Please include a standard feature for the user to delete his forum account. Also, changing the username becomes impossible after a certain number of messages were posted, as far as I know.
This, combined, makes it impossible for the user to not leave digital traces. In many countries, it is legally granted to people to request the erasure of their personal data. For example, here is EU regulation.
None of the regulations require deletion or anonymization to be self-service, so the self service options are locked out after they would become disruptive to the community.
You can ask the forum administrators to delete your account, but they may respond by anonymizing it instead.
From your words I can understand that the mechanism of Discourse is such that it is impossible to delete users’ accounts without breaking the whole thing.
In addition, it’s not possible to change the username.
That’s just not right. Users are not even warned about this when they sign up.
User keeps searching for the ‘Account Deletion’ button. In vain.
If any user wants to delete his account, he keeps searching for the ‘Delete Account’ option, not knowing what is the underlying condition for ‘Posts threshold’.
Can we show the ‘Delete My Account’ button, although as a gray button showing ‘unavailable to be clicked’, to those users who’ve posted more times than the threshold allows them? Or perhaps a small hovering explanation to the users informing them of the ‘requisition’?
Even without the hovering help/info, this ‘unavailable to delete account’ button would be much helpful and save user’s time to find that button.
Even if its displayed and greyed out the site staff will most likely resort to anonymising the account anyway so great user has found the button but why show a button that isn’t functional?
Not a good solution. That means we are showing not helpful and negative pseudo-button/information to vass majority of users.
What we need is a simple button that directs to easy document telling what is going on and there should be a simple tickbox to demand deletion — and that request shall go to admin and admin only.
I think probably the best way is create a button on that section for example Account Deletion Request clicking on this button a PM (admin is the recipient) composer opens with some placeholder (title and textarea). This way users easily can send an account deletion or anonimazition request and Admins also can review the account before delete or anonimize it.
This button would appears when canDeleteAccount is false (so the default Delete My Account is not appears) or make it trust level restriction and it can use the user-preferences-account plugin outlet which is here on account page. But the better position is on the bottom of the page. Just like where the default button is appear.
If I have some time maybe I create a theme component for this.
I would like to address this issue again, because in a forum I use there are also problems with deletion requests from users.
I would like to understand more about this.
Why is it not possible in discourse to delete your own profile with a few clicks?
Is there any background to this that I don’t understand or has not been disclosed yet? I would assume that the technical implementation is not the problem.
Are there any reasons from a user experience perspective that support this?
Or is it already planned that there will be an easy way for all users to delete their own account on their own?
Can there be problems in relation to the GDPR if no transparent communication and possibility is offered regarding the deletion of one’s own account?
I am already familiar with the two links. Unfortunately, they do not explain why this function does not yet exist or whether there are plans to implement such a function. I am acting here purely from a UX point of view and would also like to leave the legal glasses off.
User Story: As a Discourse user, I would like to delete my account quickly and easily and receive immediate positive feedback.
The question remains: What are the arguments against adding a button that does just that?
This is the part that got my attention. My understanding is that deleting a user deletes all their message and lead to incomplete topics with “holes” in the remaining information on the forum. And it wouldn’t delete parts of the user’s messages quoted by other users, so the information quality would be decreased even more (and still could be linked to the user even after deletion if the user’s name or any other public information they shared was quoted by others).
Again, that’s what I understand but I could be wrong, and also I completely understand your concerns.
Disruptive is a bit harsh in my view in this context. No one insists that all posts must be deleted in the process. Only the username would have to be removed and instead “Deleted user” should be displayed.
Users can report posts here, like, bookmark, share and so on although this is not required by law. So there is also functionality here that makes it easier for a user to use the software, even though this is not required by law. So why not delete your own account via button or at least anonymize it and block the login?
That is what the “anonymize user” functionality does and why it was created
As for why anonymize user isn’t self service, there are several reasons and I don’t remember all of them right now. What I can think of:
GDPR, obviously, demands that deletion is accomplished within 30 days of you giving proper notice. 30 days is plenty of time for a human response and does not demand user-accessible automation (… that’s why they wrote the law like that …).
Mistakes. This would be a button that stops you from ever logging into the account again. It’s notable that Facebook, Twitter, etc account deactivation is reversible (though Facebook makes reactivation too smooth). In general, the “destroy my data button” is something the software engineering industry has started to realize is a Bad Idea.
The human touch is actually nice sometimes, which ties into…
Wanting to leave a community so badly you don’t want your name associated with it at all is something that the admins should know about and feel when it happens. Can they fix the cause for the next person?
The conversation is a chance to offer alternative remedies, such as timed suspension (for people worried that they’re addicted to the forum) or performing a detailed scrub of sensitive information in posts.
Account hijacking attacks are a thing that can happen. If we suppose a widespread account hijacking incident that doesn’t nab any moderator accounts, Anonymize Account is easily the most destructive available action after this proposal. This is one of the major reasons that individual post deletion is rate limited.
SSO - the user’s data might be replicated to other systems that Discourse doesn’t know about that the moderators also need to trigger cleaning in.
None of these are “hard never” reasons, but I hope this gives you a good sense of the balance of concerns.