Member-only story
Data Thieves Are Targeting Dead People’s Social Media Accounts
Identity theft is a problem in the afterlife

In 2012, the family of a deceased soldier in the United States was blindsided when they started seeing his face on ads for dating websites. His photo was being used to entice more people to visit the site.
In another case, a woman received new Facebook messages sent from the account of a dead friend, says Faheem Hussain, a clinical assistant professor at Arizona State University who studies the digital afterlife. Someone was impersonating her friend and using his account to harass her. While she knew she could block the account, she hesitated because it was also her last remaining connection to her friend.
Unsettling experiences like these are no longer unusual. Most social networking platforms do not make it easy for users to implement sufficient plans or safeguards to protect their data after death, leaving it vulnerable to privacy breaches and misuse.
Only a few companies give users options to manage their accounts after death. Google, for example, lets you designate an “inactive account manager” who will get a notification and, if you choose, access to your private data when your account is inactive for a specified amount of time. The idea is that this trusted person, who Google verifies using a phone number, will delete or safeguard your account after you have died.
Many other companies, like TikTok and Skype, don’t have a policy for dealing with accounts of the deceased. Others, like Twitter, Instagram, and Snapchat, will memorialize an account — flagging it as belonging to a deceased person and removing it from features like friend suggestions — if family members or trusted friends confirm that a user has died with a death certificate or obituary.
This is a new territory.
“It’s understandable when you’re a small startup,” Jed Brubaker of the University of Colorado Boulder tells OneZero. Brubaker studies digital afterlife on social media and helped develop Facebook’s policies for user data after death. “[But] if your company’s been around for decades, or years,” he says, “it’s probably time for you to figure out what your longer-term plan is.”