Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I don't think it was unethical. In fact, finding out there is a salary disparity between peers is probably one of the most common ways that large salary raises occur. For that reason, and also because that disparity may result in legal liability if the peers have differing demographic profiles, some companies threaten to terminate anyone who reveals his or her salary to another employee.


> ... some companies threaten to terminate anyone who reveals his or her salary to another employee.

after this, i was wondering if there is a way to get the average salary of a group without revealing / knowing actual numbers ?

edit-001: ok, one thing that i can think of:

1. take a big number, and add your salary to it. this becomes the 'token' for the next guy.

2. he adds his salary to the number. etc. etc.

once you have the final number, remove the original number, and divide by number of folks. since this scheme appears to be so trivial, i am now wondering what i did wrong ?


What threat model are you defending against?

Because the people at positions N and N+2 in your scheme can collude to determine the salary of the person at position N+1 without even having to reveal their own salaries in the process...


> What threat model are you defending against?

umm, not really trying to prevent from folks actively sabotage the whole thing, but just seeing if it actually works i.e gives the correct average salary...

but yes, as you have pointed out, people at N and N+2 can collude to get the original salary (for N+1).


Have a third party generate a set of tokens, one per person, recording only their sum, and randomly distribute them to the group. Then you don't need to pass the cumulative sum from person to person.

Edit: I guess it doesn't even have to be a third party as long as everyone trusts the randomization (e.g., pulling identical pieces of folded paper from a hat).


Yes but you still need to trust the central authority then, meaning one person will know everyone's salary (he who generates all the tokens).

If you really want a cryptographic secure process, the key word to begin your journey would be "secure multiparty computation", and a very appropriate example in the book modern cryptography[1]:

[1] https://cs.stanford.edu/people/eroberts/courses/soco/project...

Basically your first solution but encrypt the communication between parties to prevent the n+1 - n attack.

edit - Only say infinite8s reply now, which is almost verbatim my reply including the same link.


> Have a third party generate a set of tokens, one per person, recording only their sum, and randomly distribute them to the group

oooh :) this is pretty cool. thank you !


There is a cryptographic subfield called secure multiparty computation that lets you compute something like this (an average where nobody finds out the inputs of others) - https://cs.stanford.edu/people/eroberts/courses/soco/project...


> some companies threaten to terminate anyone who reveals his or her salary to another employee.

In many jurisdictions, this is illegal.


It is illegal everywhere in the US. Talking about compensation is protected by the National Labor Relations Act.


When has something being illegal stopped a company from doing something that could save and/or make it more money?


When the penalty of a lawsuit outweighs the money gained from such an action.


You're forgetting the likelihood that such a lawsuit will be brought. Which isn't very high.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: