What happens to your online assets after you are gone? A look at the concept of digital inheritance.
Nethra* was a school friend. When I shook the small-town dust off my Batas and went away to a big-city college, we naturally lost touch. Five years later, a mutual friend called. “Did you hear? She passed away.” Within a few hours, my Facebook timeline was flooded with posts from her wall. Friends and cousins grieving; wishing she would come back; writing about how they missed her and were devastated… It’s been four years and her Facebook wall is still active. Only, now it is something of a digital shrine — friends and cousins posting about their achievements, admissions, new jobs, life events, writing birthday wishes, posting “remember when…” and “gone, but not forgotten” messages, and pictures — lots and lots of pictures.
“I feel connected to her when I post something on her wall. It’s a way to hold on to her; it’s like she may not be physically there, but I can still talk to her,” said a friend.
I see the same thing on Twitter; when a celebrity or someone known passes away, his/her handle is tagged in every tweet, as if each tweet were a personal shrine.
According to www.ifidie1st.com, the Facebook death count since August, 2012, is 82,72,258. Besieged no doubt with account activity similar to Nethra’s, the social media giant has come up with a new feature — Legacy Contact — in addition to its account memorialisation process, through which you can appoint a close friend and/or next of kin who will handle your account once it is “memorialised” after you pass away. The account will then become “Remembering *insert name*”. Then there’s If I Die, a Facebook app you can use to create a video or text message that will only be published after you die.
Twitter, on the other hand, promises to deactivate a person’s account once notified by his/her appointed authority along with the requisite proof of death. The company is adamant about not providing “account access to anyone regardless of his or her relationship to the deceased”. Policies differ across sites in case of a user’s death. So while Google has an Inactive Account Manager that lets users choose what to do with their personal data in case they die, Yahoo does not let any personal data pass into the hands of any heir, legal or otherwise.
Dying — in the digital age — is fraught with complications. We live so much of our lives online that, sometimes, our most important assets are digital, rather than physical. Therein comes the problem of digital inheritance, the handing over of your digital assets to your heirs. The simplest way of seeing an act of digital inheritance come to pass, then, seems to be through a digital will. “Speaking from a legal perspective, a digital will is nothing but a digital electronic report or document. It is legalised in India by virtue of Section 4 of the IT Act (2000),” says Pavan Duggal, a senior lawyer and cyber law expert.
These electronic documents can include the handing over of e-mails, audio, video, photos, logos, illustrations, spreadsheets, presentations, animation, text files — basically all kinds of digital content and metadata — stored on any electronic device, telecommunication device or any other kind of storage (including, but not limited to, cloud storage). And that means all your online accounts, from Gmail to Facebook to Flickr to WordPress to iTunes and Kindle are included, not just the stuff on your laptop or external hard drive. If you have made a digital will, your digital assets — including the data you own outright — can be passed on to your legal heirs with minimum fuss. However, your iTunes or Kindle library that you so painstakingly built, your Facebook/Instagram album containing some very precious photos, your Gmail account containing important correspondence are a different kettle of fish. The terms of usage of these sites state that all the data contained therein cannot be inherited. “You may give the passwords or the devices to your heir,” says Safiya Said, a senior associate lawyer, “but they will not be able to own any of the content outright.” That, however, she adds, could technically be a violation of Terms of Service. Very unlike deciding to pass on a physical library or record collection, as utmost caution has to be exerted in not letting the inheritance be used for public consumption(i.e., making pirated copies of a book or broadcasting the record at the neighbourhood sammelan).
On the off-chance that one dies without making provisions for any kind of digital inheritance, what is to be done? Take the infamous case of 21-year-old Benjamin Stassen, who committed suicide in 2010 without leaving a note. His parents, as representatives of his estate, approached Google and Facebook for access to his accounts to try and understand why their ostensibly well-adjusted and happy son ended his life. While Google, after many months of petitioning, complied; it took a lengthy legal battle before Facebook so much as considered allowing Benjamin’s parents access. And even then, it was made clear that the case was an exception, not the rule. Since then Facebook has stood steadfastly by its policy of not allowing unauthorised access, on the basis of client privacy.
What if such a case were to occur in India, where the IT Act is 15 years old (nearly a century in tech-years)? “If someone were to die without specifying a will, his digital assets would become movable property. And any service provider would be well within its rights to ask you to obtain a succession certificate,” says Duggal, adding that the procurement of this certificate could take anywhere from a few months to a couple of years.
The privacy conundrum is rather intriguing. On the one hand, all of us have our little secrets, and to paraphrase a very popular joke, when most people die, the first of their last wishes is to have their online history deleted or, at least, not have it fall into the wrong hands. A policy scrupulously followed by the likes of Facebook. On the other hand, “there is nothing known as privacy after death,” says Duggal. Now what if a person were to die unexpectedly and the legal heirs were forced to resort to whatever means to get their hands on his digital data? Including having to hire a hacker?
“I’ve never been asked to do something like breaking into a dead person’s data bank, but may consider such a proposition if it sounds sufficiently interesting,” says a hacker on condition of anonymity.
“Hacking — the word itself has such negative connotations,” winces Said. But surely not if we’re talking White Hat hacking? A rose by any other name, says Duggal adding “Section 66 of the IT Act (2000) clearly defines hacking as a crime punishable by law.” However, he says, if all legal heirs agree to hire an external party to gain access to their benefactor’s data, it may pass legal muster as an authorised activity. The problem, clearly, is the distinct lack of laws that need to keep pace with the fast-changing IT scenario. What if the heirs require the digital data ASAP? They can apply for the succession certificate but what if it takes ages and by then the data is deleted due to account inactivity? The current legal system does not have a solution for that. “It’s time to review and reform our legal processes,” says Duggal. “Digital matters need to be decided by digital courts; a time limit needs to be put in place so that resolution of digital matters doesn’t take years and the hopes and aspirations of people are not dashed to the ground.”
Laws concerning digital legacy have taken a while to take shape, even in the U.S. Delaware was the first state to come up with a Fiduciary Access to Digital Assets and Digital Accounts Act, which allows families to inherit digital assets just like they would physical ones. And the other 49 states are yet to fully catch up.
Surprisingly, despite the rapid spread of online usage, few people have even thought about their digital assets. “I never really considered the question of digital legacy as such,” says Ashvita Ravi*, a 43-year-old social media-savvy doctor and single mom. “But, by the time my kids grow up, I think I will have more things I need to pass on to them in digital form rather than actual, physical stuff. Plus I’m quite sure paper may become completely obsolete by then. So yes, I will be contacting my lawyer for a digital will soon.”
Apart from making a digital will to ensure your tech heirlooms go to the heirs intended, there is the option of using an external service — Cirrus, ChronicleofLife, Entrustet.com, Legacy Locker, DataInherit — to store all your passwords, digital assets and ‘electronic documents’. In such cases, an heir would need to provide identification and then simply take control of his/her portion of the legacy. Most of these services require the nomination of a digital executor and a fee to store data. However, it is wiser to go the digital will route, and not have the will registered to ensure it remains private (since it contains sensitive data like passwords). Also, making the will rather than using these services ensures you are less vulnerable to hackers, who could easily have a ball at your expense if they found all your eggs in one basket, so to speak.
Identity theft is nothing to sneeze at. Catfishing is a menace while one is alive — take the case of Leah Palmer for instance (www.buzzfeed.com/patricksmith/the-mystery-of-leah-palmer) — but imagine the confusion and hurt if it happened after one’s death. Of course, a spouse or sibling might choose to keep your digital presence alive and thriving by using the services of sites such as liveson.org (that lets you ‘tweet from the afterlife’ by studying the pattern of your tweets and composing similar ones) or, like in the television series Black Mirror, using other dubious services to recreate your entire personality (https://www.youtube.com/watch?v=ld9m8Xrpko0) based on your online history (which is a rather disturbing notion).
In 2009, Michael Massimi and Andrea Charise introduced the concept of thanatosensitivity (Thanatos is a mythical Greek figure representing death and mortality). Along with a major overhaul of IT laws, a thanatosensitive design seems to be the need of the hour to address not just digital content, but also the unique digital thumbprint of a user, so that current technology can be restructured to “effectively acknowledge or engage with the inevitable death of the user”. However, nearly seven years later, there is still woefully little in the name of any kind of change pertaining to digital inheritance
*names changed to protect privacy.