Ask HN: How to disclose something without disclosing it?

> without telling the prospective employee?

Mathematically no. But this isn't a mathematical question, it's a legal one: "some K&R policies prohibit".

You need to nitpick the legal agreement and figure out the loopholes.

Your employer will have to assist you with that, since you have no access to the agreement.

For example as part of the employment agreement you write: "Company shall expend whatever resources are necessary to recover employee in case of kidnap, etc, etc". There is no mention of insurance, just that the company will get you back. How they do it is their problem. (Obviously you're going to need a lawyer to help you write it.)

If you are actually worried about getting ransom insurance in case of being kidnapped, maybe you should just skip the job.

If you really want the job, ask for an extra for paying the insurance yourself. That way you are 100% sure you go coverage (if you don't forget to pay the insurance!)

Personally, I wouldn't take that job, even if I could buy the best insurance myself. I just don't like betting against myself.

If we had insurance and could use it to bring back our employees like we did in May 2011, June 2014, and August 2016 we would not be publicly allowed by HR and legal to tell you about it. :-)

(for anyone not familiar with the term, K&R policy is a "kidnap and ransom policy")

Like rdtsc said, pointing to times when they did guarantee the return of an employee would be pretty close. Not entirely foolproof, since past performance is not indicative of future results (if they got the insurance policy without telling anyone, they could easily drop the insurance policy without telling anyone).

In a broader sense, the way this (disclosure without disclosure) is usually done is escrow of some sort. There is an agreement with a third party that the agreement will be upheld, with money down to that third party. If the money is required to be issued from the first party to the second party, the second party does not need to rely on the first party to uphold their end of the agreement. The third party (escrow service) has already assured that, and now the third party is responsible for issuing the payment. For example, if I'm promised payment for source code and I want to ensure I get the payment upon delivery of the source code, the company submits the payment to escrow and I submit the source code, and the escrow company is responsible for ensuring the payment and code get swapped appropriately.

I'm not sure if proving an escrow policy of "we will make sure you get home" and putting down $1m just in case of ransom violates that K&R clause or not. But without a contract saying specifically "we will get you home no matter what", there is no real assurance. Escrow might be the closest you'll come.

I think is not possible, because the purpose of such legal measure is to avoid increasing ransom and kidnapping, and that would happen if the criminals knew that they would get the ransom from the coverage company. Hence any way to prove that the insurance exists goes against the legal reason to hide the existence of such coverage. To overcome this the following clause could be included: You are covered but if you communicate explicitely or implicitely to someone that you are covered then you are automatically excluded from this coverage.

If you trust the employer, them answering "we're not allowed to discuss that" should be enough. What HR policy could forbid the employer from saying "No, we don't have that" if they didn't?

If you don't trust them, and they might hint at having insurance as a carrot to tempt you to sign, this doesn't apply.

I'm not sure that I understand what you are asking, since "prove that they have the insurance" seems to me to be equivalent to "telling the prospective employee".

Conceptually, I feel like there might be a connection to zero knowledge proofs (https://en.wikipedia.org/wiki/Zero-knowledge_proof), so perhaps you can look there for inspiration if you haven't heard of it.

The best solution I can think of to tackle this problem is to design a probabilistic model that include a confidence level for future risk and payment for k&r, if the risk is increased the maximal payment is decreased in such a way that the mean risk is kept constant. So if you communicate that you are covered and your probability of kidnapping increase ten fold then the maximum payment is divided by ten.

I think you're probably chewing on this because it feels similar to a ZKP setup. But ZKPs don't really work in meatspace, as meatspace lying is not perfect. Thus, your belief in the validity of the statement will leak, and so telling you can never actually be zero-knowledge.

A proper ZK analog would be the company being prohibited from giving you a signed statement saying they had said coverage, as if you were kidnapped the kidnappers would force you to turn over this signed statement to know you represent a nice payday. So they type out a statement, then sign it with an X in front of you. If the kidnappers see this, they cannot be sure you didn't just type up the statement and sign it with your own X - only you know it was signed by the company.

But back in the physical world your kidnappers will just "prove" the fact to themselves by beating it out of you. Which is why the K&R policy prohibits any sort of telling you, not just written - your knowing is the liability.

I don't have any suggestions, but I am very curious what sorts of job positions would require a K&R policy, just to better understand the requirement. Vague/loose handwavy explanations welcome.

Thinking about it, perhaps it's to do with the location a person is in, and the reputation that location may have.

Shipping comes to mind (the "actually being in location XYZ" part of the transportation process), along with the fact that perhaps some at the destination may want to hinder the receipt of whatever's being shipped

I can't come up with much else right now, although I'm very sure there are many other reasons.

Title reminded me of this: Zero-knowledge proof: https://en.wikipedia.org/wiki/Zero-knowledge_proof

Are you able to take such insurance yourself and ask employer to pay for it?

To prove it? No. They could go off the record, and you should try this. You should also try seeing if they will deny having the cover, which they likely would not do in the event of having it.

However, this is probably down to common sense. If the pay and other benefits are good, and it is common for companies of similar scale in the region to have this cover, then they will have it.

This problem could be related to asymmetric information. In case that a huge converage of K&R is known you become a valuable target for kidnappers so the cost of the coverage should increase, so if the coverage is known the insurance company could negate payment allegating that the ground rules has changed.

I think, this is actually easy, but my simple solution makes the assumption, that both the job-offerer and the job-taker are smart people.

Here's how it goes: "To disclose something" is only a comprehensible term for the citation of something that is disclosable. But it's get very blurry, when you only paraphrase. It get's even more blurry at the point, where the paraphrasing is chosen so smart, that only other very smart people can see, that someone actually disclosed something. But: At a jury, you can play the innocent and a little bit naive person, that didn't know what he _actually_ said. Since the people tend to say about a person "He's propably not that smart, rather than naive!", because otherwise they would admit another person is way smarter then them, you are save.

Compare it to those logic-puzzles where you have set of sentences given and can derive a definitive answer by logical-deduction thru the interference of the sentences only. That would be my approach.

Just ask them what protection or "insurance" they do have. If they say yes, problem solved. Personally I think its immoral for companies to pay ransom anyway, just means you're more likely to get kidnapped.

Secure multiparty computation. You both put in an input (I need the insurance or I don’t; versus I provide the insurance or I don’t) and you only learn whether the two preferences match.

Spread the word by sending that to WikiLeaks or post it on 4chan.