Shouldn't users be able to delete their accounts whenever they want?

It’s truly weird the fact that you cannot delete your account whenever you feel like it. Currently, with Discourse, you can only delete your data if you have little to no activity at all and your account is relatively new.

Let’s take a look at discourse.org/about:

Discourse is a from-scratch reboot, an attempt to reimagine what a modern Internet discussion forum should be today, in a world of ubiquitous smartphones, tablets, Facebook, and Twitter.

Isn’t privacy a basic principle any modern Internet application should follow? We live in a world with the GDPR, users should have full ownership of their data. I don’t see how not allowing users to withdraw their data from a website can be useful (or modern).

Now, according to article 17 of the GDPR (Right of erasure/‘right to be forgotten’) (Your right to get your data deleted | ICO), a user can request their deletion whenever:

  • They initially consented to the website using their data, but have now withdrawn their consent;
  • The website no longer needs their data for the original reason they collected or used it for (in this case, if they don’t use the website anymore);
  • They have objected to the use of their data, and their interests outweigh those of the website using it;
  • and the user can request deletion whenever their data has been unlawfully processed (for example, when the website didn’t follow proper data protection rules).

Of course, there are cases when the website can deny the request to delete the user’s data (e.g. when the data is needed for legal reasons or it is important for scientific and historical research). However, I think this type of usage is rare with Discours, so I don’t see why preventing users from automatically deleting their account (and complicating this process) is a default option. There should be at least an option to remove the account activity/joined-at limitation.

1 Like

Actually thing isn’t that. GDPR dictates how and when a company/juridic society can store and use personal information, that can be connect to user. An user has ownership only when

  • data can be transferred to another services (images, audio, video, but not commenting in a forum, because all forums have different category structure etc.)
  • personal data, meaning user accounts and similar, must be deleted when asked, right away OR after some decent time, unless there is other juridic demands like with web shops

Deleting an user account is not same thing as deleting content. Content can be anonymized, as here (and on quite many other services) will happend.

Shortly: GDPR tells that a company/society can store only needed personal data and for limited time. Cookies and other ”followers” are part of that.

Meta should not set GA-cookies without consent but all other technical cookies are just fine, but those must tell to an user. Meta can ask my email-address, but not my social security number. They can ask my birthday for fun, not as mandatory request.

I am totally different thing. I’m a finn and so are (almost) all of my forum-users. Because I’m a private person driving private, even it is free to all, forum, I’m not operating under GDPR in any means. But my webshop is regulated by GDPR.

2 Likes

Deleting accounts with content leaves havoc behind discourse wise. Topics where posts are deleted but replies are kept become broken and illegible.

9 Likes

If I’m understanding this part correctly, the admin of any particular community can define this as they please with the following settings:

I believe that the defaults are the way they are because user deletion is a destructive process that can cause topics to become unhelpful or even misleading with gaps in the discussion. As the amount of activity on the user increases, so too does the chance of this being a problem. That is certainly the reason I have left them at their defaults.

As @Jagster has pointed out, GDPR is not the get-out-and-delete-everything card you make it out to be. Oftentimes companies are under no obligation to delete various data types and even directly personal information can be kept for a variety of reasons, including (heavily paraphrased) because it’s a bit hard to delete.

In the case of Discourse instances, it is reasonable (and legal under GDPR) to remove personal information from a user (anonymize on the user admin page) and leave all posts intact. The posts themselves may contain personal information or copyrighted material but it is reasonable and legal to put the responsibility of identifying those posts on the user due to the potentially large amount of time and therefore cost of manpower involved in doing so.

The admin for a community can decide whether they are willing to accept the risk of allowing users to delete their own accounts regardless of activity. If they do not allow this, the admin can decide on a case-by-case basis whether to delete an account when requested or to anonymize it. Similarly they can decide case-by-case whether to examine the posts for personal information or leave that to the user.

3 Likes

And the most important point: it is user’s choice to reveal that kind information. GDPR controls what personal data a company is collecting and using, and it not puts a company act as guardian to watch out what an user does (in the meaning of spreading private info).

3 Likes

There is a difference between “collected data” by a website and “voluntarily provided data” by a user such as in a conversation’s posts/replies. Simply deleting every post a user ever made would render each topic incoherent - like ripping random pages out of a novel. A user’s account can be anonymized so discussions remain flowing and coherent, and the user’s identifying data (real name, email address, account activity, etc.) can then be deleted.

4 Likes

You have the right to your content and can download it any time from your user profile page. But you don’t have the right to ruin the conversation for everyone else by forcefully removing your content and rendering the conversations unintelligible for all future readers.

  • If you’re a new user with 2 posts or less, you can auto-delete your account at any time.

  • If you don’t have too many posts, you can ask the staff for deletion and they can probably oblige you. This should be a call made by the staff.

  • If you have a lot of posts, you can ask the staff for anonymization. This removes all your identifying information (username, full name, etc) but leaves the posts intact.

I guess the implied request here is to allow users to anonymize themselves at will. I could support that as a site setting…

15 Likes

Related food for thought.

On our site one user deletes all of their replies after a few days, don’t ask me why I have no idea.
As you note this ruins the conversation for everyone else.

Another option for such a user would be to allow them to have an account setting that says to anonymize their post automatically after several days (think new feature). Not something I personally am in favor of but it is a better choice for the community then lots of topics with holes in them.

3 Likes

What’s the difference between anonymizing an account and creating our own “anonymous” account with a random username, a disposable email address, etc?

What about the identification of someone by aggregating information from all their posts? What if their original username is quoted many times in many posts (rake task search & replace string…?)?

I understand why someone would like to completely remove all their posts, and I understand the concurring issues for the forum’s readability.

2 Likes

Our community is based in the UK and 99.8% of our members are also in the UK so the GDPR subject is always an interesting one for us.

Our Terms of Service state that we will not delete your account, we will only ever anonymise it and that if you wish to have your account anonymised you should first delete any of your posts which contain your personal data, then request that we anonymise your account.

This largely places the onus back on the end user. It stops “rage quitting” in its tracks and keeps all of our topics in tact as we’ve yet to find anyone with a single post that contains their personal information.

We publish this in our ToS as:

If you wish to terminate this Agreement or your greyarro.ws account you may simply discontinue using the Website. If you wish to have your account anonymised and closed (thereby removing any personal data on your profile) you must request this by email. When anonymising and closing your account Grey Arrows will not delete any content you have submitted or any posts you have made. Any posts or content that contain your personal data must be deleted by you before you request your account to be anonymised and closed. You are unable to delete topics which have received replies. If you have started a topic and the first post contains personal data that you wish to be removed you must flag that topic for deletion.

This route also saves a mountain of leg work for our community admins/moderators.

8 Likes

Anonymized account can’t login, ever. Anonymous can. Nothing else.

But I reckon you already knew this.

3 Likes

I didn’t. I never used the anonymization feature. I might have used it as an admin once or twice and I can’t even remember.
Thank you for this information.

2 Likes

Not me either. Sorry, but this issue is more english or american way to handle conflicts :rofl: even so many are referring GDPR here.

Still, an anonymous person/account can be anonymized. Then, account will be more or less deleted too, username will change from johndoe to anon-something. So, if a forum uses nicknames, not real names, anonymization (did I spell it right, it sounds odd :confused: ) doesn’t mean anything at all.

3 Likes

Actually it would. Some people use the same nickname across multiple forums and social media. Anonymizing a user’s account changes ownership of their posts from nickname to anon_nnnn and in the account profile as well. All other personal data such as email account, location and real name(if either were provided), and photo/custom avatar are deleted as well.

Thinking more into this, what would happen if a user was mentioned in many posts by others. Does the user’s handle/nickname get changed in those posts as well? On a large forum a user could be mentioned a great many times.

1 Like

Mentions and quotes get anonymized, for example here’s a user we anonymized on Meta:

Screen Shot 2022-01-25 at 1.40.17 PM

So the biggest thing to look out for is identifying content in plain text or images. If you’re going to request your account to be anonymized, you might want to do some searching on the forum to see if any personal information was shared that you’d like to remove. Maybe someone mentioned your username without the @ or quoted some identifying content manually with >… even in the case of an account deletion this may be an issue, because it’s content posted by others.

4 Likes

Yes. It is possible to slowly delete all your posts, up to {x} per day. So this is technically already a thing, however, you can’t modify your posts, (including deletion, which is a modification) after they have been around for a while. All of these are site settings which the admins can adjust:

  • delete user self max post count
  • max post deletions per day
  • tl2 post edit time limit
  • post edit time limit
5 Likes

Just to add another point of view. I run a Spanish-language literary community, where users share their creations: poetry, short stories…

We really love the conversation enabled by Discourse, but in our case it is essential that the users can delete whenever they want the topics they create (since they could have some value in terms of copyright). We don’t mind about the conversation being lost, since it doesn’t make sense without the OP.

So I created a (quick and dirty) plugin for that: GitHub - osvid/delete-plugin: A quick and dirty plugin for allowing Discourse users to delete their own topics ALWAYS

3 Likes

If you like to give ability to delete everything that is your choice. But it has nothing to do with copyright. It is right a content producer has anyway if that content is an unique work. You can’t even give away your copyright. It is matter of publishing rights.

When a work is published at a forum, creator gave consent for publishing. And that consent is really strong against creator and can’t be cancelled if it has mentioned on T&C.

Sure, there can be different laws depending country, but Bern agreement etc are really world wide.

3 Likes

Yes, that’s it. What I mean is that, for my users, keeping control of their contents is important, to avoid potential copyright or plagiarism issues.

So, they feel that they have more control (and then a better overall experience in the community) if they have the option to delete their contents, always, without restrictions or prior notice.

Actually users grant explicitly royalty-free publishing rights to the forum when accepting the T&C. But for the forum it doesn’t make sense to publish users’ contents against their will.

2 Likes

Actually it was the users who published their content on the forum when they posted it. To demand a forum take down what has been published - and possibly replied to by others - would be akin to an author publishing their works, then later on demanding the book publisher go around and remove their books from every store because they’ve changed their mind.

But this is getting off topic as the title deals with users deleting their accounts, not some of their content (posts). :wink:

4 Likes