KYC/audit regs aside, it's also because the account belongs to the bank. The money is held in trust on your behalf, but the amounts are a liability on the institution's balance sheet. This is also why an increase in the balance of your deposit account is referred to as a credit; the statement is written from the bank's perspective, not yours.

What you have is partial control of these funds, via instructions to your bank, electronic or otherwise, but since it is merely operated on your behalf, you can't unilaterally delete the account. What you can do, is terminate the relationship with your bank.

I think this way of framing it is perhaps misleading.

Yes, it's plainly true that the bank owns (or rents) the hardware, software, databases, etc. and that you're paying for a service through various fees.

But IP is much less clear, and the view that "it's my database so it's my data" is not actually universally legal when the data concerns humans.

> But IP is much less clear, and the view that "it's my database so it's my data" is not actually universally legal when the data concerns humans.

The whole notion that someone could have a legal property interest in personal data collected by others is exceedingly modern. Even the most abstract scholarly work presaging the concept can only be traced back a few decades. Similarly, privacy as a concrete, distinct legal concept is only slightly older. (Notwithstanding the historical narrative gymnastics legal and social policy advocates often perform in their attempts to appeal to tradition.)

Suffice it to say, modern concepts regarding privacy and personal data aren't very useful in understanding banking practices and property regimes that can be traced centuries, if not millennia, in nearly identical forms.

> apps that allow for account creation must also allow users to initiate deletion of their account from within the app

This is a relatively straight forward request that maybe doesn't go as far as most people imagine here. Pressing "delete" doesn't instantly delete all user data and it's not expected to. In some cases there may be subsequent steps and some data may be kept for legal reasons*.

The point is very sensible, if I can request the creation of an account or subscription easily in the app, the reverse process should be just as straight forward. If an app can give a one button "create-subscribe-pay" experience then when it comes to deletion you shouldn't suddenly fill out paper forms, or send letters at specific times in the month. And that's if you can even find the info on how to do it in the first place.

Now you can trigger the deletion and know that they have to do something about it, at the very least get clear instructions on how to proceed.

*When it comes to banks, they are subject to laws and regulation that many other companies/services don't have to deal with. Which is why Apples makes this provision:

> We encourage you to review any laws that may require you to maintain certain types of data, and to make sure your app clearly explains what data your app collects, how it collects that data, all uses of that data, your data retention/deletion policies, and more as described in the guideline

Couldn't you make that same argument for any online service? "I own the database and servers, its my account that I operate on the user's behalf. Therefore they cannot delete the account".

You can make that argument, and many do, and some courts may even be suckered into falling for it when push comes to shove. In a more jurisprudent analysis, however, it relies on a false parity between consumer and company in negotiating power.

Legislation like the GDPR is motivated in part to nullify such arguments.

This falls astray of the new Apple requirement though, as I understand it.

The requirement only applies if one can create the account in the app. At least here in Finland that is not an option in any of the local banks apps I have used.

You might think that at first, but the distinction can be made for data as well. The argument goes, when is your data, not really your data? How about, when it's actually my records, of your use, of my system.

If you allow such a construct, then "deleting your account" could mean, your immediate personal details (or perhaps even just your access credentials) are erased in some fashion, but nothing else.

This is how legislation like the GDPR gets motivated, of course. The Apple guidelines reference "usage data" elsewhere, and I imagine that's for similar reasons. The deletion clause itself, rather notably, doesn't.

It's not just banks either.

Suppose you're an equipment rental service. But you can't delete the customer's account before they return the equipment (or pay for losing it).

Suppose you're a dog kennel. You can't delete the customer's account while you have their dog in your possession.

Suppose you're the parole division of the police department. Can the "customer" delete their "account"?

This is the problem with dictatorial fiat. The world is full of edge cases.

I don't think these are corner cases.

If the user is allowed according with their contract or law to delete their account they should be able to request that themselves from within the app. This is what I understand from what Apple is requiring the apps to do. It is very similar with GDPR "Right to erasure"/"right to be forgotten".

For your specific cases:

- if a user rented something then they should not be allowed legally to close their account until they return or pay the equipment. If that is in the contract then the delete my account button should be disabled until their contract is terminated/closed.

- if you're a dog kennel it is the same, the user should keep the account until the dog is returned.

- if you are a parole division of the police and the "customer" by law can have their records deleted they should be able to do so.

> If the user is allowed according with their contract or law to delete their account they should be able to request that themselves from within the app. This is what I understand from what Apple is requiring the apps to do.

But now you're exposing the huge problem. It goes from "everybody has to be able to cancel their account in the app" to having to be a contract lawyer steeped in the specifics of every business arrangement and know the law in a hundred different countries to be able to determine if you're allowed to cancel within the app.

Then the app reviewers would either have to be lawyers with plenty of time to make an accurate determination, or they'll be getting it wrong left and right. And it'll obviously be the second one. So now what does the dog kennel owner do, or the OP above, when the app reviewer rejects their excuse?

This is making a mountain out of a molehill. There's nothing to suggest any pre-conditions for deleting an account have to be removed, simply that it must be possible to "initiate deletion" from within the app.

Then you're defeating the purpose of the requirement, because the scummy scam service will let you "initiate" deletion but to actually carry it out you still have to call them and wait on hold for sixteen years or come show your ID in person at their offices in Northern Alaska.

Frankly, this would still be a good start compared to the norm today: You can't even find information about account deletion from most mobile apps, let alone initiate the process.

It clearly states that if you create the account in the app you have to be able to delete the account within the app.

In none of those cases are you creating the account within the app.

>In none of those cases are you creating the account within the app.

why not?

You don't think rental customers create an account on the app to make their initial reservation, then sign the paperwork once they pick up the car?

Just create a separate "online account" that links to the other database.

The exact wording Apple have used is "initiate deletion", that's quite different from immediate deletion. For example, you should be able to request that your bank close your account, via the app - is that too much to ask a bank?

Your point being? Not deleting data for legal reasons is still better than the data being physically impossible to delete.

A large meteor would delete it just fine.

With distributed data centers it needs to be a quite sizable meteor though. The dinosaur killer asteroid may not be enough if your redundancy is on the other side of the globe.

Keep your backup tapes in a safe on the other side of the pond, as they say.

I once worked in a large Meteor codebase and I cannot comment[1].

1: I can, nothing catastrophic happened. Other than the Meteor codebase.

A deleted bank account is not publicly accessible.

Not as a counterpoint, but you'd be mad not to stick "yet" at the end of that.

You still likely have a limited window. Once their obligations to keep your info are up, they're likely to purge it. It's a waste of resources to keep that around and not much value. Plus they surely know it's a liability. PII is treated very carefully in regulated industries. The less of it they have, the better.

And not only banks. Everything which has audit or signatures as part of their requirements will have legally required user data after a user leaves.

Can confirm, I worked at a fintech company previously with a large number of users. They had a "deleted_at" column on the user table in the database. It's not actually deleted.

Isn't this almost necessarily true for any system which needs an auditable history?

Just thinking out loud, of course cascading deletes will fail, so I guess you could avoid using true foreign keys to the user table for things which are truly related, and then you'd know what the user did but presumably no PII... Seems insanely sketchy though. Way cleaner to soft delete if you ever need to recover history, which the fintech context amongs many obviously requires

You don't need to delete the rows from the database. Just replace user's name, address and phone with random data.

Regulated financial services must also store the documentation and results for how they verified a user's identity, too. This involves talking to third parties that can tell you if a given user's name matches their tax identifiers, street addresses, phone number, et cetera.

Anyone competent is storing both their requests to those external APIs, as well as those responses, for the entirety of the recordkeeping requirement period.

The company needs 7 to 10 years of audit info. Of course they cannot 'delete' any account.

Banks are under a completely different set of regulations so are many other financial companies as well as other sectors like insurance and medical.

They have specific regulation regarding record retention.

This is not just banks but (nearly) all companies who deal with payment data will not delete anything related to payment for many many years. In India this use to be 10 years. USA I think it is 5 years.

Yes, pretty much anything that has anything to do with anti-money laundering takes 7 to 10 years to even consider forgetting your account.

Ok, and? 7-10 years isn't forever, or at least certainly not long enough to negate GP's point about blockchain immutability being undesirable as far as account deletion is concerned.

Did I argue that point at all? Such immutable system will absolutely not be applicable to the EU and GDPR unless all the data is encrypted and the encryption keys are not part of the major chain.

A lot of firms that deal with personal data may even have snapshots of every single change, sort of immutable - just not global. Again destroying the keys solves the issue of the immediate erasure. The latter is often times impossible due to tape back ups.

This is different from not deleting your account. Having to keep a record of your purchases doesn't mean they can keep track of your hobbies or whatever.

GDPR solved this years ago: right to be forgotten does not apply to legal requirements to keep records. Companies must keep those records only for the minimum time though.

> all apps that allow for account creation must also allow users to initiate deletion of their account from within the app

No, that doesn't seem true.

What bank lets you create an account just from the app?

… Okay, the digital-only ones, maybe. But virtually all other banks I've used make you go to a branch.

Revolut and many other apps allow creation of accounts from the app per local regulations. It may require SSN in the US to complete sign-up, but it's all done through the app and is immediate.

The account falls under all the regular retention and reporting requirements, although these companies mitigate some classes of issues with stricter limits, not paying any interest (even though that'd be miniscule), etc.

Any bank in America for the last 20 years. I opened my very first account at the branch cause I though they need to see me. Dozens of accounts at multiple financial institutions after that I never had to go to the branch. Most of my accounts held at places that don't have any branches within hundreds of miles.

In fact Wells Fargo is famous for opening account for you without you even thinking about it.

Meanwhile, my experience with 6 bank accounts is exactly the opposite.

I remember pre 2008 financial collapse when you could call a banker and they’d open an account for you sight unseen.

Now it’s only internet banks that do this. They still require lots of KYC documents to open an account.

I signed up for Schwab (and numerous other financial institutions that were not "banks" per se) without having to go to a branch in person. You usually just submit photos of documents and, in some cases, have your picture taken at your computer.

Congrats, now those docs are stored in a database. Good luck getting them deleted.

Yes, banks store your information in databases. Not sure what you’re driving at.

They certainly don't scan and save images of your identifying documents when you go into the branch. They may store your DL and SSN number. This is a lot less than you volunteering up your identifying documents to a public webserver.

Ah, yeah, that was the issue; I didn't have documents. I now remember that I could've signed up entirely online, had I had them.

Monzo.

Digital-only, but a "real" bank in every sense of the word.

I think most major brick and mortar banks allow you to open account fully online.

Try going to random bank websites and click on "open account".

The guidelines apply to creation of accounts within the app, not just anywhere online.

ANZ Bank, in Australia - and I'm assuming the others of the Big 4 do as well (CBA, NAB and Westpac, that is). It's been added to the App for some account types over the past year or so.

All major banks let you create an account without going in to a branch now.

I know at least two swiss banks.

Does that apply if you automatically create an "account"?

It doesn’t actually say the account must be deleted. It says:

“…must also allow users to INITIATE deletion of their account”

Capitals mine. So I can allow the initiation of deletion but never actually completely delete the account… and my app complies.