The Inactive Account Manager dApp (White blog)

New ideas and implementations

I’m working towards a new type of an Inactive Account Manager app or what some might call a “dead man’s switch”, that would assume control of my accounts when I become inactive. I want to build it with a decentralized smart contract on Ethereum, so no entity will control my data when I become inevitably inactive.

With such a contract, I can be assured that my music and writing, photos and personal things that I cherish will be left to my children, cryptocurrency and digital assets, or whomever I choose. Further, I have some accounts that my wife might need in order to get to some documents and legal stuff.

I contacted accomplished IT friends to help with the development and they right away asked me this question. “But why should everyone trust you manage their data.” Naively I thought I was trustworthy, but I realized that this was a major problem. Not only due to the fact that customers would not want to give the company access to all its accounts, but also that the centralization of data is not a good thing and this would definitely make the company vulnerable to attacks.

After digging further down the blockchain rabbit hole, a lightbulb came on in my head. A decentralized app, effectively an on-chain smart contract that interacts with off-chain databases could be the perfect solution.

How would it work?

1. A user enters the policy into the smart contract´s intuitive dashboard. Each account needs to be verified with the service providers.
2. The smart contract monitors user status at regular intervals. When the user is still active, the smart contract is “dormant” and does not prompt any activity.
3. If inactivity is detected, a verification process starts. Validators on the network communicate with each other and collect data from databases according to protocol.
4. If inactivity is confirmed the smart contract prompts execution of the policy that the user has set and communicates with the respective services, to collect, to delete or to leave data, as per the deceased user’s request.
5. Files are delivered, deleted and accounts closed.

For technical people, this diagram shows the process a little bit better.

Claiming data is a major pain for everyone:

In my research, I had already spent a lot of time contacting service reps of online account providers and through various portals. It didn’t take long to realize, that the verification process is a headache for everyone involved. For each one, I’d need to prove that the individual had died, and sometimes mail in hard copies of death certificates, proof of attorney, and each service needed to verify the status according to their own standards.

It’s a lengthy and painstaking process. It’s hard for the relative, complex and bureaucratic for the service, and liability risk is huge. Essentially the relative is trying to claim data from a system that is designed to protect it. I can’t imagine service reps enjoy this particularly much either, as I can imagine there is a lot of frustration and emotions. Understandably, the companies also have their policies to adhere to and care more about existing users, so in some cases is easiest for the companies to deny access to inactive users’ data.

We can solve this problem, simply, elegantly, and once and for all. If we create a smart contract that stores your will, what will happen to the data and the network ensures that your will is fulfilled.

The smart contract would store all policies in a secure manner, and then monitor a user's status via public records and databases, allowing all parties to reach a consensus about the status of the user, active or inactive. Doing so, the will of the user is to be executed in a simple manner. At the same time, security would be increased for users and services providers immediately and decrease the likelihood of false reporting and the network witnesses that the files are delivered to the rightful recipients.

Prior Art:

Inactive account managers exist today and the most advanced is Google’s IAM that allows users to set policies for their accounts and services they have signed up for, should they become inactive. However, Google IAM only works with services that are owned or operated by Google. In Google’s IAM case, you can choose recipients that will receive as many or as few of the documents as you want and an intuitive interface. Facebook offers you to appoint a legacy contact, that can assume some control of your Facebook if you pass away. So what’s the problem?

The problem is real and will only grow BIGGER!

The problem is that regular users have signed up with multiple online services. Not all services offer an “IAM” solution, and often it’s hard to set up or has limited functions. Secondly, often a relative would need to contact the service, provide a death certificate and proof of attorney that shows that the relative has permission to access the data. The respective service might reject or allow the request after review.

The second layer of the problem is also that your data, that under GDPR law is your property, is in the custody of a centralized party. This party does not share your interest in death, that is, they are more concerned with protecting your data than giving access to it. But the problem is simply put, the service provider decides what happens to your data if you have not set up a policy.

The third and perhaps the biggest problem on a macro scale is the accumulation of data stored online is increasingly getting bigger, more people are signing up, and we haven’t yet reached the cusp of when the first true online generation will age off.

To sum up:

• Managing your post mortem data rights is complex.
• The process of claiming or closing accounts is lengthy and stifling.
• It is costly for services to manage these requests and they are disincentivized to outperform the current state.
• The liability risk is huge for services.
• There are no witnesses that data is delivered due to limited visibility.

What are the benefits?

• Benefits for the User: Simple and secure way to manage your data policies and provide a clear overview. The will is followed.
• Benefit for the Relatives: Saves time and energy in the stages of grieving and is assured that the will of the deceased is being followed.
• Benefits for the Service Providers: Cost savings over time, saving on legal fees, compliance, and customer support. The contract should reduce the risk of liability as the responsibility is moved away from the service provider to the network-operated contract. The service provider can also focus on active users that are generating day-to-day revenue.
• Benefit for all: Witnesses — The network will witness that the data gets delivered or doesn’t get delivered. The contract state can be monitored to see if it has been executed fairly all messages have been delivered safely.

Operation and Governance:

Many different parties, both companies, and individuals will get value from the contract and need to be able to impact governance and security.

Therefore, the operator of the contract, the entity that ensures its integrity needs to be a foundation with a great level of transparency and can either be run as a non-profit or a for-profit foundation.

The code needs to be open-source and auditable by all parties, in order to maintain integrity and ensure fair play.

All participants should pay for the network and should be required to participate in its governance in rotation.

The sitting duck:

If you are a developer, investor, or entrepreneur, please get in touch.

Get Best Software Deals Directly In Your Inbox