Sign In

Communications of the ACM

ACM News

Planning for Digital Death

turning off computer

Think about the many tracks a person can leave through digital world. It's not unusual for someone to have gigabytes of email stretching back years, multiple social media accounts with overlapping sets of friends and colleagues, bank and credit card accounts, online music and book libraries — and that's just scratching the surface. There's no shortage of solutions for creating identities and digital content online, but far fewer for what to do with all of it when someone dies.

Michael E. Locasto, assistant professor of computer science at the University of Calgary; Michael Massimi, post-doc researcher with the Socio-Digital Systems Group at Microsoft Research in Cambridge; and Peter J. DePasquale, associate professor of computer science at The College of New Jersey, think it's time people started paying attention to these questions. To that end, they presented a paper, "Security and Privacy Considerations in Digital Death," at the New Security Paradigms Workshop in September 2011. "There isn't a whole lot of awareness that our digital assets can be lost after death," says Massimi. "We wanted to raise its visibility as a 'problem space' for computer scientists."

In the paper, they point out that the digital age is young enough that for the most part, participants are only beginning to encounter questions around how to manage identity and security in the event of someone's death. "How do I close this online bank account?" they write. "Should I leave up their hobby Web page or Twitter account as a tribute to their passion? What do I do with 7 gigabytes of their email?"

The problem is exacerbated by the fact that a person's digital life is fragmented, with a presence on potentially hundreds of different sites: their email might be with Google, their hobby website hosted by Yahoo, and their investments in half a dozen different banks or funds, each with a different identity. (One of the author's browsers has nearly 180 username/password combinations for more than 100 websites.)

And even if survivors and heirs have all the passwords, they don't necessarily have a right to access the content. The paper contains a table of how various sites' terms of service deal with a subscriber's death — most don't deal with it at all except for the boilerplate about an account not being transferable. For example, Gmail, Hotmail, Facebook, Google Health, Bank of America, and Amazon all lack any kind of death or transfer clause. And one that does, Yahoo, is the opposite of helpful: the terms of service explicitly says, "You agree that your Yahoo! account is non-transferable and any rights to your Yahoo! ID or contents within your account terminate upon your death." Or, as Massimi puts it, "Bye, and thanks from the Internet!"

"I think we want better management of identity as a whole," says Locasto, and the paper sketches a system of cloud-based "identity containers," one for each of a user's accounts or activities. These containers would be strongly isolated from each other, so that a security breach of one wouldn't provide access to any others. The system would manage the creation of a strong password and a one-off disposable email address for each new container/account, taking the burden off of the account holder. The user would then specify what sort of event would trigger the release of identity information, and set up sets of identity containers that would go to specific survivors. A spouse, for example, might get access to bank accounts, while colleagues might get work email.

The authors acknowledge that it's not going to be easy to get from the current fragmented landscape to any such identity management system. "We have seen some technologies that can help us," says Locasto, pointing to sites like, which lets subscribers store messages that will be sent if they fail to reply to a prompt.

Massimi agrees that getting to such a system is "not an easy path." He mentions McAfee's Cloud Identity Manager, which lets companies implement access policies for cloud applications, and SecureSafe, which offers secure online storage of important papers and passwords, as examples of some progress toward the goal. "If one of the major players, such as Facebook, Google, Microsoft, or another large corporation that manages personal accounts at a large scale, or the government gets involved," he says, "that could be a positive step."

When asked what they themselves have done to address these issues, both men laugh ruefully. "Some of the genesis of this paper was asking myself this question," says Locasto. "What do I do with this stuff? Who gets it?" But he hasn't done very much yet. "I have all my passwords in several secure locations and delegated access to people I trust."

Massimi points out, "One of the things this builds on is big life events. Those are the times you take stock of your assets. I'm single and unmarried and don't have kids, so I haven't done much yet."



I think fundamental issue is about giving control back to where it belongs... IMO, as a user who created all these accounts, I should be able to decide what would happen to those accounts. I imagine products like will become mainstream soon and many people will think of them as an essential extension of estate planning exercise.

Displaying 1 comment