Death 2.0: the future of succession law in a digital age
Another Tuesday, another Arcadia Seminar!
This week we heard from Lilian Edwards, Professor of Internet Law at Sheffield, on Death 2.0: What Becomes of Digital Assets after Death. I won't attempt to summarise - there is a great precis from Daithà Mac SÃthigh here. Professor Edwards went beyond questions of how to provide your heirs with the ability to access your encrypted data (usefully discussed by Cory Doctorow here) and into the tricky area of digital assets and reputation.
The talk covered questions of archiving and access (for the public good and for financial gain, as well as for sentimental reasons), issues of privacy, and of course the tricky legal situation, where the third party of an internet platform probably has some control. Terms and conditions of web services vary in the ways they handle the death of a user - if they do at all - as well as the jurisdictions where they might operate. Facebook, for all the fuss around privacy and control of data, is one of the few online services which has a form where you can register a death - although this is far from comprehensive or clear.
Surely the best way to handle dilemmas of privacy (should your online social network profile be deleted, be kept, be shared with family who may not have seen it while you lived, or archived for future use by others) would be through individual statements of their wishes; but whether these can be recorded simply, and acted upon legally, is another matter. It is usually a breach of online terms and conditions to allow someone else access to your account, but that seems the only option in many cases today. It may be appealing for the technocracy to talk of abandoning Facebook and moving to Diaspora, but until such services which empower people to truly control their own data are genuinely accessible, usable and mainstream, this is utterly unrealistic for most internet users. (Note that I am very much in favour of novel systems which enable users to encrypt their data, share it out between trusted parties/places, and make it possible for "normal" users to control their own data rather than sell it to the cloud in exchange for adverts and datamining rights. However, I am aware of the huge challenges of creating such a thing with the capabilities necessary to go mainstream; as well as the difficulty of selling such a thing to a population weaned on free online email, free social networking, free video and photo sharing, and so on. The benefits of control and security are hard to market when there is so little understanding of risk...)
Personal data is one thing; information of value to your business or employer is another. Could your organisation keep running if one of your staff went under the proverbial bus? Perhaps you can get access to their corporate email; but what about information they may have stored in third party services in the cloud, or online accounts for critical services such as payment or sales systems? This is a particular concern for small companies (or one man bands) where heirs might hope to carry on the business, or at least sell or pass on reputational value.
The main things which struck me about the seminar were the gaps. I've only occasionally pondered these issues, and I'd assumed that if I made the time to dig around, I would find information, guidance, examples. But it seems that there simply isn't anything out there - very few services (and those that exist offering partial support, and in some jurisdictions only), very little information, no guidance. What would you do if you had to handle the online affairs of a deceased relative? Can you (have you?) set out your own wishes, and enable your executors to enact them, legally? Who knows! Things have not moved on since 2004 when Dave Birch wrote about this in the Guardian; and in internet time, that's a geological age.
Although I enjoyed Professor Edwards's lively talk, I was left somewhat frustrated that a decade into the 21st century, when silver surfers are not some tiny emerging population, there is still so little in this field. We cannot argue that internet users are all too young to worry about mortality. Apparently there is no precedent for how digital assets might be handled under a power of attorney, either, which seems a notable omission.
I think it's time we started to address this area, to secure appropriate archiving and control of our data for the future, whether that is to enable descendants to look at our family photos, or the researchers of tomorrow to explore more than just the Twitter archive in the Library of Congress as they investigate the lives of the past. And we should make it possible for people today to plan ahead and express their wishes easily, and for their executors to act upon them, in the digital world where so much of our lives are lived, as well as outside it. Perhaps it is time for a celebrity-endorsed campaign for clarity and basic online guidance, even if it will take years to establish practice around digital assets with substantial financial value.
In the meantime, the best advice, it seems, is to write all your usernames and passwords down with a note of what you would like to happen to your digital assets, and leave them with your will, ideally in a solicitor's secure document store - and leave your executors and heirs to deal with any legal entanglements that might ensue.
This week we heard from Lilian Edwards, Professor of Internet Law at Sheffield, on Death 2.0: What Becomes of Digital Assets after Death. I won't attempt to summarise - there is a great precis from Daithà Mac SÃthigh here. Professor Edwards went beyond questions of how to provide your heirs with the ability to access your encrypted data (usefully discussed by Cory Doctorow here) and into the tricky area of digital assets and reputation.
The talk covered questions of archiving and access (for the public good and for financial gain, as well as for sentimental reasons), issues of privacy, and of course the tricky legal situation, where the third party of an internet platform probably has some control. Terms and conditions of web services vary in the ways they handle the death of a user - if they do at all - as well as the jurisdictions where they might operate. Facebook, for all the fuss around privacy and control of data, is one of the few online services which has a form where you can register a death - although this is far from comprehensive or clear.
Surely the best way to handle dilemmas of privacy (should your online social network profile be deleted, be kept, be shared with family who may not have seen it while you lived, or archived for future use by others) would be through individual statements of their wishes; but whether these can be recorded simply, and acted upon legally, is another matter. It is usually a breach of online terms and conditions to allow someone else access to your account, but that seems the only option in many cases today. It may be appealing for the technocracy to talk of abandoning Facebook and moving to Diaspora, but until such services which empower people to truly control their own data are genuinely accessible, usable and mainstream, this is utterly unrealistic for most internet users. (Note that I am very much in favour of novel systems which enable users to encrypt their data, share it out between trusted parties/places, and make it possible for "normal" users to control their own data rather than sell it to the cloud in exchange for adverts and datamining rights. However, I am aware of the huge challenges of creating such a thing with the capabilities necessary to go mainstream; as well as the difficulty of selling such a thing to a population weaned on free online email, free social networking, free video and photo sharing, and so on. The benefits of control and security are hard to market when there is so little understanding of risk...)
Personal data is one thing; information of value to your business or employer is another. Could your organisation keep running if one of your staff went under the proverbial bus? Perhaps you can get access to their corporate email; but what about information they may have stored in third party services in the cloud, or online accounts for critical services such as payment or sales systems? This is a particular concern for small companies (or one man bands) where heirs might hope to carry on the business, or at least sell or pass on reputational value.
The main things which struck me about the seminar were the gaps. I've only occasionally pondered these issues, and I'd assumed that if I made the time to dig around, I would find information, guidance, examples. But it seems that there simply isn't anything out there - very few services (and those that exist offering partial support, and in some jurisdictions only), very little information, no guidance. What would you do if you had to handle the online affairs of a deceased relative? Can you (have you?) set out your own wishes, and enable your executors to enact them, legally? Who knows! Things have not moved on since 2004 when Dave Birch wrote about this in the Guardian; and in internet time, that's a geological age.
Although I enjoyed Professor Edwards's lively talk, I was left somewhat frustrated that a decade into the 21st century, when silver surfers are not some tiny emerging population, there is still so little in this field. We cannot argue that internet users are all too young to worry about mortality. Apparently there is no precedent for how digital assets might be handled under a power of attorney, either, which seems a notable omission.
I think it's time we started to address this area, to secure appropriate archiving and control of our data for the future, whether that is to enable descendants to look at our family photos, or the researchers of tomorrow to explore more than just the Twitter archive in the Library of Congress as they investigate the lives of the past. And we should make it possible for people today to plan ahead and express their wishes easily, and for their executors to act upon them, in the digital world where so much of our lives are lived, as well as outside it. Perhaps it is time for a celebrity-endorsed campaign for clarity and basic online guidance, even if it will take years to establish practice around digital assets with substantial financial value.
In the meantime, the best advice, it seems, is to write all your usernames and passwords down with a note of what you would like to happen to your digital assets, and leave them with your will, ideally in a solicitor's secure document store - and leave your executors and heirs to deal with any legal entanglements that might ensue.