Your Digital Legacy: States Grapple with Protecting Our Data After We Die
http://techland.time.com/2012/11/29/digital-legacy-law/?hpt=hp_t3
This is quite interesting to me on more than one level. When my dad died a number of years ago he left quite a few on-line accounts that were now locked out because he was good and didn’t write down or share his passwords. We were never even totally sure that we identified all his accounts and my mom opted not to hire a forensic analyst to go over his machine (perhaps figuring ignorance is bliss, we never really discussed it). I think about my ‘digital legacy’ and what would happen to it if something happened to me, but haven’t got around to creating any sort of way to deal with it. In principle I think that what is needed is a secure on-line lock box that can be easily updated, but is also impossible to access without authorization. What I envision as I sit here hammering out this blog post is something with several keys to decrypt, one of which is placed in a safety deposit box somewhere to be retrieved in the event that something were to happen. The idea being that the data stored is encrypted in such a way that the entity storing it has no way to recover it, so no worries about it being stolen, but also encrypted in such a way that the data can be updated at regular intervals as new passwords and/or accounts are made and the safety deposit box key remains valid.
Of course, this data is still vulnerable to key stroke loggers, shoulder surfing and plain old guessing (one has to be able to remember the password in order to keep it updated), so it doesn’t necessarily provide more security than keeping all that stuff written down in a fire proof safe somewhere.
Tain’t an easy problem, I don’t think!