Locking users in by making it difficult to leave

eBay's 'My Account' section has no 'Delete account' facility

Privacy International has a report, ‘Dumb Design or Dirty Tricks?‘ on the practice of a number of popular websites – most notably eBay and Amazon – of lacking an easy or obvious way for a user to delete his or her account:

“Amazon provided the most blatant example of companies that refuse to provide account delete facilities… creating an account is relatively simple… However nowhere on the site can a customer actually delete an account. A trawl through all the ‘useful information’ statements (‘customer charter’, ‘privacy notice’ and ‘privacy policy’, ‘security guarantee’ and even ‘sign out from our site’) reveals nothing about closing your account, deleting your personal details, or terminating your relationship with Amazon. Even the site’s search function is useless for this: you can only search for products for purchase, not for information on how to manage your account. In fact, a search for ‘delete account’ even points to advertisements from ‘sponsors’ on how to open bank accounts.”

It is, of course, in no way ‘dumb design’, as the omission and obfuscation is entirely intentional: it is cunning design, frustrating a user’s attempts at exerting control by making it hard to leave. Just look at the efforts another high-profile name goes to for customer retention. It’s another feature deletion example, similar in spirit to, say, disabling the fast-forward button on PVRs.

(It’s unclear exactly what the immediate benefit is to Amazon or eBay to retain customers who want to leave and presumably are not going to be spending any more, except that a bigger customer base allows higher advertising rates, and also, as noted by PI: “The size of an online company’s customer base is a key element of its market value. Maintaining growth of that customer base is therefore a core indicator of their financial worth”; I suppose there is also the likelihood that customers may return at some point, and having an extant account removes one ‘hassle’ barrier to entry.)

PI believes that the absence of an easy account closure mechanism:

“breach[es] key elements of the Data Protection Act. No customer could reasonably be expected to invest the considerable time and effort required to investigate these sites, nor in our view should any responsible company create such obstacles.

As a consequence of this research, Privacy International has lodged a complaint with the UK Information Commissioner, requesting a formal investigation. This will be a test complaint, and has been directed at eBay.co.uk, which claims a user base of over ten million UK consumers.”

These are interesting examples of systems being designed to restrict users’ behaviour for commercial reasons, in an – on the face of it – extremely blatant way. There is some difference between a system which requires continuous payment, such as AOL, being designed to be difficult to cancel, and the eBay/Amazon examples, since the user is not locked in to paying a fee every month. But the effect for the locker-in is the same: more customers retained. There are plenty of parallels in designed-in lock-ins from other industries, from cigarettes and ink cartridges to deliberate software incompatability – even in Web 2.0 – and vendor lock-in generally.


  1. While I agree that the omission of the ability to delete accounts is entirely intentional, I disagree with its characterization as “cunning design.”

    Deleting accounts is a feature, the same way product recommendations, reputation systems and reminder emails are features. Each feature, of course, requires not only effort to implement, but is yet another thing to test every time there’s a new update to the website software. Adding the ability to delete accounts adds complexity, but contributes nothing to the business goals of the companies you describe.

    Now, if customers really wanted or needed the ability to delete accounts; or if this omission damaged the reputation of the companies in question, then of course it becomes more important to implement. But so far, that hasn’t happened. Incidentally, how can it be an example of “feature deletion” when it was never there in the first place?

    Last point: When you cancel your mobile phone subscription, do you really think they delete all your records, or any evidence that you were once their customer? Of course not; they just flip a bit marking you as an inactive or former customer, but everything else stays on file. One could argue that with Amazon and Ebay, the customer is *more* in control, because they can control their personal information;if they’re really concerned about it, they can remove their “real” information, and substitute bogus addresses, names, or anything else.

  2. Jaims

    I’ll advocate for the devil’s auction site. If you’ve ever tried to create a new ebay account using the same email address or paypal account that you used with an old one, the site will block you and try to send you to a ‘lost password’ page. As a security feature this is pretty lame (any competent scammer would simply have multiple accounts), but I could see how this might stop a mom-and-pop rip-off artist.

    If you do manage to convince people that they only get one account (whether that’s really true or not), they might be less likely to use it to play stupid pranks, or burn people by selling bad items.

    I’d call the ebay account setup a combination of dumb and cunning design – mediocre and functional.

  3. Dan

    I understand what you’re saying, but by any stretch, this is lousy customer service.

    Deleting accounts is a feature, the same way product recommendations, reputation systems and reminder emails are features.

    I disagree. It’s not a feature: it’s an essential part of the system. Just as we’re unlikely to trust an e-mail list that has no unsubscribe function, so we ought to be less likely to trust a system that has no way out.

    Each feature, of course, requires not only effort to implement, but is yet another thing to test every time there’s a new update to the website software.

    Oh boo hoo. It’s too much effort to have a delete function? Maybe it’s too much effort to give customers some respect, too.

    Adding the ability to delete accounts adds complexity, but contributes nothing to the business goals of the companies you describe.

    The ability to delete accounts isn’t something that has to be added. They’d sure as hell delete my account if I did anything ‘wrong’ with it: the functionality exists. It’s just that it’s been consciously removed from the user interface, hence it is ‘feature deletion’, at least compared with what a comparable interface would have.

    That’s an interesting point given the ‘reputation’ aspect of eBay: making it difficult to delete accounts (and then sign up again) may be a barrier to evading negative feedback. But it’s an ugly way of doing it, and is inherently (and unnecessarily) awkward for users who just want to leave.

  4. Oh boo hoo. It’s too much effort to have a delete function? Maybe it’s too much effort to give customers some respect, too.

    I never said it was *too much* effort; I said it *was* effort, and as such had be prioritized against everything else the company wants the website to do. Obviously, if people really started to demand it, it might become worth the effort.

    The ability to delete accounts isn’t something that has to be added. They’d sure as hell delete my account if I did anything ‘wrong’ with it: the functionality exists.

    No, that functionality doesn’t exist until someone adds it, and if you did something to offend them, they wouldn’t delete your account either; they’d just disable it. All the information you’re concerned about is going to stay there; the only thing that changes is that the holder of the account can no longer log in.

    Do you see my point about these kinds of systems giving the user greater control than with traditional customer – company relationships?

    The traditional way, the “architecture of control” was the phone; we as customers had no direct control over our data, and were required to go through a person on the other end of the phone, to change anything on our behalf. More often than those people are instructed never to delete your data.

    When you cancel a magazine subscription or mobile phone service, your account isn’t deleted; its status is just changed to inactive. Everything else stays on file.

    The difference is that now, customers have the ability to edit thier personal data directly — the previous “architecture of control” is removed.

  5. I thought I’d just point out a few other sites that didn’t implement an account deletion feature (at least, as far as I could tell in a few minutes of looking):


    In fact, I have a hard time finding any site more complex than an email discussion list that allows users to delete their accounts. Why do you think that is?

  6. Dan

    As you say, they weighed up whether or not to offer a delete function and prioritised other aspects over that. That’s a conscious design decision.

    It may be different in the US, but the UK’s Data Protection Act puts pretty stringent restrictions on entities that hold data on customers/users/members. As I understand it, if a customer wishes to terminate his or her account, the organisation cannot retain data against that customer’s wishes – hence Privacy International’s interest. As they note, YouTube and MySpace:

    “include the “delete account” function as a default part of the account management page. This is seen as being important both to Best Practice and to legal compliance.”

    (from http://www.privacyinternational.org/article.shtml...)

    I can see your point about the customer having ‘more’ control in the sense of being able to modify the data held, but, as you also say “everything… stays on file”: I would expect that the previous information is also retained, thus thwarting any attempt by the customer to _replace_ it with bogus names, addresses, etc.

    Yes, it’s true that many other high-profile sites don’t have an easy delete function. With Technorati, you actually have to e-mail them. And yes, I still do find it irritating. Maybe at present there aren’t that many users who actually want to delete their accounts, but should that minority be ignored?

    We can agree to differ, but I still see it as basic discourtesy not to show customers the respect of allowing them to extricate themselves from membership, and whether it’s a feature that’s never been designed, or has been disabled, it’s been done consciously and deliberately. It can’t be an accident that there’s no delete function accessible to the user: it is a design decision.

  7. It’s absolutely a conscious choice — that’s the first thing I said in my first comment 🙂

    Good point about youtube and myspace; I hadn’t noticed those.

    I think my main point was mostly this: that the omission isn’t as evil/cunning/wicked as you first suggested; sometimes it’s just the outcome of a ruthless prioritization process, and unless people like you and me scream for it, it ain’t gonna happen. I have a hard time believing, by the way, that those companies gain very much by denying you the ability to delete your account.

    Incidentally, as you can tell, my sympathies lie somewhere in the middle; while I would love to be able to control and delete all my data, my experience in product development gives me some degree of empathy for people in amazon, youtube and ebay’s shoes.

    I enjoy the site. Keep it up.

  8. Assuming you trust a site with your data, I don’t understand how deleting an account is a superior feature to the ability to unsubscribe from all email notifications. The ability to delete an account also adds the risk of unintentionally deleting extremely valuable information.

    I suspect that email lists have an unsubscribe feature because being subscribed to a list has an impact on your daily (or weekly/monthly) life. Whereas, having a dormant account sitting in a database somewhere has no impact on your life unless you go back to the site voluntarily.

    Also, unless the site continues to sends unsolicited email (which few good sites would), I don’t think it serves their business agenda. Deleting users can muddle the conceptual integrity of an application, so I agree that a company might prefer to avoid additional complexity.

  9. Dan

    I suppose my point of view is that “having a dormant account sitting in a database somewhere” does potentially have an impact on my life. My information is included in customer profiling, and sold on to numerous other firms: who knows what impact that will have down the line?

    I don’t really see how deleting users “can muddle the conceptual integrity” of an application. If I buy something from a store with cash, the store doesn’t obtain (or retain) any personal details about me or my purchase. That doesn’t seem to interfere with their business model; why (from a customer’s point of view) should online stores be any different? It’s only inconvenience that stops me creating a new Amazon account every time I buy a book (clearly with a reputation-based system such as eBay, the situation is different).

  10. I have to say, I have a hard time understanding why you’re getting hung up on the idea of having an “account.” Every time you order something that has to be delivered to you, your information is being recorded. Even if you create a separate login every time you buy something from amazon; or if you decide only to place orders over the phone; there’s a record of your purchase with your name and address.

    Help me understand: how does having a username and password make any difference?

  11. my choice not yours.. id like to get in because i thought your services is ok… Id like to get out because you failed to give me services im looking for in a site… LET MET OUT!

  12. Good morning, Happy Fool’s Day!!!

    A man speaks frantically into the phone, “My wife is pregnant, and her contractions are only two minutes apart!”
    “Is this her first child?” the doctor queries.
    “No, you idiot!” the man shouts. “This is her husband!”
    A woman got on a bus holding a baby.
    The bus driver said, “That’s the ugliest baby I’ve ever seen.”
    In a huff, the woman slammed her fare into the fare box and took an aisle seat near the rear of the bus.
    The man seated next to her sensed that she was agitated and asked her what was wrong.
    “The bus driver insulted me,” she fumed.
    The man sympathized and said, “Why, he’s a public servant and shouldn’t say things to insult passengers.”
    “You’re right,” she said. “I think I’ll go back up there and give him a piece of my mind.”
    “That’s a good idea,” the man said. “Here, let me hold your monkey.”

    Happy April Fool’s Day!

Comments are closed.