Last week I attended a fascinating seminar by Wendy Moncur on the postdoctoral research she is conducting into digital inheritance and what happens to digital data and assets after the data subject dies. It inspired me to outline some of my own thoughts below.
It is a fact not in need of repetition that we all die. But our online lives, through lack of individual management and frequent lack of online service providers (OSPs) guidance, do not fully reflect this fundamental certainty. Admittedly in the social networking world there is greater awareness, with online reminders of the fragility of life through memorialised Facebook profiles. This practice, in stark contrast to the conventional slab of engraved granite, provides an easily accessible and virtual memorial to the deceased user. It is also a practical response which stops the issues caused by friends of a deceased Facebook user being urged to get in touch and reconnect with a dead friend, causing clear emotional upset (see report here). But, overall many OSPs don't have sufficient provisions in place for managing a user's digital assets upon death. Coupled with lack of user awareness this creates a problem which will grow in significance as online service users get older.
Memorialising social networking profiles highlights one aspect of why lack of user awareness about use of data after death will become increasingly problematic. This is because these activities are using the deceased's data in a manner which they may not have consented to if they had been given the opportunity. It is up to others what information is preserved in the memorial, but when one considers the possibility that this may include compromising snapshots of overly drunken ventures or embarrassing past social updates, these being 'immortalised' on the world's favourite social network might not be the best way to be remembered. OSP users are not provided guidance from the OSP and will seldom provide expression of their own wishes, so this is how many might be remembered. Although one could argue that the deceased consented to their association with photos or activities whilst alive,but the problem is that upon death (without use of an Ouija board or TARDIS) the subject can no longer revoke their consent and disassociate, remove or destroy the content. Instead, this decision is being exercised by someone else who may not apply the same scrutiny as the deceased would have preferred. However, as shall be seen below, even if the deceased has made expressed wishes through a will or other means, the guidance may still not be actionable.
The increased use by individuals of online services to store and manage digital assets results in these assets being stored outside the owner's direct control. The move to alternative storage methods shows no signs of slowing with recent announcements of new services like Google's Chromebook or Apple's iCloud which will move even more data into the respective clouds. The vast plethora of Web 2.0 applications, often from companies incorporated outside the UK, like Flickr, Facebook and Blogger, also highlight the difficulties caused by the global nature of the internet and the associated issues of ascertaining the location of servers, for example, to determine applicable law and relevant jurisdiction. Many OSPs bind the user with standard form contracts in the shape of privacy policies and end user agreements which contain non negotiable terms specifying jurisdiction and choice of law. As consumer contracts these may be interpreted in favour of the user but nevertheless other terms which may go against the interests of the deceased user and remain valid in the form contracts. Flickr for example states that upon death there are no rights of survivorship and no transferability of digital assets, to quote:
s26.9 - Your Yahoo! account is non-transferable and any rights to your Yahoo! ID or contents within your account will be cancelled upon your death. If we receive a copy of a death certificate, the relevant account may be cancelled and all its contents permanently deleted.
An interesting aspect of legal regulation is the potential use of copyright as a means of managing rights in creative works upon death. This may counteract the prevalence of unfair contract terms outlined in the Flickr example above. By using copyright to enforce rights of the deceased creator, could there be any claims for asserting liability or claiming compensation over assets which are locked into a platform or have then been deleted as per a term of a form contract? Could the executors assert the moral rights of the deceased in the copyrighted work and claim that the work should not have been destroyed? This seems an interesting route for protecting the deceased's works but might suffer from the fact that the deceased should have had other copies of the media and not purely rely on the copy uploaded to the platform like Flickr. Furthermore, the uploaded photo will only be a licensed form of the original and the author thinks that it would be difficult to assert that the contract term was unfair when it applies to a licensed copy and the onus probably existed on the deceased to have retained the original.
Another area that I think may become problematic is in data which has been anonymised by an OSP for storage on servers and databases. Often this kind of data changes the applicable data protection laws, as they may reduce or remove the obligations on the data controller if the data is in anonymised form (jurisdiction dependent). Anonymised data, by its nature, is intended not to pertain to an individual, but the ease of correlating information to de-anonymise it and then rediscover who it relates to raises questions about how this anonymised data can be managed when the original subject has died. This data then re-establishes itself to the deceased but may not have even been considered within the remit of the estate or digital patrimony. Would it be possible to build identifiers into the anonymised data where a tag allows it to be identified with the correct encryption keys, and upon death of the subject, could allow all anonymised items of data to be reassigned to the deceased's estate and thus remove any of the risks described above? Not being a computer scientist this may be a ridiculous proposition, but with strong enough encryption, to my mind, it does not seem utterly stupid...
By using code to enhance and improve existing technologies it creates a stronger regulatory system which can assist in managing the complex issues surrounding treatment of digital assets after death. These are just a few of the many issues caused by death and digital asset management and it is a fascinating area which has innumerable problems in need of solutions. Interdisciplinary approaches appear the strongest way forward and as always this requires a careful balancing of all law, code, norms and market to ensure good governance.