Top 10 Ways to Fire Clients

I’ve had a few of these. [link]

Here’s one of my “Client-From-Hell” stories:

My worst client-contractor interaction centered on a client who assured me that they wanted the best of everything at the lowest possible cost, but that quality was the foremost concern.

I responded by connecting Joomla with iDevDirect’s iDevAffiliate software, with VirtueMart for transaction processing. This setup necessitated retaining the first twelve digits of the customer’s credit card number in the database, with the final four digits being mailed to the client’s processing agent on another server.

Within a week of completing the project, the client began complaining –loudly– about how the security provisions for credit card handling were making it “too difficult for [name redacted] to do their job.” I responded that with only 20 or so transactions a day, multiplied by the ten seconds it takes to cut-and-paste, it was really a minimal trouble to ensure customers’ security and privacy.

The client responded by saying, “Yes, that’s fine now, but what happens when we’re processing 150, 500, 1000 transactions a day?”

Of course, I felt that would be the appropriate time to bring on additional staff to meet demand. It would have been ludicrous to expect one employee to handle that much workload. The client’s payments agent continued complaining about the trifling extra work, and I kept getting hassled to “make it easier”. (IE, store all sixteen digits on the server.)

I responded that I would only do so if I were to be supplied a written waiver of liability if the client’s dedicated server were to be compromised resulting in the loss of customer credit card data. This stopped them — for about a day.

Finally, it reached a point where the client was blatantly reaching for cassus belli; threatening all kinds of legal action despite the fact that they had deliberately structured things as an at-will, handshake kind of deal, and since I don’t need a weatherman to know which way the wind blows, I finally just ended the relationship. Several acrimonious e-mails later, they were pretending to play nice in an effort to “fix their website” which had “crashed”. (Their dedicated server had a kernel panic, and needed rebooted.)

I informed them that I had no wish to expose myself to liability arising from accessing their private data systems without a formal legal agreement between us. I further informed them that I could recommend several reputable vendors to serve their needs, but, again, given the acrimonious nature of our communications by that point, I had no interest in exposing myself to a lawsuit.

Two weeks later, the client had one of her underlings e-mail me, saying “[Name redacted] just wanted you to know that we’ve found this guy, who’s willing to do the whole thing for $2000. And he says it’s perfectly OK to store credit card data on the server.”

I look at the website, and it’s pure static HTML with a shoddy CGI payment program. And he’s probably goosed that client for a couple thousand more by now in update expenses. They lost a lot of money by alienating me and my ambitious goals of dynamic-database website mixed with affiliate and e-mail marketing, and in the short-term, I was heartbroken. Even since then, I’ve not met another client even momentarily willing to consider such a breathtakingly wide plan of action, with open-source resources. In the long-term, however, I profitted by not being in a position to be bullied by an incompetent and lazy client.

I’m quite certain that if there had been a data security breach, I’dve been the one getting sued.