
"I wrote my passwords in a notebook for my children."
"I have my aunt's credentials, so I can access her accounts."
Eh no, things are different. Let's see how.
More and more people are, fortunately, becoming aware of the value of their digital legacy and the need to safeguard it and protect themselves and their loved ones. But as there is still little digital education on the issue of online death, the crafted safeguards used to safeguard one's assets turn out to have structural validity problems.
Many users in fact believe that passing on digital inheritance is feasible simply by passing on passwords to close people informally, as in, "the money is under the mattress," or "the photo album is in the second drawer of the cupboard." In the digital world things are not like that. Why?
Because between the users and their heirs there is a third agent in the middle, and that third agent is not "acted upon" or passive like a bed or living room furniture, but is active and ready to protect itself in turn, moving from agent to agitated.
The third agent is the provider, i.e., the software service with which each user enters into a personal use agreement, which is guaranteed and accessible through exclusive and non-transferable credentials to thirdi.
What does it mean?"
A password is, for all intents and purposes, a strictly personal credential.That is, it is uniquely linked to the holder of the account to which it refers and represents his or her digital identity for that particular service. As such, a password cannot be transferred to others or used even by close relatives or heirs.
The use of a deceased person's login credentials, even with the best of intentions such as closing accounts or handling pending business, can violate legal and contractual rules, because passwords expire with the death of the holder.
Italian Law and Digital Legacy
In Italy, the management of passwords and digital accounts of the deceased is governed by specific regulations that are part of digital inheritance. Italian law recognizes the right of heirs to access certain accounts and digital data, but only under specific conditions. In order to legally access a deceased person's accounts, it is often necessary to provide proof of one's position as legal heir and, in some cases, to obtain a court order. This process can be complex and requires a thorough understanding of applicable laws.
🤔
So, if you are thinking of informally passing your passwords on to a loved one, or conversely accessing the accounts of those who are no longer there with the credentials provided to you, stop. This is not the right way to do it.
🚫
In addition, if the goal is to take care of the digital legacy, this is certainly the riskiest way to do it.
The providers are not naïve and are now able to recognize suspicious movements in someone's accounts, especially (but not only) if the profile has remained inactive abnormally for a while. There, the punishment of the agent-agitated can vary: it ranges from a total block of the account to sending a signal to the appropriate authorities.
In many countries, accessing the profiles or digital accounts of a deceased person using his or her credentials can be considered an unauthorized entry into computer systems. This can even figure among crimes such as invasion of privacy or identity theft. Even if accessed to resolve administrative or personal matters, the lack of clear legal authorization makes such action illegal.
In the United States, for example, the Computer Fraud and Abuse Act (CFAA) specifically prohibits unauthorized access to computers and computer systems. Similar principles exist in Europe and many other jurisdictions. This means that, technically, hacking into an account using a deceased person's credentials is a crime, even if the ultimate goal is to resolve family or estate situations.
In a nutshell: by trying to protect the digital legacy, you are risking a lot and, by using the deceased's passwords, you paradoxically risk losing access to all his accounts.
What you can do
There are a number of tools and technologies designed to help with digital legacy management, both in planning for the future and in recovering in the case of an already deceased user.
These are our recommendations.
- All providers must ensure an option, even if minimal, to designate an heir profile for each account, as required by the GDPR. This option allows a family member or trusted person to later access the deceased's accounts, albeit with limited functionality. However, each provider has different policies for both scheduling and retrieving the digital legacy, so be prepared for a complex and time-consuming operation.
- Another way forward is to plan one's digital legacy with professional toolsi that guarantee its legal validity, such as Coffer. This type of service, which is usually low cost and affordable to most (with the various differences) is effective because it negates the future risk of legal problems or access to essential information.
- You could turn to a notary or specialized law firm to certify your will, designate your digital heirs, and choose what to pass on and to whom, and what use to make of it.
- Finally, there are ethical tools such as Zephorum's Digital Heir, which allow you to recover a loved one's digital legacy without the need for passwords. This approach avoids legal or technical issues related to credential management and ensures a privacy-friendly solution for the deceased and his or her heirs.
Why it is essential to understand these issues
.Understanding the laws and implications related to the use of deceased passwords is essential to avoid legal complications and to respect the memory and privacy of users. Preparing in advance and educating yourself on how to handle digital inheritance can make a big difference, both to ease the process for heirs and to ensure that wishes are respected. This is an important step in modern estate and emotional planning.
What do you think? What other solutions could be adopted or created in the future?
Scrivici un commento