# 2025-08-20 Agenda and Minutes * Attendees * George Fletcher * Jean Kaplansky * Helen Patton * Miki Brotzler * Brad Chellew * Eve Maler * Tim L * Note taker: * George * Welcome * [Note Well](https://openid.net/wp-content/uploads/2025/06/OIDF_Groups-Activities-Events-Note-Well_Final_2025-06-12.pdf) * [Anti-Trust Policy](https://openid.net/wp-content/uploads/2024/09/OIDF-Antitrust-Policy_Final_2024-09-12.docx) * Upcoming meetings * September 5, 2025 7:00 AM PDT (GMT-7) * September 17, 2025 3:00 PM PDT (GMT-7) * Agenda bashing * Review recent articles / links posted in Slack * Reminder about the DADE resources wiki, where we try to capture these: https://github.com/openid/death-and-the-digital-estate/wiki/Resources * File issues if you want something added to the wiki. Please be sure the link isn't paywalled if possible. * https://www.theregister.com/2025/08/09/dead_need_ai_data_delete_right/ * Credential Sharing for Postmortem Account Management in Digital Estate Planning poster shared in Slack * We'll try and upload this picture * George's recent retirement planning seminar: illegal impersonation by accessing someone's account? * The vanishing line between impersonation and (well founded but self-asserted) delegation -- "benevolent impersonation" * The transition out of competence to consent as the start of the delegation challenge * Break-glass kit as "SBOM for our digital lives" - Dean has started testing his kit * Blurred lines in the higher-ed context between worker and personal resources * https://www.qmul.ac.uk/cloudlegal/research/cloud-legal-project-papers/cloud-contracts/ (paper including Jennifer Zegel and Dean Saxe as authors) * "Queen Mary University in partnership with Microsoft cloud project did a survey on Terms of Service and found most do not address death/incapacity." * https://www.nytimes.com/2025/08/18/opinion/chat-gpt-mental-health-suicide.html?utm_source=flipboard&utm_content=user/newyorktimes * (paywalled) * Quick summary: young woman using AI as a virtual therapist tells the AI she wants to kill herself. Is the AI obligated to report. She also asked the AI to write her note to her parents to ensure as little hurt/ripple to her loved ones as possible. * Legal liability attaches to some "stack" of legal and/or natural persons associated with an AI, not the AI itself * Recent blog post exploring this: https://workshop.vennfactory.com/p/why-ai-cant-be-your-actual-therapist * More on this: https://www.youtube.com/watch?v=Usx4nwhaD5c * https://www.wired.com/story/ai-agents-legal-liability-issues/ * Persona project * Doc on HackMD to capture more thoughts on the use of Personas within DADE: https://hackmd.io/idXlbE-dSueCI1Fr0c8Jlg?view * Next steps? * Explore the higher-ed blurred persona angle? See Helen's talk (she will provide) * Unregulated actions by regulated actors: lawyer who submits filing quoting hallucinated cases - AI was "practicing without a license" if not actually "being a criminal" * True of humans as well: surviving family member without a license using digital assets of the regulated-profession deceased * Also limiting access to IP through an NDA, other agreements, all the way to technical access controls * Estate planner may often be "colocated" with CPA persona - which hat? * With a digital estate, it's not just about legal obligations for behavior, nor about financial assets - it's about human relationships, which will have lots squishier personas - maybe not useful to capture those * Example: caretaking adult child vs. out-of-town adult child - more the subject of a dramatic play than security controls! * Add "caregiver" as a persona - they are in this role before the principal's death, but we need to consider transitions * Also "recipient of HPOA" - a very good idea to always have one of these * There's an implicit "most techie person in the family becomes the handler of digital assets" rule * Certain roles determine time of death, transport of the body, death certificate, etc. - this has a bearing on downstream digital asset matters - served by different parties in different jurisdictions * Looked at the RUFADAA definitions appearing in the persona HackMD doc * Feels like enough exploration to give hints of how we might go about this work, perhaps once the two other drafts are complete * Planning Guide for Cyber Security Awareness Month - Next Steps * [Draft planning guide](https://docs.google.com/document/d/1gjM82jsF242ag99-pDaQF00i5YK3Lpwr/edit) document is available in Google Docs * We only have a week or so of drafting time left! * Want to write? Tag a section or section(s) with your name and start writing! * Audience: "real humans" * White paper being spearheaded by Dean, Mike, and Heather * If you haven't yet, please sign the OIDF participation agreement to be able to review it right away * Public review period to begin August 25 - in five days! * Publication around October 1, 2025 * AOB