Your account and personal information may be deleted, but all of your comments, submissions, conversations, threads or whatever you call the collected bulk of user generated content will remain.
The reason for this is that a forum is a collaborative effort, a collective work, and the contributions of other people's content might only make sense in the context of yours.
The general stance is that a conversation is an audited history, and to change the historical record affects other people's content too by redefining the context.
Taking this very conversation as an example if you deleted your account and your comment, mine now makes far less sense.
Most forum admins agree that you have the right to edit your content, but not to modify/affect someone else's. Changing the historical record affects the content of others.
Thus, most forums will ask for the right to reproduce your user content even after your account has been deleted. This preserves the context of other people's content.
Beyond that... account deletion. The internals of most forum software is based on foreign keys or data structures that presume integrity of the data. To delete a user account whilst retaining the content created by the account breaks their software.
So for a lot of forums deleting a user actually means keeping the user record but scrubbing it of identifiable information. The problem then comes that whilst the account may no longer exist in a meaningful sense, the content might still have personal identifiable information and will now be orphaned and detached from any meaningful record of ownership. Liability just became a nightmare for the forum admin.
The question of how to handle work contributed to a collective work that is a forum is a sticky one. But ultimately the value of the forum to the people who will continue to use it is based on the collective work remaining intact. The content will always survive, and then it's just implementation that dictates what deletion of an account really means for the given piece of software.
Search for "mass scribble".
Does the person who made this submission have the right to delete it even though by doing so they delete your data?
Do other users have the right to delete your data?
Total control for you means denying someone else the right to delete this conversation.
Do other users have the right to redefine your data by changing the context surrounding it?
If you posted "I vote for this too" to some very sound proposal to allow changing of usernames, and then the original author changed the proposal to "Bestiality should be legal", thus suggesting to the world you support such a thing... did the other user have right through the control of their data to substantial modify the context of your data? To the point that the other person could create a personal liability for you?
Where do the lines start and end, if your content can stand alone then the issues are not there. Almost everything in a forum is a discussion, conversation, argument, debate, an interaction depending on the context of other people's content. The minutes of those things are a record of fact, that someone said something and someone else replied and said something else. Content on a forum is never detached from the content of others.
I agree you have the right to your data, but disagree someone has the right to modify those minutes, those records of fact, to impact the data of other people in any way.
A forum is a collective work, and the rules for a collective work are different to the rules of a personal work.
Deleting an account on Reddit doesn't delete every comment and submission, but it does replace the username on every comment and submission with [deleted]. This isn't perfect from the user's perspective, but it's a lot better than most forums. It anonymizes any post or submission that doesn't directly leak personally identifying information by itself, which for most users will a large majority or even 100% of submissions.
I think allowing users to delete accounts and have their usernames replaced with [deleted] on every comment and submission is a decent compromise between respecting privacy for the user and maintaining the integrity of discussion for the community. I would feel much more comfortable using HN if it had such a system, although my revealed preference is that I care more about posting to HN than I do about the ability to retroactive delete my data.
Has reddit not had users who flounced and programmatically nuked every submission they've ever made?
Whilst this wouldn't affect Reddit as a whole, it could lay waste to a subreddit if the person was one of the top posters within a very small area.
This is largely why most forums operate a "edit within a reasonable time" policy. Though obviously there are benefits to being able to cache long-term too.
Can you imagine the impact on HN if patio11 went through a bout of depression and decided to nuke every comment he'd ever made? The impact to the collective work would be substantial.
Deleting a user will nuke the account itself, and assign all content owned by that account to an anonymous/deleted account.
The context is preserved and no-one else's data is affected, but we've removed all Googleable trace of the original account (the username and profile).
The only remaining issue is whether a person made posts containing personal information (defined as being the same as personal data according to EU Data Protection laws... name, phone number, email, etc). But for that we'll always honour take-down requests even when the information is orphaned from an ownership record.
PS: To the downvoters, I'd love to understand what part is objectionable.
I didn't downvote you before, but just did it now.I automatically downvote all comments complaining about downvotes unless the discussion topic is about downvoting and upvoting. I just think that it dilutes discussion.
Both marked deleted means that specific post has been deleted (but not the user account).
b) A forum is not a collective work; it is a privately owned publishing vehicle which may be selectively edited or change hands at any point.
Let's use email as an example - I can close my Gmail account, and Google can delete all of my data off of their systems.
There is nothing that either Google or I can do, however, to ensure that everyone I ever sent an email to will delete those messages as well.
The messages are now on their computers, out of my reach.
This becomes more evident when it's not a 1:1 message, but a 1:many message, such as Usenet (or Tavern)
Like Gmail, you can delete your account locally, but there's nothing anyone can do that would force other servers to delete the messages they received.
Once it's gone, it's gone.
Another example where you might see this is XMPP->XMPP.
My AIM client can keep a log of your messages, and even if you delete your AIM account, my logs will remain.
I can entirely understand where you are coming from, but with some classes of systems, I don't know that it's possible to ensure that your data can be entirely erased.
I've never understood this definition of property, especially since it necessitates so much giving-away of property in order to make society function.
I'll look at our own systems and will consider scrubbing all IP addresses/logs and anything that could identify a deleted user after the user has been deleted.
Sure, but what about posts that have no replies? And what about a cascade, that is, poster B replies to poster A, poster A deletes their account, the post remains, poster B deletes their account, both posts disappear?
I don't care about HN or Skype as much, but when I get my commenting system done I will look into doing something like that. I do believe in letting people and their content go. It's like making a party: yes, if people start leaving the party will be less fun, but it's more fun that way for the people leaving, and the rest ought to cope; considering one day they might want to leave as well. And while link rot sucks, so does everything just growing and only growing all the time. Let the web be a jungle, a living thing, and let things die, too? In the tiny part of this garden I attend to, that's how it's going to be. If in doubt, it's a zen thing ^^
At any rate, I don't really see the "liability nightmare", since it's already a fact that if you post something on a forum for 5 seconds, someone could take a screenshot and reproduce it until the end of time -- liability remains with the people posting stuff in the first place. It's just a matter of politeness to reduce this as much as you can on your end for anyone who wants to take something back, to do your part, without that implying any promises -- the way I see it, you loose some content, but you gain other content, because people know it's not necessarily etched in stone, and can try themselves out.
Again, I'm not complaining about how any site handles this, and I'm happy to post on HN. But Plutarch said the mind is a fire to be kindled, not a vessel to be filled, right? Likewise, I believe in the process of the web much more than any heap of "content" it might produce. And at least for what little own content I have on my site, I intend to curate it every now and then, check for broken or obsolete things. I'm not even above editing year old blog posts, the whole point is that should I die, I will leave the best of what I made and thought, not just an endless "log" like toilet paper. If in 10 years some of what you wrote today doesn't strike you as silly and outright false, what did you do in those 10 years?
Public spaces like HN and reddit and slashdot I feel are different from that -- you get a lot out of them, and for that you give up "exclusive ownership" for what you said. This is fine, but I could see that a private or small community might feel similarly like I feel about private things; they don't exist for the sake of historians or lurkers, but for what they have with each other. When that ends, there is no need to keep it around. What does it profit a person if they gain all the content of the world, but lose their ability to reinvent themselves, right? Not everything is a wiki, not everything has to be revision controlled, not every conversation is about timeless facts, or facts at all.
If it wasn't thought about when the software was designed then it can cause very nasty issues and be hard to rectify.
One of the forums I run on vBulletin has over 4m posts, 2m private messages, 45k users.
vBulletin is MySQL and tries to reduce database load through denormalisation of the data. The posts table has the username repeated every time a post was made, and the private message table has a horrible PHP serialized array containing the username in the "To:" column for a private message.
Changing a username on vBulletin involves an UPDATE statement on the post table, which is fine... but it involves iterating through every private message, de-serialising the To information, modifying and putting back.
And vBulletin is MySQL, and the search is full_text, which means MyISAM tables, and the update of the private message table locks for the duration, and for a large number of private messages the table is locked for 15 minutes on that particular server... which is enough time to cause a domino effect of query waits that PHP runs out of memory and one by one my frontend servers fail and the site goes offline.
Yup, vBulletin will crash and take the site offline if you have a large number of private messages and want to change a username.
You can see the fun of explaining this to the users of one forum over here: https://www.lfgss.com/thread95475.html
This is one of the very many annoyances that has led me to create http://microco.sm/ to fix this (and many other) pain points for admins and users. The software design is stopping users doing things they want to do (change their username).
HN isn't running vBulletin. But the logic is much the same. If it wasn't thought about on day one the data structures likely do not permit an efficient changing of username.
HN is under substantially more load than the forums I run, and dang likely deals with far more performance related issues. I'm sure he can reveal HNs specific design flaw that prevents username changes.
Or perhaps it's just the idea that it's a social problem and that if patio11 changed to patm that it would break the context for all previous mentions of him. Again... software should have solved this, but only if it was thought about early enough. The lack of avatars does mean that the username on HN is a far more critical identifier.
Just in case an unexperienced developer reads that. Don't do it. If you expect high read loads, better invest your time in learning/thinking about caching, fragment caching, russian doll caching and invalidating these caches. Memcached or Redis come to my mind.
On HN it's hard/impossible to delete a user without breaking and/or destroying core functionality (ie submissions and discussion).
So what's you point?
If you want to use Windows 8 Metro version you must "link" to a Microsoft account and change your login to use that method. It's the first thing that it does, but the UI is very subtle about it. IIRC, it even wants to change your desktop login settings. Phone software should not be changing system settings. Also the latest version removes the option to hide the fact that you have a webcam. With Skype you absolutely must read all the fine print and dialogues.
Another "feature" they've recently added is that it's impossible to actually logout of Skype . Even if you close Skype on all your devices, logout everywhere, your friends will still see you online. I even uninstalled the client from all my machines but was still online after that.
The official response is that it's how it should work, that Skype is like a phone and people should be able to send you messages and call you at any time. Of course ignoring the fact that people get upset when they see you online and you're not answering their messages and calls.
Since November last years, there have been quite a few complaints about this but nothing has changed so far.
(And in the case of Skype, it's terribly obvious that they want to prevent you from deleting data. In the age of NSA mass surveillance, this absolutely makes sense.)
Edit: and already merged & deployed less than an hour later. Contributing is fun :)
Check the online test https://panopticlick.eff.org/ and the paper https://panopticlick.eff.org/browser-uniqueness.pdf for a good read.
As a side note, amazon affiliate accounts are equally bad.
Microsoft could have some process that records dead accounts and automatically deletes them from the contact lists of the billions of computers running skype, but imagine the problems when someone deletes their account by mistake (or has it hijacked and deleted by a third party) and wants it restored.
Now the better approach might be to associate each JohnSmith account with a unique ID that never gets recycled and then reject calls unless the account_IDs match. But that's probably a lot of re-engineering that they don't want to do.
It's more likely that the revenue earned by the service is heavily dependent on building a social profile. A properly deleted (without a trace) account reduces the profile accuracy. I also wouldn't rule out the almost too obvious government surveillance requirement.
(hint: even closing the thing is not straight-forward)
Thankfully, I never shared my genuine data with Facebook or opened an a/c on Instagram or Whatsapp ever so I'm good at a certain level when it comes to Facebook.
In my opinion Twitter is the only option that is sane at the moment.
My colleagues are still getting emails that seem to be coming from me about sharing stuff on Google+.
Kplus regex -d+ -s1,2 ^([^._]+)[._](.+)$
R$* <@ $=w > $* $: $(plus $1 $) <@$2> $3
A lot of web sites' idiot email validator regexes won't allow "+" in emails. But every single one allows "." and "_".
More importantly, legit services that are on the spammy side (or have broken unsubscribe links) will absolutely never remove it.
Back a few years when Ameritrade had a bunch of its user's emails sold to spammers, I just changed my email on the ameritrade website and started blocking my +ameritrade address. It worked like a charm.
In all fairness to them though, they've been much better about that recently.