Lolade woke up that morning with some pain in her chest. She had experienced it the day before, deciding to go to bed much earlier than her usual time of 10 p.m. She was also very tired despite having had the required eight hours of sleep.
Sadly, Lolade died of a heart attack within two hours, leaving behind two very distraught parents and some pretty angry siblings. With Lolade's job at a fintech startup, she served as breadwinner, bringing in 70% of the income the family lived on. But here's where things got tricky.
As the savvy investor that she was, Lolade used many investment apps and had several online investments. She also had some shares which she bought a few years before. Very active on social media, she had accounts with massive followings on Facebook, Twitter, and other platforms.
Apart from this, she loved to take pictures. She took pictures of herself, family, friends, nature, and pretty much anything she felt was worth photographing. Consequently, she had several terabytes of data stored in her Google Drive.
Apart from their grief and worrying about how to bury her, her family has encountered another challenge; they can't access any of these things because Lolade's passwords are either obsolete or unavailable.
In a world where everything is pretty much digital, a lot of us stand to put our loved ones in the same shoes as Lolade's.
In times past, historians used texts, pictures, and many times, word of mouth testimonials to piece history together. But with the advent of technology, anything one could want to learn about the world is on the Internet.
By 2025, it is estimated that more than 445 exabytes of data would have been generated on the Internet. All of this is pulled from different places: from social media platforms to messaging platforms to Internet of Things (IoT) devices to sites we've visited.
Humans are creating digital diaries of themselves every single day. A seldom asked yet important question is what happens to our data when we die?
This question is made more important by our perception of death while we go through life. In Africa, where death is not a welcome discussion topic, we quickly reject it and rain curses on unseen enemies as we belt out songs and scream prayers against them.
What the law says
Technically, you have no rights to your data upon your death. Laws like the Nigeria Data Protection Regulation and the European Union's General Data Protection Regulation protect the data of living people.
If, for example, you ask Google to delete your account when you die, while the company would do that, it's very likely that data from your account probably still exists on the cloud or in their servers.
So rights that you enjoyed while you were still alive, like being able to request the total deletion of your data, your consent being required before your data is transferred or used in a different manner, no longer exist.
For platforms like Google and Facebook, which claim to aggregate and anonymise data, your data would probably form part of a large dataset that they could sell to third parties or use for other things.
What else can you do? Let's go back to Lolade.
Data protection for the dead
By 2100, an estimated 4.9 billion dead users would be on Facebook, making it arguably the world’s largest memorial. Lolade has become part of this statistic; her profile, another one of many that would never see action by her hand again.
But if she has made some arrangements, her family members or friends can still manage some of her accounts.
Ordinarily, the Terms of Service, which she agreed to, bars third party users like her family from gaining access to her profile data. Since 2009, Facebook began memorialising profiles of dead people. To do this, anyone could send a death certificate to the platform. When that is confirmed, the profile is marked as "remembering", no one is allowed to log in to the account, and birthday notifications, among other things, are turned off.
In 2019, Facebook announced that it would be using AI to identify profiles of dead people. It also restricted the ability to request memorials to only family members and close friends. The year before, the parents of a dead German girl who had sued the platform in 2012 to gain access to her account after it had been memorialised won their case. Around the same time, Facebook introduced legacy contacts.
These legacy contacts are persons you trust to manage and look after your account upon your passing. They can accept friend requests, change your profile picture and cover photo, and decide who can post tributes. They can’t log in as if they are you and start making changes like deleting photo albums or posting new status messages.
You can also set your profile to "delete after death" if you don't want the former option.
So for Lolade, who had no idea she could do this on her Facebook account — or probably didn't care — her family members would have no access to her profile to retrieve pictures and important data, among other things.
With Google, the same process applies through what the company calls an Inactive Account Manager service. You can activate this on the Data and Privacy column of your Google Account when you click "Make a plan for your digital legacy" at the very bottom.
Google proceeds to ask you a bunch of questions, including how long after your account remains inactive would you want the service to kick in (3, 6, 12, and 18 months), your legacy contacts (up to 10), what apps each of them is restricted to, how long they can have access.
Of course, Google would send a nudge to you after some time of inactivity to ensure you've actually kicked the bucket and not just gone off-grid. You can also set it to delete your account upon death, giving your legacy contacts three months to download whatever they want.
Apple also has a similar process.
For Twitter, verified family members or authorised trustees would have to specifically request that the deceased's profile be deactivated. They would have no access to the person's dashboard or Direct Messages.
Transferring legal rights to assets
Apart from your social media accounts, you have digital assets like the ebooks you bought on your Kindle, your songs on iTunes, your movies on Amazon Prime, and, of course, your savings and investments in cryptocurrency, online apps, among others.
Unfortunately, with digital assets like ebooks or songs, what you have is a licence to use as you do not outrightly own these things; your licence dies with you and is non-transferable. Platforms like Amazon only go dormant if the account is inactive. However, it can be reactivated by logging in again.
You can also choose to set up a digital will. This would involve you bequeathing whatever assets you deem necessary to anyone you want. It could also contain a link to a password to an account containing all your digital assets, username, and password. The will could also determine how your data is used after you die.
In the Lolade example, she could have had her lawyer draw up a will setting out how she wanted her data to be used after her death. She could also have added how she wanted her investments to be shared and the access code or password to the document(s) or cloud where she stored them. These digital assets constitute choses in actions.
Side note: A chose in action is a personal right in property that can only be enforced by taking legal proceedings and not by taking physical possession.
Still wondering what could happen to your data after you die if you don't take action now? This story about a lady who made a chatbot to chat with her dead friend is equal parts heartwarming and concerning.