Automatic request for account deletion or email address change using community maintained service directory

[colin-axner]

Project description

As of recent I have been attempting to decouple my internet dependencies from the big tech companies. While not impossible, it proves to be a multi-year effort even when deliberately undertaking the effort. One of the most time consuming processes has been trying to delete my google accounts. Due to years of online account signup, my gmail's are listed as the login for hundreds of different accounts. Deleting these accounts or updating the email address manually is extremely time consuming.

Typically the process goes like this:

• Determine which gmail to delete next
• Lookup all the connected accounts in my password manager
• Choose one, search up its website, login, look for account delete option, if cannot delete (or don't want to delete), change email address, verify changed email address
• Repeat previous step until all accounts are no longer tethered
• Purge/back up google account data
• Delete google account :tada:

I've noticed that a large amount of services typically require me to email customer service to delete my account.

I'd like to automate this process as much as possible for people. This would allow less driven folks, who would like to abandon google or another email provider, a reasonable path to do so. My first thought was that this would be a service performed by some company. The likelyhood is no company could sustain itself in this niche. As an alternative, some open source code which automates the email sending and provides a community-maintained customer service email lookup would be sufficient.

The minimum viable product for this would basically just be a script that sends a pre-formatted template email to the customer service address listed in the lookup table when provided a list of services to do this for. More complex solutions may arise in the future, but I have not given them much thought. A better solution will likely present itself after attempting to use the proposed solution. The user will need to provide a list of services to do this for. I suggest initially supporting 2 email templates. One to delete the email and another to change the address. After receiving the customer service response, the user may need to manually take action from there. Based on the regularity of the responses, we may be able to automate this as well.

I might create a repository to do this project, but I have not committed myself to it. I will respond to this issue if I do. Anyone can feel free to lead this project and I will gladly contribute what I can (especially since I will actively use it)

Relevant Technology

The email automation will probably be a script and some JSON blob could be used to maintain the customer service email addresses.

Complexity and required time

Low-complexity. I'd estimate the script could be written fairly fast by someone who has worked with automating emails via code. The JSON parsing should be easy and a CLI command could quickly be hack'd up to support adding customer service emails to the JSON.

Complexity

• [ ] Beginner - This project requires no or little prior knowledge of the technolog(y|ies) specified to contribute to the project
• [x] Intermediate - The user should have some prior knowledge of the technolog(y|ies) to the point where they know how to use it, but not necessarily all the nooks and crannies of the technology
• [ ] Advanced - The project requires the user to have a good understanding of all components of the project to contribute

Required time (ETA)

• [ ] Little work - A couple of days
• [x] Medium work - A week or two
• [ ] Much work - The project will take more than a couple of weeks and serious planning is required

Categories

• [ ] Mobile app
• [ ] IoT
• [ ] Web app
• [ ] Frontend/UI
• [ ] AI/ML
• [ ] APIs/Backend
• [ ] Voice Assistant
• [ ] Developer Tooling
• [ ] Extension/Plugin/Add-On
• [ ] Design/UX
• [ ] AR/VR
• [x] Bots
• [ ] Security
• [ ] Blockchain
• [ ] Futuristic Tech/Something Unique

[KOLANICH]

Determine which gmail to delete next

Why not to just have 1 email account to be used for the most important services, and for the rest of use a disposable email?

My first thought was that this would be a service performed by some company.

If people don't trust Google, why should they trust tue company you mean?

As an alternative, some open source code which automates the email sending and provides a community-maintained customer service email lookup would be sufficient.

Not a viable alternative. Too many services, which are too diverse and have too different ways to unsignup. Some of them don't have an unsignup option at all.

a script that sends a pre-formatted template email to the customer service address listed in the lookup table

And your e-mail account may be banned for spam. Or may not. I have written a bot to request quotes from emails of companies, but it is a very different case. In the case when I request quotes, I want to pay some money to the companies. It is in their best interests to answer and send me the quotes. But in your case you just want them to delete your personal data. It is not in their best interests. Your emails will likely be ignored. Sometimes they may require you to write them a paper letter with your real world identity, and then respond "we have deleted your data", but instead moving them into a separate DB and adding the data from your identity documents there too. You cannot check or ensure that.

So my approach is much simple. If a service provides the feature to download the data, I download the data and archive it somewhere, just to know the lower bound of the data a service has on me. Then, if a service has a feature to delete an account, I request its deletion. I don't beleive the data are really deleted though. Anyway, I change the password to a new one, as strong as the service permits, for the case my old one has been compromised somewhen. Then I just stop using the service.

IMHO what has my deep concern, is the email system is the root of centralization.

Given that currently most of the accounts (that ones that are not tied to cellphone numbers directly) are tied to emails (that are in most cases are mandatorily tied to cellphone numbers directly), it gives email providers a power to deprive you all your accounts. So, email provider controls all your accounts.

It is called that email system is decentralized, but it is deeply centralized. Federation has #clients >> #servers and allows separation of roles between clients and servers in order to achieve security, so to control the system one has to only control the servers.

Trully decentralised systems have #clients=#servers, and no role separation and no trusted parties are allowed to achieve security, instead security is built into protocol design. Such systems have no server owners to control you.

There are some systems, but they are

1. likely backdored
2. unpopular
3. not well-received by websites owners, because it is in the best interests of the most of them to make you rely on a third party that will make you rely on another third party that will require your ID to be given, and then all the three parties have some data to sell to a data merchant. Loss of a link between your account and your ID greatly undermines the usefullness of the data for the customers of the merchant, so for the merchant itself, so for the ones who sell the data to the merchant.

[colin-axner]

Why not to just have 1 email account to be used for the most important services, and for the rest of use a disposable email?

I'm not sure what the approach of linking email accounts to service accounts has to do with the problem of decoupling a certain email account from existing accounts.

If people don't trust Google, why should they trust tue company you mean?

For me, it's not about trusting Google. It's about not being dependent on Google. I could apply your suggested approach of download data and update pass to be super difficult, but I want the psychological feeling of knowing I no longer have certain google accounts.

In my perspective, it is like living as a peasant on a farm under a monarchy. Maybe I am completely unaffected by the monarchy because I grow my own food, but at the end of the day, I still know I live under the monarchy.

Not a viable alternative. Too many services, which are too diverse and have too different ways to unsignup. Some of them don't have an unsignup option at all.

I'm not proposing an end game solution here, just automating what I am already doing.

And your e-mail account may be banned for spam

This is a good point I had not considered. Though given that they will be sent to different companies with the email I have an account with them, then I don't see why the email would immediately be marked as spam.

Your emails will likely be ignored. Sometimes they may require you to write them a paper letternwith your real world identity, and then respond "we have deleted your data", but instead moving them into a separate DB and adding the data from your identity documents. You cannot check or ensure that.

Sure. I don't see any harm in requesting your account to be deleted. This is just personal preference. Even if I put a strong password on an account and abandon it, it never stops an attacker from finding a vulnerability and pretending to use my identity. Even if used on a throw away service, it just is generally something I would prefer not to occur. Again not suggesting this be used by the normal person, I just figured perhaps another person might be interested in doing the same as me and in this case it makes sense to log the customer service email addresses and automate the process.

So my approach is much simple. If a service provides the feature to download the data, I download the data and archive it somewhere, just to know the lower bound of the data a service has on me. Then, if a service has a feature to delete an account, I request its deletion. I don't beleive the data are really deleted though. Anyway, I change the password to a new one, as strong as the service permits, for the case my old one has been compromised somewhen. Then I just stop using the service.

IMHO what has my deep concern, is the email system is the root of centralization.

Given that currently most of the accounts (that ones that are not tied to cellphone numbers directly) are tied to emails, it gives email providers a power to deprive you all your accounts. So, email provider controls all your accounts.

Yea using emails for user accounts is an awful system. Same goes for using phone numbers to verify identity. My general philosophy is to use email as little as possible, but this is unavoidable. Therefore I'd like to start purging what accounts I can, even if some don't actually get removed.

Trully decentralised systems have #clients=#servers, and no role separation and no trusted parties are allowed to achieve security, instead security is built into protocol design. Such systems have no server owners to control you.

This is a bit off topic for this proposal. I'm interested in sharing tools to make dealing with the centralized world bearable. Decentralized accounts will be popular with decentralized services.

[colin-axner]

https://yourdigitalrights.org/ this browser extension seems relevant. Achieves the same as above more or less

Code is here. Going to give it a shot instead developing my own