this post was submitted on 30 Jun 2024
55 points (93.7% liked)

Privacy

31952 readers
982 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Hello, I wrote a mail template which I send to websites that don't have an easy process of deleting an account.

Maybe it helps you, maybe you will use it too for when you want to delete your unused accounts and maybe you can contribute to it. The better the message gets and the more websites offer an easy way to delete accounts, the safer we'll be online.


If you can influence the deletion policy, please read on. Otherwise, please forward this to someone that can influence this process.

It's better for the business to offer an easy way to delete an account. Ideally, it would be good to delete accounts which weren't active for more than say 5 years, with a mail notification beforehand. Why? Here are the main reasons:

  • There are higher operation and maintenance costs because you have unused accounts in your databases.
  • The services load slower, with a performance penalty, because each user-related query has to go through many unused users.
  • The people opinion of your services decreases, because you don't offer an easy way to delete accounts
  • People might change their mail to a throw-away address and leave the account open, thus producing more waste than necessary.
  • In case of a security breach, the amount of compromised data is higher than in case you regularly delete accounts, which might lead to financial penalties.
  • The information you get out of a database with active accounts is much more precious than the information from a stale database, or one with obsolete data.

I hope this information helps and that you will change your policy of deleting accounts. Each website that does this, contributes to a better, safer ecosystem.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 4 months ago (1 children)

I spend too much time reading emails so I try to keep mine short, especially when they're going to a generic email like support or privacy.

https://gdpr.eu/right-to-be-forgotten/

The GDPR does not specify what a valid request to erasure entails. An individual can make a request for erasure verbally or in writing. This request can also be made to any member of your organization, not just to a designated contact. As long as a request meets the conditions above, it is valid, even if it does not refer to “Request for Erasure” the “Right to be Forgotten,” Article 17, or the GDPR.

There's no template to follow for a request. Once GDPR is mentioned, they usually just email back saying that they're doing it or its done.

I haven't come across any difficult companies but I've heard some make it as hard as possible and follow the Erasure Request form template in the link above and ask for proof of I.D etc

[–] [email protected] 3 points 4 months ago (2 children)

And are you really sure they deleted your account? Or just saying?

[–] [email protected] 4 points 4 months ago

Every few months I like to clear out my password manager of any accounts I don't need anymore, usually just throwaway emails aliases.

I'll usually attempt to log into any services that I know I've deleted/requested to delete to make sure they're not accessible anymore and so far I haven't been able to log in to any of them so I can only assume my requests are working.

I suppose if a service had a data breach, after my information was meant to be deleted, and I found my information there then I'd make a complaint to my regulator about not deleting my data. I would have proof of my request and their acknowledgement of the request so it'd be pretty silly of them not to delete it after saying they did

I rarely use anything but email aliases and fake information anyway and I never let online retailers save my card information. And if my address in on my account I change it to P. Sherman 42 Wallabyway Sydney before I delete/request to delete my account.

[–] [email protected] 2 points 4 months ago* (last edited 4 months ago)

Its right to erasure, not right to delete. If they did things right, they won't delete your account but delete most of your data and leave your account marked as "erased per gdpr on x day by account holder request"