Unblock Logins for Memorial Accounts

[sophie]

Title:
Unblock Logins for Memorial Accounts

Area:
Accounts

Summary:
In November last year, memorial accounts were blocked from logging in in order to prevent the deletion of entries from them in case anyone were to break into the account. Unfortunately, this can be somewhat problematic as negative comments cannot be deleted. I'd like to suggest that to overcome this, logins to memorial accounts should be allowed again, with the deletion of entries blocked.

Description:
One of the most obvious problems with being unable to log into memorial accounts is not being able to take action against any objectionable comments which may have been left by others. For example, if someone were to comment to a post saying hateful things about the person in question, that comment would either have to stay up, causing distress to people who read it, or someone would need to submit a support request to get the comment deleted, which would necessarily need to be escalated to admins, and involves talking to other people - which the person viewing the comment may not want to do. This, I feel, is unfair to friends and family who may be grieving.

The above also applies to other types of unwanted comment, including spam comments. It is unlikely in this case that anyone would ask Support to delete these because more spam will probably appear later anyway, which means that the comments remain on the entry, appearing extremely disrespectful.

I suggest that instead of blocking logins, we should allow logins but prevent the deletion of existing entries, which would accomplish the original purpose of the change. It does mean that unfortunately someone may be able to break in and delete all the *comments*, which would be a bad thing, but as I said above, I feel that the ability to delete comments in this case is important. I do feel, though, that to delete all the comments would be such a painstaking job that it would probably not be done.

In the end, I suppose it comes down to: Would it be preferable for a potential attacker to not be able to change anything at all while preventing harmful comments from being deleted, or would it be preferable to allow harmful comments to be deleted while risking that someone may break in and delete *all* the comments?

Poll #5988 Unblock Logins for Memorial Accounts

Open to: Registered Users, detailed results viewable to: All, participants: 58

View Respondents

This suggestion:

View Answers

Should be implemented as-is.
17 (29.3%)

Should be implemented with changes. (please comment)
21 (36.2%)

Shouldn't be implemented.
5 (8.6%)

(I have no opinion)
15 (25.9%)

(Other: please comment)
0 (0.0%)

Comments

[syderia]

Would it be possible to allow only deletion of comments made after the date when the account was turned into a memorial account?

[sophie]

Oh, I like this!

[charamei]

+1

[ariestess]

+1

[faithofone]

oh that's a good idea. *changes vote to "with changes"*

[kerravonsen]

+1

[pseudomonas]

I like this; also could one just freeze comments on all posts (existing comments visible but no further commenting allowed)?

[metron_ariston]

I don't think that would be a good idea. I know of memorial accounts that periodically get new comments from people who have only just learned of someone's passing, or at the anniversary of the person's death (or their birthday), or even when someone was thinking of the person that day and wanted to say they miss them. The family and friends of the person who passed might appreciate being able to leave notes every now and then, and also maybe get a little comfort knowing that their loved one is still remembered & missed by others.

[kyrielle]

I don't like this variant - my Dad's account on LJ is still up (and I maintain it), and has a post asking for memories of him. If someone comes by and wants to add a new memory they've just thought of, or when they've just heard of his passing, I want them to be able to.

I just want to be able to smack it down if, instead of a new memory, it's a spam message. :P

[pseudomonas]

Hmm. How about freezing the original journal, and keeping a sticky post fully under the control of the maintainer? I realise that not everything will work for everyone.

[dingsi]

Once more: +1 :D

[the_shoshanna]

Oh, you are wise.

+1

[saekhwa]

+1

[aedifica]

+1

[delladea]

+1, I voted "implement with changes" because I was thinking long the same lines.

[cheyinka]

That seems like the best solution to me!

[denise]

I don't think this is possible, actually. (At least, it's not easy, and this isn't the sort of suggestion I feel we should spend hours and hours on.)

[sophie]

It seems like it should be fairly easy to me if the date of the account having been turned into a memorial was stored in the database (other than in infohistory, I mean). Or am I missing something?

[denise]

I don't think that date is stored anywhere! (I don't think it's even in infohistory.) I mean, sure, we could do it going forward from the change, but...

I don't know, the more I think about this the itchier I get. I put my finger on why in a later comment: it's because it inherently assumes that people will be sharing their passwords, and that just makes me twitch.

[kyrielle]

But...my parents left all passwords to all accounts including their LJ in their papers for me to receive on their passing, with the EXPECTATION that I would do with the accounts as I chose. Including, as I have, leave them up but monitor them for respectful usage, in the case of their LiveJournal accounts.

Why shouldn't that be an option?

If the date is needed, surely existing ones could be grandfathered in with the date the change was made?

[kyrielle]

+1. No editing, creating, or deletion of entries; no deletion of comments made prior to the time of changeover; however, permit deletion (with or without spam marking) of comments made after the point of change. Or maybe, as someone else suggested, just screening them.

It might be nice if it was possible for the survivors to request either this status OR a completely frozen no-login version. If no one has the password anyway (because the deceased elected not to share it in their paperwork) then it would be more appropriate to freeze the login altogether.

But of the two, if it can only be one - this version rather than what we currently have. Under the current scheme, if my father's account had been here, I would decline to have it designated a memorial account ever (and take the risk of a hijacking) rather than run the commenting risk.

[metron_ariston]

Not only should no new entries/no deletions be allowed, editing entries should also be turned off.

[susanreads]

Yes, ISTR I've heard of serious vandalism being done that way elsewhere.

[denise]

Memorial accounts currently can't be logged into at all, which means no deletion or editing of anything. (That's why we blocked logins to memorial accounts; I've seen too many instances of someone's beloved lost friend's account getting hijacked and wiped.)

[metron_ariston]

I know that memorial accounts currently can't be logged into. But the original suggestion post only mentioned disallowing entry deletion as a way of protecting the entries. I wanted to suggest that if the change were ever implemented in the future (to allow logins) that editing entries and adding new entries should also be turned off, not just entry deletion. I am even more sleep deprived than I was when I made the first comment so I hope it's not even more unclear aaaaahhhhh.

Edited because: It appears that it won't happen anyway, so this comment is extra pointless, oops. :3

[sophie]

For the record, adding entries to a memorial was already disabled before logins were blocked, so if it was unblocked, adding entries would already be disabled. I don't know if the same applies to editing entries or not.

[justhuman]

I can understand the issue that is trying to be solvee, but it inevitably means giving control of a memorial account to someone else. When my account heads to memorial status I don't want anyone to be able to log in and manage it.

I think that support should be open to deleting post memorial spam, but the account should otherwise be left alone.

[erik]

"I always hated you and I'm glad you're gone" is not spam, but still deserves to be deleted.

You could argue that the support staff member would recognize that as offensive and delete it, but for each person and group of friends there are bound to be statements that strangers will not recognize as hurtful. Better to let someone who loved you manage things than someone else....

[kyrielle]

But then you would just not leave your password to your heirs. My father wanted to know that I would post to his account when he died so people would know what happened, and he left me the password information to that end - he didn't mind my being able to log in and manage it, he wanted it.

I don't think support should give someone who doesn't have that ability the ability to log into such an account. But if someone has left to their heirs the ability to log into their account, I think they ought to be able to do so to manage the comments....

[sophie]

Even before the blocking of logins to memorial accounts took place, it wasn't possible to create new posts in them. Maybe another suggestion would be a good idea for this.

[fyreharper]

What if comments could be screened but not deleted?

That would prevent unwanted comments from being seen (except when someone was logged in to that journal to do maintenence, which presumably would be infrequent), and also would prevent a potential attacker from deleting any comments.

[azurelunatic]

I like this concept. I especially like it in concert with the idea of making someone effectively an administrator or moderator for a deceased friend's journal.

[denise]

Do remember, though: we don't give out passwords. Ever. So if you want your friend or loved one to manage your account after your death, you have to give them the password now, which in a way is us saying that we support sharing of passwords (if you take this suggestion to the logical extreme).

The more I think about this suggestion, the more I hate it for that reason exactly. We originally blocked logins to memorial accounts because I've see one too many cases of someone breaking into a memorial account and gutting it, and the friends and loved ones of that person can never get that back. (Imagine how it would feel for your friends to see your account posting Russian pornbot spam after your death.)

On LJ, I had to suspend memorial accounts that had been broken into and cleaned out, or broken into and used to post spam all the time, because those accounts could never again be secured, and those friends would never be able to visit their friend's journal again. I'd say that was about ten to fifteen times as common as someone contacting us because there was an unpleasant comment in the account. (With the advent of the spam invasion on LJ, I'm sure that frequency has flipped by now, but I seriously doubt we'll get to the point where spam comments to memorial accounts become more than a few manual deletions a week, tops, for a long time. Knock wood.)

Also remember, your account doesn't automatically become memorial when you die. Someone has to contact us to get us to flip the memorial flag. So if you want your friend to be able to keep logging into your account and deleting comments that you wouldn't want there, just don't have the account set to memorial. But you'd have to give them the password before your death (or in your will or something), and I get twitchy whenever we start discussing any kind of program that will encourage people to do that.

[sophie]

I do understand what you're saying. But people can and do give out the passwords anyway, and if they don't, family may learn the password through other ways, including just trying passwords.

I don't feel that implementing this suggestion would be akin to saying that you support sharing of passwords. Indeed, I know that in a lot of cases people are comforted by the thought that someone is caring for the journal of someone they remember dearly.

As I commented above, I like the idea of making it so only comments made after the memorial status was granted could be deleted. As for posting spam, how about prohibiting commenting in any journal other than their own? (since I believe posting in any journal is already prohibited, right? If not, it probably should be.)

And as for accounts not automatically becoming memorial after you die - I know that. But if someone has died and a friend asks for their account to be memorialised, then it's probably going to happen whether the account owner wanted it or not (unless, perhaps, it's clearly outlined that they don't). Right now, I probably wouldn't want it to happen, and then that carries with it the problems that you've already outlined, probably leading to my account getting suspended some time after I die.

If we could make sure memorial accounts were properly secured in such a way that it's still possible for someone to partially take care of it after the owner's death, then I would *want* my account to be memorialised.

[azurelunatic]

My brain has clicked over a weird concept.

You know how some of the random suggestions have been in a "make personal accounts act more like communities" sort of direction?

What if there became the possibility to grant friends limited moderator rights on your journal? While there could be the possibility for abuse, it would also cut down on password-sharing. I don't know whether the decrease in password-sharing would be enough of a benefit to overcome whatever increase in problems would arise from people feeling that they could safely share power with someone who turned out to be untrustworthy.

What if, beyond that, there became the possibility to grant friends freeze/screen (unfreeze/unscreen) powers upon your journal becoming memorial? This does have the obvious exploit mode of someone writing in to declare you dead when you're just gone for the weekend, however.

[kyrielle]

Not at all. As I noted above, it can also be in the on-death paperwork and, in fact, a number of "after I pass" sites now encourage just such paperwork with all the appropriate (and previously-secret) passwords for their chosen representative.

[melannen]

Is there any plan to allow people to designate an "executor", (or whatever), for their journal, as part of the pie-in-the-sky account management improvements?

I was just thinking that what I'd actually prefer here was the ability to designate an account that could have limited mod powers on a memorial journal (make & edit one sticky post, fix the layout if it breaks, delete spam and troll comments, possibly take people off the trusted-by list) without actually logging in to it, but to really make that work, you'd have to have a way to designate that person before your death, and the powers would activate if the journal became a memorial journal.

...I should probably just go make a separate suggestion for that.

[matgb]

Yes please. miss_s_b and I know each others passwords (and even if we change, we're permalogged in on the same laptop anyway), but it'd be good to have a system for it.

Think Kyrielle is right to an extent though, it's something that should be included in probate paperwork, no harm in making that easier and simpler though.

[melannen]

The one issue with doing it through probate paperwork is that there are a fair number of people who keep their online and RL affairs firewalled from each other - if a person doesn't want their legal heirs to even know their journal exists, requiring it to be part of their RL will wouldn't work for them.

(I do have an internet-executor specified in my will with all of my accounts and where to find the passwords, and I think everybody should, as far as they're willing to link their identities. But not everybody can do that.)

[kyrielle]

This, but in that case what do you do if someone wanted to give that ability to someone in the probate/estate paperwork because the heir didn't have a Dreamwidth account prior? I suppose they should just log in and set it up before having it set memorial, but what a pain for someone who didn't know the system (and what if it got set memorial before they could? Open a support request and send in a copy of the paperwork? Pretty big hassle).

[melannen]

I guess I was assuming that anybody who wanted to use that capability would have someone trusted in mind who already used the site, or was willing to get involved, since even basic modding duties would require some familiarity with the site and willingness to spend time there. (If someone was designated who didn't have a DW account but still wanted to act as a caretaker for a memorial, they could always be given their own account.)

If you didn't have anyone you wanted to designate who was comfortable with DW/social networking, you wouldn't have to - it could just revert to a standard memorial account (or stay as a standard account) with staff taking care of any issues that came up.

And the idea would be that the original journal owner would have to designate before their death - the name would be stored in the DW system, and nobody else would have the ability to set the account to memorial status. If they didn't designate anyone, it would work like the current system.

...I should probably just make the suggestion and let this sort of thing get hashed out there.

[azurelunatic]

What if something, g-d forbid, should happen to that person first? (Either in the something-horrible, or the just plain gafiated, sense.)

[stephenie_n_lamaina]

Still block logins to protect the account but give the visitor the ability to flag a questionable comment, which would immediately get screened until it can be reviewed.

[azurelunatic]

Any visitor, or just visitors in the memorial account's circle? Who would do the reviewing?

[stephenie_n_lamaina]

I was thinking about the reviewing like spam but I would assume the spam process is automated.

[azurelunatic]

Semi-automated. Since we're still a small site, we can still have human review of every piece of spam that's reported. I'm on the antispam team.

[stephenie_n_lamaina]

Well, I understand the whole freeze the site so that nothing can happen to it, but I know from working with Memory-Of.com website that people love to leave messages but there is always bozos that leave inappropriate messages. How many memorial sites are there? How many messages are we talking about? If there was a way for the public to flag the questionable messages, I would volunteer to help with sorting through the others.