All the content in the blog is available free of charge and can be found in the menu to the left.
Please feel free to scroll down in order to become acquainted with all the content which might possibly be of interest or of service to you

17/10/2014

Seriously, Yahoo?

Justin Ellsworth was a 20 years old United States Marine Corps Lance Corporal. 


He served in Iraq and sent his family emails and pictures using his Yahoo account: 


Print screens of emails Justin sent shortly before his death


A picture Justin sent his family from Iraq via email

In November 2004 Justin was killed in Iraq in an act of bravery which awarded him a Bronze Star Medal with Combat Distinguishing Device (V Device). Sadly, Justin did not become posthumously famous following his acts of bravery, but following the media coverage his family's law suit against Yahoo has received, asking for access to his email account (I wrote about this in the 2nd article I wrote for ynet in 2011). The words and pictures he sent and received during his deployment were very meaningful to them after his death. 
A court order in favor of his family was issued following a prolonged legal battle in court. The family did not get his password, but they did receive a copy of the content of his email account on a DVD. Following this court ruling, Yahoo changed their terms of use, making sure this will not happen again: 

Print screen: Yahoo's TOS

According to the current TOS
"No Right of Survivorship and Non-Transferability: You agree that your Yahoo account is non-transferable and any rights to your Yahoo ID or contents within your account terminate upon your death. Upon receipt of a copy of a death certificate, your account may be terminated and all contents therein permanently deleted".
Recently, a committee of experts at the ULC has drafted an act regarding fiduciary access to digital assets. As reported by Jim Lamm of 'Digital Passing': 
"The final version is the result of an active collaboration by Uniform Law Commissioners who were members of the Drafting Committee and over 130 observers who participated in the process, including representatives from The American College of Trust and Estate Counsel, the American Bar Association, the National Academy of Elder Law Attorneys, the American Bankers Association, Internet service providers and several of their industry groups, and consumer rights and privacy groups".   
The act was approved in July 2014 at the ULC's Annual Meeting and Delaware was the first state to enact it, in August 2014. I (and other Digital Death colleagues of mine) hope that more states will follow suit soon.  

The essence of this new act is that: 
"...Legally appointed fiduciaries will have the same access to digital assets as they have always had to tangible assets, and the same duty to comply with the account-holder’s instructions".
And Yahoo? 
In September 2014 Yahoo wrote that they are against this new act. 
- Not only do they have such a strict, not-yielding, non-flexible policy regarding not granting posthumous access, they also disapprove of the new act. 
If their argument was that "we wish to maintain the user's privacy after his or her death regardless to his or her wishes", that would have been one thing. If their argument was that they don't like the current phrasing of the new law and they think it should be phrased differently, that would have been one other thing. But it is another thing when their arguments is that "it should be the user's choice": 


Print screen: Yahoo's Tumbler

Seriously, Yahoo? If the user's choice is so important to you, why don't you launch a service similar to Google's "Inactive Account Manager"? (It's an imperfect service, but it's an important step in the right direction).  
Why don't you force your users to check boxes regarding their wishes for posthumous access, just like you force them to check boxes regarding reading your terms of use? 


Graphics by Nimrod Benzoor
This is my proposal to websites, ISPs and platforms:
force their users to state their wishes 
in case
they will no longer be able to access their account

Why is your default choice - which is also the single, one and only choice - to have the account "terminated and all contents therein permanently deleted"? What if the user would have preferred for his or her loved ones to have access to his or her account after his or her death? If the deceased will pass the password on, they would be doing so in violation of your TOS (although you would probably never find out) and if the manager of his or her estate, a relative or a loved one were to contact you with a request for access, you wouldn't grant it. So how are you respecting the users choices? You're not giving them any!
I agree: some people would prefer for their account to get terminated upon their death. It is a legitimate wish and should be respected. But what about the people who would prefer otherwise? From the results of a survey I held in Israel last year (in collaboration with two other blogs), we've learned that there is no one answer which suits all (sorry, hope to get around to translating the results soon, you can read some of it in a paper I co wrote with Dr. Roey Tzezana and was published in Finland this summer about the gap between ISPs / platforms / websites policies and people's wishes). 

Yahoo, it's true that a user has a right to maintain his or her privacy, but what about his / her right to share