Making arrangements for what should happen in the event of our death is quaintly referred to as “putting our affairs in order”, but that order is becoming more difficult to achieve. While in the past, we might have left information on a piece of paper under lock and key and advised a family member or friend, sprawling digital legacies make for a far more complex process. We’re encouraged to store our communications, passwords and photos with safe, cloud-based internet services, but once we’ve departed this world, it can be difficult for our loved ones to access them. Indeed, those entrusted with handling our affairs can have a hard time working out how much digital information even exists, let alone get hold of it. Weighing the privacy of the individual against the needs of the bereaved can be problematic, and technology firms are still trying to work out what balance to strike. Apple is the latest company to attempt some kind of solution with a feature called Legacy Contacts. Launched as part of the most recent system software update for iPhones, iPads and Macs, it allows you to generate access keys for up to five friends or family who are then permitted to access information stored by Apple in the event of your death. Prior to Legacy Contacts, Apple was known for its rigorous protection of the data of the deceased, and found itself on the losing side of a number of court cases as bereaved relatives fought to gain access to photos, videos and written material. “It’s really hard, because it’s a collision of intellectual property law, contract law and probate law, some of which varies from country to country,” says Elaine Kasket, bereavement lead at the Digital Legacy Association, and author of <i>All the Ghosts in the Machine: Illusions of Immortality in the Digital Age</i>. “And with the digital side of things getting as complex as it is, it can be really hard to tie up loose ends. You need somebody who knows what they're doing to act as a digital executor.” Tech firms are trying to make it easier. Facebook has a similar system with the same name – Legacy Contact – where you can appoint someone to look after your memorialised account. Google’s somewhat bluntly-named Inactive Account Manager also lets you nominate someone who can be assigned any content stored on Gmail, Google Photos and YouTube. Other companies such as Dropbox and Microsoft are also trying to tackle this issue. But handing over data to a bereaved person in exchange for a death certificate comes with its own problems. As Kasket points out, there are the privacy rights of living people to consider, too. “One of my concerns with respect to getting into people's accounts – whether through a legitimised way like Legacy Contacts, or through the identity impersonation that bereaved people have to do all the time – is that a healthy percentage of the things they can access also involve other people’s data, such as emails, messages and contacts,” she says. “Those living people have their own expectations of privacy, and I don't like the idea of that being compromised.” Perhaps because of the nature of the court cases they have found themselves embroiled in, Apple’s Legacy Contact system does allow access to what Kasket describes as the “sentimental stuff”, ie photographs and digital memorabilia. What it doesn’t unlock are the things that would traditionally be bequeathable, such as purchased digital music, books, films or games (those licences expire on death) or the “practical stuff”, ie the logins and passwords to accounts which would make it easier to execute a will and close down an estate. It’s an anomaly, but not one that can easily be solved. To compound these problems, as the technology surrounding privacy changes, the process of putting our affairs in order becomes an ongoing one, rather than something we spend an afternoon doing. Take an example of someone who sets their current partner as a Legacy Contact, but the relationship ends and they forget to update it; all of a sudden, there may be an embittered ex-spouse able to access data against the probable wishes of the deceased. Then there’s the effect of new online security measures, such as two-factor authentication, where access codes are sent to smartphones. That list of passwords you provided in the event of your death suddenly becomes useless, because your loved ones may not have access to the smartphone the codes are being sent to. The data of the deceased is valuable. For the companies holding it, it can be used to infer things about living users who are still monetisable. For the bereaved, it has huge emotional value that simply can’t be measured. But while the tight security around that data can be infuriating and upsetting, it can also be extremely necessary, and that’s what makes the issue so complex. “These days, you have dates of death circulating on the dark web,” says Kasket. “There's a window of exploitation that can occur between the date someone dies and the family being able to get their heads around what to do with their data. In that period of time, there could be assets that are vulnerable.” The best we can do to stay on top of this is to devote time to making our wishes clear, and revising and checking them from time to time. It goes against human nature, because our eventual death is never something we like to think about, but regularly doing so might save those we leave behind a great deal of stress and anguish.