Recent Comments

A solution for the “send email to relatives when I die” problem

November 24th, 2008

We all have a bunch of data online, and I know I have asked myself a few times - what would happen to all that when I die? Some information, I would like to be sent to my family, for example, my Bank Account details. There are a bunch of services that do this death notification thing, but most of them do it wrong.

What they do is that they send you an email every 6 months or so, and if you do not reply to this email, then they assume you are dead. This is retarded. I may have just gone on holidays, or I may be sick, or changed my email account or something - just because I don’t answer a notification does not mean I’m dead.

My solution is better, and does not involve any notifications. It goes this way:

When people sign up for the service, they enter a bunch of email addresses from different people, for example:

1. Mother

2. Father

3. Best friend from high school

4. Business Partner

Important is that the people are trustworthy people, and that they do not know each other very well. Each person receives a notification email, saying they have been added to the service, and that when I die, they will have access to the information within.

When I actually do die, any one of those people goes on the site, and pushes a button : “Mark is dead”. When this button is pushed, an email gets sent to everyone in the notification list (with a 2 week delay), and everyone is asked to confirm that I am indeed dead. If everyone confirms it, then the information is released.

This method works because your mum is never going to go into conspiracy with your business partner to gain access to your information.

Category: Thought Experiments Comments
  • Dustin D.
    It looks like there's a website out there that does that - http://www.ifidie.org. i don't know if it's functional - it looks like it was just built...
  • Wouter
    What if people on the confirmation list die?
  • This would make sense as the baby boomer generation gets older, but not right now. The children of baby boomers are more likely to use a service like this. But I'm not sure if a "death service" is something that everybody would want to think about right now.
  • It seems to me that a plurality or majority (say, 60%) would have to suffice - otherwise, what if one of the included parties precedes the user of the service in death, or just changes their primary e-mail address? Everyone could be locked out because of the choice or happenstance of a party whose only purpose is validation, the exact opposite of what you really want.
  • Mattie
    Maybe integrate a Twilio phone call or two just to be sure you get ahold of the right people. Also, I'd have it email you and call you to confirm you really are dead yourself.
  • This would also make a great vengeance contract.

    You can't kill me or xxx information will get out.

    Just sayin'.
  • Chris
    The failure modes of this system, added up, will apply to nearly 100% of all users:

    1) All four forget the service exists, with probability increasing the longer you don't die
    2) One or more will change their email address and not update it with the service
    3) One or more will die before (or in the same plane crash as) you
    4) All four lose their login credentials
    5) The service itself will die before the majority of its customers are served
  • Your points are very true. Let me think a bit and see if I can come up with solutions.
  • Chris
    I've personally looked at the problems of solving #5 after hearing about the Dead Man's Switch web site, and posed it on Stackoverflow.com:

    http://stackoverflow.com/questions/92638/self-owning-web-services-or-services-that-can-survive-the-death-of-the-inventor
  • Okay, what about this solution, which will solve the first 3 problems: When a person says that "Mark is dead", ALL the people to be notified have to reply the email within some weeks. If they do not reply at all for some weeks, then their opinion is discarded. If nobody replies, the information gets released.

    For problem #4, the email link will contain the login information.

    And the solution for #5, you have already!
  • Chris
    #5 didn't really get solved, it only became apparent that a service can't be made perpetual.

    But data can. Consider this:

    1) The information to be released on the event of your death is sent while you're still alive to all of the intended recipients, while you know their email addresses are still good.

    2) That secret was encrypted into fragments using the Secret Sharing algorithm developed by Adi Shamir (http://en.wikipedia.org/wiki/Secret_sharing)

    3) The secret is divided such that 60% or 70% of the recipients must get together and combine their fragments to reconstruct a legible secret. This is so the system can survive the loss of 30-40% of the members of your circle.

    4) On the event of your death, the surviving recipients combine their pieces and the secret is revealed.

    The service only has to exist for a few minutes at the beginning, when you upload the secret and it encrypts it into fragments and sends them to the recipients. After that, the service is no longer needed.




  • I'd be nervous about this in some way. I'd feel that somehow some advanced computing technique would come up where a couple of the recipients could come together and decode all my secrets while I'm still alive.
  • Chris
    It's more likely that someone will hack into the service and uncover all secrets of all users.

    With Secret Sharing, only the recipients who were supposed to get the information anyway will discover the secret prematurely.
  • I know you're right logically, but the animal part of me does not want to hand over any part of my secrets to someone.
  • Chris
    But you're okay with handing them over to a web site? :-)

    Your service can advertise itself as being exactly what it is: a tool that can be used as part of a complete breakfast; an intelligent user with damaging secrets will have to come up with their own system, and your service is just a part of it. The system they design will have the failure modes they are comfortable with.

    Security has never been a product, so one of the best things you can do when you design a service like this is stop short of trying to be a complete solution.
  • loumf
    It should also send one to you where you don't need to answer, but can veto.
  • That's true, that would make sense. For example, it first sends you one AFTER one of your people has indicated you are dead. IF you do not reply after a few weeks, then it notifies everyone else.
  • Lloyd Dalton
    You're right, email polling to determine live-or-dead status is pretty dumb :)

    There's a website that implements exactly the multiple-redundancy scheme you describe:

    https://www.mywonderfullife.com/what_is_mwl/

    They call the trustworthy people "angels"
  • Ah well, I'm glad someone did this right :) How do your 'angels' know that you died?
blog comments powered by Disqus