Death in the digital age: What to do to protect the deceased from identity theft

Death in the digital age: What to do to protect the deceased from identity theft

 According to Pew Internet and American Life Project, 73% of online adults use social media. But what do you do when a family member or friend on these sites passes away?
According to Pew Internet and American Life Project, 73% of online adults use social media. But what do you do when a family member or friend on these sites passes away?
Julie Myhre, Editor

The UpTake: According to Pew Internet and American Life Project, 73 percent of online adults use social media. When a family member or friend who used social media passes away, how do you protect identities and life from identity theft?

In this Digital Age, more and more people are connecting on social media. As of May 2013, 72 percent of online adults use social networking sites, according toPew Internet and American Life Project. The unfortunate aspect of so many people using social media is that when one of our friends or family members dies, we are forced to not only deal with their identity — in terms of their personal information — but also with their digital identity.

Family members and friends question if they should take down the loved one’s social media or leave it as a memorial for people to leave comments and reflect. Technically there is no right decision to make in this difficult situation, yet family members and friends need to consider that if they leave the profile online, then they might be putting their loved one’s identity at risk. This is mostly because of constantly changing privacy rules for all of the major social media websites.

If the family members or friends do decide to delete the digital identity of their loved one, then here are some tips on how to request the removal of the deceased’s account.

Facebook:This social network’s policy is to memorialize the account of a deceased person, however it understands that some people want to delete the deceased person’s account. To memorialize an account, simply contact Facebook, provide proof of death and request for the account to be memorialized. To delete an account on Facebook, you’ll need to fill out thisonline formas well as provide proof that you’re related to the deceased. Facebook considers appropriate proof to be a death certificate, the deceased person’s birth certificate or proof of authority.

Twitter:Unlike Facebook, Twitter’s policy is to deactivate the account of the deceased. In order to complete this you’ll need to mail Twitter a packet of information, including the username of the deceased user’s Twitter account, a copy of the deceased user’s death certificate and a copy of your government-issued ID.

On top of the copies of the official documents, Twitter also requires you to mail or fax the company a signed statement that includes your first and last name, your email address, your contact information, your relationship to the deceased person, written request to deactivate the account and a description of the details that show the account belongs to the deceased — if the account has a different name than the death certificate. You can also include a link to the online obituary, however adding this is not required. Once you’ve collected all of the information, mail or fax it to:

Twitter, Inc.
c/o: Trust & Safety
1355 Market St., Suite 900
San Francisco, CA 94103
Fax : 1-415-865-5405

After you’ve mailed or faxed all of the required documentation, a representative of Twitter will contact you to complete the deactivation process.

Instagram:This social networking website requires you to send an email to with the details of the person’s account. A representative from the company will then email you back and include the steps and documentation that you need to remove the account.

LinkedIn:Similar to Facebook, LinkedIn prefers to have you fill out anonline form, which asks for information such as the deceased member’s name, deceased member’s email address, the name of the company they recently worked for, your relationship to the deceased person and a link to the deceased person’s email address. Once you complete the form, a LinkedIn representative should contact you.

Pinterest:This site requires you to fill out anonline contact formand explain that you’d like to deactivate the page of a deceased person. In the “body” of the contact form, you should include a link to the deceased person’s Pinterest page or their Pinterest username. It’s also important to note that once you’re contacted by a Pinterest representative, you’ll need to provide some sort of supporting documentation, such as an obituary or copy of the death certificate.

Tumblr:Similar to Instagram, Tumblr requires you to send an email to requesting to remove the account of the deceased person. Be sure to include a link to the deceased person’s Tumblr or their Tumblr username. You’ll then work with a Tumblr representative to prove the person is deceased — with appropriate documentation — and complete the process of removing the account.

Since all of these companies haveprivacy policiesthat forbid them from giving out the account information — such as username and password — it’s best if you, as a living person, write down the usernames and passwords for your social media accounts and keep them in a safe place. This way, your family and friends won’t have to go through the stress of contacting each of the social networking websites to have your account removed because they’ll instead be able to go into the account and deactivate or remove it themselves.

Death in the digital age: Are you prepared?

How to Protect Your Digital Assets After Your Death – an overview

How to Protect Your Digital Assets After Your Death

Let’s face it: your Email account, Facebook page and digital photo albums are all going to outlive you. You must make decisions for how your online legacy will be managed after your death, just like you would for your home or financial assets.

Your digital assets are valuable

Your digital assets can have monetary value, just as your homes and cars do. Digital music libraries and Internet domain names you may own can often be sources of wealth. According to Sedo, a domain name retailer, the domain name recently sold for $60,000.  It would be a mistake for you to assume that your digital assets are immaterial to your overall estate. Digital assets that seem trivial to you may in fact be extremely valuable to your heirs.

A digital estate plan can also preserve online content that will have sentimental value to your family once you die. Facebook’s “memorialization” feature is a prime example of this. When you die your family can request that your Facebook account be “memorialized.” This means that your online friends can still leave comments, pictures and videos, but no one is allowed to log into the account. This comforting stream of posts creates a way for your friends, family and co-workers to remember you during the holidays or on your birthday.

The importance of creating a digital estate plan

You are likely the only person who knows the contents of your online accounts. When you die, these unmonitored accounts will continue to hold sensitive information, such as your credit card number. This can put your estate at risk for digital identity theft when you die because con artists will use these unwatched accounts to glean your personal information. The information can then be used to fraudulently open credit cards in your name and make purchases.

A digital estate plan gives your heirs or executor the legal ability to access valuable photos, videos and banking information. This plan is necessary because giving someone your username and password does not legally authorize them to access or manage your online accounts when you die. For example, if your deceased husband has an Amazon account, which contains his credit card information, it is technically illegal for you to use his username and password to log into his account and remove that sensitive data. In an attempt to curb identity theft, a mix of online user agreements and state and federal laws have made it illegal for anyone but the account holder to access information they have stored in the digital realm. These changes have severely restricted a family’s ability to access, manage and protect a deceased individual’s digital information. Your digital estate plan works as a way to navigate around this complex web of user agreements and laws.

What to include in your digital estate plan

An inventory of your online accounts.

You should create a master list of every website you use, and your user name, password and security question for each website. Include everything: email accounts, social media websites, your blog, photo sharing websites, online shopping websites (such as Amazon), credit card accounts, and online bill paying websites.

Several companies have created software that makes this task easier. and 1Password are password-management programs that encrypt all of your username and password information, and then store it on your computer. You can give the Executor of your estate a master password for the program so that they can easily retrieve the data.

Appoint someone to manage your online accounts.

In your will (or trust) you can grant the executor of your estate the legal ability to manage and close your online accounts, and to remove valuable information from the accounts when you die. This expressed grant of power lends credibility to the executor when they reach out to companies in an attempt to manage your digital assets. For example, has a very complex user agreement that does not clearly state what your executor is entitled to do to your account once you die. Amazon ends the user agreement by stating “for communications concerning this Agreement, please contact Amazon by email.” If your executor did need to reach out to Amazon to request that credit card information be removed, the company is more inclined to work with them if Amazon is positive that you granted your executor that power.

Proactively reach out to companies

Finally, you and an estate-planning attorney can draft a letter authorizing companies that hold your online information to release it to the executor of your estate. As previously discussed, online user agreements and state and federal law have made it illegal for your executor to access your accounts directly. This letter expressly allows the company to release the contents of your account to your executor. This can help to alleviate the company’s fears about being sued for releasing such information, thus making them more likely to work with your estate representatives.

What Happens To Your Online Data When You Die?

What Happens To Your Online Data When You Die?


Passwords, banking records, social media accounts—day by day our lives create more and more data. But what becomes of all that data when we pass away is a looming problem with no clear answer.

Marc Davis, a partner architect at Microsoft responsible for online services such as Bing, MSN, and advertising, raised this and other troubling issues about citizens’ rights to their own information at a panel at this weekend’s SXSW conference, called “Demystifying Online Privacy and Empowering the Digital Self.” Despite our increasingly data-intensive lives, Davis explains, the legal framework around our personal data just isn’t there yet. “Usually, where commerce and society meet legally is the concept of property,” Davis said. “What’s missing is a concept of contract law and property rights for digital information.”

Consider the concept of a digital will: A legally binding statement to the world declaring who should have access to your information after you die. It’s a question that is bound to get only more complicated as our digitally engaged population grows older and expires. Think about how many passwords and online accounts you have. Who else has access to that information now? Whom would you like to get access after you die? How would the providers that host that data in the cloud even know you died, and what standards could they use to verify that fact? As the information we store in the cloud becomes more voluminous and valuable, these questions become more than simply academic.

Davis tells PM that professionals in the legal, funeral, and estate planning professions are just starting to come to grips with the problem of what to do with information after death. He’s been part of several panels on the subject in the past two years, and recently there have been a series of Digital Death Days intended to educate the industry about the problem (the next one in the United States is May 6th, in San Francisco). A few startup companies such as Legacy Locker and Entrustet have also sprung up to handle the legal and financial issues of data after death.

Yet most people don’t know how much data they have in the cloud in the first place, and have made no preparations for what happens to that information after death. “More and more people are living their lives online, but also their lives in the physical world are connecting to the Internet,” Davis says. That produces information with obvious financial value, such as banking and tax records, but also plenty of information with personal value: photos, music, communications, and social networking accounts. Then add in all of the data we automatically generate relating to our location, buying habits, Internet surfing histories, and more. “There’s a whole swath of data that we create that increasingly gets bound to our identity so that we leave a digital legacy,” Davis says.

The subject is deeply intertwined with the larger issue of digital identity. As Davis points out, that it’s not just after death that digital property issues come into play. “Every life phase we go through where we’ve established structures, documents and contracts to handle property and identity—birth, marriage, divorce, retirement—we’ve created as a civilization ways to handle the movements of rights and assets. So we’re at that time in history now where we’re applying these metaphors and frameworks onto the digital realm.”

The courts probably won’t figure out this complicated conundrum anytime soon. But for individuals the solution is simple, Davis says—include a digital will along with your regular will. Leave instructions for how to get to your digital assets and what to do with them. Then your online identity won’t end up in digital limbo.

Your Legal Digital Identity

Your Legal Digital Identity

Besides our social digital identity and consumer digital identity, we must also take into consideration a third aspect of the 1’s and 0’s that are being associated with us – our legal digital identity. While we have a good deal of control over our social digital identity, our consumer digital identity is collected based off on our spending habits – giving us far less control over what our consumer digital identity says about us. But our legal digital identity is something we have almost no control over, because it is information collected about us based on our dealings with the legal system (which is a matter of public record in almost all instances,) or is collected about us without our knowing about it.

Our legal digital identity is what police will make decisions based on. For example, if we are stopped for a broken tail light, the officer may write a citation, or a warning ticket – depending primarily on her own judgment. In either case, though, procedure requires her to check your driver’s license for outstanding warrants. If you have been a victim of criminal identity theft this is usually how you will find out about it, because things quickly escalate from a traffic stop (a relatively minor inconvenience) to an arrest (far more inconvenient on all levels.) If you are not a criminal, this will be due to your legal digital profile containing information about someone else who used your name and/or identification when they were arrested.

For a quick case-study, consider the story of Kevin Foster Wehner, who had his wallet stolen when he was on vacation in the US Virgin Islands. The man who ended up with his wallet, Shawn Labeet, used his ID for several years, buying assault rifles and handguns in Wehner’s name. Labeet also had a warrant out for his arrest for shooting his girlfriend – but whenever police stopped him, he gave Wehner’s driver’s license instead.

Wehner was well aware of the issue, and had gone to the police several times to complain about his stolen identity – especially when he started getting bills for vehicles he had not purchased. Eventually, police took a photograph of Wehner and made a notation that he was a victim of identity theft somewhere. But apparently, it wasn’t somewhere that anyone would pay attention to, because in 2007 Labeet shot and killed a police officer, which caused the local police to launch a manhunt. The picture they gave to the media was the picture Wehner had given them when they finally took his identity theft claim somewhat more seriously.

When he learned he was wanted by the police for the shooting, Wehner immediately called the local police, told them it wasn’t him, again explained that he was a victim of identity theft, and that he hadn’t shot anyone. Police were dispatched to follow up. As you can imagine, it was an intense moment when police arrived, guns drawn, and arrested Wehner in front of his wife and children. Things didn’t turn out as badly as they did for Amadou Diallo in 1999, when four plainclothes police officers mistook him for a man wanted in connection with a recent rape, but the stories run parallel tracks – the biggest difference being that the Diallo murder was mistaken identity based on a physical description, while Wehner’s arrest was based on his legal digital profile.

Legal digital identity are still very much in their infancy. Police and Federal authorities are using every piece of digital identity they can lay hands on to build these profiles – everything from social digital profiles to automatic license plate readers are being used to create a digital profile that can be used to track individuals, model their behavior patterns, and bring them in when they are wanted for questioning or have been associated with a crime, like Kevin Wehner. And while the threat of life-or-death decisions based on legal digital identities being a very real possibility, courts and legislators have been very slow to protect the average consumer.

Getting inaccurate information mixed up in your legal digital identity is not always deadly – in fact, quite often it is only an inconvenience. You may only lose your job, or just spend a few weeks in jail. But unlike our other digital identities, life-or-death decisions are placed in the same hands that hold our legal digital profiles, and police officers are still only human. Mistakes will always be made so long as decisions must be made using inaccurate information.

In the coming years, we must hope that laws will come into place that will protect us from these sorts of mistakes – that we might at least have some option to correct inaccurate information in our legal digital identity as we have with our consumer digital identity. However, until that day, it is best to keep in mind that worst-case scenarios can (and sometimes do) turn lethal, and it may be better to take the inconvenience of a false arrest than to stand your ground when facing the next mistaken SWAT team.