Ben and Cassidy talk with programmer and developer advocate Sean Falconer, Head of Developer Relations and Marketing at Skyflow, ex-Googler, and host of the podcasts Partially Redacted and Software Engineering Daily. They cover why Sean pivoted from academic to cofounder, why AI is sparking excitement and anxiety in the DevRel space, and how working at Google compares to life at a Series B startup.
Sean hosts Partially Redacted, a podcast about data privacy, security, and compliance.
He also hosts the podcast Software Engineering Daily, which features technical interviews on everything from the ethics of GPTs to cloud-native search and WebAssembly. Start with the recent episode Surviving ChatGPT with Christian Hubicki (of Survivor fame).
You can also read about how he crowdsourced a behavioral model for Survivor.
Sean spent four years working in developer relations (DevRel) at Google. Here’s a Software Engineering Daily episode about the role DevRel plays at Google.
Connect with Sean on LinkedIn or Twitter (I mean, X), or check out his website.
Kudos to Great Question badge winner Kai Sellgren for asking How to remove an element from a vector given the element?.
[intro music plays]
Ben Popper Big topics in data architecture call for big conversations. Big Ideas in App Architecture, the new podcast from Cockroach Labs, invites innovators to discuss their experiences building reliable, scalable, maintainable systems. Visit cockroachlabs.com/stackoverflow to listen and subscribe.
BP Hello, everybody. Welcome back to the Stack Overflow Podcast, a place to talk all things software and technology. I am your host, Ben Popper, Director of Content over here at Stack Overflow, joined as I often am by my colleague, in the sense that we are collaborators– Cassidy Williams, who does a lot of work for our newsletter and often joins us for the podcast. Hey, Cassidy.
Cassidy Williams Hello! Excited to be here.
BP It's always good to have you. You add so much color, your background adds so much neon to my life. So we have a great guest today, and if you are a fan of software podcasts, you may know him. Sean Falconer is the Head of Marketing over at Skyflow, as well as a host of Software Engineering Daily. Sean, welcome to the Stack Overflow Podcast.
Sean Falconer It's great to be here. Thanks for having me.
BP So for folks who don't know, give them just a sort of quick 10,000-foot flyover. How did you end up in the world of software and technology? And it sounds like you do both a little bit of the engineering work at some point in your career, but also now a lot of DevRel and marketing.
SF I started my career really focused on engineering. So I was in high school sort of in the dawn of the internet, the early days, and I missed the dotcom boom a bit but I became very, very fascinated with the internet back then. And I grew up in a small town in eastern Canada, so the idea that I could suddenly be connected with people all over the world was an incredible experience at that time. And I could also learn all this stuff on my own, so I got really, really into just building websites and playing around with programming and stuff, and then I went into computer science, studied computer science in my home province in New Brunswick, and was obsessed with becoming a competitive programmer at some point. And then I went to graduate school where I studied artificial intelligence and machine learning, and I was on a path where I wanted to be an academic, so I went and pursued a PhD. So I completed a PhD on the west coast of Canada at the University of Victoria, and then I ended up moving to the US to do a postdoc at Stanford University in bioinformatics. And I had thought that I wanted to be a professor or academic, but at that time, even when I was doing all the schooling, 10 years of schooling, basically my entire twenties, I was also working as an engineer on the side because I also enjoyed it. It was a way for me to pay for my education, and then also I was a little bit nervous that if academics and science didn't work out, I would lose my technical skills along the way, and I saw that happen all the time. Professors that were brilliant but couldn't code a ‘Hello, World!’ application for example. And I didn't want that to happen to me so I kept those engineering skills. And then when I was doing my postdoc, I ended up actually starting a company on the side as the technical co-founder of the company, and I ended up leaving the world of academics after a year to build that company.
CW So cool. I bet it would blow a lot of people's minds that that kind of happens in academia for computer science postdocs and professors and stuff. But it is a thing that happens because it's so mathy and theoretical.
SF Yeah, and I think you get really focused on what your sort of area expertise is. Having a PhD in computer science means that I'm a world expert in this really, really narrow problem that probably only four other people in the world kind of care about and it might not actually have any sort of industrial impact for years and years. And there's something really cool about that, but something that can also be a little bit frustrating. And I think when I was doing my postdoc I realized that I just liked building stuff that impacted people more immediately. And even though I was good at sort of the academic side and I could have had a career, I wasn't waking up Saturday morning pumped to do my postdoc research versus go and build something that people would actually use. I had reached this apex that I had always dreamed of of working at one of the hallmarks of academia and working with a lot of really smart people, but I also was able to take that time and sort of self-reflect and realize that that career path wasn't the right one for me.
BP And so from there, you said you worked as a startup technical co-founder and then that company was acquired. Is that what brought you to Google?
SF Yeah, so it wasn't acquired by Google. That would be fantastic. But it was acquired, so I ran that company for seven years and then we were acquired after eight, so around seven years. We never grew beyond 20-25 people. We were never turned into the rocketship that we had hoped it would be, but we got to a place where we had some level of success in terms of that it was growing, we were cashflow positive, and we were still going along, we had some value. But I felt like I kind of had got all the things that I was going to get out of that experience from a learning perspective and I was ready to move on after seven years. So I took a step back, I stayed on for a year as a consultant, and then took some time to figure out what I was going to do next. And originally I was going to go back into just pure engineering, but during the process of exploring things, I was referred to Google as a software engineer. And then when they saw my background where I taught at university and I'd spoken at conferences and I had written a blog for over a decade, they referred me to developer relations. And they called me and they said, “Hey, we think you would be great in developer relations.” I was like, “Oh, fantastic. What is that?” And they explained the different roles that existed in DevRel at Google, and the one that sounded really appealing to me was the role of developer advocate. They actually ended up replacing that role title by the time I left as a developer relations engineer, but I like this idea of being able to use my engineering skills, still do some of that, but also tap into some of the other things I've done in my life with teaching and education and writing which had more sort of diversity to it. And that also appealed to me as someone who had come from being an entrepreneur where you're wearing a million hats. The way I learned marketing and business and sales was because I was essentially forced to do those things as a founder of a company because there was no one else to do those things. So I liked the idea of being able to kind of continue to stretch myself across different functional areas and developer relations allowed me to do that. And then at Google I also had this really unique opportunity where I was the first DevRel hire for a new product area, so I got to kind of be a founder again within this massive company. So I got the big company experience, but also got to build something from the ground up and build essentially the full developer go-to-market developer experience and build the team.
BP What was the area that you were focused on?
SF It grew into the business communications product suite, so I eventually led developer relations and experience for four different API products there. But originally I was solely focused on a product called RCS Business Messaging.
CW I've started DevRel orgs for much smaller startups and organizations and stuff, but it is kind of like founding something because you're talking to developers in a very different way than a business would normally talk to its customers.
SF Yeah, and I think one of the interesting things about being someone who builds DevRel teams is that a lot of times you have the opportunity to come into a company later in their lifecycle. If you are sort of building an engineering team from scratch, a lot of times you're there at the beginning because you basically need to build a product, so how’re you going to do that? But a lot of times, DevRel might actually be brought in much later in a more mature state but you're still sort of there doing the founding thing of, “Hey, we have to build this whole functional area from scratch. We have to build a team. We have to figure out what makes sense from a go-to-market standpoint and how it makes sense for the product that we work on, and what are the communities and how do we build that or essentially harness existing communities to be interested in what we're doing?”
CW Yeah, and figuring out what success means for your org, because that's also very different depending on your audience and stuff.
SF Yeah, there's no ‘one size fits all.’
BP So these days you're still doing, I assume, a lot of DevRel at your current company and also working as a host of a podcast that a lot of software engineers are familiar with. What are you hearing about from folks in the developer community? What are they excited or anxious or conflicted about? What are hot topics that come up for you?
SF I mean, I don't think this is going to surprise anyone, but of course generative AI and large language models.
CW What?!
BP Never heard of it. What's that?
SF Yeah. I was actually at an AI meetup put on by Vercel last night where they had someone from OpenAI talking. So in a lot of ways I actually think that, I mentioned this last night, I kind of think all this hype and growth around generative AI and interest in it is going to bring back meetups that kind of died a little bit during the pandemic. They've had a hard time resurging, but now I think there's so many people just trying to learn what's going on here. It actually reminds me a lot of the late-90’s, mid-90’s, when the internet was becoming a thing and companies were all just reacting to it. They were like, “I don't know what this thing is, but I probably need to figure something out. I need to get on there. I don't know what that means, but I need to get on there,” and then they needed to go and talk to experts or recruit people to figure it out. And we're in the same place now with AI. It's like, “I don't know what this is, but I know I need to get on there,” and now all these different companies and business leaders are just starving for information. And I also think in the engineering community, essentially what's happened is with these introductions of APIs like from OpenAI, it's really democratized AI to the point where anybody with any level of engineering skills can essentially build AI-powered applications, which is really, really powerful and amazing. For a long time I think AI was essentially this sort of more niche thing that you needed a lot of expertise to kind of take advantage of and leverage, or it was essentially associated with academics and science, and now we've sort of crossed the chasm where you can plug in an API and be doing amazing things with images or videos just like you would for sending a text message through a Twilio API. And I think that is incredible and that makes it really exciting and makes people really interested in, I think, exploring the area. I do think there's still a lot of challenges to figure out, especially in the privacy security space, which is the world that I live in for my day job at Skyflow, and I think there's a lot to try to unpack and figure out.
BP Yeah. Cassidy, I would love to hear your thoughts because you're working at a company that deals with this, but people that I've been speaking to have said that one nice thing is that a lot of open source alternatives seem to have, if not complete parity with GPT-4, can at least get you a reasonable working MVP and then you don't have to contend maybe with some of the baggage that comes with being the biggest company in the world that everyone is focused on. Not biggest in size, but just at this very center of the conversation and the political firestorm around it.
CW Yeah, and I think something that Sean said earlier about just meetups and stuff in general, I think people are very hungry for information that's real. And whenever there's a hype cycle around anything, we saw it with all the Web3 and NFT stuff and we're seeing it with AI and everything, you don't know which things are just that people are excited about this hot topic right now because it's riding the hype wave and which things are actually like, “This is what is going to be progressing technology forward and development forward in different ways.” And so I think you're right, we're going to see lots of meetups happening, but just a lot of people figuring out where they should get information, especially now that social media networks are a little shaky and people are not sure where they're going to be going. They have to figure out, “Where am I supposed to get my reliable information about these things?”
SF Yeah, I mean, I think just as it's good practice at this point when you're using any of these LLM technologies that you validate the output, I think you should be validating the output of what you're seeing in terms of thought leadership in the space as well. Because there is a lot of, I would say, sort of snake oil salesmen thought leadership going on right now. Essentially everybody that was doing something that was not successful a year ago is suddenly an AI expert this year. So not all those people necessarily have the expertise that we should be listening to.
BP Yeah, you’ve got to go check the receipts. There's a lot of AI experts on Twitter who were formerly NFT experts on Twitter.
CW Weird!
SF Absolutely.
BP So Sean, you mentioned a little bit about how the privacy aspect of AI interests you. Tell us a little bit about Skyflow. What should developers know about the offering there?
SF Yeah, so Skyflow has been an amazing experience. I left Google to join Skyflow about a year and a half ago, and I was sort of ready to get back to the startup world. So we're a Series B startup, we had just finished raising our B when I joined. And I like being part of the startup experience because you're kind of bringing people together that are all driven by the mission of the company. And the mission of Skyflow is really to create the gold standard around data privacy. And our technology is a data privacy vault, which allows you to essentially isolate, protect, govern, use, and even localize sensitive customer data. So you could think of it like the core infrastructure for PII, which is Personally Identifiable Information, and what that allows you to do as a business is descope your existing infrastructure from the challenges and responsibilities of essentially data privacy, security, compliance. And where a lot of this came from was this key insight that our founders had. So they had worked previously at companies like Oracle, Salesforce, Microsoft, and had been investors and founded a couple different companies, and they kept seeing through their own experience as well as other companies’, so many companies struggling with this problem of, how do we essentially protect customer data while still making it usable to be able to do whatever the thing is that we need to do with it? And despite companies spending millions of dollars on cybersecurity and even being compliant based on regulations, they're still suffering data breaches all the time. You look in Google News at any point, any Monday, there's going to be some major data breach by a major company. So why are these really well-resourced companies that can buy or build whatever they need still struggling with this problem? And I think the key insight that our founders kind of came onto or realized was that we have this kind of fundamental misunderstanding about the nature of data, and it essentially is that we treat all data the same, but the reality is not all data is created equal. So some types of data, such as PII or sensitive customer data, is special and it deserves to be sort of treated that way, yet what we've done historically is just kind of consider all those things as zeros and ones and put them in the same place. And when we put them in the same place like a database or any data store, what we end up doing is creating this huge sprawl problem where this data ends up all over the place. It's in the backups of those systems, it's in multiple locations where we're storing it, it's in the log files, and in any place that we're sort of touching it. So it doesn't become essentially the challenge of how do I safely store this information and secure it, but you lose track of where and what you're storing over time, and that makes it really, really difficult. It's like the difference between having one copy of your passport that you keep secure somewhere in your home versus having tens of thousands of copies of your passport that you put all over the place and then try to lock down and secure.
BP I know this problem. I mean, I would love it if the US had a healthcare system where I had a single QR code and I could go to the doctor and they would scan it and then they'd have my info. I hand out my driver's license or scan it into a new thing every time I go to the dentist and now that's everywhere. And some little dentist gets hacked and now they've got all my stuff and I hate that sprawl.
SF Absolutely. And you look at something like a Social Security number, which has become super overloaded from what it was originally intended to be used for, and people use it essentially as a cheap form of user identification. But besides overloading it, if you were redesigning that system today, you would probably just have some essentially electronic version of your Social Security number and you’d give out a tokenized representation of it to people and then they could use that as a proxy to validate your identity or to do whatever they need to it. And if it gets compromised, you just kill the token and it doesn't compromise the original information. And what we've done is, besides kind of thinking through the fact that this data is different and it leads to these sprawl problems, also the sort of rules of engagement of the data is very different, and by putting it together it makes it really hard to essentially manage who has access. It's like if you had diamonds in your house and you had cheese in your house. Well, the rules of engagement for those two things is very different. If you're over at my house, Ben, Cassidy, I want you to have access to my cheese. Enjoy the cheese.
BP I'm going to rummage through the fridge, yeah. That's one of the things I do when I get to your house.
SF Yeah, exactly. But if I put my diamonds in the fridge with my cheese, well, how do I control access so that you don't have access to the diamonds but you have access to cheese? That becomes really complicated, but that's what we've essentially done with data. So our view of the world is essentially, “Don't put these things together. Take your PII out of those existing systems and put it within this vault architecture.” It's similar to how we've moved from storing API keys and database passwords and stuff like that in our source code or a database and we put them in a KMS or something like that. It's the same idea around the principle of isolation, but essentially applied to all PII. And with that, the other challenge that comes along with this is how do you then add utility to this information? So it's one thing to secure it and protect it outside of our existing systems, but how can we still have value from it? We store this information to basically use it. And the way that we've been able to do that is by really digging deep into and understanding the underlying semantics of PII. So we call things like the Social Security number, phone number, passport number, numbers, but they're not really numbers, they are data structures that have specific meanings. So if you look at a phone number in the US, you have a country code, you have an area code, you have a local code, and each component of those has specific meaning, but you don't take a phone number and multiply it by a Social Security number. And when you break up these data structures into those different components, that dictates essentially the use cases that you want to perform with it. The last four digits, maybe a customer support person needs that in order to validate the identity of someone. Maybe the country code or the area code needs to be used for essentially analytics to know the density of where your customers are or something like that. And by understanding those underlying semantics, we were able to develop a technology called polymorphic encryption and tokenization that gives you essentially the utility to be able to perform all those operations without essentially decrypting the information or exposing your systems to it.
CW That's awesome. I would love to use that to educate people about data privacy who know nothing about it like my parents or someone where they're just like, “Eh, everybody's tracking everyone.” I'm like, “Yeah, but if we do this right, then you can at least protect some of your information.”
SF Yeah. It's rethinking the way that you use data. We convince ourselves that we need to see the data in order to perform operations. At one time we used to store passwords in plain text in people's databases because we thought we needed the password there in order to validate whether the password entered in a login page was the same as the password we have stored. Eventually we realized that was a bad idea, but how can we support that use case? Well, you could support that by salting and hashing the password so then you're destroying the original information but you still have the utility value of being able to validate whether the password is correct or not. By using essentially new types of privacy-enhancing technologies, you can perform essentially the utility on the PII while essentially protecting the exposure to the system.
BP So Sean, speaking of data, I saw on your LinkedIn that you're a Snowflake Data Superhero. You don't work at Snowflake, so what makes you cape costume? Are you out at night when people are being mugged for their Snowflake data, you jump in?
CW Not today.
BP Keep the peace?
SF So that's essentially their community program. They designate a subgroup of people who use Snowflake technologies that have some level of expertise in Snowflake technologies as Snowflake Data Superheroes, and then they do a lot of their community work. So Google has Google Developer Experts, Salesforce has Trailblazers. So it's kind of a similar program, and Snowflake’s program is relatively new. There's only about 70 of us in the world. I think maybe there was only 20 some that were introduced in this last batch which I was part of. And in some ways I am, I think, a bit of an outlier amongst the Snowflake Data Superheroes because I was at Snowflake Summit a few weeks ago and I met a lot of the group there and a lot of them make their living on Snowflake or contribute a lot to Snowflake. And I've done certainly contributions there, but my day job doesn't necessarily depend on Snowflake, although we have lots of customers at Skyflow that use Snowflake in combination with our technology. But I originally got interested in Snowflake after I left Google because I have friends that worked there that I had previously worked with. And then when I joined Skyflow I kind of started exploring how I can take advantage of the power of Snowflake to do analytics or machine learning or various data science tasks, but do it in a privacy-preserving way with Skyflow. And then I ended up pitching that idea as a talk to Snowflake Summit last year and it was accepted so I went and spoke at the event. And then my talk was really popular and I was also probably, not the only person, but one of definitely a few people who did a live demo. And in my demo I showed the full lifecycle of data from collection all the way down to analytics, and I did it in a fun way where I created a fake company called Instabread, which is like Instacart but only delivers bread. So it's on-demand bread delivery, who doesn't want that? And essentially I took you through the app experience of signing up to be a gig worker, and it shows the collection of PII because you’ve got to get paid, you need to create an account, you need to validate identity, you need to do money movement and all this stuff, but how can you do all those things using a stack that's very familiar to you– React, MongoDB, whatever it's going to be, Snowflake– and do it in a way that is essentially limiting the exposure to any of that sensitive information. And then I ended up giving that talk, or different versions of it, a bunch of times last year, and each time I was doing that I was also indirectly helping promote Snowflake because I was showing Snowflake as part of that experience. And it wasn't really by design that I was aiming to become a Snowflake Data Superhero or anything like that, but it was just something I was really interested in and I thought other people would be interested in. And I also interviewed a number of Snowflake folks on the podcast I host, and then they invited me to apply for the Superhero program.
CW So in all of your free time that you seem to have, how do you balance your work and your podcasting, staying current with everything, and then just stuff outside of that?
SF It's tough. I have a one and three-year-old as well, and I also travel a lot so it is a lot to balance. I think my caffeine consumption has increased with each child and the amount of sleep I get has reduced, but I still found time lately to play around with some of the things like LLMs and GPT and AI. And that's something that I had some level of background in in a prior life when I was in academics.
BP Is your academic experience coming back in handy now that this stuff is so in vogue and at the front of the discussion?
SF A lot of the stuff that I was doing back then was different approaches to AI, although I did learn some neural network stuff so I have some base level of understanding of some of that stuff so it's not completely foreign. I understand feature vectors and how a vector database would work and so forth, but all the deep learning stuff, I kind of missed that, and reinforcement learning, that kind of stuff came in later. But I've done a number of ML-related projects over the years. I did one where I blogged about where I used machine learning to analyze all kinds of data from the television show Survivor to predict the winner of Survivor.
CW That's amazing!
SF Yeah. I actually gave a guest lecture for a data science class about that project yesterday.
BP Can you take that to Vegas? I mean, if that show was still running I feel like you could make a lot of money on that.
CW Survivor is still running, Ben. It’s an excellent show.
SF It’s still running. And it's amazing. There's 44 seasons. They do two a year, but it's been going on for over 20 years.
CW That's been a large part of my maternity leave because I have a two-month-old.
SF We have a lot to talk about. So I've written a lot using statistical analysis as well as machine learning for a variety of different things and analytics on the show Survivor, and also other things from pop culture. So these were just fun side projects that I did. I have less time for some of these side projects now, but I have started playing around with essentially building a privacy-preserving LLM-based chatbot. But the key for me in terms of trying to balance my time is, I think I've always been quite good at focusing and also figuring out a priority order. I don't have any special sauce for it, I think it's just something that comes to me naturally so I'm able to really deep dive and kind of block out other things that are going on and focus and crank out a lot of work in short bursts. So that allows me to take advantage of when I do have breaks in my schedule and stuff. And I do manage a 12-person team as well as do IC work, so I have to try to figure out how to balance that. But I get up insanely early. I get up around five in the morning to start my day and get a little bit of time in before my kids wake up. But the way I kind of learn and stay up to date is really a lot through podcasting. So it's either listening to the podcast, but even hosting podcasts like Partially Redacted, the one that I host for Skyflow that's focused on security and privacy, or Software Engineering Daily. It becomes like a forcing function for me to learn because I have to do research in order to hold a proper interview. And the other nice thing about podcasting, both as a host and listening, is my career. I've moved further and further a bit from day-to-day engineering, but it allows me to sort of keep a pulse on what's actually going on and not feel completely disconnected from that world and know what are the latest technologies, what are people doing, so I can at least talk about it at a conceptual level even if I'm not necessarily day-to-day running large infrastructure.
BP Cassidy, you included a nice link in the newsletter for next week about writing, and it was from an engineer who just sort of said one of the great reasons you should have a blog is because if you're going to write about a technical topic, it sort of forces you to challenge your learning, make sure you have it correct, write a draft and redo it, and that helps to cement it in your mind. I think probably the same thing is true, maybe to a lesser extent, about a podcast. If you actually have a conversation about something and you go back and forth with someone, you're way more likely to retain that than if you just kind of skimmed some text as you were going along.
SF You basically sort of build within your own neural network stronger connections by having those conversations or by doing the research or doing a little bit of that work.
BP Uh-oh. Once we start referring to our brains as neural networks I think that the pendulum has swung. Who's imitating who, I don't know.
CW It's the best kind of neural network, really.
[music plays]
BP All right, everybody. It is that time of the show. Let's shout out someone on Stack Overflow who came on and contributed a little knowledge or curiosity. A Great Question Badge was awarded two hours ago to Kai Sellgren, “How to remove an element from a vector given the element.” This has been viewed over 120,000 times, so a lot of people have learned from this question. Thanks, Kai, and congrats on your badge. I am Ben Popper. I'm the Director of Content here at Stack Overflow. You can always find me on Twitter @BenPopper. Email us with questions or suggestions, podcast@stackoverflow.com. And if you like the show, leave us a rating and a review.
CW I'm Cassidy Williams, I'm CTO over at Contenda. You can find me @Cassidoo on most things.
SF And I'm Sean Falconer, and you can find me on Twitter and LinkedIn just under my name, Sean Falconer.
BP Great. And don't forget to check out the podcast. Sean, you're one of many hosts that rotate through, or is there a time when people can always catch you on Software Engineering Daily?
SF Yeah. Currently on Software Engineering Daily we rotate through, so it's not necessarily a guarantee. I do have some interesting conversations coming up in the AI/LLM space that I'm excited about. And I think if people are looking for something to listen to that actually combined the world of Survivor and AI, I did an interview with Dr. Christian Hubicki, who was on a season of Survivor, about ChatGPT and generative AI, which is one of our most popular episodes.
CW That's so cool.
BP Woah. So this person was on Survivor, but is also in the world of data science?
SF He is a robotics professor so he has experience in AI, but in the world of basically building robots that walk around and are able to navigate our world.
BP I know what Cassidy is going to be doing later today.
CW That's so awesome. Oh my gosh.
BP All right, everybody. Thanks for listening, and we will talk to you soon.
[outro music plays]