-
-
Notifications
You must be signed in to change notification settings - Fork 936
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RFC - Deceased or Incapacitated User Warrant #809
Comments
Specifically in reference to identity assumption: Is this a feature which needs to exist in Kratos, or should it not be implemented by the organization or party which is using Kratos for authentication via some some other process? Should such a feature be implemented, it would be important to periodically 'nag' the user to ensure this information is kept up to date. |
Kratos has to technically allow this feature, as it handles everything around authentication, and this is a special case of authentication. This "keeping up to date" is definitely something we have to consider, e.g. Google does not care if the information you provide is correct and if it is updated regularly. When linking accounts, like GitHub does, it would be kinda safe to assume that people keep their account updated. Having printed backup keys, like you have for hard drive encryption, is the safest way to circumvent updating the information. From my experience, people will not update these information, even if you ask them to do so. |
I am marking this issue as stale as it has not received any engagement from the community or maintainers in over half a year. That does not imply that the issue has no merit! If you feel strongly about this issue
We are cleaning up issues every now and then, primarily to keep the 4000+ issues in our backlog in check and to prevent maintainer burnout. Burnout in open source maintainership is a widespread and serious issue. It can lead to severe personal and health issues as well as enabling catastrophic attack vectors. Thank you for your understanding and to anyone who participated in the issue! 🙏✌️ If you feel strongly about this issues and have ideas on resolving it, please comment. Otherwise it will be closed in 30 days! |
Marked as stale in error. |
Hello. This one is huge, and I think we need to cover as much as we can implementing this feature. Does GDPR apply to the deceased UK? |
Consent given prior to death, is believed to extend beyond death. However, relatives may have a different opinion, once their relative has died. This should be handled sensitively with relatives being encouraged to respect the deceased person's wishes (or in certain cases, their nominated representative/nominee, see below). In legal terms, the General Data Protection Regulation (GDPR) and the Data Protection Act no longer applies to identifiable data that relate to a person once they have died. However any duty of confidence established prior to death does extend beyond death. It is important to maintain confidentiality to ensure that trust in services and institutions are not undermined. Disclosure of confidential information post mortem therefore requires consent to extend the duty of confidence. If you intend to collect tissue from a deceased person, to use tissue removed from the deceased or to conduct a post mortem purely for research purposes consent is required across the UK. Tissue removed as part of a Coroner's / Procurator Fiscal's post mortem can be used for research, once they are no longer required for such legal purposes, however, consent for use in research must be in place. Although legal details may vary between the nations within the UK, the same basic legal and ethical principles apply in terms of the consent required:
Source: http://www.hra-decisiontools.org.uk/consent/principles-deceased.html |
HIPAA compliance says 'The HIPAA Privacy Rule protects the individually identifiable health information about a decedent for 50 years following the date of death of the individual.' Identification is not medical data and I'm not sure that this one is applies here, but I believe that input can be helpful |
I didn't find anything about the topic in ISO 27001 compliance. This one is about organizational security and it's not regulated here. I'm not sure how it can be regulated outside of the organization. |
Another finding of the GDPR after death https://www.twobirds.com/en/in-focus/general-data-protection-regulation/gdpr-tracker/deceased-persons You can find a lot of regulations for EU countries |
I have a concern. Let's imagine that someone disabled their page on Facebook and accidentally died, but the user has a successor. The last wish of the dead user is to keep the memory as is and the successor should respect this wish and make this happen and activate the page. In that case, I have a lot of open questions:
|
I'm not sure about how does IAM connects with HIPAA, because I'm new in HIPAA (I'll make research to get a better understanding of it). On the one hand, we do not need to take care of medical data. On the other hand, Kratos can be a gateway to the medical data (in that case it has to respect HIPAA compliance to use it in the US)
|
Here are some of my suggestions, assumptions, and concerns I talked to my lawyer, and I realized that legal issues regarding this issue are pretty simple in most countries, and the most complicated legal regulations are in the US. I'd recommend consulting with US law consultants because I have no idea how they manage it. What data Kratos will store/process implementing this feature:
I prefer to go with US law and HIPAA implementing this because both guys are most complex. |
Thank you for all these thoughts and detailed input! @zepatrik is currently OOO but I am sure he will enjoy the discussion when he's back :) |
This comment was marked as resolved.
This comment was marked as resolved.
Hello contributors! I am marking this issue as stale as it has not received any engagement from the community or maintainers for a year. That does not imply that the issue has no merit! If you feel strongly about this issue
Throughout its lifetime, Ory has received over 10.000 issues and PRs. To sustain that growth, we need to prioritize and focus on issues that are important to the community. A good indication of importance, and thus priority, is activity on a topic. Unfortunately, burnout has become a topic of concern amongst open-source projects. It can lead to severe personal and health issues as well as opening catastrophic attack vectors. The motivation for this automation is to help prioritize issues in the backlog and not ignore, reject, or belittle anyone. If this issue was marked as stale erroneously you can exempt it by adding the Thank you for your understanding and to anyone who participated in the conversation! And as written above, please do participate in the conversation if this topic is important to you! Thank you 🙏✌️ |
Problem statement
When people decease, become medically incapable for any reason, or are in any other way unable to take actions, there is usually a legal solution for this situation. Trusted people take over responsibility, someone heirs physical items, and someone gets ownership/decisive power over digital assets. In such cases it is often hard to impossible for successors to actually get an account deleted, cancel a subscription or access data.
Goals
Allow issuing warrants to other people without requiring them to sign up and manage an account just for this occasion. It also has to be:
Non-Goals
Comparable Existing Features
GitHub Successor
Drawbacks:
Facebook
Drawbacks:
Google Inactive Account Manager
Drawbacks:
Advantages:
=> Google's approach is the closest to our goals
Challenges we have to overcome
First Implementation Ideas
Successor Authentication
Successor Permission
As this is very application specific, it might be sufficient if Kratos differentiates between users and successors at the
/whoami
endpoint. This way the application and permission system take care of limiting the actions that can be taken.Access to some self-service APIs will have to be configurable (e.g. deletion).
What we want to hear from you
The text was updated successfully, but these errors were encountered: