Believe it or not, accessing private data after death has historically been an act of hacking. Yeah, imagine having to hack your loved one's accounts to get access to important stuff like checking and savings accounts, bill paying systems, accounting systems, or invoicing systems.

Essentially, survivors would need to impersonate the deceased, guess at passwords or have passwords rotated by a hack to access accounts, of have secure systems compromised to access data.

And legally, the heir or assign of an individual didn't have any rights to the data. That data was owned by the account holder (who is now dead) and there wasn't a legal transference of digital property rights.

However, effective June 2016 in the State of Washington, this has changed with the adoption of 11.120 RCW Uniform Fiduciary Access to to Digital Assets Act (UFADAA).

UFADAA establishes a standard process for a fiduciary to access the secured digital assets of the deceased found on their devices (computers and mobile devices) and their online accounts.

This special access is limited: it grants the fiduciary access to essentially collect the data and close the account; it doesn't allow for the account of the deceased account to survive forever. 

UFADAA also allows for data to be collected from the principal, accumulated by a designated custodian of the data, cataloged, and held in a trust. It also allows the principal to shield some kinds of data from their fiduciary.

Some companies are more progressive on these matters - like Facebook - allow you to identify legacy accounts: fiduciaries on Facebook that would presumably survive the deceased and could get access to the account to memorialize it. Most companies are far behind this curve of being able to identify others who could access their digital assets after death.

The court can assign data custodians and so can businesses and individuals. However, it's recommended that a will/Power of Attorney specifically declare UFADDA rights.

If you're concerned about this - and if you own a business, you'd want to be concerned about this - you'd want to speak to your attorney about including UFADDA rights into your succession planning.

Also, you'd want to check online services that offer legacy accounts (or some means of designating authorized survivors) and set those up.

And finally, you'd want to grant some degree of access to your password manager for the fiduciary following your demise. Most password manager services allow for a legacy account to be designated; otherwise, a master password, written on paper, stored in a sealed envelope, and safeguarded in a safe place, may also suffice (a broken seal may be a visual trigger to reset passwords).

Windows is not a secure nor a private operating system platform.

I couldn't recommend it to anyone concerned about the security of their computing platform, or, the confidentiality of their personal private information (PPI).

It cannot be hardened or made secure so long as it is connected to the public Internet.

If you use it, you are unwittingly transmitting PPI, location data, and system data to Microsoft, even if you attempt to harden the o/s through enabling its privacy settings.

• Out of the box, Windows 10 violates your privacy and transmits information to Microsoft.

• Curious about what Windows collects about you? Here's an analysis.

• Windows 10 transmits confidential information to Microsoft over 5,500 times a day.

• Windows 10 has a native keylogger that transmits PPI.

• Windows 10 search features keep transmitting PPI even if disabled.

• Even when instructed not to transmit data to Microsoft, the o/s does so.

• Extensive telemetry data cannot be prevented from being transmitted to Microsoft.

• When you encrypt the drive with Bitlocker, the decryption key is sent to Microsoft.

• The EFF continues to hound Microsoft to address their behaviors without response; Microsoft continues to disregard user choice and violates their privacy.

• Google felt to publicly disclose a Windows 10 vulnerability before Microsoft, because they refused to take action; they did it to protect their users while Microsoft stalled.

• Microsoft's operating system is constantly susceptible to zero-day flaws and attacks; famously, a Russian-created zero-day attack mounted by Russian intelligence services were used to attack the DNC.

If you're concerned about security or privacy, one cannot honestly look at Microsoft's offerings and consider them a serious option. 

R

Nearly everything we do is digital: our banking and commerce; our interactivity and socialization; our education and information exchange; our entertainment; our politics and our dissent. So much of our lives have an electric footprint.

Therefore, it's in the interest of everyone to better manage the risks of digital media. In the spirit of teaching others how to do something than to simply do it for them, Mickler & Associates, Inc. is joining forces with the Electronic Frontier Foundation (EFF) to help train, educate, and show others how to manage their data securely and confidentially.

The Electronic Frontier Alliance (EFA) is a network of grassroots groups taking action in their own local communities to promote digital rights.

As an EFA member organization, we believe that technology should support the intellectual freedom at the heart of a democratic society. In the digital age, that entails advancing:

• Free Expression
  People should be able to speak their minds to whoever will listen.
  

• Security
  Technology should be trustworthy and answer to its users.
  

• Privacy
  Technology should allow private and anonymous speech, and allow users to set their own parameters about what to share with whom.
  

• Creativity
  Technology should promote progress by allowing people to build on the ideas, creations, and inventions of others.
  

• Access to Knowledge
  Curiosity should be rewarded, not stifled.

We uphold these principles by fighting for transparency and freedom in culture, code, and law. Locally, Mickler & Associates, Inc. will be promoting these ideals by:

• Holding online and on-ground seminars about digital security and privacy.

• Creating training videos and other digital assets that could be shared and disseminated.

• Commercial and non-commercial training.

• Private consultations and service engagements.

• Corporate events.

• Offering up training for students and to community activists.

• Donating our time and experience to non-profits.

Want to know more, or, how we could lend a hand to you or your local organization? Contact us. We can chit-chat about the possibilities and see where Mickler & Associates, Inc. could add value. Thanks.

R