Kids, Death & Digital Identities
Copyright 123RF

Kids, Death & Digital Identities

Updated April 21, 2024

This article is a follow on from "Death & Digital Identity" diving deeper into the waters of children, their digital identities, risks and liabilities when they die. I strongly suggest readers skim the first article before reading this one, as I'll use terms like SOLICT, LSSI, PIAM, TODA, capability files, et al.

Bottom line of this article: Kids are at the forefront of the digital revolution. Thus, they have new risks and liabilities associated with them when they die. I'll use use cases of John Doe, son of Jane Doe, to illustrate what's quickly coming at us.

Note: It's complicated to explain - thus this isn't a quick read.

John Doe When He Was Alive

In the not so distant future John Doe will:

All of the above is like science fiction I was reading about when I was a young child growing up, i.e. I'm old, and the world has dramatically changed. Now come with me on a journey when John tragically dies young. Let's start simple and move to the complex...

John Dies Without Having Any Digital Identities, Belonging to Social Media or Having His Data in Commercial Databases

The new death certificate process as described in "Death & Digital Identity" occurs:

  • His legal identification is confirmed by the medical examiner using his fingerprints and iris if available
  • His relationship with his mother, Jane Doe, is confirmed via his SOLICT/LSSI and the CRVS (Civil Registration Vital Statistics) system
  • Automatic notification to governments will occur from the new age CRVS, e.g. to social services, health etc.
  • If John was covered under life insurance, and/or had bank accounts etc., these types of commercial enterprises will likely automatically be notified either by the CRVS or by a death notification service from his SOLICT
  • Insurance claims will likely be made, and if all is good, the claim will be paid
  • Jane then must cope with John's death and move on in her life

Now let's begin to make it more complex in stages...

John's Biometric/Behavioral Data Has Been Captured and Stored in Large Commercial Databases

As described in "Young Children’s Data Privacy Challenges in the Tsunami Age" John's fetal data all the way through to his untimely death will be stored in one or multiple commercial databases. Here's my first dumb question to legal experts, insurers, privacy folks et al: "Who owns and controls the data once John dies?"

To provide perspective to this question, watch this heart wrenching video of a South Korean woman interacting with her dead daughter via a virtual reality (VR) environment. All of a sudden, John's data has commercial value post death. It will likely be used by companies to make money selling services to the family of John Doe, BUT ALSO BY CRIMINALS WHO WILL WANT TO MASQUERADE AS HIM. To see examples of this today, skim "Synthetic Identity Fraud - 1 Million Kids a Year".

To mitigate risk of this "stuff" occurring to banks, insurance companies, et al, requires the following new legal tools:

  • SOLICT/LSSI to legally identify John Doe and his mother Jane Doe
  • A legal consent trail for all consents given on John's behalf, by his mother Jane, for use of his legal identity, behavioral, biometric and other data, in John's SOLICT file
  • A rethinking of corporate agreements between John/Jane Doe and corporations on how John's data can be used post death
  • New laws/regulations addressing the above, which are enforceable around the planet (today this is a joke considering the 0.5% success rate of prosecuting cybercrime)

Now, let's add some more complexity...

John Belonged To Several or More Social Media Groups

Tiktok, etc. are places John liked to belong to. He interacted with kids and adults around the planet, each and every day. Pushing aside for the moment the issues raised in the previous section about his data, how is the social media groups notified he's died? Answer - in today's world it's a whopper mess, e.g. this article describing Facebook's dead members.

Here's my next point - there are liabilities to not only the social media companies but also to insurers, banks et al when criminals obtain access to John's accounts, and are able to masquerade as him.

Solution - adopt SOLICT/LSSI and give people, governments and companies a new set of legal tools to mitigate risk. Thus, by law, or by John/Jane's choice or, by commercial consent contracts agreed to when John joined say TikTok, they would be automatically notified by the CRVS or John's death notification service if and when John dies.

So, if John lives in Jurisdiction A, and tragically dies in Jurisdiction B, then his death notification would be established by CRVS Jurisdiction B. This hypothetically could result in them notifying CRVS Jurisdiction A of his death, which in turn automatically notifies registered entities of his death or, perhaps John's SOLICT/LSSI is updated, which in turn triggers his PIAM to notify registered entities like TikTok, etc.

Consent agreements will likely need to be rethought such that upon death, account termination and restricted use of John's data occur. My points:

  • Over time, much of this will be automated leveraging the SOLICT/LSSI framework leveraging TODA capability files
  • Social media's consent frameworks will substantially change due to regulation, leveraging SOLICT/LSSI, with parental/legal guardian consent, to varying degrees, based on choices by the parent. KIDS WON'T LIKE THIS. Yet, until they come of age, controls must be available to protect them and their data

Now let's make it more complicated...

John Has Several Physical and Virtual AI Bots

Depending on risk, these might or might not be required to be legally registered. Here's a hypothetical registration process for these, given John's a legal minor, as I see it:

  • Jane Doe, with her consent, provides to the local CRVS, her and John's LSSI devices, their legal identity information
  • They may or may not also be required to provide their forensic biometrics to confirm their identity
  • Assuming this is good, the CRVS then checks all other CRVS systems around the planet, to see if the bot is already registered by querying the bot to see if it has a legal identifier and, if so, then doing a global search to confirm its identity, plus who it's owned by and/or associated with
  • Assuming this all checks out, the CRVS then registers the bot by writing a unique identifier to its source code (read page 11 of “Creating AI Systems/Bots Legal Identity Framework”. it then registers the bot against John's identity with Jane in control of the bot, via TODA Capability files issued from Jane's PIAM to John and on to the bot

John's bots then continuously acquire data on John. Where this data is stored and how it's used are very important legal and privacy questions which need to be answered and regulations created protecting John's data privacy.

As an aside, skim pages 16-17 Learning Vision Flyover". In it, I discuss where Jane Doe's learning data will be stored in his LDV (Learner Data Vault). Then skim pages 383-401 in Cost Centres - Rethinking Legal Identity & Learning Vision", where I discuss challenges with this including cost, operations et al.

Here's the point I want regulators, legal, privacy, security and insurer folks to note. SOLICT/LSSI devices, plus the framework depicted in the diagram, offers a whole new set of legal tools to begin rethinking a person's data, consent, where it's stored and how it's used, which will work anywhere on the planet. It applies to John as well.

So, upon John's death, in addition to his death notification being sent to governments, insurers et al, it also could be sent to his school. Further, it can automatically stop or reduce use of the bot by generating data, making decisions, et al, long after John's dead.

These new tools give insurance companies, banks and his mother Jane, new ways to mitigate risk of John's bots being misused by criminals et al.

Legal questions regulators need to figure out is what new laws/regulations are required addressing death of a legal minor and how their associated bots are handled.

Now let's finish up with John still alive but undergoing digital death...

Digital Death And John In His Learning in the Not So Distant Future

As described in "Death & Digital Identities", a person can still be alive, yet suffer a cyber-attack effectively limiting their ability to function in society, i.e. "digital death". Let's examine a couple of hypothetical examples in the not so distant future

John's Unable to Learn

The cyber-attack might prevent John from being able to learn. It might not only affect his identity in his learning environments, but also his learning bots, et al. Depending on the situation and the gravity of the attack, insurers might be liable.

John's Health Digital Twins et al Enable Him Not Being Able to be Treated

If John's medical digital twin is compromised, it conceivably could lead to his death, which results in liabilities for the insurer.

It Requires a New Legal Toolkit Which Works Both Locally as well as Globally

All of the above requires a SOLICT/LSSI/PIAM framework for humans, rapidly emerging smart digital identities of ourselves, AI systems and bots. With this regulators, insurers, and people can mitigate the risk of digital death for a legal minor.

Skim "Rethinking Human Legal Identity" to see the architecture.


Architectures & Costs Addressing The Above

My Message To Government & Industry Leaders

SUMMARY - YES IT'S COMPLICATED!!!!!

When a child dies, it's hard for survivors to deal with. Here's my message - it's rapidly becoming even more complicated, and potentially heart wrenching than it already is. It also carries with it new risks and liabilities to survivors, insurers et al. Thus it requires a new legal toolkit offering insurers new legal tools.

Leveraging SOLICT, LSSI, PIAM, rethought consent/legal contracts, leveraging TODA capability files:

  • Regulators can rethink laws and regulations pertaining to child legal identities with their associated bots and data
  • Insurers can mitigate risk from liabilities due to the death of the child
  • Parents and survivors can be assured their loved one's legal identity and data is protected and not being misused
  • Privacy is achieved post death

Contact me if you'd like to discuss this.

About Guy Huntington

I'm an identity trailblazing problem solver. My past clients include Boeing, Capital One and the Government of Alberta's Digital Citizen Identity & Authentication project. Many of my past projects were leading edge at the time in the identity/security space. I've spent the last eight years working my way through creating a new legal identity architecture and leveraging this to then rethink learning.

I've also done a lot in education as a volunteer over my lifetime. This included chairing my school district's technology committee in the 90's - which resulted in wiring most of the schools with optic fiber, behind building a technology leveraged school, and past president of Skills Canada BC and Skills Canada.

I do short term consulting for Boards, C-suites and Governments, assisting them in readying themselves for the arrival of AI systems, bots and AI leveraged, smart digital identities of humans.

I've written LOTS about the change coming. Skim the over 100 LinkedIn articles I've written, or my webpage with lots of papers.

Quotes I REALLY LIKE!!!!!!:

  • We cannot solve our problems with the same thinking we used when we created them” – Albert Einstein
  • “Change is hard at first, messy in the middle and gorgeous at the end.” – Robin Sharma
  • “Change is the law of life. And those who look only to the past or present are certain to miss the future” – John F. Kennedy

Reference Links:

An Identity Day in The Life:

My Message To Government & Industry Leaders:

National Security:

Rethinking Legal Identity, Credentials & Learning:

Learning Vision:

Creativity:

AI Agents:

Architecture:

AI/Human Legal Identity/Learning Cost References

AI Leveraged, Smart Digital Identities of Humans:

CISO's:

Companies, C-Suites and Boards:

Legal Identity & TODA:

Enterprise Articles:

Rethinking Enterprise Architecture In The Age of AI:

LLC's & AI:

Challenges With AI:

New Security Model:

DAO:

Kids:

Sex:

Schools:

Biometrics:

Legal Identity:

Identity, Death, Laws & Processes:

Open Source:

Notaries:

Climate Change, Migration & Legal Identity:

"Human Migration, Physical and Digital Legal Identity - A Thought Paper

Fraud/Crime:

Behavioral Marketing:

AI Systems and Bots:

Contract Law:

Insurance:

Health:

AI/AR/VR Metaverse Type Environments:

SOLICT:

EMP/HEMP Data Centre Protection:

Climate:

A 100,000-Foot Level Summary Of Legal Human Identity

  • Each person when they’re born has their legal identity data plus their forensic biometrics (fingerprints, and later when they can keep their eyes open – their iris) entered into a new age CRVS system (Civil Registration Vital Statistics - birth, name/gender change, marriage/divorce and death registry) with data standards
  • The CRVS writes to an external database, per single person, the identity data plus their forensic biometrics called a SOLICT “Source of Legal Identity & Credential Truth). The person now controls this
  • As well, the CRVS also writes to the SOLICT legal identity relationships e.g. child/parent, cryptographically linking the SOLICTs. So Jane Doe and her son John will have cryptographic digitally signed links showing their parent/child. The same methodology can be used for power of attorney/person, executor of estate/deceased, etc.
  • The SOLICT in turn then pushes out the information to four different types of LSSI Devices “Legal Self-Sovereign Identity”; physical ID card, digital legal identity app, biometrically tied physical wristband containing identity information or a chip inserted into each person
  • The person is now able, with their consent, to release legal identity information about themselves. This ranges from being able to legally, anonymously prove they’re a human (and not a bot), above or below age of consent, Covid vaccinated, etc. It also means they can, at their discretion, release portions of their identity like gender, first name, legal name, address, etc.
  • NOTE: All consents granted by the person are stored in their SOLICT
  • Consent management for each person will be managed by their PIAM “Personal Identity Access Management) system. This is AI leveraged, allowing the person, at their discretion, to automatically create consent legal agreements on the fly
  • It works both locally and globally, physically and digitally anywhere on the planet
  • AI systems/bots are also registered, where risk requires it, in the new age CRVS system
  • Governance and continual threat assessment, is done by a new, global, independent, non-profit funded by a very small charge per CRVS event to a jurisdiction to a maximum yearly amount.

A 100,000-Foot Level Summary Of The Learning Vision:

  • When the learner is a toddler, with their parents’ consent, they’ll be assessed by a physical bot for their learning abilities. This will include sight, sound, hearing and smell, as well as hand-eye coordination, how they work or don’t work with others, learning abilities, all leveraging biometric and behavioral data
  • All consents given on behalf of the learner or, later in the learner’s life by the learner themselves, are stored in the learner’s SOLICT “Source of Legal Identity & Credential Truth
  • This is fed into a DLT “Digital Learning Twin”, which is created and legally bound to the learner
  • The DLT the produces its first IEP “Individualized Education Plan”, for the learner
  • The parents take home with them a learning assistant bot to assist the learner, each day, in learning. The bot updates the DLT, which in turn continually refines the learner’s IEP
  • All learning data from the learner is stored in their LDV “Learner Data Vault”
  • When the learner’s first day of school comes, the parents prove the learner and their identities and legal relationship with the learner, via their LSSI devices (Legal Self-Sovereign Identity)
  • With their consent, they approve how the learner’s identity information will be used not only within the school, but also in AI/AR/VR learning environments
  • As well, the parents give their consent for the learner’s DLT, IEP and learning assistant bot to be used, via their PIAM (Personal Identity Access Management) and the learner’s PIAM
  • The schools LMS “Learning Management System” instantly takes the legal consent agreements, plus the learner’s identity and learning information, and integrates this with the school’s learning systems
  • From the first day, each learner is delivered a customized learning program, continually updated by both human and AI system/bot learning specialists, as well as sensors, learning assessments, etc.
  • All learner data collected in the school, is stored in the learner’s LDV
  • If the learner enters any AI/AR/VR type learning environment, consent agreements are created instantly on the fly with the learner, school, school districts, learning specialists, etc. 
  • These specify how the learner will be identified, learning data use, storage, deletion, etc.
  • When the learner acquires learning credentials, these are digitally signed by the authoritative learning authority, and written to the learner’s SOLICT.
  • The SOLICT in turn pushes these out to the learner’s LSSI devices
  • The learner is now in control of their learning credentials
  • When the learner graduates, they’ll be able, with their consent, to offer use of their DLT, IEP and LDV to employers, post-secondary, etc. This significantly reduces time and costs to train or help the learner learn
  • The learner continually leverages their DLT/IEP/LDV until their die i.e., it’s a lifelong learning system
  • IT’S TRANSFORMATIONAL OVER TIME, NOT OVERNIGHT


Great read Guy , thanks for sharing.

Like
Reply

To view or add a comment, sign in

More articles by Guy Huntington

Insights from the community

Others also viewed

Explore topics