zlacker

[parent] [thread] 5 comments
1. Jommi+(OP)[view] [source] 2020-05-23 15:49:28
It's pretty common actually. They will delete all your data, but that requires strong authentication, which government ID is. That's how it works with gdpr in 90% of cases.
replies(3): >>Zekio+A >>darekk+Pc >>mindsl+Md
2. Zekio+A[view] [source] 2020-05-23 15:52:33
>>Jommi+(OP)
Account removal should be just as easy as it was to sign up
replies(1): >>ebertu+25
◧◩
3. ebertu+25[view] [source] [discussion] 2020-05-23 16:23:48
>>Zekio+A
I agree that it should be just as easy to suspend your account as it was to sign up, but irretrievable deletion should be harder.

Companies ideally want to stop fraud at both ends, but I would be more upset if, for example, my Airbnb account were fraudulently deleted than if someone fraudulently made one in my name.

Granted, deletion requires access to the account in question, so maybe that's enough of a hurdle already? In that sense it's already harder to delete than create.

replies(1): >>thauma+j81
4. darekk+Pc[view] [source] 2020-05-23 17:20:26
>>Jommi+(OP)
I've deleted a lot of accounts in the last few weeks, and Airbnb was the only one requiring an ID prove. I agree, it is indeed part of GDPR for them to ensure I have the right to delete my account. My only issue is that my ID does not prove anything in my case, because Airbnb doesn't know my identity which they could compare my ID with, because I did have to provide my ID after registering and I never booked anything on their site.
5. mindsl+Md[view] [source] 2020-05-23 17:28:14
>>Jommi+(OP)
It seems like a good idea to get a fake ID, to sign up for (free) accounts using that nym. Or I suppose if you can order fake IDs with custom nyms as needed, then you could consider that the price to delete your psuedonymous accounts.
◧◩◪
6. thauma+j81[view] [source] [discussion] 2020-05-24 01:26:13
>>ebertu+25
> Granted, deletion requires access to the account in question, so maybe that's enough of a hurdle already? In that sense it's already harder to delete than create.

I tend to agree that that is enough of an additional hurdle, but note that it conflicts with

> I agree that it should be just as easy to suspend your account as it was to sign up, but irretrievable deletion should be harder.

It's definitely not appropriate for any unauthenticated person to be allowed to suspend an account. You need the same hurdle on suspension.

I think it would be reasonable to have a grace period between the deletion request and the actual deletion, during which the account was retrievable.

[go to top]