We've all used websites where a user account is required. What happens when you
decide that you don't want an account on a certain site any more?
The number of sites who haven't thought about this problem and implemented a
sensible account deletion policy is staggering. Yet I believe that sites can
deal with this problem in a way that is easy to implement, will reduce support
costs and increase goodwill among their (ex-)user base.
Read on, and see what you think. We're going to put this method to the test
with Get Your Game On, and I'll post back
here with the results once it's been in play for a while.
The User Perspective
The site that raised my ire today was Posterous. They offer a cool service, and I thought it
might be a good way for my mother to keep a website about her Golden
Retrievers, but it turned out Posterous wasn't a good fit for her (she was more
interested in having lots of static pages and image galleries, so we went with
Google Sites in the end).
This left me today hunting around in the Posterous UI for the "Delete my
account" button - a hunt that ended in failure. It's not possible to delete a
As it happens, you can do some clicking around and delete almost everything
until you're left with one empty blog. But why can't an account be deleted?
While we might not have any blog posts in the system any more, Posterous still
holds my mother's e-mail address and other details, and in theory could decide
to contact her in future - something that she clearly won't desire .
To my mind, this is the key point: Deleting an account is actually sending a
message to the site saying I do not give you permission to use my data
any more. Please do not display my data on your site, tell people that I am a
user of your site, or contact me in any way about your site.
The Site Perspective
As a software engineer, I know it's possible to implement user account
deletion. But I also know it's a lot harder than simply going through the site
with a chainsaw, deleting anything remotely connected with the user. Here are a
- It's completely impractical to suggest that user data be deleted from site
- Any data the user added to the system which is displayed in the context of
other users' data is nearly impossible to delete sensibly. For example, forum
posts in a discussion forum - if we were to simply delete all posts by the
user, we'd completely trash the meaning of the threads they were taking part
- Some users delete their accounts accidentally, then frantically contact
support asking to be undeleted!
Here are some things a site can do when a user account is deleted without too
- Stop displaying any of the user's data that exists on its own - for example,
a profile page.
- Prevent anyone from logging in to the account
- Don't count the user in any user lists or reports about active/existing users
Most sites realise soon enough that it doesn't matter how cool they are -
people are going to want to delete their accounts. This is an operation that
has no inherent financial value for them, therefore they want to minimise the
time spent dealing with it. This includes support time - a constant stream of
people requesting account deletion is a support headache and a source of
friction a growing site doesn't need.
Website needs, User needs
Having seen both sides, we can now make a list of the things users and sites
want regarding user account deletion:
- Users do not want to be associated with the site any more.
- However, users do sometimes want to be able to undelete their account.
- Users would like as much of their data deleted as possible.
- Sites don't want to waste time trying to implement impossible and undesired
things like removing user forum posts.
- Sites don't want to deal with a constant stream of requests for accounts to
I believe all of these objectives can be achieved with a little bit of thought
on the part of the site.
A Working Implementation
Let's call this the "Disassociation Method" of account deletion:
The site should provied an account deletion button. It doesn't have to be
prominent, or referenced in any documentation if that is not desired (and let's
be honest, what site really wants to highlight this?) - but there should be
such a button available to all users.
If the user clicks this button and confirms their action, then from their point
of view their account should appear to be deleted. In the Posterous case,
visiting my Mother's blog should result in a 404. If they were sending her any
e-mails, those e-mails should cease immediately.
An important note here is that the site probably shouldn't tell the user that
their account can be undeleted at any time, even though this is possible. The
site is looking to reassure the user that deleting means the user won't be
associated with the site.
After some time, if the user decides that they want to un-delete their account,
they can contact support and ask for this to be done. It's at the site's
discretion whether to undelete the account or not, but at least the site is
able to make that choice.
"Whoa!", you might be saying, "You just redefined delete!".
Ethically, I agree that you have a point. From a practical perspective, you
could try using words like "disassociate", and try explain to users that
you're keeping their data to save them from themselves, but I'm not sure if
that's going to help do anything other than soothe your consience. Perhaps you
might be better off with explaining the details of how account deletion works
in your terms and conditions.
"We've tried implementing account undeletion before, and it's too hard!".
Rubbish. Go read this article about how you
messed up your schema, then go do it properly.
Account deletion is currently done poorly by most sites. With a little thought
however, sites can largely neutralise any problems it causes without spending
much of their precious time.
Like this post? Subscribe to my RSS feed and follow me on twitter to hear about new posts early.
Want to share this post?