let's talk about your digital remains!

As digital lives expand, the fate of online accounts, data, and assets after death remains legally fragmented. France leads with clear post-mortem data protection laws, while Germany lacks harmonized rules. Experts urge individuals to designate digital heirs and use legacy tools from services like Apple, Google, and Meta.

let's talk about your digital remains " When I die, delete my browser history." — Unknown When you die, there are lots of processes in place to deal with your body, your burial, your physical possessions, subscriptions and bank accounts. But what about your digital accounts and possessions? As our lives become more and more digital, taking these into account when tying up the affairs of a dead person is increasingly important. Think about it: This can involve e-mail accounts, social media accounts, messengers, LLM conversations, hard drives, cloud storage, crypto wallets, websites, your digital media licenses, intellectual property you released like four F OSS projects, for example , and more. In a broader sense, you might count browser history and other metadata, too What's interesting is that so many of these do not fall under the laws you might expect them to, like succession/inheritance law or privacy law. Services that offer you licensed content like Steam have made clear in the past that family members are unable to inherit the accounts or licenses, like they would with physical items. In terms of privacy and data protection, the GDPR applies only to living people, so you lose these rights upon death; the task of legislating the rights of the dead in these regards has been given to the Member States, which results in quite a patchwork of rights 1. This patchwork makes things difficult, because it means your European country can have different laws than another, and companies will have to see how to comply with them all. France, for example, has one of the most developed post-mortem data protection regimes in Europe. The French Data Protection Act the Loi Informatique et Libertés actively considers death in data protection and explicitly allows a person to give instructions regarding the retention, deletion, and communication of their personal data after death and appoint a person responsible for implementing those instructions. It mandates that controllers must follow the deceased's valid instructions, and heirs can obtain access to data necessary to settle the estate, to identify assets and liabilities, or to close user accounts and manage digital affairs. Germany, on the other hand, is pretty much the opposite: Protection of deceased persons' data arises from a combination of post-mortem personality rights postmortales Persönlichkeitsrecht concluded from civil law and constitutional law, inheritance/succession law, confidentiality obligations and possibly some sector-specific laws. It's a lot more complicated and full of holes for specific types of digital data. I wish we had a law like France has Regardless of when we might have a European law harmonizing this aspect across Member States, it's still important to ask yourself: Who is allowed to have access to your accounts and data after you pass? You might still want to give your younger sibling access to your Steam account later, or you need your spouse to be able to log in and keep a personal website up and running, or save pictures from the cloud. For this, you should make sure that the correct people can have access to your accounts in case of death, and know what to do with them. How you do that is up to you: You might set up something that automatically notifies them about how to access your accounts in times of death when you don't check in for a while, or you tell them a physical location where they can find the device passwords and the Master password to your password manager. I personally mention it in my when i die https://avas.bearblog.dev/when-i-die page. Remember to keep this information updated Some companies and services, like Apple, Google and Meta, offer settings about what should happen after your death usually called Digital Legacy tools, Inactive Account preferences, or Memorialization . You're able to set a successor/manager, deletion preferences and more, depending on the service. You have to dig a little in the settings, but if you're reading this right now, I encourage you to go find it. Good to know: Despite setting someone as a legacy contact, these companies might still request additional documents to prove that you really died. On the other hand, it's also okay to want things to be deleted, either by family members, or automatically by the platform itself. At CPDP 2026, I participated in a workshop about digital remains, and my discussion partner said that her Instagram feels so personal that it should be deleted upon her death, but something like a LinkedIn she'd keep up. So decide for yourself: What accounts do you want deleted, which ones can remain up/dormant? You should communicate this clearly in a way the people tasked with your digital legacy can see it, and talk to these people about it beforehand, if possible, or set it up in the settings. If you want to keep data up, is there a maximum retention period you want to set so that the data would be deleted afterwards? As a next step, you have to think about the future. The world will move on without you, and even right now as you are reading this, we are building tech that promises to bring people "back to life" via AI. Even just a decade ago, you likely couldn't have foreseen where we are at the moment with tech being trained to impersonate you. So where will we be decades down the line? That may require the restraints you set in a will to be more on the tech-agnostic side instead of just banning very specific processes and products. This is not just about the recent Meta AI https://futurism.com/future-society/meta-patented-ai-die-keeps-posting thing; there are several companies in this space, as it looks to be a profitable new market niche: Bereavement tech . So, how do you want your data to be processed? Do you want tech to be trained on it? Do you allow the platform, or your relatives, to train AI on your accounts and other data and media they have on you? Your account might keep posting for you as if you were still alive, generate selfies or videos with your likeness, or it will respond to messages people send to it so they can keep chatting with "you". :Side noteDoes this truly help the grieving process? I guess we'll have to find out. A physical removal of items, telephone numbers going out of business, and a burial help saying goodbye and accept the finality of it all. Yet social media accounts can exist visually unchanged for years afterward, as the platform may nudge you to message them, reminds you of their birthday, or shows memories from a couple years ago out of nowhere on your feed. If we soon have the option to have people posting as if nothing happened to them, they stay stuck how they were when they died forever. If you never have to deal with the deafening silence from the other party, do you ever really have to grapple with death? And will the person die a second time for you when they stop offering the model? Maybe that's something you wanna blog your thoughts about : It doesn't have to be so personal and focused on social media platforms as well. How about archives? Museums? You might laugh at the idea, but most stuff in museums is by ordinary people; we might not even know their name. Some people become famous after their death and their possessions and likeness are displayed for people to learn about them for example: Anne Frank . We get great insights from the things they left behind that they thought no one would read, and if we're honest, likely wouldn't have consented to be out there. This will increasingly happen with digital means. How okay are you with a holo-you or virtual avatar greeting people in a museum? You might not care about any of this at all - if you're dead, then what does privacy and the data matter? It's not like it can still affect you And that's fair. The views on this can be pretty diverse. Others see the digital remains as a digital version/informational "body" that should also be untouchable and remain undisturbed, and that there should be a general right not to "become a bot". Reading papers and studies about this topic is interesting, because it seems if you belong to the current older generations, you are more in favor of deleting it all, while the younger generations want to keep it up 2. This makes sense: They might have way more online friends they'd wanna keep this up for. Women seem more in favor to deleting everything than men are , which I can totally see; women tend to make a lot of negative experiences online that center the loss of control over their data and misuse of it. Death, without being able to lock down or delete anything based on developments online seems like the biggest loss of control of all. There are country and cultural differences as well. 2 fn-2 Unfortunately, unless you control the data your own Mastodon instance, your self-hosted personal website, etc. , you are reliant on these services to heed your/your loved ones' requests about this. As the big social media companies' business model relies on data harvesting and using existing data for new projects and growth, this might be a hard fight in the future, as they see it as their property. Companies can hold the data hostage because of a lack of laws in your region and no goodwill from their side. There have also been cases already where the companies have refused giving access of a deceased's account to the relatives until a court decided https://www.lto.de/recht/hintergruende/h/bgh-iii-zb-30-20-digitaler-nachlass-erben-bekommen-zugriff-auf-facebook-konto they had to. How many would just give up? conclusion For good digital hygiene, we should remember death and make it as easy as possible or sensible for the people we leave behind to get the access they need to manage our stuff how we want them to. Organize your data well maybe you also want to do some recurring digital version of Swedish Death Cleaning https://en.wikipedia.org/wiki/Swedish death cleaning ? , leave instructions, set emergency/legacy access when available, include digital assets in your will, decide how your data is allowed to be used after death, especially around AI replicas. Families should talk about this openly, and relatives and nurses should learn to ask affected parties about these things. Previous related entry: plans for your blog after you die Reply via email mailto:avas.space@tuta.com Published France is very invested in this aspect and its data protection authority CNIL has made it one of their main points and even wrote a paper https://www.cnil.fr/sites/default/files/2025-11/cnil 10th ip report.pdf on it. ↩ fnref-1 The CNIL paper https://www.cnil.fr/sites/default/files/2025-11/cnil 10th ip report.pdf has some study summaries about this on page 15. Generally speaking, another good study to read is this one https://www.tandfonline.com/doi/full/10.1080/13576275.2025.2451093 d1e443 . ↩ fnref-2