Contingency Plan
A plan to securely hand down our data for when we kick the bucket.
Reply to Kev Quirk’s blog titled “What Happens When We’re Gone?“
I don’t have the best answer but I have some idea, which is Bitwarden’s Emergency Access but for files and stuff. For those of you don’t know what I am talking about, my idea is an encrypted storage in our Nextcloud servers that automatically gets shared with people we trust after we didn’t login to our server for set amount of time.
Unfortunately, there is no any app for Nextcloud I know of that can facilitate such feature. So, if there is any developer who is looking for an idea, this one is free.
How would it work?
- Add someone as a trusted person. This process downloads that person’s public key and stores their email.
- Upload files for sharing with that person in case you don’t login for some time (such as 3 months).
- Uploaded files get encrypted with trusted person’s public key.
- After you don’t login for 3 months, trusted person should receive an email with a link from where they can download your data encrypted with their public key. Then they can decrypt the data with their private key.
Problems with this system:
- Requires trusted people to know what private/public key pairs are and how to use them. Alternative is to use a long encryption key (like a passphrase) rather than keypair.
- Server where the encrypted data load is hosted must remain online until 3 months period is over. This can especially be a problem if the person who passed away is the admin of the server. Reduce cooldown to 1 week or so rather than 3 months and pay a year or so in advance if shared hosting rather than on-premise self hosting.
What to hand down to which person?
This is up to you to answer. If you are wondering “Should I explain how to configure DNS records and docker containers to my significant other?”, the answer is YES. If your significant other is a smart person, they will either figure it out or hand down the task to someone they can trust.
Should you migrate your family to centrelized alternatives?
Moving your family to a iCloud or Gmail is, well, some plan, but not a sound plan. This plan lacks structure. When is best time to move them to such service? When you are 50! 60? 80? What if you die due to a car accident tomorrow?
What if the company goes out of business? We may think that Google and Apple are too big to fail. If I learned something about being too big, it is that being too big means not that you can’t fail, but when you eventually do, it is loud. Twitter was too big to fail, it partially collapsed and you know the noise Twitter made coming down.
The Google Method
Google allows users to set trusted accounts which receive access to all your google data after you don’t login for 3 months. As you can imagine this method requires uploading encrypted data to Google Drive, then login to that account once a month. After you avoid signing in for a few months, your encrypted data will be shared with people you trusted. Not a great solution, but this is the only other alternative I can think of to Emergency Access by Bitwarden.
Encrypted Partition (with Veracrypt or LUKS)
This probably the most straight forward method of them all. Create an encrypted partition where both you and your significant other store your most important files. Both of you can have access to files at all times, regardless of someone is sick in bed or not.
Conclusion-less
Worrying what will happen to people we love after we die is a terrible thing to worry about. Building a fool proof system to securely send data to someone else is already difficult while alive, no doubt it will be even more difficult as dead. Only methods I can think of right now are Emergency Access by Bitwarden, The Google Method and the encrypted partition.