* we're relational modelers, so we of course know better than to design internal record identifiers directly dependent on any "visible" data... anything published will be readily changeable data hanging off the hidden internal key... are there any good roadblocks that prevent designing for changing even username as well as email, anything to do with name/surname changes, yes even fixing SSN's, etc... e.g. authentication services like Active Directory readily provide a unique user "SID" GUID, tie downstream systems to that vs any visible loginId.
I'm not so sure this is some sort of "settled" or undisputed aspect of relational theory, I've read any number of advocacy posts for natural keys and these often degenerate into useless and repetitive arguments for and against, so I'm not so convinced we all "know better".