Discussion of alternative suggestion from Support !!! NOT INSTALLED !!!

This is the disucssion of an alternative process for how to treated cases with deceased persons in the context of a20140118.1.

Attention: This process was not accepted by the arbitration.

Idea of Support !!! NOT INSTALLED !!!

Currently there are at least these three different deceased case known:

  1. Relative reports that the account owner is dead.
    • Why shall we write emails to all listed email addresses?
  2. CAcert member reports the death of the account owner and adds a public death notification
    • Why shall we write emails to all listed email addresses? Better would be to ask the claimant to verify his statement.
  3. Employer reports the death of a CAcert member
    • Here it could be useful to contact all email addresses.

Here is supports suggestion for the basic procedure: !!! NOT INSTALLED !!!
  1. Support receives a notification about a death of a member.
    1. Support locks the account immediately and marks the account in the "Blocked list" (see below) with the information Primary Email address, name in account, Locked due to deceased information, Ticket No, Date to have the chance to see why the account is blocked as the software in the current state is not able to handle this information. The reason for the immediate block is to prevent the a person who is not the owner cannot use the account to create or renew certificates.
    2. Support adds the information about all email addresses, the CCA status, certificate expiration, report about given assurance by the deceased to the ticket and moves the dispute to Arbitration.
    3. Arbitration starts the research on the subject as this has to be done in a sensible way.
    II. If the blocked account is used and the owner asks Support why his account is blocked

Support looks into the "Blocked list". In case of deceased tries to see if the mail comes from the owner of the account. If it feasible that he is the owner of the account the account is released. The release will be marked in the "Block list". Arbitration will be informed about the release. In all other deceased cases Arbitration is informed.

Template "Blocked list"

primary email address

accounts FN LN

Reason for lock

Ticket No / Arb No

Lock Date

Release Date

Ticket No / Arb No

The "Blocked list" should be accessible only for SE and Arbitrators and should be maintained by SE.

Answers from Arbitration to support idea

This is based on discussion with multiple other arbitrators and the internal auditor.

About different "kinds" of decesed cases

How does one know, if someone is for example really a relative? How to check the identity? The only identity check we accept is assurance. And this does not cover relationships between people.

Even if it is a relative, this does not say that it could not be a fraud or an action to harm the relative. (A lot of things are done between close relatives when people are angry about each other.)

The mail to all known email addresses is to give the member (if living) a chance to learn about the reported death, react about it and give us an answer, if the member is not dead and it was a wrong information (or a mixup about the person).

It does not matter who wrote the original information.

About "Better would be to ask the claimant to verify his statement."

If it is needed to ask the claimant about more information this would be done by Arbitration. But it is unlikely that the claimant has more information than what would be in the report, if even a public death notification was added.

About direct block

As long as there was no evidence for the report of a death, a block would be without any authorisation. Else anybody (especially none-members) could block accounts of others, randomly.

The internal auditor confirmed, that he does not see any security reason to block an account in such a case.

The reason against a direct block is the following:

If the member is actually alive the member should be able to get immediate access to the account when the member learns that someone may be reporting incorrectly about a death and maybe asking for access to mail addresses, certificates or domains. Because in such a case that member may need to do some further adjustments to his/her security. Which may include doing adjustments in the account.

That member also could ask for a block of the account. This possibility could be part of the mail send to the mail addresses.

If the member is not alive, we have to assume that nobody is able to access the account, anyway. Because every living member agrees with the CCA to not share their access to their account. Then there is no harm to keep it open.

About collecting and sharing data to arbitration

Most of that information will probably not be needed to handle such a case. Private information should only be provided to somebody else, if there is a need to know about it for that other person.

A general ruling should not include the requirement to share such information "just in case". However important special facts always could be provided. What that could be, would be case specific.

If Arbitration later finds, that more information is needed, Support can provide it at that time.

about blocked list

I do not think that Arbitration has a need to know about all blocked accounts. So I do not see a need to integrate this in a ruling.

If an Arbitrator needs to know about a block, Support can always be asked about it.

General comment

The suggestions of support were not followed, mostly because of privacy issues but also because of the possible security of the member.

Because of this and the feedback of auditor and other arbitrators the suggestion from support is not picked up.

Arbitrations/a20140118.1/SupportIdea (last edited 2016-06-19 13:50:07 by EvaStöwe)