Is there any way for us tell iNat what we would like to happen to our obs and IDs if we go quiet, one way or another?
Waiting for your feedback before releasing it…
Maybe the log file listing the recently lost IDs and comments should be an HTML file (to open in your web browser) with links to observations, and lost IDs and comments displayed below the observation link?
It was a long read to find out if someone had addressed this. I was thinking the same thing. How would that “other party” respond to the seemingly endless email notifications that would pile up daily? If one’s goal was to reconcile the life of a deceased loved one, what would their response be? There is the unsubscribe option in the emails but would that be enough? It does seem like there is a “do you really want to do this?” warning when deleting an account but if one just wanted the reminders to stop and they had no idea in the slightest of how iNaturalist works, would that stop them?
If one is the Executor, one must follow the instructions. The Executor must report to the Court that he/she has in fact followed whatever instruction has been left in the will (or codicil) to address electronic assets, including emails, digital photos, blogs, websites… and social media.
If the only instruction is a generic “upon my death all accounts on websites not owned by me are to be closed, deactivated, or deleted,” and the only option on a particular social media application is closure, and such closure triggers deletion of all activity, that is not the fault of the Executor.
Maybe the website ought to offer more options but also maybe everyone concerned about his/her digital assets would do well to make extremely specific directives for them.
What about 2 independent actions on my account:
- Delete my online contents: ☐ Observations (including my photos and sound records) ☐ Identifications (made for others) ☐ Comments (made for others)
- Close my account.
Anyone “just leaving” iNat (or an Executor “just closing” an account), not caring about the details, would just close the account, without deleting any content at all.
Only persons actually wanting to destroy their contributions would do it.
And only those persons would receive insisting warning emails asking for confirmation.
This is interesting. iNat has previously said that (on principle) they always want to allow people to delete all their data.
So how would someone react when they have deleted their data on iNat to find out that actually their data still exists on someone else’s machine as part of a backup enabled by iNat’s own API?
Any lawyers in the house?
There’re many backups happening, our project is doing it regularly, it’s the Internet, nothing is truly deleted.
I like your idea, and in particular, your proactive problem solving. I think that is very much a community-supportive project and generous of you to put your time and skills to work on this issue. Only, I don’t have any credentials for evaluating technical or policy aspects. I’m pretty much a lower level user here; that is to say, interested, but not very accomplished .
Well, yes. Data leakage on the internet is an issue. Steps can be taken to prevent it if necessary/desirable but it’s a challenge.
My point is that iNat is actively providing and supporting the tools for this data to be siphoned off to external parties at the same time they are claiming on principle that the data creator’s right to delete their data is paramount. Their principles are in opposition to their feature set.
In terms of what’s more useful, I’d say the ability to export the data is a critical capability. Mass deletion of a user’s data? Not so much.
I haven’t seen any mention of the possibility of a user data hack or stolen password (though I only skimmed some of the MANY replies here). It seems someone could maliciously delete prominent accts if they managed to get the passwords. This could be an individual act by an angry ex, or a malicious massive attack.
Whatever the cause, if iNat personnel aren’t taking this very seriously, then I have a lot less faith in the entire platform now than I did before reading this thread. I can’t be alone in that. Why should I contribute my time to a dbase that can be randomly shot full of holes?? iNat needs to address this.
M, you can easily restore it if you email iNat help, just do it immediately.
Assuming iNat follows reasonable industry practices (and I have no reason to think they don’t) there will be plenty of measures in place to mitigate the impact of such an event even if it can’t be prevented.
Personally I would like to see multi-factor authentication brought to iNat, which would go some way to reducing the likelihood of the scenario you describe happening in the first place. I note a feature request from 2019 stating that it would be looked into only after email verification has been implemented.
iNat staff seem to get inundated with various feature requests, many of which are mostly “window dressing” or “niche” features that few would use, rather than important upgrades that would improve stability and security of the site. I’m sure the latter are a bigger job to tackle, but far more important in my opinion
What about stating something like:
The identifications you make for others are valuable gifts to the community of iNaturalist users, present or future. Only you is allowed to withdraw, replace or delete your identifications. Considering that the whole set of observations would be meaningless in the absence of identifications, iNaturalist will not mass delete your identifications, even in the case you decide to close your account.
If someone want to delete all “his” items, he deletes them one by one.
Plus: this has simply nothing to do with the closure of an account.
Feature management is part and parcel of working with any technology user base. What one person thinks is critical, another thinks is worthless. The truth usually exists somewhere between the two positions and it’s the product team’s job to look at feature requests objectively from various angles, including usability, applicability, reliability and security, then based on these they have to assess how their implementation should be prioritised. The challenge is that some of the assessment criteria are in opposition to others - security vs usability being a classic example. The bigger challenge in a small team is having the bandwidth to actually get the work done.
I am not qualified (extremely not!) to design policy however I think you are offering some good ideas. That said, I think of them as starting points. I wonder if you (or others) should flesh them out a bit more.
If you decide to, I would offer the following, a best practice: ask the question, And then what?
And then what? What should happen if someone attempts to tag the person? Send a message to the person? Should their profile remain active? Should they have the option to return later but “from the starting line”?
And then what? Should the person’s information, including all data points disappear? Should their profile become un-clickable or vanish?
I think when the majority of reasonable/foreseeable “and then what” scenarios are chased down, it becomes easier to assess if a two independent actions track is reasonable (and if it is this one or another), if a third action option is called for, if the status quo works better than presumed, or… some other as of yet not conceivable course. (Again, I am not the person to design policy.)
(By the way, and still related to vanishing one’s own account, the "and then what?’ practice works well too when one is considering taking that exact course of action. Consider all the way down, beyond the first moment of satisfaction one might initially derive.)
I used to have two accounts when I first started Inat(I didn’t know that wasn’t allowed in the rules), and eventually got one of the accounts merged into my current account. Sure that account “vanished” and removed identifications that both me and my other account identified. The @ mentions are still in old observations…including Gerald.
I made a mistake that eventually led to over 8,000 people getting an identification deleted, of which 10% were accidentally incorrect.
I suggest a separate option “Delete my online contents” only because otherwise iNat staff will refuse the possibility to delete an account without deleting the contents. Without this consideration, I would merely suggest no way at all for deleting all contents.
My hope is that people will not use the option “Delete my online contents”.
I propose “Delete my online contents” only as a separate action, because it has a strong impact. It should not be an option in the act of closing an account, that is too dangerous. This may prevent a newby, an angry user, or an Executor from doing more than necessary. Better not to suggest them to do too much.
I wouldn’t even make it this easy. If the user wants their content deleted, they should have to email iNat support to confirm it.
Of course my preference is not to provide any such facility anyway - the ID, obs and comment data should be anonymised and retained.
Yup. The folks that iNat needs the most are the ones who know how to use field guides and to key things out, and have access to those materials. And that knowledge and access, in itself, means that they have little need of iNat.
If you didn’t take a selfie and post it to Instagram, did it really happen?
Some of my best memories of nature are from when I was a kid. Only serious computer geeks even knew about the proto-internet back then, and I certainly didn’t carry around a camera, or even a notepad. Were all those happy hours in nature wasted because they didn’t produce a dataset for someone?