Friday, November 23, 2012

What happens when a webmaster or digital account holder is out of reach? More follow-up needed

A notice I go by automated email from an ISP (Verio) recently, with updated terms of service, underscored a couple of points I have been concerned about before. 

One issue is what happens if a webmaster or account holder is unavailable (because of hospitalization or international travel, among other things) or passes away.  I discussed the issue at some length here on July 3, 2012.

The updated TOS mentioned that an account can be closed if the accountholder fails to respond to a contact request (email) within fifteen days, which may be business days.  This is probably representative of  industry practice.  (However, the last time I looked, I couldn't find this issue on Google or Blogger TOS.)  While the likelihood is remote of a contact attempt, it might happen because of some unusual complaint or change in security policy (such as a  new requirement to use stronger passwords).  The likelihood of such a need is reduced by Section 230 protections for the provider, as well as the provider’s capabilities under DMCA Safe Harbor.  (It might well have increased had SOPA passed.)  The TOS also mentioned the idea of indemnification.  Should the normal downstream liability protections in the law somehow fail, the account holder could be held liable for damages claimed on the service provider.  Book publishers also require such clauses with authors.  The probability that it would actually be invoked for an “average  user” is extremely low and remote, but could have increased under SOPA.  This could be more of an issue overseas. 

Service providers will, of course, terminate upon non-payment of renewal (credit card expiration), although some will retain backups with restore capability for a time thereafter. 

ICANN, as noted, requires that registrars check once a year with domain owners for accuracy of contact information.

I mentioned (on July 3, 2012) a blog called “Digital Passing” by Jim Lamm.  I urge visitors to try to read the blog in detail, although it could take some time and effort.    The blog entries deal with the problems that estate executors may face in gaining access to a deceased person’s digital “property”, particularly with respect to the way the courts have interpreted the 1986 Stored Communications Act, especially the Ninth Circuit.  There are many twists, turns and paradoxes in this issue. 

Generally, it’s a good idea for anyone to lay out in his will exactly what he or she wants done with digital property (by a "digital executor").  It’s a good idea to save contents (like backups of blogs, photos, videos, book manuscripts) on flash drivers or, even better, CD’s or DVD’s (optical storage) and hold them in a safe-deposit box with instructions.  Service providers  (including Facebook) may be very reluctant (because of the vagueness of the law and the quixotic treatment by the courts so far) to allow executors to get access to the accounts. It may or may not be legal for executors to gain access to accounts with passwords given to them – that is controversial right now, and courts seem to struggle with it.

Service providers, including social networking sites (Facebook, Twitter, Google+, etc.)  would do well to think through the possibility of facilitating executor access or substitute access by an authorized person in case of incapacity, sequestration, or extended travel. In a slightly different legal environment (were some form of SOPA to pass some day) it might even become legally necessary (and ethically necessary) for account holders to facilitate response should they be unreachable.  To do so, companies would need to come to a consensus on the privacy requirements in the law and might need to form a trade group to arrive at such a professional legal consensus.

Users may want to read the paper “A User’s Guide to the Stored Communications Act, and a Legislator’s Guide to Amending It” (2004), by Orin S. Kerr of the George Washington University Law School, link here.

It's probably prudent for account holders to make sure that they sign on to all their accounts at least once every two weeks if possible, check payment status, statistics (like Urchin or Analytics) and bandwidth use, and moderate comments.  

Let me note something else on “friending” and “following” (no, not "stalking").  On both Facebook and Twitter, it has become more common recently than it was two years ago for members to allow only friends or followers to see most posted content.   Generally, I will follow or friend new persons to learn of professional output (that is music, film, books, fiction, screenplays, software, computer security products, inventions,  public performances, etc.), not to follow strictly personal matters (like who someone is “dating”).  So this is not a matter for sitcoms.  At 69, given “competitive reality”,  I’m too old for “gossip”, although I do enjoy reading widecracks and viral humor on social media.  I think it’s a good idea to have separate “professional” and  “strictly personal” id’s and hashtags for social media, although Facebook policy (of only one “true identity”) might not allow this (Facebook does allow entities to register as companies and organizations, which I presume proprietors could use.) 

Update: Dec. 4:

On Sunday, December 2, Michelle Singletary has a column in the Washington Post, "A Promise to a Friend", about leaving affairs in order, physically, link here

No comments: