better mentality. Mind you, sometimes large institutions are superior, but all the leverage in the world is useless to the customer if the company won’t go to bat for them. Better to do business with a small company that sees you as a customer than a large company that sees you as a sucker.
@ Name withheld
What the blazes gives you the impression that it would have been resolved on Monday just because someone would be there on Monday?
Arguing that bad customer service is acceptable as long as everyone get’s the short end of the stick is astoundingly petty, especially when the “famous” person in question used his own bully pulpit to make the very point you just did. The problem is not that’s Jay Lake got his issue resolved in a timely manner. The problem is that many others don’t.
@ Susan de Guardiola
Fraud detection algorithms usually watch for patterns, not absolute cash flow. If large amounts were routine for your account, it’s less likely to trip their radar. That said, I strongly suggest that you find a reputable bank or credit union to handle accounts of that size, as you will have much greater recourse if things do go pear-shaped. Moving that kind money through a company like PayPal is tempting fate.
@ Lukertype
No offense, but I’m guessing you’re unfamiliar with corporate culture. The capability of multi-billion-dollar publically traded corporations to avoid correcting their policy mistakes is rather like a small leak in a supertanker. Lots of water can collect in the bilge before the risk of sinking becomes imminent, and the senior officers are the least effected by small losses that can swamp lower-deck swabbies. Their large size and market dominance means they don’t have to worry about thriving, merely surviving, and the lazy, inattentive executives who ignore the cumulative problems in favor of their own corporate politics will normally be long gone by the time the stock begins to tank.
Oh, no, I do understand corporate culture very very well. And the value of PR. After the Regretsy fiasco (at the latest), PayPal should have put some minimum-wage flunky or free college intern on Frozen Account Watch. It would easily pay for itself in cash money and then some in disasters like this, what with people finding out about and switching to alternatives every time this happens; not to mention the publicity benefits.
Of course, considering how tone-deaf former (?) eBay honcho Whitman is to common sense, it’s not that surprising.
Dave Smith: That Jay Lake needed to hold a fundraiser to raise $50k for cancer treatments is an indictment of the US health system in the first place. And I say this knowing he has a comparatively rare form of cancer, which requires a rather extreme diagnostic test (genomic sequencing isn’t something that’s required for everyone who gets a cancer diagnosis, after all).
I’m seeing a lot of these things online these days (a consequence of having a reading environment which is largely based around US-centred blogs and fandoms) and the thing which always stuns me about them is they’re so damn frequent, and they’re apparently accepted as being part of the “background noise” of the USAlien internet. You don’t see these sorts of things coming from UK bloggers, or Canadian ones, or bloggers from Europe, or even bloggers from Australia. Nope, just the USA.
There is something terribly wrong with the USA, that people NEED to have the kind of privilege that can raise huge amounts of money in order to obtain medical treatment, for crying out loud. That there NEED to be fundraisers happening in order to pay medical expenses. Now, I pray I don’t wind up with any form of cancer (while acknowledging that I’m going to die of something eventually), but one of the many things comforting me in this present day and age is that if I DO wind up with a cancerous condition, I will be treated with the best treatment available regardless of the state of my bank account, and regardless of how many or how few friends I have able to loan me money to pay for my treatment.
(Oh, and when it comes to PayPal, I think I once tried to open an account with them years ago, and found the number of bureaucratic hoops I had to jump through – it was in the late 1990s or early 2000s, and I’m in Australia – entirely too fatiguing. In a way, it’s a big help, because I know for certain all the email messages which come in talking about the balance of my PayPal account are spam. Ditto with the ones from the Big Four banks here in Australia – another reason to be glad of my membership in a relatively smallish credit union).
I feel bad because i specifically asked if you can donate by Paypal.
Their reputation is like hell, but i find myself regularly torn between Paypal and giving my credit card data to someone i don’t know.
After reading the story, I’ve to praise the obligatory health insurance system in Germany. I’m not sure if my insurance would pay for DNA sequencing, though.
http://www.sciencedaily.com/releases/2013/01/130109124235.htm?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:%20sciencedaily%20%28ScienceDaily:%20Latest%20Science%20News%29
The story made its way even into German news.
In 2011 a man committed bank robbery for getting into prison (where he would get affordable medical treatment): http://www.csmonitor.com/Business/Latest-News-Wires/2011/1106/Health-care-plans-for-jobless-man-Rob-1.-Get-caught.
It is deplorable that so many people in the US have no access to cancer treatment, and must resort to things like fundraisers to pay for it, or fall into medical bankruptcy. However, Jay Lake’s case is not one of those. He has perfectly adequate health insurance. Whole genome sequencing is highly experimental as a cancer diagnostic, and is not currently covered by any health insurer or system, not even in the UK or Canada.
Ugh, freaking PayPal. My experience with them went like this: I had an account secured with both my bank account AND my credit/debit card. One fine morning, I receive an email indicating that PayPal had authorized a hundred dollar extraction from my banking account which I had most emphatically not requested. I immediately logged into PayPal, changed my passwords, contacted their Fraud department, and put a hold on the payment, indicating that it was fraudulent and not authorized by me. PayPal indicated that they would “freeze” said payment due to my complaint and informed me that I should contact my bank, as well, to make sure that they did not process said extraction. Guess what? Not only did PayPal NOT freeze the transaction, neither did my bank, and despite the fact that I caught the fraud at the very instant of its occurrence, one hundred dollars was STILL skimmed out of my account and deposited in the account of another PayPal member. Rubbing salt in the whole thing? MY PayPal account was locked by PayPal during the course of the fraud investigation, despite the fact that I was the victim of said fraud, and they will not unlock it unless I send them a ream of documentation proving that I’m the legitimate owner of an account that was robbed by someone else’s malfeasance.
This event is really odd to me. I work at a university, admin tech side, specifically dealing with what is termed in ITIL as an ‘incident’. This would be one of them. IT organizations these days have to be 24/7. Network issues demand it. Host issues demand it. Customer issues revolving around these 24/7 services demand it.
In IT you either work within a group on a 24/7 shift (people working at all hours, usually comprised of three 8-hour shifts every day), or you work during the day but are oncall for a specific 24/7 period. It’s usually the higher ups that do the latter while the main staff do the former. The net result is coverage at all hours. Sure, 9am-5pm Monday through Friday is the best, but from a customer’s perspective it’s just a matter of from resolution in 30 minutes to resolution in a couple hours. The key is the event is going to be actively worked on from the first call, period. A delay of more than 30 minutes is generally unacceptable.
So, it’s really odd to me that something like this would be dealt with in such a lackadaisical fashion. In IT that’s just plain unacceptable, and if PayPal has any sense of the way IT rolls these days(and that they might not is mind-boggling), then during their AAR for this incident, someone in their organization is going to take the hit hard.
@Dr. Nate Harada
A common misunderstanding. Their fraud department of Paypal has the task of protecting *them* not you. Priority 1 is that they are not taking a loss, everything else is just incidental.
PayPal is famous for exactly this type of behavior, even after they have been notified of the event that will happen. My guess is he has some important friends to get PayPay to move that quickly. I have seen this take months while refused to release the money and on at least one occasion say they would return the money to the donors & charge the charity for each transaction both incoming & outgoing. Even after they admitted they had agreed to the fund drive in the first place.
I am greatly amused at the “new PayPal” and “gosh, we sure learned from this mistake” nonsense. When you keep making the same mistake again and again, and it’s a mistake that could have been prevented with a relatively simple shift (not shutting down your customer-response department when the IT guys take off for Friday Beer Hour until Monday morning, e.g.), it’s pretty clear that you don’t want to fix the problem.
@ mythago
PayPal’s a changed man! He’ll never raise his hand to her again! Honest! Why won’t you believe him?!
Someone else has mentioned it, but it’s worth repeating: PayPal is not a bank. They work hard at not being a bank so that they are not regulated like a bank.
It’s no surprise that everything I’ve ever read about starting an online business starts with some variation on “You’re stuck with PayPal for the first year or so, but start working on alternatives the minute they become available because PayPal is going to absolutely shaft you at some point and quite possibly shut down your business.”
“PayPal’s a changed man! He’ll never raise his hand to her again! Honest! Why won’t you believe him?!”
It… actually happens from time to time (in and out of metaphor). Maybe cancer will hit closer to home for the execs than a bunch of poor kids.
God, I hate PayPal. It drives me nuts that a lot of independent content producers still use it, which means I have to if I want to give them money.
What’s amazing to me is how not hard it is to do decent fraud protection and be responsive to cases when it is a false positive. For example, a couple of weeks ago, my wife and I were in New York City visiting her sister. We went into a subway station, bought a 7-day MTA pass, and then tried to buy another (I didn’t see immediately how to order two at once). Chase saw the double transaction as possible fraud and denied the transaction.
That was inconvenient. But they immediately texted my wife asking if the transaction was legit. She texted back, the hold was taken off, and we went on with our day. We didn’t even have to call them. It was the most pleasant experience I’ve ever had with financial sector public service, ever.
That’s how this stuff should work. Reasonable individuals making a good faith effort to do the right thing. Evidently, it’s just not part of PayPal’s business model.
PayPal froze my account once. I couldn’t get it fixed through the web-based resolution thing because the things they asked for were impossible. @AskPayPal had it solved in about an hour, once I discovered there was an @AskPayPal. They don’t advertise it anywhere.
The actual resolution came out of the business hours listed on the account, so it looks like they at least monitor the account for extraordinary problems.
I wrote about the ordeal here: http://mkronline.com/2012/10/22/fire-paypal/
@gleonguerrero, I think you’re seriously underestimating the differences in scale and complexity between running a dusty IT department and what PayPal is doing. A bit like backyard vs. solar system-wide operations…
Studer, I think you’re seriously underestimating the amount of moolah Paypal is raking in, while doing everything it can to not have to be as accountable as a bank. They could easily afford to hire several someones to take care of this type of complaint, but they won’t because they don’t have to. It’s more cost efficient to take care of high profile events like this one on a case by case basis, while telling everyone else “Sux to be you, donnit?”
Studer,
I’m okay with your generalization about where I work (which I didn’t bother to state either). As for the relevancy of the model I’m referring to, it’s somewhat bewildering someone would think that just because something is bigger, it should be less efficient. No, if PayPal don’t have the resources to implement sound customer services, then they either choose not to, or practice business extremely poorly. There are lots of multinational corporations that do fine in customer relations. Size has nothing to do with good business. Organization does.
The one thing that comes to my mind is that the activity that caused the account to be frozen wouldn’t have occurred without a large online footprint, so the question is a Catch-22, even though PayPal has horrid customer service.
@Catherine Shaffer, most insurance companies will not fund experimental treatments, but when you have Stage IV cancer, you never want to just throw in the towel because someone else won’t pay for it. Other people look at it as a losing chance, while you look at it as a long shot, but why not try for a hail mary pass?
Just desire to say your article is as surprising. The clarity in your post is just cool and
i could assume you are an expert on this subject. Well with your permission allow me
to grab your RSS feed to keep updated with forthcoming post.
Thanks a million and please continue the rewarding work.