A few years ago I read Falsehoods programmers believe about names and it kinda change my whole life as a coder. So many assumptions… so many fails…
Years passed, and I discovered I had many wrong assumptions about identities too. Thanks to my transgender and intersex friends and acquaintances I destroyed many of them.
Here's a short and probably incomplete list of things you should think about before rushing into coding your user system.
Hahaha. Gotcha. Many people, for instance transgender people but also other people, go through a first name change.
Therefore, your system should implement a feature that allows an easy first name change.
Gotcha again. Have you heard of chosen name, that people use instead of their legal name? It happens quite often, for example for transgender people who don't have their legal name change yet.
And, basic human decency implies that people should use their real name, before any legal change.
So what should you do? Well basically, you should implement a "preferred name" feature that should be used for every thing. Or quite: for instance bank transfers won't allow you to do that, neither will taxes, but those might be the only exceptions.
Make sure that users can update easily their "preferred name" settings. And that it is used for any subsequent communication.
Well seriously, no. First of all, they can change through wedding or, in certain cases outside the scope of a wedding. Many countries allow a legal procedure to change your last name.
Please, make sure that the last name of a user can be changed.
Well… yeah they do. Usually people's login are based on their last name and/or their first name. Since we've seen that they do change, it is crucial that the login to your application can be changed easily once a change is detected. For instance, when a preferred name is registered, it could trigger a script that informs support who could ask if the user wishes a new login!
If you provide an email address, you've guessed that since first and last name change, the email address you provide will have to change too. Please, make that easy.
If you store email addresses, please make sure that an email address can be updated easily.
Gotcha again. Yes, they do. For instance, after a legal sex-change. Please make sure it can be easily updated!
Well have you heard of transgender people? Yeah, they do! So, pretty please, make sure they can be updated, ideally by the user them-self!
Moreover, please make sure that courtesies aren't in anyway linked to the social security number. No cross-check or whatever. It would lead to an impossible situation for transgender people. And you don't want that, because you're a decent human being, and also because that qualifies for harassment based on gender identity. So your company doesn't want that either.
Furthermore, are you really really sure courtesies are really as crucial as you think? Do you really really need to store those? Are you allowed to? If you are, you could add "Mx" to the offered courtesies. It's a gender neutral one, people will thank you.
Gotcha. Yes, they do. Hello transgender and intersex folks!
People's sex can be changed. So please take that into account.
Moreover, are you really sure that you need to store people's sex? Is it really required? Do you really really need it? Are you allowed to?
By the way, sex isn't binary. Some countries, such as Canada, have a neutral sex category iirc. So please implement that, you'll never know when it'll come of use.
And obviously don't cross-check people's sex with their courtesies. It's not linked.
And yes they do! Please don't make the phone number an ID. Some people change their phone numbers like they change their shirt. For so many reasons. For instance, after being doxxed.
So, if you're still here, you guessed that they do :)
If you store your users' pronouns make sure that those are easily updatable, by the user ideally.
Please note that, if you implement this feature, people can have several pronouns. Make sure you have a "preferred pronoun" field that will allow you to gender your user properly in newsletters for example.
Well no they don't, they may have a professional one and a personal one. An "out" and a "closeted" one. So many possibilities. Please take that into account.
Haha gotcha. Haven't you heard of groups? Think about it, especially when you implement 2 factors authentication
That's all, at least for the "top of my head" part. Something is missing? Tell me I'll update!Share on Twitter Share on Facebook