How to always allow users to delete their own accounts?

Do you how to always allow users to delete their own accounts? this helps with GDPR compliance. Can we use -1 or 0 for delete user max post age and delete user self max post count so that users can do this anytime?

Hi @RBoy, this is discussed in this topic

5 Likes

Users can always request to delete their accounts.
Also, there is a theme-component that makes this more obvious.

6 Likes

So from reading the linked topics am I right that users cannot delete their own accounts after XXX days have passed or XXX posts has been posted by them? The only way is for them to manually send a request to the admin?

@codinghorror I read your comments about this, it would be great to allow an option to allow users to delete their accounts, there could be 2 options be provided which would let the site admins decide on what’s appropriate for them (to comply with legal requirements or their own policies, e.g. to keep overhead low).

  1. Allow users to delete their accounts and all posts (yes it may impact the community, but that decision should be left to the site owners, if they are okay losing that information as a trade off to reducing overhead and legal liability, then should be allowed to enable this option)
  2. Allow users to delete their account but retain all posts as an anonymized account

Isn’t that exactly what’s achieved by the methods discussed above?

1 Like

Using -1 in delete user self max post count will disable the ability for users to self-delete, though you can set it really high to achieve a similar thing:

And delete user max post age can also be jacked up quite high as well (0 would effectively disallow user deletion):

5 Likes

Having actually done what @JammyDodger has said on one of my communities I strongly recommend against it unless you fully trust your users not to abuse it.

We had to return the settings to the defaults after we kept having people get upset because they did not like the responses they were getting so they would delete their accounts when they found out they could not delete their own topics.

That said, if you can fully trust your users not to abuse it, it can be helpful in some cases. :slight_smile:

Just one small suggestion: if you’re going to modify those settings, make sure your modify the related site settings that control when staff can delete accounts as well to be consistent.

In particular, make sure you set these settings the same:

delete all posts max
delete user self max post count

If you set the former lower than the latter you get the curious situation where the user can self-delete but staff can’t delete the account.

2 Likes

My first thought was “we should fix that” but then I realised that for someone it might actually be a desirable scenario :thinking:

4 Likes

Ah, one of my favorite xkcd strips :slight_smile:

And yeah, I can think of some situations where you would actually want users able to self-delete but limit staff to only have the option to anonymize the account.

Yeah, I can certainly imagine situations where this approach could get messy. Though if a forum admin felt strongly enough about it, and accepted the risks, the options are there.

Personally, I think the defaults are a pretty good flow (and the Account Deletion Request button is a nice addition too).

This makes sense to me too. I think if a site has taken this decision it has generally come from a place where they want the user to have the ability even if it’s painful for the forum as a whole. If the user decides to push the button then it’s something they have to accept/tolerate, whereas it may not be something they want to encourage as a staff policy.

1 Like

These options will only allow the user to delete their own posts. However for GDPR/CA compliance if a user wants to delete their own account, it’s forcing the admin to intervene. I would like to setup a process where in I would like the give the user the option to delete their own account and have discourse automatically anonymize it so we don’t lose the history but at the same time comply with the user’s wish to delete their account - without admin intervention. Is this possible?

Not in the default UI.

Our customers that need to automate it set up a central GDPR account deletion page external to Discourse that deletes the account across all of their systems, including their Discourse site. This is accomplished via a call to the API from their central compliance engine.

1 Like

Thanks for clarifying that. Would it possible to include this option as a configurable option in the admin settings UI? It would be super helpful have 2 options available for the site admins:

  1. Always allow users to delete their accounts and all posts permanently
  2. Always allow users to delete their accounts and anonymize all posts

It would be very valuable add for compliance as ease to maintenance. Are these hard to implement?

For GDPR compliance anonymization may be enough, and that is a different option than deletion if an account is fully deleted than there is nothing left to anonymize.

I’m not a lawyer and not offering legal advise.

One risk to consider is also if there is ever unauthorized access to an account, that would be a problem if account is permanently deleted and cannot be recovered by someone other than the authorized individual for that account.

This may be a reason why they have some safeguards in place and full account deletion must be requested first and then reviewed first to make sure it is valid.

I’m not sure that makes sense. Though I think the reasons why have been covered pretty well in the previous posts and linked topics if you have a read back through. :+1:

There are a couple of feature topics on this you may want to add your usecase/voice to:

2 Likes

It has nothing to do with GDPR.

Well my understanding is the GDPR does require that people can have their accounts anonymized, but not necessarily posts deleted.

Would advise general caution to anyone about giving out legal advise, that is a liability risk if what is said is not completely accurate.

Before this spirals into another GDPR debate, I think we should close it off here. :slight_smile: There are plenty of GDPR discussions already if people have a search. :+1:

1 Like