38 votes

Daily Tildes discussion - how to handle account deletion

This came up yesterday, and I think it's worth discussing in a little more depth.

There isn't currently an account-deletion feature (though I can do it manually on request), but it's going to be needed in the future. The main thing that probably needs to be decided is what exactly to do with all of the user's posts when they delete their account. If the user was prolific and you wipe out all their posts, it can damage a lot of history. But if you leave their posts up (possibly no longer associated with their username), it means that all of the user's content is now basically "orphaned" and they no longer have control of it even though they posted it.

I won't go into too much detail about my own thoughts, but I'm curious to hear what you all think of how deletions (and the deleted user's content) should be handled.

28 comments

  1. [8]
    Algernon_Asimov Link
    If someone is deleting their account, then they're basically taking their bat & ball and pissing off. Anything they posted is theirs, and it's their right to take it with them. There should at...

    If someone is deleting their account, then they're basically taking their bat & ball and pissing off. Anything they posted is theirs, and it's their right to take it with them.

    There should at least be an option for people deleting their account to also delete everything they've posted, even if this isn't the default behaviour.

    Also, your own privacy policy strongly implies that tilders will have total control over their data - up to and including full deletion.

    46 votes
    1. notlogic Link Parent
      I do believe the correct thing to do is to give users the ability to delete their posts, but it's only a matter of time before there's a ceddit or removeddit type site for tildes which ensures...

      I do believe the correct thing to do is to give users the ability to delete their posts, but it's only a matter of time before there's a ceddit or removeddit type site for tildes which ensures nothing ever truly gets deleted.

      3 votes
    2. [6]
      aphoenix Link Parent
      While I agree that the privacy policy implies that tilders have total control over their data, I don't see any place where it says that their data includes links that they've posted.

      While I agree that the privacy policy implies that tilders have total control over their data, I don't see any place where it says that their data includes links that they've posted.

      1. [5]
        Algernon_Asimov Link Parent
        They don't own the links themselves, but I believe they own the Tildes posts they made about those links.

        They don't own the links themselves, but I believe they own the Tildes posts they made about those links.

        1. [4]
          aphoenix Link Parent
          So if you make a post, and I comment on it, you own my comment?

          So if you make a post, and I comment on it, you own my comment?

          1 vote
          1. [3]
            Algernon_Asimov Link Parent
            Of course not! Which is why I should not be able to delete your comment.

            Of course not! Which is why I should not be able to delete your comment.

            1. [2]
              aphoenix Link Parent
              If you delete your post, that will remove the comment.

              If you delete your post, that will remove the comment.

              2 votes
              1. Algernon_Asimov Link Parent
                It will? I wasn't aware of that behaviour here. In that case, Deimos needs to ensure that any delete function deletes only the user's own posts and comments, and noone else's.

                It will? I wasn't aware of that behaviour here.

                In that case, Deimos needs to ensure that any delete function deletes only the user's own posts and comments, and noone else's.

  2. Gabe_DeGrossi Link
    There could be multiple options on how you want to delete your account. One could be a full erase; removing all content and existence of that user. Another could be "archiving" the account, so all...

    There could be multiple options on how you want to delete your account. One could be a full erase; removing all content and existence of that user. Another could be "archiving" the account, so all posts are still visible with/without the username attached, but the account can no longer post (maybe add a tag to the username, or grey it out to indicate that user is archived).
    Just my 2c.

    31 votes
  3. [3]
    acr Link
    Users can already manually delete their stuff anyway. I say just have three options. Delete account and delete all history Delete account and leave all history Delete account and selectively...

    Users can already manually delete their stuff anyway. I say just have three options.

    1. Delete account and delete all history
    2. Delete account and leave all history
    3. Delete account and selectively delete history
    28 votes
    1. [2]
      dstaley Link Parent
      I agree that if the user can delete their posts anyway, there's no reason not to provide that option when they delete their account.

      I agree that if the user can delete their posts anyway, there's no reason not to provide that option when they delete their account.

      16 votes
      1. Archimedes Link Parent
        Yeah, the choice should ultimately be in the hands of the user, but I recommend including language that reminds them of the following before nuking everything. 1. Nothing is ever truly deleted...

        Yeah, the choice should ultimately be in the hands of the user, but I recommend including language that reminds them of the following before nuking everything.

        1. Nothing is ever truly deleted from the internet.
        2. Deleted comments make for broken threads.
        

        Ideally, a person would choose to delete a select few things that they don't want to be easily visible anymore while archiving the rest of their comments to preserve thread integrity.

        10 votes
  4. [2]
    talklittle Link
    It might also be a good idea to disable re-registrations with past deleted usernames. Unless Tildes comes up with a way of "verifying" an account, but that seems counter to the values of the site.

    It might also be a good idea to disable re-registrations with past deleted usernames. Unless Tildes comes up with a way of "verifying" an account, but that seems counter to the values of the site.

    18 votes
    1. 666 Link Parent
      I said this in a comment below, when the user deletes their account you can offer them an option to associate an email in case they want to get their account back.

      I said this in a comment below, when the user deletes their account you can offer them an option to associate an email in case they want to get their account back.

      6 votes
  5. [2]
    burntcookie90 Link
    I think removal of ownership is the way to go. Once the site goes public, crawlers and archivers will already have copies and attempting to anonymize that will be fruitless.

    I think removal of ownership is the way to go. Once the site goes public, crawlers and archivers will already have copies and attempting to anonymize that will be fruitless.

    9 votes
    1. sublime_aenima Link Parent
      Even with crawlers and archivers people should have the option of at least making it harder to find info. Just like over on reddit where people make scripts that will edit and/or delete your...

      Even with crawlers and archivers people should have the option of at least making it harder to find info. Just like over on reddit where people make scripts that will edit and/or delete your history. It just makes it easier and less likely to get the spammy ones if it's built in to the site.

      6 votes
  6. 666 (edited ) Link
    (Default) delete account and delete all content owned by it Delete account and leave content orphaned Delete content but keep account Selectively delete comments and/or posts per group Selectively...
    1. (Default) delete account and delete all content owned by it
    2. Delete account and leave content orphaned
    3. Delete content but keep account
    4. Selectively delete comments and/or posts per group
    5. Selectively anonymize comments and/or posts per group (mark them as owned by user [deleted], or better assign them a random number that will be the same for each thread so we can know that they are made by the same anonymous user, that has to be per thread and not per group to prevent privacy issues)

    When selecting 1 or 2 offer an option to associate an email to restore the account in case the user wants to come back.

    Edit: also offer a field to let the user explain why he/she is leaving.

    Edit 2: in the account deletion page make the user type their password again to confirm deletion, this should prevent any kind of malicious XSS attack from deleting an account and will also make the user think twice before deleting.

    6 votes
  7. [5]
    godless Link
    I'm a little torn on this one. I mean the right to be forgotten should be allowed, but it's really hard to enforce on the internet. There's easy to use ways of seeing what comments have been...

    I'm a little torn on this one. I mean the right to be forgotten should be allowed, but it's really hard to enforce on the internet. There's easy to use ways of seeing what comments have been deleted on other sites.

    On the other hand, I kind of feel like if you delete your account, it should remove the option for logging in, but what you have said should remain attached to the handle you are using. It might encourage people to think a little more before putting something out there that's permanently attached to them - even if it is an anonymous persona. It's far too easy currently for someone to espouse some bullshit or another, and if it proves unpopular, they just delete it and avoid the consequences.

    5 votes
    1. [2]
      Ven Link Parent
      I commented this yesterday on the post that inspired this one. But I think there would still have to be some option to "nuke" the account in the event of doxxing or the like. It can be easy to let...

      I commented this yesterday on the post that inspired this one. But I think there would still have to be some option to "nuke" the account in the event of doxxing or the like. It can be easy to let slip just a little too much information in small amounts. Soon enough, there is enough info available that someone could ID you.

      Maybe that could be handled on a case by case basis, because I do agree that comments should remain. Everyone is focused on old threads, but it isn't unheard of for a Reddit account to be deleted after making a high level comment on a still active thread. That can hurt the discussion and just leads to people asking for a summary or screenshot of the comment.

      7 votes
      1. Tenar Link Parent
        Agreed, I think people underestimate how easy it is to do. I've done it once or twice (on request) with someone who was sure they didn't share anything personal. But they shared one video which...

        But I think there would still have to be some option to "nuke" the account in the event of doxxing or the like. It can be easy to let slip just a little too much information in small amounts. Soon enough, there is enough info available that someone could ID you.

        Agreed, I think people underestimate how easy it is to do. I've done it once or twice (on request) with someone who was sure they didn't share anything personal. But they shared one video which together with another video two years later was enough to ID them, so I was able to find them (in half an hour, I think? I don't mean to toot my own horn but that was through literally thousands of different comments/posts that they had made over time, and required looking at the youtube account one was posted on --> looking at a website that was in the description --> using the website to find a twitter account --> using the [fairly short] list of followers of that account together with the aforementioned second video [which briefly showed a part of the person] to find our poster). I mean that was just for fun—imagine you've done something that """justifies""" being doxxed and you've got a few people working on it?

        Anyways, that's why I disagree with handling it case-by-case; I like the 3 options posted elsewhere (full wipe, delete username from comments, or leave but indicate it's a deleted account). Sure, there's the issue of deleted comments, but I think that's (1) a flaw in reddit's website (don't have a deleted comment as top comment and things are solved), and (2) an issue with reddit's crowd/size (those are often semi-controversial comments that get 300 replies that aren't really all that different). (1) is easier to fix here, just requires handling deleted comments in a certain way (or maybe selectively handling dead comments in active threads differently), but (2) is maybe a culture thing? I'm not sure how to handle that, besides maybe throwing notifications together ("200 people replied to your comment")

        5 votes
    2. [2]
      TrialAndFailure Link Parent
      It worries me that you think there must be consequences for espousing an unpopular opinion.

      It's far too easy currently for someone to espouse some bullshit or another, and if it proves unpopular, they just delete it and avoid the consequences.

      It worries me that you think there must be consequences for espousing an unpopular opinion.

      3 votes
      1. godless Link Parent
        I think you might be putting too much weight on the word consequence. I had in mind the occasions when comments are deleted to avoid the downvotes they were getting. I certainly do not advocate...

        I think you might be putting too much weight on the word consequence. I had in mind the occasions when comments are deleted to avoid the downvotes they were getting. I certainly do not advocate real-world consequences, outside of no way of hiding the comments you have made with your online persona.

        I would say that Ven has a good point about someone having made a comment that exposes a little too much personal information.

        2 votes
  8. phedre Link
    One thing you'll have to consider: we're assuming that any actions taken will be by the rightful account owner; that may not always be the case. Much as we'd love to believe it won't happen,...

    One thing you'll have to consider: we're assuming that any actions taken will be by the rightful account owner; that may not always be the case. Much as we'd love to believe it won't happen, accounts WILL get compromised. Do we want to give people the ability to then clean out those accounts for their own use?

    3 votes
  9. TrialAndFailure Link
    For what it's worth, not having control of your messages is the par for the course these days, so it's unlikely that anyone would be too appalled.

    For what it's worth, not having control of your messages is the par for the course these days, so it's unlikely that anyone would be too appalled.

    2 votes
  10. vakieh Link
    I would be very, very against the automatic removal of content, because it would inevitably create a historical content graveyard. Most of Reddit's old stuff is littered with holes and gaps...

    I would be very, very against the automatic removal of content, because it would inevitably create a historical content graveyard. Most of Reddit's old stuff is littered with holes and gaps because people left, whether it was useful or not.

    That said, I am someone who is against the ability to edit or delete your own posts/comments after eg a 5 minute edit window, which I know goes against the ~ philosophy, so I would understand if the site went another direction there. But in defense of my position, can you take your words back from the ears of people who hear you in real life? Why can't conversations stand as written, permanently (with moderators able to delete if they contain rule breaking ie doxx)?

    2 votes
  11. Elijah Link
    Again Discourse has a model for this. Removing all the content a user has creates enormous holes in the history. If creating accounts is easy (and I don't think it is now, but most sites have easy...

    Again Discourse has a model for this.

    Removing all the content a user has creates enormous holes in the history. If creating accounts is easy (and I don't think it is now, but most sites have easy to make accounts), and deleting accounts can be done by the user, it can be used for trolling / griefing.

    When people close their accounts the username should be retired, some signal should be used to mark the username as inactive, and (optionally -- probably up to the user), the username should be replaced with an anonymized string.

    2 votes
  12. MimicSquid Link
    I'm arguing from a position of wanting maximum coherency after the fact: I'm not sure I'm in favor of even orphaning the content let alone letting people delete their accounts. If they want to...

    I'm arguing from a position of wanting maximum coherency after the fact: I'm not sure I'm in favor of even orphaning the content let alone letting people delete their accounts. If they want to abandon an account and start a new one, I'd be in favor of being able to "freeze" an account, forbidding any future action and detaching it from an email address in order to let the person start a new account without making a new email address to go with it.

    Just like with Reddit locking post titles to keep people from editing them in misleading ways, I'd be a fan of locking down the ability for anyone to edit or delete their own posts after a certain amount of time. I like the anonymity of user names, but I'd like people to think about what they're saying with the explicit understanding that their words will be linked to their chosen name in perpetuity. They can walk away from the name, but they can't prune what they've said over time.

    1 vote