[UPDATES] Shareaholic has been making changes. See bottom of this post for ALL updates as I realize them!!
This post is in response to Shareaholic’s VP of Product David Zakur, who posted a “clarification” of things I’ve previously reported here and here. I responded directly to his post, but my comment was deleted. You can read my on-the-fly response to it at Reddit. You can also read my email response to David after he first reached out to talk to me, then opted to ignore what I had to say. Shareaholic is also known as “Sexy Bookmarks”.
Dear Shareaholic:
I understand you want to protect your company, its advisers and its investors. Unfortunately, the “clarification” posted at your blog on Friday is inaccurate.
I’d like to say that I think you miss the point of all the issues reported. However, Shareaholic’s staff and board are not made up of idiots. There is a great deal of talent and business sense in all of them. To think they had no idea users would be upset about their actions is absurd.
Allow me to clarify your “clarifications”.
Your Affiliate Links App does hijack links for anyone who is not aware of the feature, as well as anyone who does not give you permission to rewrite links for monetization.
The definition of hijacking is to take control of something that is not yours to take control of. In respect to people’s websites using your service, you took control of a communication (outbound link) in order to use it for a different purpose (monetization). It matters not if you plan to share the revenue with the owner of the site. If he did not give you permission to do this, you have zero business having that function turned ON by default.

By the way, if you just despise the word “hijack”, a reddit user recommended the term “bait and switch”.
It is your own fault you couldn’t notify users. And those users should not have been affected.
Let’s be honest, here. The expectation of people reading a blog or twitter account to find out that a feature you now offer is already active on one’s site is ridiculous. The reason you couldn’t notify your users is because you failed to collect their email addresses. Seriously, if Google, YouTube, Facebook, heck even WordPress itself, can find a means to send email to all their users, so could you.
As for your excuse for not notifying even the majority of your users, it falls short. I can understand making a judgment call on how to get the message to your customers, but certainly not turning that feature on by default. You gave any user not interested in advanced features no reason to give you their email address, because you turned services on without them approving you to do so.

The plugin configuration screen tells users to create an account (which requires an email address) in order to unlock monetization. However, users who never created an account still got this feature, ON by default.
The description of your plugin says NOTHING about Affiliate Links.
In fact, the description doesn’t include the words “money” or “monetization” anywhere.

Your own website, as of 09/28/14, does not tout Shareaholic as a “monetization” service.

Admittedly, if you click to “learn more” about related content, there is a mention of making money there, but that refers to promoted content within the related content grid.

You violate your own Terms of Service, as well as VigLink’s.
Nowhere in your TOS does it even talk about these monetization features. As of 09.28.14, your TOS does not include the terms: revenue, money, monetization, earnings, or link rewriting. Furthermore, the only mention of the term “affiliate” deals with your requirement for users to disclose information to their readers (yet does not say why), and references to users not holding you or your affiliates responsible for certain problems. The only section that covers your permission to “adapt” content is content users post specifically at the Shareaholic blog, message board and site review forums. The TOS does not grant you permission to modify any content on a user’s site, and link rewriting is a modification.
I spoke with Josh Jaffee, VP of Business Development for VigLink, to make sure I understood VigLink’s TOS. Mr. Jaffee confirmed, in respect to whether Shareaholic (or any other system like yours who contract with VigLink) has permission to rewrite links on one’s website, “When we give out the API it is under the assumption they do have the rights.”
The VigLink TOS covers this twice:


In short, since you don’t even mention the services in any standard location via the admin or your website, and there is no agreement for its use in the TOS, you have zero rights to rewrite links on any of the websites using your service unless the site owner specifically said that you do.
Your Privacy Policy is also inaccurate.

You fail to tell us what happens to the money that will never be claimed.
This question has been asked several times, and you refuse to answer it. Will it be kept? Will it be donated? Will it be turned over to the state for appropriate disbursement?
[UPDATE] I personally spoke with the Massachusetts Abandoned Property Division. They said even a domain name can be used as an identifier, and that any affiliate earnings not claimed after three years MUST be reported to the state with any possible identifying details. If they do not report it, but a user makes a claim that he thinks he’s due money, they would investigate.
I’ll also add that it is ridiculous to even think that you have no idea how much users will earn. VigLink, by default, takes 25%. Surely you have an idea what you will take? Oh, wait, you said, “We are not stealing or skimming from your affiliate revenue.” Does that mean that users will receive 100% of the money you receive on their behalf?
As for the FTC guidelines, that issue arose out of your own company’s doing. In some locations you say disclosure is required. In other areas, you say it is not. Perhaps you should clarify this on your own website AND in your Terms of Service, which clearly state that “publishers” are required to include a disclosure statement:

Shareaholic CAN give others full control over Shareaholic settings for one’s website.
You can argue this FACT any way you’d like. You do this through the assumption that any time someone gives another access to the WordPress admin that it is an ongoing “client and provider” relationship. I’ve already pointed out via my own blog, and via an unedited video posted on YouTube that this is false. You are correct that only a site admin can give someone access. The point you’re missing is that those settings should not be automatically affiliated with someone else’s account. I will recap the scenario I explained in the video here:
1. User logs into WordPress and installs the Shareaholic plugin.
2. User hires a plugin developer, and pays him a one-time fee to install another plugin.
3. It is now possible for that developer to have the user’s Shareaholic profile associated with his account, giving him complete control over all the settings, including rerouting social followers and appending his own “statement” to the end of tweets.
In this case, the user is not a client of the developer. Giving one temporary access to the WordPress admin should never give that person full access to control any other services.
Shareaholic – please prove to me that I have this above scenario wrong, and I’ll shout from the rooftops that I was ill-informed and provided false information.
In short, the owner of a site should only be able to knowingly give another access to Shareaholic settings.
When did website owners using your service for social sharing icons become your publishers?
I noticed in your post that you call your users “publishers.” This is where more confusion lies. Take a look at your top navigation on your website:

In the revenue generated practice, there are advertisers and publishers. Those familiar with using affiliate links to merchants (typically via an affiliate program) understand that when they use these types of links, the merchant is the advertiser, and the one linking to the advertiser is the publisher.
But you’re not calling people publishers when marketing your services via your website. Instead, you use the term “For Your Website”, and that links to the landing page referenced above.
So, what are you doing to fix this?
You’re very vague about this. You explain that you aren’t perfect, but you aren’t evil. You went so far to call me vindictive in my posts and responses in a handful of threads on a few forums. You want to remind us that you are the little guys, and that people like me posted our findings for self-promotion.
I’ll make this clear. I am not a plugin developer. I do not provide a competing service. I do not focus all my attention on WordPress, and I really have nothing to gain by these posts other than knowing that unsuspecting users – albeit, only a small percentage of them who are reachable by little ‘ol me – are fully aware of what has occurred.
For the sake of transparency (which your company often touts), I received a total of 8 email subscribers over a three-day period from the post pages, out of the 3400+ people who visited them. I gained no other work or client requests from those post URLs. And the bounce rate on those pages was rather high, which means the majority of the visitors came in, read the posts, and left.
Here are my questions. I would think a company that claims it’s transparent would have no problem answering them.
1. Are you going to require a full account (email address, password) in order for monetization to be available to each site?
2. Are you going to make the Affiliate Links feature, and any future feature like this, opt-in instead of opt-out? [UPDATE 09/29: It appears Affiliate Links is now opt-in]
3. Are you going to require a full account (email address, password) in order for Shareaholic settings to be changed (for actual site owners to enact the profile/account association)? [UPDATE: An intercepting screen appeared on 09/29 – it asks the admin user if he/she wants the profile associated with any account currently logged in]
4. Are you going to disclose what percentage of revenue Affiliate Links publishers will receive?
5. Are you going to update your TOS, which currently do not grant you permission for the Affiliate Links feature (as well as other features)?
6. Are you going to update the back-end system, so when a user sees a screen like this it’s only because he created an account with an email address? My Twitter verification was enough to create an account, yet I still could configure this screen (which actually did nothing):

7. What steps are you taking to better clarify to users what your apps actually do? A transparent business won’t solely rely on “fine print”. Transparency calls for making it very clear, upfront, what a service entails. [UPDATE: As of 09/29 the WordPress plugin description has been changed.]
8. Will you change the description of the Shareaholic plugin (and also that of Sexy Bookmarks) so users do not think they are solely installing a plugin for social sharing and related content links? [UPDATE: As of 09/29 the WordPress plugin description has been changed.]
9. Will you change the plugin description, as well as the admin, to make it clear that the plugin is just a gateway to your service? And that it is not what actually controls the total functionality?
I never had a problem with the Affiliate Links app. I think they’re good for business, and provide a valuable tool for those who want to monetize their web content with the least amount of effort. My issue was that you launched this service with the featured turned ON, without having permission from me to do so. I think many other features you offer are also good, but that they should also give site owners control over who gets access to what. As well, those earning revenue have a right to know what they will earn percentage-wise.
Many of us who’ve worked in other fields like book authoring and filmmaking know that getting paid based on costs often means very little money because so much is taken from the backend it’s not funny. We’ve seen publishers and companies make thousands, all the while cutting us payments for less than $10.
You can say you made attempts to notify everyone, but even on your own site’s “Updates” section, you never really made it clear what it was until you launched the feature and opted everyone into it. The majority of the users who have complained have done so because they were affected by the launch, and some didn’t notice it until they’d already lost revenue via existing links (it doesn’t matter if you didn’t intend for those links to be rewritten, what matters is that ANY links were rewritten).
I close with this: Your lack of communication makes you look bad because you stand to make more money from those who are unaware than you are from those who make decisions on their own. Your rewriting of links affects some people beyond just making them “found money”.
Shareaholic consistently claims it practices transparency. Rather than just admitting you took advantage of what EACH user wanted, you rely on a group of beta testers and a few other companies to tell you that turning features on without notification was a good practice. But it doesn’t matter if it was half your users or just 10 of your users who have a problem with this practice. Your terms don’t cover it, so you had no legal or moral right to make that decision for any of us.
In other words, Shareaholic, in order to practice transparency you have to be transparent. I await your response. As always, I am 100% open to communicate with anyone at Shareholic about these issues.
UPDATES!
As of September 29th, the description of the Shareaholic WordPress plugin has been updated:

Plugin version 7.6.0.2 now includes Monetization settings in the first page of the plugin’s admin:

If you opt to modify settings via a Shareaholic.com account, the monetization tab is more clear.

