Throughout our lifetimes we consume, collate, curate, host and produce a staggering quantity of data – some by our own hand, some by others on our behalf, and some without our knowledge or consent.

Collectively, our “digital footprints” represent who we are and who we were. Our digital legacies are immortal and can impact those we leave behind.

Many of us take steps to secure our privacy while we’re alive, but there’s mounting evidence that we should be equally concerned about the privacy and security risks of our “data after death”.

Reincarnation as data

It might be tempting to think of data after death as inconsequential – after all, we’ll no longer be around to worry about it. However, Facebook and Instagram both support static “memorial” accounts for the deceased. We also know memorial pages can play an important part of the grieving process.

Facebook has around 300 million accounts belonging to the deceased. Research suggests this figure could rise into the billions within decades.

However, these platforms’ terms of service don’t address how the data of deceased users is retained, processed or shared.

There is now even more cause for concern with the emergence of platforms like TikTok and Likee, which have both proven to be particularly liable to expose the personal lives of millions online.

This raises important questions, such as:

• what are platforms such as Facebook doing with the data after death they collect?

• is it ever deleted?

• could it be sold or otherwise monetised?

• what assurances do we have our data will continue to be hosted by those providers after death?

• if not, who will be able to access and manage our data in the future?

In 2012, a teenage girl died after being hit by a subway train in Berlin. Her parents had her Facebook credentials and wanted to access her account to determine whether she had committed suicide. After six years of legal battles, the parents were awarded a court order and finally given access to their child’s “memorial” Facebook account data.

We all have skeletons in the closet

COVID-19 has completely changed our internet use patterns. The unplanned transition to working from home has blurred the boundaries between our professional and personal lives.

Consequently, personal information is now more likely to be exchanged over services such as Microsoft Teams. Many users may choose to store confidential information on personal cloud services for the sake of convenience.

With these changes in behaviour, new vulnerabilities have emerged. When a user dies, it’s now more important than ever personal and otherwise sensitive information is automatically identified and secured.

Colleagues of the departed may forget to revoke access credentials, which can then be used to steal intellectual property. Embarrassing email exchanges that belonged to the dead can damage reputations, and sensitive information can negatively affect entire businesses and potentially ruin lives.

In 2016, a Twitter account belonging to the well-known US journalist David Carr was hacked by a sexting bot a year after his death. Earlier, in 2010, 16-year-old vlogger Esther Earl died of cancer before she could cancel a tweet she had scheduled for release that left friends and family in shock.

The need for data management after death

Most Australians don’t have a conventional will, so it’s not surprising the digital equivalent hasn’t gained traction.

In collaboration with the Australian Information Security Association (AISA), we surveyed about 200 AISA members to assess their awareness of digital wills and associated Australian regulations that protect users’ security and privacy. Our survey results confirmed that even key decision makers in the field and cybersecurity thought leaders had not considered or prepared for posthumous data risks.

But raising awareness is only part of the battle. There are no national regulatory bodies, rules or standards for service providers to follow when managing the data of the deceased. And in Australia there are no laws or regulations imposing requirements to minimise the risks of data after death.

We need a solution that can resolve issues ranging from moral quandaries about posthumous medical data, to privacy concerns about accessing past digital correspondences.

To be effective, such a solution will require legal and policy recommendations, guidelines and technological adaptations for providers, decision-makers and users. Each aspect will need to be sensitive to context and accommodate for grief and mourning among individuals and organisations. For example, there is often a period of compassionate leave available for employees when members of their immediate family pass away.

Some processes meant to manage data after death already exist, but they need more development. Technological solutions for data after death proposed thus far fall into the category known as privacy-enhancing technologies – tools meant to protect users’ privacy.

Users have been reluctant and slow to adopt privacy enhancing technologies. In part, this is because they don’t allow individuals the ability to control how they manage their privacy risks.

This article is republished from The Conversation under a Creative Commons license. Read the original article.

The Australian government’s Digital Transformation Agency (DTA) has spent more than A$200 million over the past five years developing a National Digital ID platform. If successful, the project could streamline commerce, resolve bureaucratic quagmires, and improve national security.

The emerging results of the project may give the Australian public cause for concern.

Two mobile apps built on the DTA’s Trusted Digital Identification Framework (TDIF) have recently been released to consumers. The apps, myGovID and Digital ID, were developed by the Australian Taxation Office (ATO) and Australia Post, respectively.

Both apps were released without fanfare or glossy marketing campaigns to entice users. This is in keeping with more than five years of stealthy administrative decision-making and policy development in the National Digital ID project.

Now, it seems, we are set to hear more about it. An existing digital identity scheme for businesses called AUSkey will be retired and replaced with the new National Digital ID in March, and the DTA has recently put out a contract for a “Digital Identity Communication and Engagement Strategy”.

The DTA’s renewed investment in public communications is a welcome change of pace, but instead of top-down decision-making, why not try consultation and conversation?

We fear what we don’t understand

Ever since the Hawke government’s ill-fated Australia Card proposal in the 1980s, Australians have consistently viewed national identification schemes with contempt. Some have suggested that the DTA’s silence comes from fear of a backlash.

History provides insight into some, but not all, of the numerous potential reasons for the DTA’s strategic opacity.

For example, people do not respond positively to what they do not understand. Surveys suggest that fewer than one in four Australians have a strong understanding of digital identification.

The National Digital ID project was launched more than five years ago. Why hasn’t the public become familiar with these technologies?

What is the TDIF?

The TDIF is what’s known as a federated digital identification system. This means it relies on multiple organisations called Identity Providers, who act as central repositories for identification.

In essence, you identify yourself to the Identity Provider, which then vouches for you to third parties in much the same way you might use a Google or Facebook account to log in to a news website.

The difference in this case is that Identity Providers will control, store and manage all user information – which is likely to include birth certificates, marriage certificates, tax returns, medical histories, and perhaps eventually biometrics and behavioural information too.

There are currently two government organisations offering Identity Service Providers: the Australian Tax Office (ATO) and Australia Post. By their nature, Identity Providers consolidate information in one place and risk becoming a single point of failure. This exposes users to harms associated with the possibility of stolen or compromised personal information.

Another weakness of the TDIF is that it doesn’t allow for releasing only partial information about a person. For example, people might be willing to share practically all their personal information with a large bank.

However, few will voluntarily disclose such a large amount of personal information indiscriminately – and the TDIF doesn’t give the option to control what is disclosed.

Securing sovereignty over identity

It might have been reasonable to keep the National Digital ID project quiet when it launched, but a lot has changed in the past five years.

For example, some localities in Canada and Switzerland, faced with similar challenges, chose an alternative to the federated model for their Digital ID systems. Instead, they used the principles of what is called Self Sovereign Identity (SSI).

Self-sovereign systems offer the same functions and capabilities as the DTA’s federated system. And they do so without funnelling users through government-controlled Identity Providers.

Instead, self-sovereign systems let users create, manage and use multiple discrete digital identities. Each identity can be tailored to its function, with different attributes attached according to necessity.

Authentication systems like this offer control over the disclosure of personal information. This is a feature that may considerably enhance the privacy, security and usability of digital identification.

Moving forward

Based on the idea of giving control to users, self-sovereign digital identification puts its users ahead of any institution, organisation or state. Incorporating elements from the self-sovereign approach might make the Australian system more appealing by addressing public concerns.

And self-sovereign identity is just one example of many technologies already available to the DTA. The possibilities are vast.

However, those possibilities can only be explored if the DTA starts engaging directly with the general public, industry and academia. Keeping Australia’s Digital National ID scheme cloaked will only increase negative sentiment towards digital identity schemes.

Even if self-sovereign identity proved appealing to the public, there would still be plenty of need for dialogue. For example, people would need to enrol into the identification program by physically visiting a white-listed facility (such as a post office). That alone poses several technological, economic, social and political challenges.

Regardless of the direction Australia takes for the Digital National ID, there will be problems that need to be solved – and these will require dialogue and transparency.

Government and other organisations may not support a self-sovereign identity initiative, as it would give them less information about and administrative control over their constituents or clients.

Nonetheless, the implementation of a national identity scheme by stealth will only give the Australian public good reason for outrage, and it might culminate in intensified and unwanted scrutiny.

To prevent this from occurring, the DTA’s project needs to be brought out of hiding. It is only with transparency and a dialogue open to all Australians that the public’s concerns can be addressed in full.

This article is republished from The Conversation under a Creative Commons license. Read the original article.