I want to delete my account, how hard can that be?
When I started writing notes for this article, the arbitrage (or perhaps “argy-bargy”) around TikTok was attracting attention, mostly in the context of TikTok being a pawn in an international chess game of poor relations.
Zooming back out (pun intended) TikTok is just the latest in a long line of highly successful social apps, many of whom have had mayfly like lifespans. This MIT Review article lists a few of the pretenders seeking TikTok’s crown as of August 2020: https://www.technologyreview.com/2020/08/06/1006079/instagram-reels-byte-triller-clash-tiktok-ban/.
My question is, when an app closes, or you decide to move on to another, or you just want to delete your account, what happens to the information that you shared with them?
There may be a treasure trove of stuff you exchanged and received with friends that you’d like to keep if you can, but there might also be some personal information that could be used by others against you.
Can you get that data back from the app provider? Can you get their trustworthy guarantee that they have deleted ALL the data, if that is what you ask? Should you have the right to have all your data, and activity, deleted?
It’s not so simple, I get it
Imagine that the account you want to delete is on a social network of some sort.
Do you have the right to delete all the interactions you made with others, the comments you added and/or the comments they added to your posts? Unless you’ve been in broadcast mode and attracted no commentary (which doesn’t seem very social), it seems likely that some of those interactions are shared between you and others. Given this, “deleting all” of my interactions would seem both “wrong” and technically very challenging.
What about derived data about me? All companies do a lot of analysis of their customers and users (demographics, interests, buying and consumption patterns etc.) – how much of this “data about you” is your data? Well I think we need to be reasonable here. My main aim in deleting an account is to prevent future problems for myself if their platform gets compromised – so at a minimum I want them to delete any PII data that can be misused by others. If derived data about me is genuinely anonymised, then I don’t think I have a problem with this data being kept.
Finally, there may be legal reasons that companies need to hold onto data. So be it, not much that I expect them to do about that, except: restrict the data kept to the legal minimum, secure the data appropriately, and delete it when the legal requirement expires.
We should be told about the off-ramp when we’re signing up
Interestingly, and despite reading some terms and conditions reasonably closely (on a few occasions at least), I can’t remember any of them describing clearly what will happen if you ask for your account to be deleted (other than you will still need to pay any outstanding bills).
I think there is a strong argument that you should be informed about what will happen if/when you ask to leave the service, as much as what will happen when you sign up to and use the service. And this isn’t just about the bills.
That explanation should be simple, up front, and provide a reassurance that if you decide to leave, you’ll be OK, or a warning that this service operates on the principles of the Hotel California, you can check-out but you can never leave.
Knowing how hard the off-ramp will be helps me decide whether to take the on-ramp.
Online Service Providers need to set-aside some funds to clean up
It seems reasonable to assume that successful service providers will have the wherewithal, if not the desire, to provide a clean close process for users.
But what about those platforms that fail, that run out of fuel to support a safe landing for those that decided to fly with them?
We need all service providers to set-aside sufficient funds to clean up after themselves should the unexpected happen and their service fail. One way to encourage this might be to enforce liability on those responsible for a service that leaks data after they shut it down.
Old accounts never die, you just can’t delete them
What triggered this line of thinking was a bit of a tidy-up I started a few weeks ago. I’ve been using a password manager for some 10+ years, and this has given me a kind of way-back-when machine of my own.
The password manager I use (like many) offers a security check. Amongst a number of checks, it sees if services that I use have been hacked, if my passwords are unique and robust, and if email addresses I’m using are appearing in lists of hacked data. When I ran the security check recently, it proposed that I changed the login details on several old services that I no longer use, and that had been hacked at some point in the last decade.
Rather than update my password and personal details on these derelict accounts, I decided that I didn’t want several of them any more, so I started to explore how to delete the account on each service, while looking for confirmation that they will delete my data, permanently.
It turns out that it is really quite hard to find out how to delete and harder still to determine if the service will offer a clean delete. All make sure that you’re aware of any outstanding payments. Many offer dire warnings about what you won’t have access to if you press that red button. Few (none that I found) describe their commitment to not making data you provided accessible to others.
Let’s look at an example for one well known system. Sometime ago I created a work account for our business on Amazon (bunch of reasons, company library was one of them). Strategies shift and we’ve moved on from that branding, domain, email addresses and other elements, so the account is no longer needed. Trying to delete it? Remarkably difficult, it took me several days to find enough time to follow the bouncing ball all the way to the end – something made even more difficult if the email address used to set up the account is no longer active.
It’s not me, it’s you
I get that we don’t want valuable accounts to be easy to delete by mis or mal adventure. However I don’t think that the approach taken by most companies is designed to protect me against myself.
My suspicion is that the “delete my account” button is made deliberately difficult to find and certainly doesn’t attract the attention and “frictionless” design thinking given to the “create my account” button.
How to fix this?
My personal favourite model to resolve a number of digital trust issues is Self Sovereign Identity (SSI). I know that SSI can tackle some of these issues really well, for example by minimising the amount of data shared for authentication, and minimising the need to maintain personal information. However it doesn’t fix all ills. There are still a number of regulations and good practice policies needed to ensure that we can all live healthy, safe, digital lives.
Not only do we need the right to cancel a service (something that the Australian Consumer Law gives us certain rights to do, https://www.accc.gov.au/consumers/consumer-rights-guarantees/cancelling-a-service), but we should also have the right to have any personal data deleted from the account where there is no legal need to retain the data.
I realise that this thinking smells like GDPR and “the right to be forgotten”, and there is a lot of overlap, but I was aiming at something rather more simple here. My belief is that good companies recognise that good service makes for happier, stickier and more profitable customers than locked in users. Leave the door open for me to leave, make it easy to go, and I may never go. Let me leave nicely and I may well come back. Make this simple and I may well recommend that others use your service.
That’s rather far from the current practice though. One of my colleagues worked for a company where “every anti-pattern in the book was used to prevent you from closing your account”, and that’s not considering the [bad] practice of writing PII data to system logs and other areas that make a clean-up near impossible. Having seen the dark(er) side, he’s now very much a fellow envagelist for better, more equitable and transparent models.
Notwithstanding what companies should do, our willingness to sign up to online services, and their insatiable appetite for data about us, is leaving a legacy of stuff about us scattered across the internet, and a series of damaging leaks just waiting to happen.
Less TikTok than Tick Tick Tick…