Death is that uncomfortable certainty that nobody wants to address and always comes at an inconvenient time. Last wills and testaments can help tie up physical and earthly matters, but what about our WhatsApp messages, Instagram profiles, and other accounts on social networks, as well as the data we have stored or have in emails? The deceased’s online activity remains in the cloud, inaccessible and indefinitely, to their family and loved ones.
Times have changed, and today’s society lives on two levels: the physical and the digital. And while it is common to leave a written document with the last will and distribution of assets in case of death, the importance of managing our digital legacy is rarely considered. Social networks, messaging applications, emails… everything remains active and in the cloud, and sometimes, with compromising content. Borja Adsuara, a lawyer expert in digital law, refers to the regulation of this content as “digital inheritance, the set of digital assets and services that one leaves behind when they pass away.”
Who’s in control?
This is a complex issue, as companies that offer online services—such as Google, Apple, or Facebook, among others—have very strict privacy policies that regulate access to accounts of deceased users. One of the most notorious cases in this regard took place in Germany in 2012 when a teenager lost her life in a train accident, and her parents sued Facebook for access to her account to determine the possible causes. It had to be a judge who, years later, ruled in their favor and compelled Mark Zuckerberg’s company to hand over the password. “In that case, it was the judge who ruled that knowing what had happened had more value on the scale than the person’s privacy,” explains Adsuara.
Ethical and Legal Issues
The law is not entirely adapted to this new paradigm. Accessing an account without explicit permission is illegal in many places, regardless of good intentions. This not only puts loved ones in a difficult situation but also raises ethical questions about privacy and ownership of digital information posthumously. Another highly publicized case occurred after the tragic San Bernardino shooting: the FBI requested Apple to unlock the shooter’s iPhone, and the Cupertino company flatly refused, arguing that customer privacy was more important than disseminating the potential contents of the device.
Google, the vast repository of personal information on the web, also considers this posthumous legacy, and those who want to tie up loose ends can start by appointing an inactive account manager, someone responsible for deciding what happens to the deceased’s information. In the event that this figure has not been appointed, the Californian firm allows loved ones to delete or manage the account through a form, but this process is more complex, as it clashes, as we have seen, with the privacy of the owner and the wishes of their family.
In this regard, Adsuara recalls that part of this content may affect the image of the deceased; relationships with unknown third parties or compromising material may be found: “For example, if you access your spouse’s Twitter account and find direct messages of intimate content from a third party…,” he explains. Brigita Kavaliauskaite, communication manager at the security firm NordVPN, adds: “In Spain, no specific law has been approved to regulate total posthumous digital forgetfulness, but there is Law 10/2017 on digital wills. However, legislation needs to be broader to cover all circumstances.”
Preparation and Forethought
To avoid these problems, detailed planning is necessary. The first step is to create an inventory of all accounts and passwords. This catalog should be accessible to someone trusted in the event of death. “It is best to designate a trusted person who can inform the app or social network that they are authorized to manage this information,” explains Adsuara. Other cloud services, such as Dropbox, also consider the scenario of death, allowing loved ones to request access to the deceased’s account.
It is equally prudent to draft a digital will with explicit instructions on how online information should be handled. However, this expert warns of the risk of confusing terms: a digital inheritance signed in a notary is not the same as a digital one. The second refers to “who has the right to access my email or social media accounts, for example.”
Our digital life is an extension of our physical existence, laden with memories, personal data, and social connections. There will be things we want to leave as a memory, but others that we want to remain inaccessible and go with us. A digital diary, conversations with friends or acquaintances via WhatsApp… This type of content has no more value than personal, but it can damage the deceased’s posthumous image. How can we ensure that no one will have access to it?
There are only two ways to ensure the inaccessibility of this information: delete it or have end-to-end encryption, so that no one, not even the service provider, can access the content. Services like Nordlocker or Vault by Dropbox ensure that no one without the keys will ever be able to access what is stored; so much so that there are several warnings that the owner must grant recognizing the loss of data if they do not know the keys.