things user/profile systems fuck up, bad assumptions
- the user will never delete their account
- the user should be expected to individually delete their posts
- the user will never change their legal name
- the user will never change their email address
- the user will never change their phone number
- if they do change those things, surely they will think to use our change info ui before getting rid of their old name/phone number/email address
- the same as above, but with SSO linkages
- the user will never die
- the user will never be arrested
- the user will never be subject to search and seizure
- the user will never want or need a copy of their data
- the user doesn’t need or want their data in any standard easily readable formats,
- some json or xml blob should be good enough right? that’s standard and readable, right?
- the user wishes to have their identity be immutable and persistent - that is to say, continue to be associated with old posts , analytics data and content regardless of the number of name and identifying info changes, thanks to “helpful” permafingerprint algorithms tracking the user across identity changes.
- the user will never have a stalker, an abusive ex, or angry internet mob
- the user probably doesn’t mind having their full legal name and list of postal addresses listed on the public web a google searcg away. i mean, it’s public data right? information wants to be free dude. you can just unregister to vote if you don’t like it.
- the user database will never be hacked or leaked: this one is interesting from the perspective of: if you start from the assumption your user database definitely will be leaked: what design decisions do you make differently
- These 6 things are different things, not the same thing. they do not require each other nor are they required by each other: identity, security, persistence, reputation, privacy, ownership.
- the user doesn’t care if their profile is indefinitely indexed by search engines by any and every old name they have ever had.
- the user is definitely some binary gender
- that gender is definitely something you need to collect
- that gender will never change
- you can enumerate all the possible genders without leaving anyone out
- the user is fine with a permanent and immutable URL being generated from their full name.