> (v) Account Sign-In: If your app doesn’t include significant account-based features, let people use it without a login. If your app supports account creation, you must also offer account deletion within the app. Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law. If your core app functionality is not related to a specific social network (e.g. Facebook, WeChat, Weibo, Twitter, etc.), you must provide access without a login or via another mechanism. Pulling basic profile information, sharing to the social network, or inviting friends to use the app are not considered core app functionality. The app must also include a mechanism to revoke social network credentials and disable data access between the app and social network from within the app. An app may not store credentials or tokens to social networks off of the device and may only use such credentials or tokens to directly connect to the social network from the app itself while the app is in use.
To be fair the “right to be forgotten” is, in fact, a law in the EU, it’s just that often you need to go through great lengths to exercise this right.
Apple’s playing field is just much more narrow, which allows it to enforce rules like these in an elegant manner which makes for a much better experience to the end user.
I’d never heard of the “Hotel California business model.” Googled it - for others: Hotel California is a song by the band The Eagles, which contains the lyrics:
“Relax," said the night man,
"We are programmed to receive
You can check out any time you like
But you can never leave!"
Logically, after you check-out of a hotel you've surrendered your right to abode at that location - after that you're usually limited to common/shared areas like the lobby, bar, restaurant, maybe the pool - but excepting the lobby those places are closed at night - and they'd have security to remove people from the lobby if necessary - so as far as the Eagles' are concerned, what is it to "never leave" when you legally cannot stay?
Can anyone translate that into practical terms? To me that doesn’t match this post’s title, currently “AppStore: Apps supporting account creation must also offer account deletion”.
Quote:
The app must also include a mechanism to revoke social network credentials and disable data access between the app and social network from within the app. An app may not store credentials or tokens to social networks off of the device and may only use such credentials or tokens to directly connect to the social network from the app itself while the app is in use.
There’s nothing about account or stored-data-about-me deletion in there.
That sentence is about storing Facebook logins, for example, not storing other data about the user. Apple is saying you may allow people to login to their social networks (to post through your app) but you cannot save their login from Facebook into your private (off-device) server.
At present, by requiring the use of Apple's IAP system for subscriptions, this is already taken care of.
Given the Apple vs. Epic stuff going on, this may change soon -- In that case I'd also like to see rules against excessive retention tactics / dark patterns.
>If your app doesn’t include significant account-based features, let people use it without a login...Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law. If your core app functionality is not related to a specific social network (e.g. Facebook, WeChat, Weibo, Twitter, etc.), you must provide access without a login or via another mechanism.
Ok, shoutout Apple for this. But shouldn't they apply their policy intent to themselves too? I can technically use an iPhone without an AppleID, but you need to login to download apps. I would argue installing apps shouldn't require a login.
Not all apps are free and persistent purchases tied to a user account are certainly preferable to needing to keep a list of license keys handy every time you delete and reinstall an app, etc.
A few years ago I was part of an AI customer service startup. One of our first customers was a web hosting company, and we were supposed to take some of the load off the chat support team.
When we talked to the support team they told us their by far largest task was handling account deletions. They had tried to just put a button in the control panel, but the CEO of the company thought it was bad for retention.
So we started writing scripts for "I want to cancel my account" and similar requests. The official process also required the users to verify by email after talking to support, so there were a number of steps. Eventually we needed an API call for actually completing the process. But we were told the CEO had to approve.
The CEO didn't know we were working on automating account deletions. And when we finally got to talk to him about giving us API access, he decided it would be easier to just add an account deletion button to the control panel.
That's how we lost our initial business case.
To me, even if you don't have an account deletion button. User retention isn't going to matter because the people who are looking for it aren't going to use the service anyway, you are just holding onto dead data
Tell that to giganews or dejanews whoever the F it was some usenet service I signed up for once, who had no way to cancel the account on the site, required a phone call during business hours in Sweden or somewhere, and I think I even did the first few of their hoops like sent an email to the special address, but when they didn't simply honor the request, I just stopped paying.
I think either the card was expiring naturally or it was google pay or something that I could shut off. (it was years ago by now so thats why the vague details)
anyway, they actually tried to say I owed them money for years and I even got emails and calls from collections companies for a few years.
If they had been in the US I bet it would have been harder to just blow them off like that.
Simply stopping payments is not the ultimate trump you and I both thoight it should be.
For my part I decided I was on record as having requested to cancel the service, and had not used the service, so do your worst. Go ahead and try to convince a judge that I owe you anything.
I’ve seen quite a lot of people complaining about this on Twitter. Is there some negative to this I’m not aware of other than companies losing customers? I’ve come across more and more sites in recent years with no account deletion option and it’s hugely frustrating. One I discover it and manage to shut my account down via a support channel they have lost me for good. There is no way I’m ever becoming a customer again because I can’t trust them with my data if they’re going to hold it hostage. If they’d included the account deletion option I very well may have returned in the future.
Reddit has been allowing easy account deletion and content deletion for years (since the beginning I believe?) and while I enjoy that freedom, it also makes some old conversations almost impossible to read where [deleted] answers to [deleted] and only one message in the middle of the conversations still there saying "Wow that's really interesting information! Everyone should read that!"
This has even become a way of trolling in some subreddits where you try to make people waste time answering you in detail then deleting all your messages.
This has prompted some people to quote bigger parts of the original message.
Deleting accounts is a right, no problem about it, but deleting public information is really problematic. The right to be forgotten should be a moral right, not a legal one. I don't want it to be illegal to point out politicians responsibilities in Iran-Contra or the Iraq war even 20 years after.
Or indeed, deletion of your comments. The way dang explained it to me was that each comment thread is a shared work created by multiple people rather than a collection of individual comments. Since you don’t own your comments, you can’t delete them. He is very accommodating about requests to disavow comments from your account.
But I don’t expect people on HN to complain about this. They hold every other website to absurd standards on data ownership and content moderation, while happily being users of a site where they own none of the data and are subject to strict rules about what can be discussed and how.
You didn’t waive or assign copyright but you did “grant Y Combinator and its affiliated companies a nonexclusive, worldwide, royalty free, fully paid up, transferable, sublicensable, perpetual, irrevocable license to copy, display, upload, perform, distribute, store, modify and otherwise use your User Content for any Y Combinator-related purpose in any form, medium or technology now known or later developed.”
So, with a license like that, they can legally choose to keep showing your comment if they want to.
That said, I think dang will help delete things if you email to ask and have a good reason. I’ve done it with a couple of my comments.
I’m sorry to disappoint, but Hacker News doesn’t delete entire accounts because that would gut the threads it participated in. We do sometimes remove specific comments if users are worried they’ll get in trouble, and we’re also working on the ability to rename accounts. Would either of those help?
Regards,
<name> (a moderator)
I don’t quite agree with it but have to recognise I have no leverage here.
I agree with the idea that once you say or do something in public, you no longer have any rights or control over it, other than about credit or slander.
You have a right to complain if someone lies about something you said, either by putting words in your mouth or taking credit for your words.
You have zero rights over anyone else's memory of the fact that you said something or what you said.
That's not some new thing HN is doing, that's just life.
Yeah, HN privacy standards are really low. I was horrified to read of moderators using the email addresses that they say are for account recovery to contact commenters. (Thankfully I never put an email in my account; I'd definitely have felt the need to send a GDPR notice if that happened to me). I assume that sooner or later an EU resident will decide they actually want to quit and force the site to buck up.
> What is the issue around moderators of a service you signed up for, contacting you via the email you provided to use this service?
My email address is personal data and as such it's legally required to be
collected for specified, explicit and legitimate purposes and not further
processed in a manner that is incompatible with those purposes
Using it to contact me about my comments as a moderator is not compatible with using it to reset my password, which is the only specified, explicit purpose that I (could have had) supplied it for.
Expectation: Apps offer account deletion, finally empowering the user.
Reality: Apps no longer support seamless account creation and instead redirect the user to a website to register, user can no longer manage any aspect of their account from the app.
Not the GP, but seems to me the assumption there is "companies will do everything in their power to make it hard for you to stop making their numbers go up", whether those numbers are actual money, user data, or just total user counts.
Alongside, of course, the assumption that "companies don't respect their users in any way, shape, or form."
These seem like assumptions which, while they certainly have exceptions, are well borne out by the available data.
It would be great for this to be reestablished as the norm for online services.
I think some might argue that being able to intercept a user at account deletion via support gives them the opportunity to either solve a misunderstanding in the product or better understand why the user is leaving but I think there are much better ways to accomplish this. I’m more convinced this is done as a dark pattern to add friction to the deletion process.
A notable example was having to contact support to delete a Starbucks account.
I think it's much more likely that it just takes timeand money to develop how the deletion process works, testing the implementation etc. It's easier to just not have the capability since it's not critical to the majority of users.
Fair point, that’s probably a decent part of it, but the deletion process has to be defined somewhat formally for a support person or some one else to do it, no?
And they could still offer an account deletion button which automatically filed a support request. Most sites which don’t offer account deletion have made me dig or google for a solution instead of putting any info in a contextually relevant spot such as in account settings or in a support article about disabling an account.
Unfortunately I do not have evidence to justify this position but for most companies from an incentives standpoint as I understand them: 1) a user who cannot delete an account will have a far easier time using the service again compared to a user who has deleted an account so they are more likely to reengage, 2) user numbers and active user numbers may be important metrics for funding or company evaluation, 3) assuming data is deleted on account deletion then that can no longer be used for marketing or model training, 4) services which rely on the network effects from the user base need to have a relevant and usually large user base to provide consistent value, 5) if done manually there support and or dev cost on each account delete request.
The ability to easily delete an account they don’t want anymore? Without jumping through hoops like contacting support. Not sure your question is serious or not.
Also the stakes are a lot higher as it could delete all of someone’s photos, backups, music and video purchases - not to mention all of their apps and related data.
I believe you can delete it through the iCloud website.
Of course, people use their apps for all sorts of important things, and it would be disruptive to accidentally delete their accounts from many of them. This issue can be mitigated through confirmation dialogs and other measures.
So Apple’s new pro-consumer policy applies to everyone but Apple. Interesting, but not unexpected.
Apple writes these rules, and as platform owner of iOS they can design the rules not to apply to themselves. I don’t think that’s a good defense against the obvious hypocrisy here. A major part of Apple’s playbook these days is to design some policy that has the effect of advantaging themselves vs. competitors, while also helping the consumer. I think it’s an effective strategy, but it also deserves some criticism. The consumer would be helped more if Apple treated their own services equally.
Arguably, yes, for some people, iCloud is more important than, or as important as, their bank account if their iCloud is used for disaster recovery of their primary computing device data, including passwords. Maybe even the password for their bank account.
Are you being deliberately obtuse or just really not able to understand that Apple provides two things: 1) an operating system with ancillary features and 2) an App Store with applications for sale?
iCloud is not an app that you can download on the App Store. It is an ancillary service for the operating system.
I hope they finally crack down on Instagram (and maybe some of Facebook’s other apps?) which make you go to the browser to deactivate/delete your account. I’ve done this a few times (temporarily deactivate) and requiring me to switch to the browser first and login with my IG credentials — something I would never otherwise do — seems like a sneaky way to drop a tracking cookie in my browser before I leave for a while.
'Right to forget' is required in EU, and it's been illegal in California since 2018 for subscription services that take signups online to not offer online cancel options too (i.e. without being forced to call customer service). https://techcrunch.com/2018/07/04/californias-new-online-can...
Visa cc passed new policy in 2020 and New York did in February 2021. So the infuriating practice of forcing us to call or go through chat loops to quit a basic subscription are numbered. I feel strongly enough that I started brightback.com in 2018 to help make online cancels easy for app/saas developers to offer while keeping it simple for the customer.
A related question about this: if an account was flagged for something (e.g. the account was shadow banned), is it OK by GRPD standards to:
1/ not tell the user this info.
2/ keep track of the fact this account was flagged after the account was deleted, for instance by keeping a hash of the email address of the accounts that were flagged?
Not sure about #1, but #2 is definitely allowed, although you’re supposed to keep only the data that you need to prevent them from circumventing your ban system.
An interesting corollary: A software supporting file creation must also support deletion. A user can create a document in Microsoft Word and save it. Why can't they also delete it from within Word. If they have an open document, where's the delete button to just delete it. :-)
Hackernews should also provide account deletion option.
In case of accounts getting doxxed for people who do not want it. Account deletion will help in saving fallout.
Based on a quick Cmd+F this document doesn't explicitly define what 'Account deletion' must be. Does it just mean that the user does no longer exist on the app's frontend, but all data is retained? Or does it explicitly mean that all data relevant to that user is deleted?
I think that's already there. If you subscribe using the app store subscription mechanism you can see a list of subscriptions in your account settings, including unsubscribe buttons.
My point is for that to also be in the downloaded app, since the new rule requires account creation and deletion to both be in the same place - which I think is a natural place to look for it as a user, savvy or not.
> How do you cancel your Clubhouse account? I was invited to talk about Apple and monopolies, and that was (mostly) a fine conversation. But I have no interest in staying in that place, yet all I see is a Log Out option, no "Cancel Account" option?
> (v) Account Sign-In: If your app doesn’t include significant account-based features, let people use it without a login. If your app supports account creation, you must also offer account deletion within the app. Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law. If your core app functionality is not related to a specific social network (e.g. Facebook, WeChat, Weibo, Twitter, etc.), you must provide access without a login or via another mechanism. Pulling basic profile information, sharing to the social network, or inviting friends to use the app are not considered core app functionality. The app must also include a mechanism to revoke social network credentials and disable data access between the app and social network from within the app. An app may not store credentials or tokens to social networks off of the device and may only use such credentials or tokens to directly connect to the social network from the app itself while the app is in use.