The New Defaults
The functions every online service should offer, from day one.
C.R.U.D., or Create, Read, Update, and Delete, are the most basic functions any database can perform. Our identities, personal information, bank accounts, our most intimate and private moments, are stored in databases.
These same databases are somehow portrayed as incredibly complicated when one decides to end their relationship with a provider. “10-14 business days”, or “30 days”, sometimes longer, are the time frames online services tell users who wish to cancel their accounts. What happened to the D in C.R.U.D.? It should be simple, right? Sure, there is redundancy, and backup, but unique IDs are also standard in both databases and online profile creation. A simple query across databases to delete any account should be near instantaneous. I find it ironic that a company that I can access 24 hours a day uses “business days” or has “support hours” to begin with—more symptoms of the more seedy customer service practices of yesteryear that have crept their way into our modern world.
Every online service should, by default, allow me to delete my account immediately, in no more than 1-2 actions:
- Notify the service that you are deleting your account and all associated data, the results of which should occur immediately.
No one is “asking” or “requesting”, and is definitely not willing or required to email “support” for such a task. The data is ours, and is in our control, not a faceless admin. - Export every last byte of my content.
Again, this is the R in C.R.U.D, a simple database query. Find all posts from this user and export the content in (*ahem* clean) HTML or Markdown.
Notice that there is no confirm step. The first step is confirmation enough, and was a conscious decision on the user’s part. Cognitive psychology has proven that because of the onslaught of confirmation prompts users have had to slog through over the years, that answering “yes” to these prompts have subconsciously and habitually become part of the act of deletion to the user.
“Answering “yes” to the prompt for confirming deleting a file becomes a habit, which defeats the purpose. Using a task that prevents habituation (e.g. a task that changes subtly every time) would solve the problem but draw attention away from the user’s end task and annoy the user.”
Jef Raskin, from the Humane Interface
An even better experience would be to combine both into a single step, and allowing users to export their content as part of the cancellation process. This could potentially be an even easier database function for the system admins, and would certainly be a useful default in the future.
Service, on our terms
We live in an age where our personal data is essentially a publicly traded commodity, a state that I’ve never been comfortable with, but have learned to accept on a case-by-case basis. We’re often told that “the privacy policy and terms of service link is there for you to read, before you sign up”, but frankly, this is a legal shield, and a sub-optimal user experience at best. Good companies that truly value user privacy, identity, and personal data have taken TOS/privacy policies a step further, making them open sourced and user-editable.
While this is great progress, every service (I’m officially foregoing the adjective “online” because it’s redundant) should start with the CodePen model from day one. CodePen’s Terms of Service are broken into two equal halves: the official, legally-binding copy, and the plain English copy. Google has begrudgingly tried to do this in their TOS summary of changes, but the tone of the copy feels irritated. Tone is every bit a part of the experience as the copy itself.
“Because many of you are allergic to legalese, here’s a plain English summary for your convenience.”
“It’s just good common sense.”
(See http://voiceandtone.com/ for a perfect example of the right way to approach tone.)
Plain English can be tough to define when specifics get involved, so the legalese version still has a place as a backup, but should not be the user-facing version linked to in the footer and FAQs. Good services won’t even need to hear this, though. Users will already know what’s being collected and how it will be used.
Buy low, sell high
The startup is as much of a commodity as our personal data. They’re bought and sold as investments, many times with user profiles being the primary acquisition target. When that happens, users are caught in the cross-fire, and given very few options with how to respond.
With the two defaults in place—instant account deletion, and content archive exportation—users gain the freedom to control what happens to their data when a service gets acquired, shut down, or most frequently, both. To be fair, Google, Facebook, and Twitter each offer ways to export your data, but as far as I know, the functions aren’t linked to account deletion for the latter two.
Everything has a price
“The best gifts in life are free” is true, but the phrase is in reference to special moments in life, not social networks or email accounts. At the end of the day, Facebook and Google are businesses, and businesses need to make money to operate. It’s simple economics. The adage coined in the information age “if you’re not paying for a product, the product is you” should be your rule of thumb when deciding whether or not to tap that sign-up link. In fact, an even easier rule is that almost every service you can sign up for that isn’t itself open-sourced, is being offered by an advertising company. You may be asking, “you expect me to believe that Google, Facebook, and countless others are not tech companies, but advertising companies?” Yes. I do. The questions you should be asking about any service before granting access are ‘how does this company make money?’, and ‘who is this really for?’
When modern ATMs (or ABMs depending on which part of the world you’re in while reading this) were introduced in the 1960s, who gained more? The banks, or the customers? The banks gained even more detailed access to the locations, frequency, and habits of customer’s withdrawals—eventually at a price that we still pay. The customer gained 24/7 access to their own money. The high price of convenience was once again, advertising. It was officially OK to allow an institution to charge us for constant access to our own money, and record our habits more closely so that banking products could be designed and sold to us. While this certainly sounds ludicrous, so does entitlement.
When we use an email provider, or social network, do we truly believe that we deserve it at no (monetary) cost? We shouldn’t. A company, no matter how it is portrayed, is providing a service, and services are exchanged for a cost. That’s how business works. The trade off is our personal data, and is a decision only each one of us can make for ourselves.
There’s work to do
Both the service provider and customer need to realize that work has to take place to improve these business relationships in the future. Users need to take personal responsibility and get answers to the important questions before deciding to fork over their data. In order to make informed choices though, services need to be truly transparent and forthcoming in plain English about how money is made, and how personal data will be used. Once that is covered, allowing the option exporting of user-generated content at the time of (immediate) account deletion as the new default, we’ll be on a much better path to customer experiences.
