Goodbyes are forever... or are they?

Are you one of those people who likes to try out a lot of apps? Are you also one of those people who, when they cannot find a way to cancel their account, has weird nightmares about having their profiles floating about in the ether and becoming hopeless pawns in the hands of some master evil doer? Ok maybe I’m not quite as paranoid. But I do worry frequently about the number of channels I’ve unknowingly created for my identity to be hacked. Which is why I dislike being caught unawares by an app that won’t allow me to cancel my subscription or delete my account.

But I see the other side of the coin too. For all technologists, complete deletion of user data from their databases is unpalatable. We feel concerned by all the ‘what ifs’.. ‘what if the user accidentally canceled their account?’ or ‘what if an angry spouse with access to the account deleted the user’s data, and the real user wants it back but now it’s gone?!’ or ‘what if that data was somehow connected to other users and now those users have a terrible user experience?’. So on and so forth.

If you are a financial institution or this is transactional data (read ‘money changing hands’), well for ediscovery reasons you legally cannot delete the data until a certain period of retention. But lets leave the financial data out of this conversation for simplicity’s sake. If it is a matter of pure user-generated content, what is the best way to handle requests for data deletion?

Maybe ‘soft’ deletes aren’t so bad. They let you keep the user’s historical data but remove all access to it, so if required in some distant future it can be recovered. Also, soft deletes can leave the unique user identity intact in the back-end, while freeing up linked emails or other bits of information that may be used on the front-end for new users to… well… use. But what if the user is quite sure they want no trace left behind when they cancel an account? Even when parting ways it is important to make the user experience as close to delightful as possible. And that can be accomplished by respecting the user’s wishes, while maintaining a checkpoint in the user flow to ensure that deletion wasn't by accident (for example, keeping the data for a period of say 90 days during which time the user may request data recovery).

What is your philosophy when it comes to user account cancellations or deletions?