> Probably because doing so is hard. You not only have to verify that a review is coming from an actual current or former employee, but then you have to ensure that the same employee cannot write multiple reviews. If you discard all links between a reviewer account and a review, how do you do that?
It doesn't seem hard to me.
1. when making a review, send a verification link to the email on file
2. after the email is verified, post the review, but delink the email from the actual review.
3. to prevent the same email from being used to spam reviews, add a coarse grained timestamp (eg. rounded to the nearest month, depending on how much activity the company gets) of when it was last used.
4. if you want users to be able to update reviews afterwards, display a secret key to them and keep a hashed version on file. The user must present the secret key if he wants to update his review
It doesn't seem hard to me.
1. when making a review, send a verification link to the email on file
2. after the email is verified, post the review, but delink the email from the actual review.
3. to prevent the same email from being used to spam reviews, add a coarse grained timestamp (eg. rounded to the nearest month, depending on how much activity the company gets) of when it was last used.
4. if you want users to be able to update reviews afterwards, display a secret key to them and keep a hashed version on file. The user must present the secret key if he wants to update his review