Death and digital properties

A couple hundred years ago, it was possible to live and die leaving pretty much zero physical evidence of your existence. Except perhaps some kids. Today, though, someone with no identity footprint would be nearly unheard of. I’m even skeptical of companies that don’t have websites.

Now that so many of us have these broad digital presences — websites, email accounts, social media profiles, photos, videos, text — the footprints we leave behind may require some maintenance and planning. After all, your online self is as much a part of your life as your photo albums, household items, and collectibles.

Beyond keeping payment details updated, domains renewed, passwords secure, etc., we need to consider life’s “what ifs?” Or “hit by a bus” scenarios, as we’ve called them at a few places I’ve worked. What happens if you’re not there tomorrow? Maybe you moved on to a new job, left a relationship, or actually were hit by a bus!

Can anyone else access your accounts? Do you want them to? Did you want any of your online profiles or properties to be left accessible? Are there going to be business issues with websites or email accounts if domains were registered in your name and paid for by your credit card?

It doesn’t tend to be something we give a lot of thought to. Maybe once a year when you get a domain renewal notice. Or when a site has a security breach and you’re advised to change your password. But it’s something our team deals with regularly.

“So and so has left the company and…” begins a lot of emails we receive. Some employee has set up an account with their email address, registered the company’s domain(s), and paid for them with their credit card. And now no one knows the login, the email address no longer works, and the credit card has been cancelled.

If they’re lucky, they figure this out before the website and email stop working, but not always. As often as not the emails we get are somewhat panicked. But while we understand customers’ predicaments in these cases, we can’t just hand over the keys, so to speak. We need to authenticate who has access to the account, who owns the domains(s), etc., to prevent straight-up theft. You don’t want to end up dealing with one of these situations.

So, how can you keep your online properties up to date, and make sure those who need administrative access to accounts can get it when needed?

Note: InternetNZ has come out with this handy one-page checklist to help you get organized: Death and the Internet

  1. Avoid registering business accounts or domains with personal information
  2. What will happen if you can’t access an account or there’s a dispute
  3. What will happen if you die
  4. Just part of being a grownup

Avoid registering business accounts or domains with personal information

It’s pretty common for things like domains and social media accounts to be assigned to a primary person. Since you’re asked for personal details like name and email address (and sometimes have to provide an individual information rather than company information), it seems like a no-brainer to use your own details. If you can avoid that, do so.

Use an organizational email address that more than one person has access to. That way others will have the login, or at the very least can get and use a password reset email if needed.

If you have to use an individual’s name on an account, so be it, use yours or an administrative one, but be sure to include the organization’s name in the Company field as well. It provides some link to the company if we hear from someone who’s not the main contact.

Be aware when registering domains that the registrant or owner contact name is the legal owner of the domain. Even if the person worked for your company and registered the domain on behalf of the company. If the registrant contact says John Smith, it’s legally John Smith’s domain name.

If possible, register the domain under the company name, not a person’s name. Note that our system automatically adds the account contact information as the registrant information, but you can update that in your dashboard under edit contacts, or, in some cases (like ccTLDs), we can do it for you.

If possible, use a corporate credit card under the company or organization’s name. There’s (perhaps) a better chance of someone tracking its use and when expiry dates will need to be updated, for example. The more data points we have for the organization, the easier it will be to prove who owns or should have access to the account and domains.

When there’s an issue of account access, we request proof of ID for the account holder and a partial scan of the card on the account. Take a look at your account details and ask yourself if anyone else would be able to provide them if you’re not around to do so.

What will happen if you can't access an account or there's a dispute

At best, we require an assortment of proof of identification and ownership. At worst, if there seems to be an issue, or information isn’t clear, we lock down accounts while we wait for more information (for as long as necessary…even if your website and email are down).

That means no party can access it, which means if a credit card is invalid, domains can’t be renewed and may expire and be lost. If something goes wrong with DNS or hosting, a site may remain offline or emails will bounce. You can imagine this could be a serious problem for businesses.

If it’s just a customer who’s forgotten a password, we can send a password reset email, or do our standard authentication to help them get back into their own account.

If one party claims another party has left a company, for example, and they need access to the account for the domains, we will take a look at the account. We’ll see what evidence there is that the domains belong to the company. We’ll see what other domains are in the account. (We’re not going to hand over account access if there’s one company domain and 10 that appear to be personal and unrelated.) We will ask for authentication documentation for the company, alleged former employee, person asking for access, and whatever else we feel is necessary to prove ownership.

We take customer account security very seriously, which can be frustrating for some people. But just imagine someone was trying to get access to your accounts or domains. Would you want us to hand over access just based on an email saying, ”Let me in”?

What will happen if you die

That’s up to you. Some people may want their web properties’ content archived, or their friends or families might. Some people might want everything to eventually expire and be deleted. Some people might have secret accounts or profiles they don’t want anyone to know about.

It’s pretty common, in addition to a formal will, to have a more informal list of requests, bequests, or instructions. We’d recommend adding a section about your digital properties there.

We’re big fans of password management programs, and if you use one of those, there’s a good chance you just need to keep track of one password. Record it with your will and any related documents. Remember to update it when you update your password(s). Then someone will be able to maintain or remove your accounts.

(There are also a variety of sites and tools to help manage digital legacies. Whether it’s checking regularly whether you’re still alive or not, sending out posthumous messages to loved ones, providing a place for those who cared about you to memorialize you, or wiping accounts or files you don’t want anyone else to know about, handling our digital afterlives can be well covered.)

Remember, too, that a lot of work can go into sorting things out and tying up loose ends after someone dies, and the people left doing it are often tired, sad, and stressed. It’s a kindness to make these arrangements in advance.

Just part of being a grownup

Occasionally we complain that websites or apps want too much personal information from us when we try to set up accounts or start using them. But in general, it’s extremely easy to create new digital footprints online. It’s actually often harder to erase them.

Because of this, many of us give little thought to how broad our digital presences and properties actually are. Sure, many of us have plenty of little-used and abandoned accounts. They don’t cost us time or money (maybe a little email spam). But many of us do have online presences and properties that are important to us, and to others.

For various reasons, if and when we’re not around to take care of them, like any good property management, it’s the grownup and responsible thing to do to make sure someone else can.