After verifying that you work for a company, why don't they physically destroy everything that could be used to de-anonymize you, leaving with only some kind of public key and a proof of that you work for company X?
For the legal part I think there were some countries (IIRC Sweden) that doesn't require to keep any logs so that they can move operations there with an owned company and legally anonymize users.
I know it's much easier written here on HN than actually done, but that should be the intention: anonymous by design ground-up.
That's a technologist's typical reaction. However, this is not a technical problem. In reality, if Glassdoor did something like that it's just going to increase the likelyhood of getting targeted directly for libel.
Even if someone actually worked for a company, it doesn't mean their statements about it are true. Someone might be disgruntled for a variety of reasons and slander the company, in which case it would be proper to sue in order for the review to be taken down.
The social issue here seems to be that there probably are more companies doing this for "revenge" purposes than for legitimately taking down slander.
Actually the technical aspect is the implementation details. If this is a social "problem", then the problem is Glassdoor's existence in the first place.
Since it exists (whether such a service itself existing is a problem or not is out of the scope here) technical implementation is just a way of making the service work as intended (e.g. Providing anonymity to the users).
Counterpoint: I use a VPN for anonymity and/or for safety on public wifi. One of the key features of the VPN is they don't keep logs. I'm not personally doing anything illegal or immoral, but the last thing I would want is a VPN company having a log of all my internet activity.
Glassdoor's entire value proposition is anonymity. The best way to respond to a subpoena, IMO, is to make it very clear that they have no way to know. Of course that might mean more legal action directed directly against them, but to me that's a cost of doing business as there is no business if people stop trusting Glassdoor to protect their identity.
I haven't looked at Glassdoor in several years, but if I recall correctly, back then they wanted you to supply information about your employment -- including salary -- in exchange for being able to see information from others. It may be hard to simultaneously provide users with anonymity and collect such personal identifiable information.
After verifying that you work for a company, why don't they physically destroy everything that could be used to de-anonymize you, leaving with only some kind of public key and a proof of that you work for company X?
For the legal part I think there were some countries (IIRC Sweden) that doesn't require to keep any logs so that they can move operations there with an owned company and legally anonymize users.
I know it's much easier written here on HN than actually done, but that should be the intention: anonymous by design ground-up.
// edit: fixed "do" to "don't" on first line