Digital Will, Part I: Requirements

Digital assets are becoming as important as physical assets, so how do you manage them after you die?

When you lose a member of your family, you may find yourself at some point thinking about your own mortality, which then may lead you to think through preparations for your own death. I lost my father recently, but years before his death, he set up a will that described how to manage his estate, but he also made sure to share with me login details for his important financial accounts so I would have access when the time came. When the time did come to put his plans into practice, those details were invaluable.

All of this made me realize just how complicated it would be for someone to manage my own accounts in the event of my death, especially considering how much effort I've gone through to secure my computers and accounts. After all, unlike my dad, I don't use the same password for everything. What I realized I needed was the equivalent of a digital will: instructions and credentials so my next of kin had everything they needed to access my accounts and manage my affairs. In this first article of what will be a two-part series, I describe the requirements and plans to create a digital will in a way that would be manageable for my next of kin while also not negatively affecting the security of my accounts. The second part of the article will describe how I implemented these plans.

Defining Terms

This digital will is based on many of the ideas behind a traditional will, and I intend on borrowing a lot of the framework and terms instead of "re-inventing the will". To get started, let me define a few terms, but I should make it clear that I'm not an attorney, so these are just loose definitions to describe how some common terms used in a will might be applied to this digital will:

  • Decedent/Testator: the decedent is the person who has died, and the testator is the person who signs the will and whose will it is. For our purposes, this will be the same person—the person who currently controls these digital assets that will be transferred upon his or her death.
  • Beneficiary/Inheritor: the person or persons who are receiving a gift of personal property from the decedent. For our purposes, this is the person or persons who will get control of digital accounts or other assets.
  • Administrator/Executor: the person who is to oversee the administration of the estate and make sure the will is followed according to the testator's wishes. Often a testator will name a preferred executor in the will itself; other times, they are appointed by the court. In the case of a traditional will, the executor also may happen to be a beneficiary, but for some larger or more complicated estates it's often a third party selected for their financial or business know-how. For our purposes here, the executor will need technical know-how and will be the person who assists the beneficiary with getting access to accounts and managing any digital assets up to the point that the beneficiary can take over and will no longer need technical assistance.
Goals and Requirements

Unlike a traditional will, this digital will does not have a goal of defining who gets digital assets like online financial accounts—a traditional will already can define that sort of thing in an appropriate and legal way. Instead, the main goal of this digital will is to enable the executor to grant the beneficiary access to digital assets left behind. This main goal then helps with defining some related requirements.

Requirement 1: Simplicity

Dealing with a loved one's death and regular estate is difficult enough as it is. The extra complexity behind digital assets makes this even more difficult, and since you'll want to add security requirements on top, this very easily could result in a complicated and hard-to-follow process. Simplicity has to be a primary requirement, since you won't be around to help with the administration. This means however tempting it might be to use sophisticated cryptography algorithms or technologies, you need to make the digital will as foolproof and simple as possible.

Requirement 2: Documentation

Since I work in technology, I set up and maintain a number of systems at home. These include common household systems like wireless access points, a local file server and media center computers. Those systems are pretty common for people who are into computers, but as I have a sysadmin background, I also maintain email, web and DNS servers for domains that we own and that I and my family use for our main email and various blogs and other websites. All of these systems are largely undocumented, since I am the one who set them up and no one else maintains them, but obviously, that presents a problem if I die.

So one requirement for this project is to provide some kind of documentation for all of those systems. This documentation is not just about which systems exist (which is an important start), but it's also some level of detail on how to maintain those systems. The executor is the technical help here, but they can't be expected to perform their duties indefinitely. So the documentation also might need to cover how to migrate to a replacement system in the future, since some systems need more technical know-how to maintain long-term than the beneficiary may have. The person writing the digital will is in the best place to make those determinations, as they know the skill levels and time commitment necessary to maintain the systems as well as the skill levels and free time available to both the executor and the beneficiary.

Requirement 3: Secure Transfer of Account Authentication

Whether you maintain local IT systems in your house or not, you still likely have a number of online accounts that you don't share with anyone else. Each of those accounts has its own set of credentials, and although some online services have support in place so that a beneficiary or next of kin can take over the decedent's account with a valid death certificate, many don't.

The digital will needs to provide a way to transfer access to those accounts over to the beneficiary, possibly with the help of the executor, without putting those accounts at risk from outside attackers. Ideally, the accounts would sit in a kind of digital trust so that the executor can't independently get access to those accounts prematurely—no matter how much you trust your executor, you probably don't want that person to have access to all your accounts and systems while you are alive. In some circumstances, you also might choose to prevent the beneficiary from getting premature access as well (for instance, if the beneficiary is your child). Even if you do trust your executor and beneficiary fully, you may not trust your full set of secrets on their systems since they could get hacked.

Requirement 4: Maintenance

If you ever have been responsible for technical documentation, you know how quickly that sort of thing can become out of date. This digital will process is no different, but it's even more important that it be kept up to date. This means you need to add an additional requirement that you build in some process to keep the documentation, credentials and everything else related to this digital will up to date via some periodic process.

Requirement 5: Fault Tolerance

Technology and people can fail, so this digital will needs to account for and be resilient to failure both in any technology it picks and mistakes or memory lapses for any people involved. Systems should be redundant and account for failures and mistakes. You should be careful when choosing any solutions that rely on third parties that could go out of business or shut down a particular service they provide.

Requirement 6: FOSS

The technologies for this digital will should rely on free and open-source software (FOSS) not just because that matches my own ideals (and the ideals of Linux Journal), but also because a FOSS solution helps with the fault-tolerance requirement. FOSS software, even if it becomes unmaintained, still should be available for use in the future, whereas proprietary software or services may not.

Conclusion

Thinking through these requirements was hard, but not nearly as hard as figuring out an implementation that satisfies these requirements! In the next part of this article series, I will describe the solution I came up with for my own digital will.

Kyle Rankin is a Tech Editor and columnist at Linux Journal and the Chief Security Officer at Purism. He is the author of Linux Hardening in Hostile Networks, DevOps Troubleshooting, The Official Ubuntu Server Book, Knoppix Hacks, Knoppix Pocket Reference, Linux Multimedia Hacks and Ubuntu Hacks, and also a contributor to a number of other O'Reilly books. Rankin speaks frequently on security and open-source software including at BsidesLV, O'Reilly Security Conference, OSCON, SCALE, CactusCon, Linux World Expo and Penguicon. You can follow him at @kylerankin.

Load Disqus comments