What happens to your data when you die? Do you want loved ones to receive access to your Facebook and email, or do you want your browser history automatically deleted? Should your passwords be sent to your next of kin? Are your digital assets, from ebooks to bitcoins, going to be passed on? And what about medical or fitness data subject to privacy protections—does your personal privacy still matter? If that data could be useful to researchers, should they have an easier time getting it because you can’t be negatively affected by its use?
The use of data from the deceased can have real medical benefit, either as part of cohort studies to look at the long-term effects of environmental or behavioral differences (such as diet) or to directly investigate diseases that affected the deceased. In many jurisdictions, this data is difficult to obtain; in the UK, patient records cannot be accessed until 100 years after their death (more restrictive than accessing someone's FBI file after death), and in Germany data from the deceased is protected in a number of ways, including by the requirement that researchers prove they could not have answered their questions in any other way than by using the data. Clinicians have called for a data donor registry that would identify individuals as consenting to the use of their data posthumously, in the same way that organ donors preemptively identify themselves.
While some families choose to turn a deceased loved one’s Facebook page into a memorial, others might want it removed from the site—particularly as Facebook has a tendency to “remind” us of past events that might include a reminder of a dead friend. Most sites will remove user accounts when provided with a death certificate, though it seems particularly humiliating to ask relatives to fax a death certificate to eBay, or OKCupid. Accounts created with pseudonyms would also persist after death, and depending on how unexpected a death was, it can be a time of increased vulnerability; with the user unable to verify activity as fraudulent, unauthorized access could go unnoticed longer than usual.
What Lasts Longer: Biological or Silicon Memory?
Of course, the highest-profile case of data in limbo after death is playing out now, with the iPhone 5c of a San Bernardino shooter at the center of a battle between the FBI and Apple over whether a passcode should be allowed to die with the only person who knew it. Adding to the complication of this case is the fact that the phone in question was owned by an employer; anyone with plans to remove sensitive information from a work-owned device before turning it back in should be aware that they may pass away before they can do so. The security of “brain wallets”, or passwords stored only in human memory, has a shelf life, and we’re slowly beginning to develop the processes necessary to pass on digital information after passing on.