14 July 2020

Thawing and Access to Digital Records

As a precursor of postmodernism, Nietzsche quipped ‘Let us beware of saying that death is the opposite of life. The living is only a species of the dead, and a very rare species’. My 'Thawing-out Personhood: Australian Law and Cryonics' in (2020) 17(1) Canberra Law Review comments
The adoption of cryonics poses fruitful questions about personhood, consumer protection, trusts, taxation, crime, human rights and other law. Cryonics involves the long term storage of human cadavers at subzero temperatures with an expectation that in the indefinite future the legally dead will be ‘reanimated’. The article discusses the culture and law of cryonics in relation to Australia. It draws on Martha Fineman’s vulnerability theory to critique claims by proponents of cryonics, asking whether unsubstantiated claims regarding reanimation are unconscionable and necessitate a specific statutory prohibition. The article further considers the implications for health, welfare and other law if cryonics was practical. 
The piece begins
Lynn Stout’s elegant 'The Corporation as Time Machine: Intergenerational Equity, Intergenerational Efficiency, and the Corporate Form' offered a novel and persuasive analysis of one category of artificial person as a mechanism for transcending the finitude experienced by all natural persons. There is increasing interest in some Australian and overseas communities regarding cryonics – cold storage of humans for ‘reanimation’ at an undetermined future time – as a mechanism for transcendence on the part of natural persons. The adoption of cryonics poses fruitful questions about personhood, consumer protection, trusts, taxation, crime, human rights and other law rather than what the Stoics considered to be our mistaken fear of death. 
This article engages with questions about cryonics in relation to Australian law, arguing that existing consumer, succession and criminal law offers an effective framework for the regulation of a new technology and consequent shaping of social practice. As such it represents a substantive addition to Australian literature. 
Part I offers an introduction to cryonics, whose adherents expect that future advances in technology will enable the ‘revival’ of cadavers, in essence the unprecedented reinstitution of personhood. Part II draws on vulnerability theory in examining consumer protection issues, which range from outright fraud or negligence on the part of for-profit cryonics service providers through to questions about unconscionability in the marketing to vulnerable people of services that as of 2020 are empirically nonsensical. It touches on responsibility under Commonwealth, state and territory consumer protection and criminal law. Part III considers some implications for succession, health and welfare law if cryonics was practical. Part IV offers concluding remarks, including recommendations for coherent national regulation.
The NSW Law Reform Commission's report on Access to digital records upon death or incapacity recommends a new statutory scheme for NSW, which would allow access to a deceased or incapacitated person’s digital records in limited circumstances. 

 The Commission's Recommendations are - 

NSW needs a digital access scheme
 
2.1: A statutory scheme for NSW NSW should enact a statutory scheme that enables an authorised person to access a deceased or incapacitated person’s digital records in limited circumstances.
 
Scope and key terms of the statutory scheme
 
3.1: The scheme should apply where users are domiciled in NSW
 
The scheme should apply to a custodian, regardless of where the custodian is located, if the user is domiciled in NSW or was domiciled in NSW at the time of their death.
 
3.2: Key terms of the statutory scheme
 
The scheme should include the following definitions:
 
(1) “Authorised person” means the person with the right, under this scheme, to access particular digital records of the user.
 
(2) “Custodian” means a person or service that has, or had at the time of the user’s death, a service agreement with the user to store or maintain particular digital records of the user.
 
(3) “Custodian policy” means a statement of policy by the custodian, not otherwise incorporated in a service agreement, which relates to the digital records of the user stored or maintained by that custodian, and applies whether or not the user is alive or has capacity.
 
(4) “Digital record” means a record that: (a) exists in digital or other electronic machine-readable form, and (i) was created by or on behalf of the user, in whole or in part, or (ii) relates to the user, and the user had access to it while the user was alive, or (iii) relates to the user, and their representative had access to it during any period of incapacity, but (b) does not include an underlying asset (such as money in a bank account or the copyright in a literary work) or liability, unless the asset or liability is itself a digital record.
 
(5) “Incapacitated user” means an adult user who requires or chooses to have assistance with decision-making in relation to particular digital records of the user.
 
(6) “Online tool” means a tool provided by a custodian online that allows the user to give directions or permissions to a third party for managing the digital records of the user stored or maintained by that custodian.
 
(7) “Service agreement” means an agreement between a user and a custodian that relates to the digital records of the user stored or maintained by that custodian.
 
(8) “User” means a natural person who has entered into a service agreement with a custodian to store or maintain particular digital records of the user.
 
The authorised person and the extent of their access
 
4.1: Authorised person entitled to access a user’s digital records
 
The scheme should provide that:
 
(1) The authorised person entitled to access particular digital records of a deceased user is: (a) the person specifically appointed by the user’s will to manage those digital records: (i) in the case of a formal will, whether or not there has been a grant of representation of the will, or (ii) in the case of an informal will, only if there has been a grant of representation (b) if there is no person specifically appointed by the user’s will to manage those digital records, the person nominated through an online tool to manage those records (c) if there is no person specifically appointed by the user’s will or nominated through an online tool to manage those digital records, the executor of the user’s will: (i) in the case of a formal will, whether or not there has been a grant of representation of the will, or (ii) in the case of an informal will, only if there has been a grant of representation (d) if there is no will or no executor willing or able to act, and no person nominated through an online tool to manage those digital records, the administrator of the user’s estate (e) if no provision or order has been made, a person to whom the deceased user has communicated the access information for those digital records, but not where that person holds the access information as part of an employment or other contractual relationship involving remuneration for the activity, unless the user has indicated that the arrangement is to have effect after their death.
 
(2) The authorised person entitled to access particular digital records of an incapacitated user is: (a) any person appointed under: (i) an enduring guardianship arrangement that has effect, or (ii) an enduring power of attorney that has effect, but only in relation to those records that are: (iii) specified in the enduring guardianship arrangement or enduring power of attorney, or (iv) otherwise relevant to the person’s role either as enduring guardian or attorney (b) if there is no person appointed under an enduring guardianship or enduring power of attorney, any person appointed under: (i) a guardianship order, or (ii) a financial management order, but only in relation to those records that are: (iii) specified in the guardianship order or financial management order, or (iv) otherwise relevant to the person’s role as guardian or financial manager (c) if there is no person appointed under an enduring guardianship, enduring power of attorney, guardianship order or financial management order, the person nominated through an online tool to manage those digital records (d) if no provision or order has been made, the person with access information for those digital records, either because: (i) the incapacitated user has communicated the access information for those digital records to the person, or (ii) the person created those digital records on the incapacitated user’s behalf but not where the person holds the access information as part of an employment or other contractual relationship involving remuneration for the activity, unless that relationship is a paid carer relationship.
 
4.2: A person can apply to the Supreme Court of NSW for an order that they are the authorised person The scheme should provide that a person can apply to the Supreme Court of NSW for an order that they are the authorised person entitled to access particular digital records of the deceased or incapacitated user under Recommendation 4.1.
 
4.3: Extent of the authorised person’s access right
 
The scheme should provide that:
 
(1) For the purposes of determining the extent of the authorised person’s right: (a) “administering the deceased user’s estate” includes informal administration of the deceased user’s estate (b) “managing the incapacitated user’s affairs” includes informal management of the incapacitated user’s affairs, and (c) “deal” or “dealing” includes transferring digital records to the person entitled to them, but does not include editing the content of digital records.
 
(2) The authorised person entitled to access particular digital records of a deceased user may access and deal with those digital records: (a) subject to applicable fiduciary duties, and (b) subject to other applicable laws, and (c) subject to any terms of the following, as applicable: (i) the will (even where the authorised person is not the person named in the will), or (ii) the online tool, or (d) if there are no such terms, only for the purpose of administering the deceased user’s estate.
 
(3) If the authorised person entitled to access particular digital records of a deceased user also has authority over the user’s tangible personal property that is capable of holding, maintaining, receiving, storing, processing or transmitting a digital record, they are authorised to access and deal with the property and digital records of the user stored on it: (a) subject to applicable fiduciary duties, and (b) subject to applicable laws, and (c) subject to the terms of the following, as applicable: (i) the will (even where the authorised person is not the person named in the will), or (ii) the online tool, or (d) if there are no such terms, only for the purpose of administering the deceased user’s estate.
 
(4) The authorised person entitled to access particular digital records of an incapacitated user may access and deal with those digital records: (a) subject to applicable fiduciary duties, and (b) subject to applicable laws, and (c) subject to the terms of the following, as applicable: (i) the online tool, or (ii) an enduring guardianship or enduring power of attorney, which has effect, or (iii) the guardianship or financial management order, or (d) if there are no such terms, only for the purpose of managing the incapacitated user’s affairs.
 
(5) If the authorised person entitled to access particular digital records of an incapacitated user also has authority over the user’s tangible personal property that is capable of holding, maintaining, receiving, storing, processing or transmitting a digital record, they are authorised to access and deal with the property and digital records of the user stored on it: (a) subject to applicable fiduciary duties, and (b) subject to applicable laws, and (c) subject to the terms of the following, as applicable: (i) the online tool, or (iii) the enduring guardianship or enduring power of attorney, which has effect, or (iv) the guardianship or financial management order, or (d) if there are no such terms, only for the purpose of managing the incapacitated user’s affairs.
 
(6) In all such cases, the authorised person is deemed to have the consent of the deceased or incapacitated user for the custodian to disclose the content of the digital records to the authorised person.
 
4.4: Other obligations of the authorised person
 
The scheme should provide that:
 
(1) Where the authorised person entitled to access particular digital records of a deceased user is not the executor or the administrator of the user’s estate, they must do all things reasonably necessary to provide relevant information to the executor or administrator for the purposes of administering the user’s estate.
 
(2) Where the authorised person entitled to access particular digital records of an incapacitated user is not appointed under: (a) an enduring guardianship, or (b) an enduring power of attorney, or (c) a guardianship order, or (d) under a financial management order, they must do all things reasonably necessary to provide relevant information to a person so appointed for the purpose of managing the user’s affairs.
 
4.5: Improper disclosure of information
 
The scheme should provide that:
 
(1) It is an offence for an authorised person entitled to access particular digital records of the deceased user to disclose information about the deceased user, or another person, obtained in accessing those records, unless the disclosure is: (a) in accordance with the relevant instrument or order appointing the authorised person (b) for the purpose of administering the deceased user’s estate (c) necessary for legal proceedings (d) authorised by law (e) authorised by a court or tribunal in the interests of justice, or (f) disclosed to authorities as necessary to prevent serious risk to life, health or safety or to report a suspected serious indictable offence.
 
(2) It is an offence for an authorised person entitled to access particular digital records of the incapacitated user to disclose information about the deceased user, or another person, obtained in accessing those records, unless the disclosure is: (a) in accordance with the relevant instrument or order appointing the authorised person (b) for the purpose of managing the incapacitated user’s affairs (c) necessary for legal proceedings (d) authorised by law (e) authorised by a court or tribunal in the interests of justice, or (f) disclosed to authorities as necessary to prevent serious risk to life, health or safety or to report a suspected serious indictable offence.
 
Access procedures, liability limits and conflicting terms in custodian agreements and policies
 
5.1: Procedural requirements for access requests
 
The scheme should provide that:
 
(1) The authorised person entitled to access particular digital records of a deceased or incapacitated user may request access to those records stored or maintained by a custodian by contacting the custodian and providing proof of their authority.
 
(2) In relation to a deceased user’s digital records, the authorised person will prove their authority by providing the custodian with a copy of the following, as applicable: (a) proof of the user’s death (b) the formal will (c) in the case of a formal will that has not been proved, a statutory declaration establishing that the will is the user’s last valid will (d) the grant of representation (e) proof of the authorised person’s identity
 
(3) In relation to an incapacitated user’s digital records, the authorised person will prove their authority by providing the custodian with a copy of the following, as applicable: (a) the enduring guardianship or enduring power of attorney (b) the guardianship or financial management order (c) proof of the authorised person’s identity.
 
(4) For the purposes of Recommendation 5.1(2) and 5.1(3), a “copy” includes a copy in digital or other electronic machine-readable form.
 
(5) If, and only if, the authorised person is unable to provide proof of authority in accordance with Recommendation 5.1(2) or 5.1(3), authority will be proved by an order from the Supreme Court of NSW that states that they are the authorised person.
 
(6) A custodian may choose not to require the particular proof of authority set out in Recommendation 5.1(2) or 5.1(3). If the custodian chooses to require proof of authority, the custodian can only require a Supreme Court order where the authorised person does not provide proof in accordance with Recommendation 5.1(2) or 5.1(3).
 
(7) A custodian who receives a request from an authorised person, in accordance with Recommendation5.1, must provide access to the authorised person within 30 days of receipt of the request, unless the custodian can show that access is not technically feasible.
 
5.2: Protecting custodians from liability
 
The scheme should protect custodians from liability for acts or omissions done in good faith to comply with the scheme.
 
5.3: Protecting the authorised person from liability
 
The scheme should provide that:
 
(1) A person who: (a) purports to act as an authorised person under the scheme, and (b) does so in good faith, and without knowing that another person is entitled to be the authorised person in accordance with the scheme, is not liable for so acting.
 
(2) For the purposes of s 308H of the Crimes Act 1900 (NSW), access to or modification of restricted data held in a computer is authorised if it is done in accordance with the scheme.
 
5.4: Conflicting provisions in service agreements and policies
 
The scheme should provide that:
 
(1) Despite any other applicable law or a choice of law provision in a relevant service agreement or custodian policy, a provision in that service agreement or custodian policy that limits the authorised person’s access to particular digital records of the deceased or incapacitated user, contrary to the scheme, is unenforceable.
 
(2) Despite any provision, including a choice of law provision, in a relevant service agreement or custodian policy, the authorised person’s access to particular digital records of a deceased or incapacitated user, in accordance with the scheme, does not require the consent of the custodian and is not a violation or breach of any provision of the service agreement or relevant custodian policy.
 
5.5: NSW as the proper forum for disputes
 
The scheme should provide that, despite any forum selection term in the relevant service agreement, the courts of NSW with the relevant jurisdiction are the proper forum for disputes concerning the access to particular digital records of a deceased or incapacitated user, where the user is domiciled in NSW or was domiciled in NSW at the time of their death.
 
Changes to existing laws and other issues related to the scheme
 
6.1: Clarify that NSW succession and estate laws, and assisted decision- making laws, extend to property in digital form
 
(1) The definition of “property” in s 3 of the Succession Act 2006 (NSW) should be amended to include “property in digital or other electronic machine- readable form”.
 
(2) The definition of “personal estate” in s 3 of the Probate and Administration Act 1898 (NSW) should be amended to include “property in digital or other electronic machine-readable form”.
 
(3) The definition of “property” in s 3(1) of the Powers of Attorney Act 2003 (NSW) should be amended to include “property in digital or other electronic machine-readable form”.
 
(4) The definition of “estate” in s 3(1) of the Guardianship Act 1987 (NSW) should be amended to include “property in digital or other electronic machine-readable form”.
 
6.2: Amendments to NSW privacy laws to allow for the operation of the scheme
 
Amendments should be made to NSW privacy laws about accessing and managing personal information, to allow for the operation of the scheme.
 
6.3: Education about digital records and their management
 
Institutions and organisations already educating the community and legal practitioners about succession law, administration of estates, and assisted decision-making laws, should incorporate into their education programs information about digital records, and how they can be managed following a person’s death or incapacity.
 
6.4: Custodian procedures for access requests
 
Custodians should have transparent processes for handling access requests.