Other Software > Developer's Corner

Programming 101 Lesson: Don't Purge User Data

(1/5) > >>

mouser:
Here's a lesson to the programmers out there on the importance of preserving user account data, even when you are sick of them.

So today I went to buy someone a gift certificate at newegg.com, which for some ungodly reason will only let you use VISA credit cards to purchase said gift certifcates (and not MasterCard -- is there some kind of predjudice against credit card issuers I'm not aware of?).

That's ok, I have a Citibank MasterCard and a Chase Visa credit card (i'm not altogether unfamiliar with the concept of debt).

So I place my order and it is rejected.  I go online to check my Chase account to see what's up.

My card account is gone.

Weird.

Ok so I call up Chase, whose automated system wants me to type in my account number.  I do so and it complains and tells me i must have typed it in wrong.  After smashing my palm on the keypad for a few seconds i am transferred to an operator.

The operator tells me my account doesn't exist.  Am i sure i had an account with them?  Only since 1997 I answer.  "Well we aren't showing any such account."  Then they do what they normally do which is basically wait for you to say thank you and go about your life and stop bothering them.

I surprise the operator by explaining that I'd kind of like to know what has gone wrong.

I spent the next 40 minutes being transfered to different supervisors, who all made me recite the same litany of stats about my card, my ss#, the name of my first dog, my mothers maiden name and her favorite color.

No one could find that my account ever existed in the first place.  Basically I had been erased and disapeared from the history books as if i was a political prisoner.

The best guess anyone could come up with is that maybe i didn't use the card enough and kept paying off my balance every month, and so they canceled the account and *purged* it's existence from their records.  In the end they just gave up and so did I.  I'll just try to drop my memory of this card into the memory hole and hope it never comes back.

You might think the lesson from this story is that credit card companies are greedy evil vultures.  But that is not the lesson.  If you don't know that already then you need more remedial education.

The lesson from this story to programmers is this:

You do *not* purge user data.  Ever.  There is no scenario where drive space is so valuable that you need to purge user accounts.

If you want to disable, deactivate, terminate, cancel, whatever, an item or account in your database, you need to build in support for doing this into your software system.  You need to plan ahead always that items are going to be marked as disabled and should not be treated as valid or in use, but still be able to retain them in your database.

You will need to be able to look up things that were once active and are no longer active.  Whether it's a user inquiry or a situation where you need to undo your action, or where you need to recover old information for historical record keeping -- never delete accounts with information in them.

In general you should follow this rule whenever possible, not just with user accounts but with data of all sorts.  That means building into your databases a kind of recycle bin, etc.  Note also that *moving* something to the recycle bin should not involve losing data from that item.  I.e. you must preserver where the item came from when you move it to recycled state.

lanux128:
i remember that last month my wife's internet banking account was "discontinued" due to "non-active" usage. and since we were ill-equipped to deal with the bureaucracy, we just decided to by-pass the whole re-activate process altogether and got another account at the same bank..

cranioscopical:
A bit off-topic but...

I have a friend with a very significant sum on deposit in one bank account. My friend has made no transaction through this account for slightly over a year. The bank is making regular interest deposits, however, which is why the money was lodged there in the first place.

The bank just made a good attempt to declare the account dormant and scoop the funds. The bank states that the fact that it is making interest deposits to the account doesn't count as 'activity'.

Financial institutions seem to be making some very questionable decisions of late, with potential outcomes always in the banks' favour.

Grorgy:
And banks wonder why we are cynical about their motives  ;D

OGroeger:
Mouser, i respect your anger and suspect you are really frustrated, but i don't see your conclusion. User data should be purged after some term, for several reasons:

* Some day you choke on the amount of data.
* After some term the data is useless, e.g. as soon as all burden of proof and claims are outdated
* Data protection, i think you must delete the data
I worked the last years on a product information managment system for huge companies (several millions of products) and my conclusion of the companies needs are not to store as much data as possible. That is what they did in the past. Now they have billions of data, they know that 90 percent are outdated and worthless, but they don't know how to find them. The challenge of today is not saving data but to keep data consistent.

The scandal with your account is that they removed your account silently, without telling you and without giving you a chance to prohibit it.

Navigation

[0] Message Index

[#] Next page