Digital death

An estimated 1-1.5 million Facebook profiles globally will outlive their owners this year. It is safe to assume that many of these users have never considered what will happen to their online information after they die. As more and more information is stored online, this question will increase in importance. Lawyers, particularly those who help clients draft wills, may wish to ask their clients to consider the future of their digital legacies.

The digital universe is expanding exponentially. Storage capacity of computers doubles roughly every two years and coupled with faster internet transfer speeds this has resulted in huge increases in “cloud computing” and the storage of information online. The term “digital assets” has been coined to cover this information stored online and includes text and photos on social media websites, emails, blog posts and even avatars in online games.

In the past a deceased person might have left behind any number of papers, letters, diaries, manuscripts and printed photographs of varying degrees of sentimental and possibly economic value. A person’s will may state what they want to happen to these sorts of documents after they die; or if they are not mentioned in the will, or if a person dies intestate, the executor makes this decision. Consider now that a person’s digital assets may have replaced many of these tangible information sources, and these digital assets are generally password protected. If someone dies without leaving their online account information, their digital assets may be effectively lost.

This concern over access to a deceased person’s digital assets has already spawned a nascent “digital death” industry. In October 2010, the Digital Death Day conference was held in London to discuss what happens to the personal data of individuals held online after they die. A number of websites are also devoted to the considering the ramifications of digital death and several online companies that promise to act as ‘digital executors,’ storing account information, to be sent out to nominated parties after you die.

Most lawyers in New Zealand who regularly draft wills agree that the average person never considers what will happen to their digital assets when they die. Ken Lord of Parry Field Lawyers in Christchurch says, “I do wills probably five times a week and it’s never come up.”

Similarly, Roger Hayman of Hayman Lawyers in Wellington says the question has never arisen with a client but says, “I’ve thought about it for myself.”

Mr Hayman has come to the conclusion, though, that “it’s all just ether.”

“I don’t think there are any digital assets. I don’t think most people will want to sit down and read the deceased emails.”

Occassionally relatives do want to access the emails of a deceased person though, and it can be nearly impossible for them to do so. A high profile case from the United States in 2005 illustrates just how difficult it can be. When US Marine Lance Corporal Justin Ellsworth was killed in Iraq in 2004, his father wanted to create an online memorial for his son, using emails Justin had written. He contacted Yahoo to gain access to his account, but the company refused to supply the password. Yahoo cited their privacy policy and their terms of service, which contains a clause stating there is no right of survivorship to an account. The Ellsworth family took Yahoo to court to gain access to the account. It was only after a probate judge order that Yahoo provided the family with a CD containing the contents of the account. Yahoo didn’t fight the court order, so the case didn’t set a legal precedent and Yahoo’s policy remains the same.

No standard industry practice

There is no standard practice across web services concerning what happens to a person’s digital assets after they die. Major web services have developed policies dealing with access to accounts, as the frequency of user deaths have made dealing with them on a case-by-case basis impractical, but there isn’t always uniformity.

At the heart of the issue are two competing policy considerations. The privacy rights of an individual may need to be balanced against the interests of surviving relatives and friends in accessing a deceased loved one’s digital assets, and against the potentially adverse publicity that can result from denying this access.

There may be virtual skeletons in a person’s online storage space; information they would not want revealed to their loved ones, even after their death. On the other hand, survivors have a legitimate interest in accessing photos, emails and other information which may not exist anywhere else. As the Ellsworth case illustrated, the issue can be an emotive one, and web services are eager to avoid the potential public relations disaster associated with such a case.

A simple solution

Regardless of the debate and complexity surrounding digital access rights after death, there is a simple solution. Users can decide themselves, in advance, what they want to happen to their digital assets when they die and act to protect their digital legacy while they are still alive.

Several websites offer encrypted space to store account information to be given to designated recipients after a user dies. However, given concerns with storing all your passwords and information for different accounts in one place online, a less hi-tech solution may be preferable.

A person may decide to take an informal approach, either backing up important material for themselves or entrusting their account details to a few close friends or family members and telling them what they wish to happen to their digital assets in the event of their death. However, a more formal approach may better prevent potential disputes arising.

The best way to state your wishes regarding your digital assets is an up-to-date will. This should specify: where your account information can be found (if you wish to share it); to whom access to different accounts should be given (or ownership if permitted by the terms of service); and your wishes regarding keeping or destroying digital assets. You should also keep an up-to-date list of passwords and other account information in a safe place if you intend for people to be able to access your accounts after your death.

The sentimental and economic value of online information may not currently be as high as tangible objects such as diaries and printed photographs, but as more of our world becomes digitized, the importance of digital assets is likely to increase. It may be worth considering now what future interest there may be in preserving (or erasing) your digital legacy.

Web services policies on death of users

When signing up for a service, users are required to accept a standard form agreement – the terms of service – that will often prescribe the procedures to take place upon the death of a user (see below for some of the major websites’ policies).


Facebook offers to remove or “memorialize” an account upon proof of death. Friends or family can contact Facebook via a “Report a Deceased Person's Profile” form which requires them to state their relationship to the deceased and provide a link to an obituary or news item as proof of death. A “memorialized” profile remains online but is removed from public search results. The wall is open for existing Facebook friends to pay their respects on, but others cannot add the profile to their list of friends. The account is barred from any login attempts.


Despite being a company that specialises in digital information, Google requires hard copy information to be posted or faxed to them before they will provide access to the content of a deceased person’s account. The required information includes:

  • Your full name, physical mailing address, and email address;
  • A photocopy of your government issued ID or driver’s license;
  • The Gmail address of the individual who passed away;
  • A copy of an email between you and the deceased;
  • Proof of death; and
  • A probate or other court order stating that you are the lawful representative of the deceased's estate; or
  • if the deceased was under the age of 18 and you are the parent of the individual, a copy of the deceased’s birth certificate.


Yahoo, which also owns Flickr and Delicious, will only share account information if required by court order. Its terms of service #27 entitled ‘No Right of Survivorship and Non-Transferability’ reads:

You agree that your Yahoo! account is non-transferable and any rights to your Yahoo! ID or contents within your account terminate upon your death. Upon receipt of a copy of a death certificate, your account may be terminated and all contents therein permanently deleted.

Windows Live Hotmail

Windows Live Hotmail has a policy of deleting email accounts if they are not logged into for 270 days. If a deceased’s next of kin provides Microsoft with the required (hardcopy) information, Microsoft will send a CD containing the contents of the account. The required information includes:

  • Certain details of the account holder;
  • A photocopy of the death certificate for the user;
  • Paperwork stating that you are the benefactor or executor to the deceased's estate and/or that you have Power of Attorney and are next-of-kin; and
  • A photocopy of your driver's license or a government issued identification.


Twitter states that “if we are notified that a Twitter user has passed away, we can remove their account or assist family members in saving a backup of their public Tweets.”

They request the following information:

  • Your full name, contact information (including email address), and your relationship to the deceased user.
  • The username of the Twitter account, or a link to the profile page of the Twitter account.
  • A link to a public obituary or news article.


To access a deceased person’s account, Youtube requires the following information to be posted or faxed to them:

  • Your full name and contact information, including a verifiable email address;
  • The YouTube account name of the individual who passed away;
  • A copy of the death certificate of the deceased; and
  • A copy of the document that gives you Power of Attorney over the YouTube account; or
  • If you are the parent of the individual and the account owner was under 18, a copy of the Birth Certificate.


MySpace won’t allow anyone to access, edit, or delete any of the content or settings on a deceased user’s profile, but will review and remove any content a upon a relative’s request. They require the following information via email:

  • The relationship to the deceased;
  • The deceased user’s MySpace friend ID;
  • Proof of death; and
  • Any specific requests to either delete or preserve the profile, or to remove content.


LinkedIn requires a completed death verification form emailed or faxed to them to remove a profile.