top of page
  • Prakarsh and Shruti Mishra

Microsoft Patent Application vis a vis International Post-Mortem Privacy Rights

This article is written by Prakarsh and Shruti Mishra, students at National Law Institute University, Bhopal, pursuing B.A.LL.B. (Hons.).

Background Microsoft has recently filed for a patent application titled “Creating a conversational chatbot of a specific chatbot of a specific person”. The patent is for a system that is programmed to collect voice samples, track past social media activities and messages etc., of a deceased individual. It essentially entails the digitalization of various character traits of someone who has passed away and employs the collected data to train a chatbot to learn certain character traits of the deceased. In theory, the patent seeks to preserve certain aspects of the deceased in a digital format. This idea has been previously conceptualised by popular culture through the science-fiction movie, ‘Transcendence’, and it recently became the subject of the Black Mirror episode titled USS Callister. The system sought to be patented is a unique creation that can be seen as the first step towards bringing to life the age-old theory of digital preservation of human consciousness. However, this would require gaining access to personal details and private cyber activity of deceased individuals, a subject that essentially falls under the purview of different Data Protection regimes across the globe. Post-mortem Privacy rights mainly deal with the preservation of ‘digital remains’, that is the protection of the data of an individual that is left behind post his/her demise. More specifically, such rights may also govern the concept of personality rights which protect the personal character traits of an individual along with the reputation and dignity that is attached to the same. Post-mortem privacy rights have been widely discussed in the context of international data protection mechanisms. The patent if granted might engender a conflict situation with various Data Protection Regimes. It would raise questions such as whether the system would require any permission or license for the collection of data belonging to the deceased or whether it would be infringing any rights using such collected data? In this piece, the authors shed light on whether the privacy regimes would pose any obstacles for the system, and if yes, the extent to which it would affect its functioning. Position in the European Union It is trite in the traditional English Common Law System that upon the demise of an individual, any cause of action for ‘personal claims’ is exhausted. This is reflected by the maxim ‘actio personalis moritur cum persona.’ Therefore, prima facie it does not seem that the deceased would have any rights with respect to personality claims. However, the Civil Law system does not seem to follow such a maxim. For example, in Germany, the Federal Court held that the constitutional provision for the protection of human dignity transcends beyond the living and applies to the deceased as well. The European Union consists of both Common law as well as Civil Law jurisdiction countries. The grundnorm of data protection, the General Data Protection Regulation (GDPR), does not provide for post-mortem rights and neither does the European Convention of Human Rights. The protection that is afforded to the citizens of the member states only applies to the living and this has been explicitly stated in both the Conventions. However, the GDPR, under Recital 27, does provide for members to be able to implement laws for protecting the privacy of the deceased. Some countries within the EU have made use of this discretion to implement laws that protect digital legacy and presence beyond the living. For example, Germany as was mentioned above. Other countries include:

  • France: In France, the government has allowed people under Digital Republic Bill to set certain directions according to which their data is to be preserved or disposed of post their demise. These directives are to be recorded by the data holder and are to be followed on the person’s demise.

  • Spain: Even though the Spanish data protection regime does not provide explicit protection for post-mortem privacy rights, it does allow for ‘digital testament’. The law allows for the legal heirs of the deceased to exercise control over the data that is left behind. They can ask for the transfer, encryption or even erasure of the data. Similar provisions are provided under Bulgarian Law and Estonian Law.

In the present context, if an individual has directed his data to be erased or to be made inaccessible, or if the legal heirs do not allow access to the deceased individual’s data, then the system would not be allowed to collect the sensitive information that would enable the chatbot to imitate the characteristics of the deceased. Position in the United States of America The law in the U.S. varies from state to state within the country. The jurisprudence on these matters are usually related to the personality rights of celebrities, however, the same may be applied to the data for other deceased individuals. For example, the California Civil Code has two sections, one which provides personality rights to living individuals and one which was passed as the Image Protection Act in the year 1985 for providing post-mortem estate rights. The Act vested the personality rights of a deceased individual with their estate, similar to the Spanish Law. It was based on this provision that the estate of Princess Diana was successful in getting an injunction against unauthorized use of her image, post her death. Other States also protect post-mortem personality rights within the Country with varying durations of protection, although within 100 years post the demise. Hence, it can be said that the Microsoft system to be able to collect data uniformly across the nation would not be easy. It would entail seeking permission from the estate of the deceased in accordance with the laws of different States. Concluding Remarks & the Way Forward In our opinion, post-mortem privacy rights should be afforded strong protection that can protect any sensitive ‘digital relic’ or legacy that an individual leaves behind. This is being increasingly followed by various countries across the globe and might even find a place in the GDPR eventually. Currently, it cannot be said that the Microsoft System will find bothersome impediments on a global or regional level. However, when it comes to national laws and data protection regimes, Microsoft would be required to take permissions, sanctions, licenses, etc. to be able to collect and use data of the deceased. The system would be working on a case to case basis depending upon the nationality of the deceased. Any social media platform that it would tie-up with would require similar permissions for revealing the data to a third party. The extent to which such requirements would serve as impediments would mainly depend on the specific data protection regime in question. Countries eventually may allow for a certain level of relaxation when it comes to such pioneer initiatives so as to preserve creativity and innovation. Hence, it can be safely said that the system will require a fair amount of time for the creation of each personalized chatbot and to be able to offer service to people who are willing to digitally preserve the deceased unless the individual seeking the same is left in charge of the required data. Regardless, it is a bold initiative that will definitely be improved in the days to come and one day may be able to match the standards set by science fiction works. The consumer base for chatbots is increasing by the day and has already reached a staggering level. Considering how the Microsoft chatbot would be a personalized one, the need for the same could be almost considered as pressing.

10 views0 comments


bottom of page