Deseat.me is a tool that was created to help people quickly delete accounts that they may have accumulated over time.
If you’re a regular user of the internet there’s a good chance that you have at least a few existing accounts you don’t use anymore.
This is pretty normal. It’s the online equivalent of all that random junk that people cram into their basements.
While this might not seem like a big deal at first, it has the potential to turn into a major problem later on.
Having a lot of accounts floating around online significantly increases the risk of your information being compromised in a hack or data breach.
We’ve seen it happen with Facebook and Google, so any website could potentially be a victim (no matter how big).
This is the problem that Deseat.me is trying to solve.
But how does it work? Is it as effective as they say? Can they be trusted?
These are all questions we’ve read online and gotten from people directly as well. There seems to be a fair amount of distrust going around in the privacy space (for good reason).
So we’re going to try and shed some light on Deseat.me and how they operate.
How Deseat.me Works
The software and system behind Deseat.me is fairly simple. One reason for this is because they’re trying to make the process quick and easy.
Having to take a ton of steps when using their tool means they might as well just delete these accounts manually. Sure the scan is nice, but the real time saver if the auto-delete feature.
But there’s another reason why the system is so simple. Limited access.
From a technical perspective, there’s only so far they can reasonably go. It’s not possible for Deseat.me to magically access everyone’s accounts and deactivate them with automatically.
So they’re left with one thrilling option:
The entire process that Deseat.me uses to automatically delete your accounts is completely reliant on email in one form or another. While it may seem a little unsophisticated, it serves its purpose.
Here’s how it works:
They Scan Your Email Account
In order for Deseat.me to find out what accounts you’ve created in the past, they need to scan your emails. This might seem a little intrusive, but there’s a reason for this.
The vast majority of websites that allow you to create an account will send you some sort of email during the process. This might include a link to click in order to verify your account, or just welcome you to their site.
This is the trail of breadcrumbs that Deseat.me is looking for. By using this they can quickly compile a list of websites that you’ve created an account with, and move on to the next step.
You Decide What You Want To Remove
This is where most of the work is done on your part. You have to go through each of the sites that Deseat.me finds and select which of them you want to get rid of.
For some, this could be a pretty long list, but it still shouldn’t take super long. Chances are if you’re using their tool you’re open to the idea of purging accounts you don’t use regularly.
This means it’s more about finding the ones you do want to keep, as opposed to the ones you don’t.
Once this is done you can move on to the part of actually scrapping the accounts that didn’t make the cut.
Removal Requests Are Sent Out
This is where things sometimes get a little fuzzy for people, so it’s important to highlight how this all works.
Once you’ve used their tool to select which accounts you want to get rid of, they use emails to actually make this happen. Like we said before. their software can’t go in and automatically delete these accounts one by one.
Instead, Deseat.me will send out GDPR-compliant removal requests to the sites you don’t want to use anymore. This is an effective way of avoiding account access while still accomplishing the goal of removal.
There’s typically a delay between the time of the request and the actual removal. This is the downside of email, but it’s still a time-saver.
Concerns Over Security
While some people might not have an issue with the process described above, there are others who do.
From what we can tell, most of the concerns have nothing to do with the effectiveness of the tool. It’s simple and it works.
What some are worried about is the notion of letting Deseat.me access their email account in the first place. This requires a decent bit of trust in a website that popped up out of nowhere.
While that doesn’t necessarily mean there’s any funny business going on, it is worth being aware of. It’s incredibly common for software and tools to be created for the sake of stealing personal information from their users, or plant viruses on their device.
When an established company launches a new tool, you can have more confidence that there isn’t anything malicious going on. This doesn’t mean there can’t be concerns, but the chance of it being an all-out virus is pretty small.
Deseat.me seems to have been created by a couple of Swedish developers and released as a helpful project, but there’s not a whole lot of information available about them or the site. Again, this doesn’t mean there are any bad intentions (but it has led to some questions).
The app apparently runs locally on your device as well. This means (in theory) they won’t be able to access additional information in your account.
We saw someone online call it “well-branded malware” which seems a little dramatic in our opinion. Our concerns are more along the lines of security and what will be done in the future.
Here’s a common tale that illustrates what we mean:
A tool gets created with the intention of helping the general public. It gets a lot of interest and helps a good amount of people.
Then things change.
The creators decide they can’t feed their families on “interest” and decide to monetize the tool. Sometimes they can just throw up a few ads and call it a day.
But other times it’s not that easy.
When this happens all that data they have access to starts looking pretty tempting. This is where the privacy of their users goes out the window.
A subtle tweak to the terms of service and the obligatory email notifying their user base is sent out. But no one reads those anyway.
And then they have a field day.
Ok, that’s not true 100% of the time. Sometimes the creators sell the whole thing to someone else and THEY do that stuff.
We’re not saying this is going to happen with Deseat.me, but you can’t rule it out. It happens all the time in the software industry.
Here’s the interesting thing:
We would have a higher level of confidence in this service if they charged a fee for usage. This is because there would be less of an incentive to immediately sacrifice the internet privacy of their users for the sake of profits.
Free websites and software are usually the first ones to monetize the personal data of their customers. Just look at social networks and search engines.
So What Should You Do?
When it comes to Deseat.me there’s no perfect answer. We haven’t come across any evidence to suggest that the site was set up for malicious reasons, nor have we found a user who claims they abused the access that was granted.
But just know it comes with a risk (like everything online).
So here’s what we recommend:
If you have a trillion unused accounts and are comfortable with the concerns, give it a shot. It will probably be fine and you’ll have way fewer accounts that could come back to bite you in a data breach or hack.
But if the concept of giving them access to your emails is still very worrisome, you have to make a decision. There’s a danger to leaving your unused accounts alone as well.
If you can deal with the boredom of it, the safest thing to do is delete them one by one. If you can’t you’ll have to pick the lesser of two evils.
No matter what, if you end up using Deseat.me we highly recommend revoking their access to your email account when you’re finished.
You just never know.