Current digital policies don't adequately cover dead people, much less zombies. As we approach Halloween, here are five digital policies that need updating.

Daniel Castro, Senior Analyst, Information Technology and Innovation Foundation

October 29, 2014

5 Min Read
Image: <a href="">League of Zombies</a>

Imagine it's the day after mid-term elections. You turn on CNN to discover that Nate Silver's predictions were wrong. Obviously such an event means no less than the Zombie Apocalypse has begun. As you and others flee the raging hordes, so many questions race through your mind such as, "What happens to the social media accounts of the undead?" and "Who inherits their digital files?"

You can't help but wonder why policymakers didn't do more to prepare for this situation. (After all, the Pentagon has developed a zombie defense strategy. Seriously.) Fortunately, there's still time to act. To assist policymakers in their response (and, OK, maybe also to assist with this article), the Information Technology and Innovation Foundation has begun compiling a list of key tech issues the US might face during a zombie apocalypse.

1. Can zombies obtain a copyright?
The answer will depend on whether the courts ultimately consider zombies to be human. For example, suppose that Kim Kardashian becomes a mindless abomination roaming the streets of Miami with her iPhone. Such an event would raise an important question: If a zombie takes a selfie, who owns the copyright? The US Copyright Office has made clear that copyrights will not be given for works produced by" "nature, animals, or plants" or "divine or supernatural beings."

[Need more zombie questions to chew over? Read Geekend: Fight Zombies, Or Go To Mars?]

So far, the Copyright Office has been mum on the question of zombies. If the undead could obtain a copyright, which lasts for life plus 70 years, when would it expire? Both the Copyright Office and Congress should work to address concerns about orphan works, i.e., those works where the copyright status is uncertain or the copyright owner can't be contacted.

2. Can zombies own digital goods?
Do the undead still have legal access to all the White Zombie tracks they purchased on Apple iTunes or Google Play? Surprisingly, nowhere in the Digital Millennium Copyright Act does it address ownership rights of digital files for the dead or undead.

One Delaware law seeks to solve this problem by allowing all digital content to be passed along to family members after death. However, because eBooks on Amazon and movies on iTunes aren't owned, but rather licensed, these digital goods can be passed on only to the extent allowed by end-user licensing agreements. These agreements handle transfers differently. Apple's EULA defers to California law, while Amazon's and Google's EULAs don't allow for any transfer.

Therefore, many state laws (such as Delaware's) will have little effect. Federal legislation is needed to put this issue to rest.

3. Who gets access to the digital accounts of zombies?
Not only has no state specified who gets access to the email accounts, social networks, and cloud storage of the undead, only seven states have passed laws specifying who gets access to the digital accounts of the dead. The Uniform Law Commission has created model state legislation that would let individuals grant fiduciaries, such as the executor of an estate, access to their digital accounts.

But so far only Delaware has passed legislation in line with the ULC proposal. Policymakers should create standard rules for handling the digital accounts of those no longer among the living.

4. Can researchers access zombie health records?
During a zombie outbreak, public health officials at the Centers for Disease Control and Prevention and other research agencies will want to access the health records of the infected to plan accordingly. Unfortunately, the Health Insurance Portability and Accountability Act lays out explicit conditions under which health information of the deceased may be used, barring most use for 50 years after the death of the individual.

It's unclear how HIPAA would apply to the health data of zombies. Does the 50-year countdown begin as soon as someone turns into a zombie or only after a zombie receives a shovel to the frontal lobe? It's time for Congress to refine HIPAA to allow for easier access to the records of the deceased for the purposes of health analytics.

5. Can the US government use zombies to justify expanding mass electronic surveillance?
It's possible that the NSA will use a zombie apocalypse as justification to expand domestic surveillance. The NSA has used Section 702 of the Foreign Intelligence Surveillance Act to conduct surveillance as long as it's reasonably certain of the "foreignness" of a target. The NSA has also used Section 215 of the USA Patriot Act to conduct surveillance of US persons under certain conditions.

If the NSA can convince the courts that zombies are humans, but not US citizens, or that zombies represent a significant terrorist threat, the agency will likely be able to justify an even more significant expansion of domestic surveillance. Legislative reforms, such as the USA Freedom Act and the Intelligence Oversight and Surveillance Reform Act, would limit expanded surveillance without proper oversight and restraint. After all, what's more terrifying -- the NSA or zombies?

With issues ranging from privacy to copyrights, the 114th Congress has much to accomplish. Let's hope it moves more quickly than our undead friends.

Did we miss something? We want your BRAINS! Add your comments below.

ITIF research assistant Alan McQuinn contributed to this article.

You've done all the right things to defend your organization against cybercrime. Is it time to go on the offensive? Active response must be carefully thought through and even more carefully conducted. This Dark Reading report examines the rising interest in active response and recommends ways to determine whether it's right for your organization. Get the new Identifying And Discouraging Determined Hackers report today (free registration required).

About the Author(s)

Daniel Castro

Senior Analyst, Information Technology and Innovation Foundation

Daniel Castro is a senior analyst with the Information Technology and Innovation Foundation and director of the Center for Data Innovation. Castro writes and speaks on a variety of issues related to information technology and Internet policy, including privacy, security, intellectual property, Internet governance, e-government, and accessibility for people with disabilities. 

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights