NordVPN literally will not let me delete my account. My 3 years is over, there is no method to delete when signed in to their site. You have to fill out a form with your payment details and shit to “verify your identity” (who remembers that shit from 3 years ago).
Literally emailed from the email associated with the account, called, logged in, etc. they won’t delete it until I send my credit card info in the clear, over insecure email.
FUCK NORDVPN
If you are in the EU I think you are legally allowed to request they delete all your data. Might be worth it.
They can use nordvpn to change their location to the EU then send the email
…that’s not how email works
it is how a joke works, but I gotta say it’s not a very good one.
That actually is how email works, assuming you use a local client vs a web client. The headers will contain the origin IP it was sent from. Easy enough to geo locate and see it’s European.
Are you talking about those security questions? So dumb. After having days-long trouble getting my internet fixed because of them, I started treating those as additional passwords, generate the answers with my password manager, and save them in the notes section of the entry.
This is brilliant! Makes things more secure, too, as nobody can answer them just because they know you!
Contact your bank or credit card company and explain, they will take care of it. Source: I was in a similar situation a few years ago, just not VPN related.
What prevents you from revoking your payment mandate at your bank?
In Europe at least, your bank must honor this request and there’s nothing your debtor can do about except spending 1000’s to recover at most 3 months of payments with the current legal apparatus in Europe.
It’s not that they’re trying to stop payments but to delete the account entirely. Stopping was easy when I did it but I haven’t tried deleting my account.
I agree with them though fuck nordvpn.
Try to log in from Europe, or change the details of your account to day Europe. Because with gdpr in Europe they are obligated to let you delete it.
there’s something incredibly satisfyingly ironic about using a vpn to cancel your vpn
He used the vpn to destroy the vpn
I just tried to delete my inactive NordVPN account from a European IP (not through a VPN, I actually live there). Spent 10 minutes searching for a delete option without luck. The only way seems to be by submitting a form (which for some reason also requires “payment info”). Sketchy as fuck.
If you are European, I believe there is some government office you can complain to about gdpr violation (can’t help more sorry, I believe it is a little different from country to country)
Literally illegal
Lol they won’t let me change my email address.
The email account has been closed for 6 months now and the bank account/debit card they want me to verify my payment with has been closed for years
My credit card got stolen a few months back and it’s been great for my finances. All this shit chrging me 10 dollars here and there without me noticing that I haven’t been using.
I’ve only reactivated a few things.
Fuck them. Next force gyms and newspapers to allow you to cancel with one click.
Or just force all subscriptions to allow you to cancel with one click
Subscriptions with a dead man’s switch. If you don’t signal you want to keep the subscription after a few years, it’s automatically cancelled. You can sign up at the same price you left with if it cancels automatically.
I don’t think an annual dead man’s switch is unreasonable or burdensome.
That would be fine with me too. I think every two would be my sweet spot if it was something like spotify.
I’m so lucky, my gym membership auto cancels if I don’t pay in advance.
Yep, my gym would love to cancel my membership. I also paid in advance: 2 years worth for a special limited-time promo. Now, I can renew yearly for $99. Only catch is, if it ever expires, it can’t be joined again. They will pry it from my cold, toned hands!
We Shouldn’t Have to Let Users enroll Service With a Click. Customers may “misunderstand the consequences of enrolling,”
Sounds ridiculous? Because it is. Clicking the cancel or enroll button is pretty much what you expect… This is utter nonsense, obviously.
Honestly, signing up for a service sounds way more risky than cancelling. I think singing up should be 2x more bureaucratic than cancelling it.
It shouldn’t be more bureaucratic because then people are not inclined to use anything, including services they need or want. It should simply be clearly worded so that you know what you’re getting and don’t feel tricked by any hidden fees etc.
By law, anything should be a one click to cancel service, instead of the maze they send you through.
Xbox live, gyms, etc.
Or, it should be exactly as difficult/complicated to cancel as to sign in. Want a 15-step cancellation process involving phones, faxes and a blood offering? Gotta require all that to sign up too!
I think a “let the world burn” approach to consumer agreements, like EULAs and cable TV contracts, would be interesting.
Require users to fully read every word of the contract out loud, on video, 4 times for everything they agree to.
“But it would take too long if consumers had to read our 23 page contract, they’d just give up and not sign up at all!!1”
Hmm, let’s think about that…
German consumer protection FTW
The Fair Consumer Contracts Act will in future introduce a mandatory 2-step termination process […]. Wherever the consumer can conclude a subscription contract against payment, the provider should also give the consumer the opportunity to terminate at the same point. […A] cancellation button should be included on such registration pages for memberships at the first stage (with the wording “Cancel contracts here”). This “first” cancellation button should then lead to a confirmation page on the second level, where the respective user is identified and the consumer can effectively send the cancellation (i.e. with the wording “Cancel now”).
The law (German): https://www.gesetze-im-internet.de/bgb/__312k.html
Pretty sure this law applies to the whole EU though
i really don’t think so. i hope it will be so in the future
I was pretty sure that there is something and a lot of searching finally led me to the “Unfair Commercial Practices Directive” from 2005. There also is a guidance to that directive from 2021 that is found here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52021XC1229(05)
Section 4.2.7 (dark patterns) is what is interesting for this topic. In the paragraph at the end of the section it includes the sentence:
unsubscribing from a service should be as easy as subscribing to the service
So it appears that the EU intended it that way but because it’s only a directive, implementation differs by country. I also didn’t see anything about being able to cancel in the same way you subscribed(e.g. that they can’t force you to call or send a letter if you subscribed online), but afaik german law has a ruling like this.
Edit: I took so long to write this and find the links that I forgot the german law was the reason for the comment I answered…
Under the GDPR, it must be “as easy to withdraw as to give consent”. You must make it very easy for people to unsubscribe: one or two clicks at most
I’m not sure how the GDPR would apply to a service subscription. While the service is running, the companies have legitimate interest to keep your data, so you can’t have it removed.
Not sure how well this has worked in practice. Lots of bad cancellation proceedures last time I had to do it
The law was only introduced less than 1½ years ago. It takes time for this to trickle through all layers, but things are getting better.
Yeah, these services don’t have to add much friction to trap vulnerable folks like the elderly. Obscure the cancel button under a couple menu levels and dark patterns and they have people trapped for life. It can be very insidious
God, hearing them squirm is almost making me horny. Please keep them groveling at the feet of the FTC. I reallllly wouldn’t mind hearing this for a few years at least.
…Funny how whenever Republicans are in power, we get dickheads like Ajit Pai do absolutely nothing, arging that his hands are tied. But when democrats get voted in, the FTC starts drafting rules like being able to cancel a bill with a single click instead of fighting on the phone for 3½ hours with a bullshit sales rep until you have to threaten to sue them in order to cancel your internet or cable package. It’s really funny how that works.
Ajit Pai do absolutely nothing
*cancel net neutrality
The one thing where I agree with cable companies about is the risk to consumers accidentally canceling all or multiple services when they intend to just cancel one. It will be hard to explain that a package price will no longer apply if one part of the package is canceled.
However- it can be addressed with a well-designed cancelation instruction screen. This is a constraint to the communication and process design; it is not an insurmountable barrier like the cable companies are suggesting.
As a software developer who only has business customers, let me tell you the following:
No matter how foolproof your system might seem. It never truly is. There is always some idiot (sometimes with a degree) who just can’t understand/use it.But they could still try and mostly succeed. They just don’t want to.
“When you make something idiot proof, the world builds a better idiot.” Lol
You can’t make a perfect UI, because people think differently. What is obvious and logical to one person, is obscure and nonsensical to another. It is impossible to make a one-size-fits-all interface to anything, not just software.
You could make a big, red, flashing button that says “pressing this button will cancel all your channels, are you sure you want to do that?”, and you would still get an significant amount of users complaining that pressing the button did exactly what it said it would because users don’t read.
And there are plenty of ways to mitigate that such as having a window in which cancelled subscriptions can be reinstated.
Making software and services awful because theoretically a bad user is going to misuse it is dumb, it’s the very core of enshittification.
The system doesn’t have to be perfect, just good enough to prevent most customers from accidentally cancelling more than they mean to. Anyone who fucks up can be handled by the customer service department.
“Thanks.”
-customer service
I have a feeling they’ll make it difficult to use. Then when people do it accidentally because of they’re shitty UI, they’ll point to that and say, “see?!”
No one will ever be in danger of accidently cancelling everything. The system will be intentionally designed so that you can only cancel one thing at a time, and that will be obtuse as possible. There will be a great risk of thinking you’ve cancelled something when it hasn’t been cancelled, which will only be resolved by calling customer service.
You’ll go through six to eight pages to cancel each item, and when you’ve done that you’ll get a confirmation email that will require you to click on something, log in, and confirm the changes for them to actually apply to your account. If you get the confirmation email and do nothing, your changes will not save.
There will be a slew of angry customers calling customer service, who’s job it will be to give back as little money as possible and retain every customer that calls. That job will be so awful that someone working that job will commit suicide because of it. The cable company will see that and market it as a success to their shareholders, and as an “easy cancel anytime” in advertising.
When I was younger I remember buying credit cards with a set balance on them to pay for subscriptions that seemed shady.
If cancelling was anything except convenient, I’d just use up the balance on my next trip to the grocery store, then shred the fucker and forget about it. Company XYZ could then have fun trying to bleed a rock.
Only downside is that was a pain in the ass too, but at least kept the control in my hands.
Wondering if any banks have a way to set this up as a kind of partition on your account? Never looked into that approach but it seems like such an obvious solution.
Anyone got tips for this kind of thing?
Privacy.com is literally the digital equivalent of what you were talking about. As for bank services, I don’t know that I have heard of any personally.
Capital One has that capability built in. I have dedicated credit card numbers for just about every service I use.
Sadly not outside the us tho…
You can use wise.com, they also give you free virtual credit cards. Up to 3 simultaneously, it’s amazing. Been using them for years, absolutely for free.
Damn. I was interested too.
See my comment above - wise works perfectly fine. https://infosec.pub/comment/5824149
You can use online banks like revolut for virtual debit cards in Europe.
Check out the site called Privacy cards. It’s pretty much exactly this but all with virtual cards.
Couldn’t visa gift cards work?
I used to work at an Internet provider that offers a discounted auto pay program.
No, at least not there.
Every once in a while we’d get complaints that a card wasn’t working and it was because they were trying to use a gift card, and the system recognized gift cards and declined them immediately. Needed to be a credit or debit card with your name on it. Or at least someone’s name on it. Who payed didn’t matter, but a real person would be billed every month.
Good point here.
I’ve thought about using them like that as someone without access to privacy.com, but they do charge an activation fee and other random little fees I didn’t want to deal with. So I just… didn’t buy whatever it was I was considering at the time lol. Always keeping an eye open to see if there are any alternatives though.
In the US, gift cards will often be declined for setting up ongoing transactions. Every transaction has a merchant code associated with it and many subscriptions and services will read the merchant code and reject it on that basis alone. Doesn’t matter how much of a balance the card carries.
here in Brazil it’s really common for your bank to provide an option on your bank app to make a virtual credit card that you can block and unblock for different types of pay or providers and independent of your physical one
Virtual card numbers usually work well. I always made sure to use them with stuff like SiriusXM and other clowns that make cancellations difficult. You can leave them active or cancel them arbitrarily. Some card companies let you set them up via their app or website.
Bank of America used to have a way to make a temporary credit card with a set amount of money on it. I haven’t used it in a while, so I’m not sure if it’s there still.
Log in
Modify/Cancel services:
Do you wish to add, remove, or view your current services?
[Remove]
Here is a list of your current services. Check the box for each service you want to remove
[List, with a select all button, and a clear button]
[Remove selected]
You are about to remove the following services. Please confirm
[List, confirm button, take me back button]
A confirmation email of these changes has been sent to your email on file. Please allow 48 hours for changes to apply.
Cable companies: how can we make that impossible?
What consequences don’t I understand? Like not having cable?
To play devils advocate, my guess might be that consumers will have to schedule to return hardware or something. But honestly, it’s just so they can bully people when they try to cancel.
Yeah, it wouldn’t be hard to just charge for the hardware if it isn’t returned.
Shit, Comcast has a pretty decent change of charging you for the hardware even if you do return it.
Lol
The ‘hardware’ is also $30 crap you can buy off eBay or wholesalers usually. Some of the modern ones even overheat because they are so poorly constructed, lol. I love the little “Designed with ❤️ in Philadelphia. Made in China” tagline on the label with the implied “Overheats in any climate above 40F indoors” just afterwards, lol. Comcast quality.
Since they don’t let you to keep the hardware in the case they unsuccessfully bully you to keep the subscription, this is a not a problem, the hardware need to go back in both cases.
The article says, people might accidentally cancel their whole package when they only mean to cancel a single item, or they might cancel a single item and not realize it loses them a bundle discount.
Gosh, maybe the people designing the web UI for the cancellation process for their employer should make it clear exactly what the customer is cancelling so they’re not going to make that mistake.
Dunno, sounds hard… what if we just don’t let em cancel?
Charge them a service fee as well for using the agents, even if they are automated
there should be a button on the remote control dedicated to ending your service
If there were, my cat would accidentally sit on it.
I call that an absolute win.
Yes you fucking should
I don’t think I’ve ever seen cable companies cry so much.
Oh hey look at the rich bastards whine about having to not be jerks about one single thing.
deleted by creator
deleted by creator
I wouldn’t hand that right to them on a silver platter. This is what consumer protection law is for.
Why do they have the “right” to lock people into an ongoing subscription though? Subscriptions should absolutely be easy to cancel, even if there’s a termination penalty, it should not be on the consumer to jump through hoops and waste their time to get out of it.
You can probably also call your credit card provider for a charge back. That also hurts the companies credit.
