Court rules man must be given access to husband's iCloud photos
Apple must provide a man access to the iCloud account of his late husband so he can retrieve family photos shot with an iPhone and a dedicated camera, a New York judge has ruled.
Nicholas Scandalios has so far been locked out of the Apple ID belonging to his husband, Ric Swezey, who was killed in an accident two years ago, according to MarketWatch. Apple hasn't been outright fighting the request, but did insist that Scandalios obtain a court order.
"Apple shall afford the opportunity to reset the password to [Swezey's] Apple ID," Surrogate Judge Rita Mella wrote in her ruling.
Complicating the situation is that Swezey's will didn't contain language authorizing access. Mella's opinion stated that the photos weren't a form of "electronic communication" requiring proof of consent or even a court order, which could help build precedent against Apple's position.
Most U.S. states -- New York included -- now have laws giving an estate's executor default access to all material stored locally on a device, but requiring a will or court order for anything kept in cloud storage. Among the only exceptions are Oklahoma, Louisiana, Pennsylvania, Massachusetts, New Hampshire, and Kentucky, as well as Delaware, which transfers access to all digital content.
How to handle the online accounts of the dead is still a developing field, since many services are a decade old or less. iCloud for example was launched in 2011, and iCloud Photo Library is even younger, dating back to October 2014.
Apple is typically compliant with legal orders to access cloud data, including those from police and spy agencies. It does sometimes put up resistance, most famously in the case of San Bernardino shooter Syed Rizwan Farook, when the FBI and U.S. Department of Justice sought a backdoor into Farook's iPhone. The company refused, both on constitutional grounds and claiming that it would fundamentally compromise iOS security. The DOJ backed down when it managed to crack the iPhone with third-party assistance.
Nicholas Scandalios has so far been locked out of the Apple ID belonging to his husband, Ric Swezey, who was killed in an accident two years ago, according to MarketWatch. Apple hasn't been outright fighting the request, but did insist that Scandalios obtain a court order.
"Apple shall afford the opportunity to reset the password to [Swezey's] Apple ID," Surrogate Judge Rita Mella wrote in her ruling.
Complicating the situation is that Swezey's will didn't contain language authorizing access. Mella's opinion stated that the photos weren't a form of "electronic communication" requiring proof of consent or even a court order, which could help build precedent against Apple's position.
Most U.S. states -- New York included -- now have laws giving an estate's executor default access to all material stored locally on a device, but requiring a will or court order for anything kept in cloud storage. Among the only exceptions are Oklahoma, Louisiana, Pennsylvania, Massachusetts, New Hampshire, and Kentucky, as well as Delaware, which transfers access to all digital content.
How to handle the online accounts of the dead is still a developing field, since many services are a decade old or less. iCloud for example was launched in 2011, and iCloud Photo Library is even younger, dating back to October 2014.
Apple is typically compliant with legal orders to access cloud data, including those from police and spy agencies. It does sometimes put up resistance, most famously in the case of San Bernardino shooter Syed Rizwan Farook, when the FBI and U.S. Department of Justice sought a backdoor into Farook's iPhone. The company refused, both on constitutional grounds and claiming that it would fundamentally compromise iOS security. The DOJ backed down when it managed to crack the iPhone with third-party assistance.
Comments
it’s not Apple’s responsibility to do this. Forcing Apple to do it sets a bad precedent for other types of access by police and others.
In any case, I also wonder why this is news.
I can think of many reasons why one parter didn’t know the password. Maybe he had just changed it and hadn’t written down the new one. Who knows.
From the court order, “Apple shall afford the opportunity...” In other words, yes, it is Apple’s responsibility. Beyond that, it’s their legal obligation. I’m curious to know why this sets a bad precedent? Due process was followed and the court issued a legal order. Are you suggesting that no company should ever give anyone other than the owner access to anything?
I recently went through this with a parent passing and Apple was helpful and a specialist guided me through the process. We had to follow state procedures to get the court issue the order/permission. Each state handles digital property management in their own way. Some don't even offer it in a Will. Also there is no probate when there is a surviving spouse in community property states so there's no legal documents associated with passing digital property.
Good on Apple for protecting property and privacy.
Might want to spell out digital assets in your will though. One poster here at appleinsider had over $150k in music... it would be a shame to have it just disappear.
My passwords these days are at least 20 digits, all computer generated with Lastpass. It works with all my different hardware. It's pretty quick to log into sites on the iPhone these days. FaceID makes it pretty painless.
Seems a little off.
In the meantime, Apple's blanket protocol seems reasonable and allows it to cover its back.
Insurance companies should be adapting to digital lifestyle issues and specifically cover the paperwork/legal side in this kind of issue.
Perhaps we need a common framework for personal files whereby users can set out what should happen in this kind of case and which would allow family members to access to the files in line with the owner's wishes.
A common framework would also allow family members to know exactly which services were being used.
This would allow the possibility of tagging files and folders as 'my eyes only' to make sure certain elements would remain permanently off limits to anyone but the owner.
Instant deletion protocols are probably out of the question for security reasons but there is the option of establishing a secure deletion option upon reaching an expiry date.
There are a whole lot of considerations to br made but legislation is the way to go. It just takes time.