Digital Legacy Governance: Exploring a Chinese Path under the Civil Code in Light of International Models

Han Chen

doi:10.54097/6nx15a68

Authors

Han Chen

DOI:

https://doi.org/10.54097/6nx15a68

Keywords:

Digital legacy, post-mortem privacy, fiduciary access, platform governance, Civil Code of the People’s Republic of China (CCPRC).

Abstract

Digital legacy indicates the bundle of accounts, data and digital assets that continue to exist after a natural person’s death. This paper addresses three questions: what policy-ready definition and taxonomy of “digital legacy” best guide governance; how comparative regimes perform in practice; and what China-specific pathway under the Civil Code of the People’s Republic of China (CCPRC) can effectuate user intent, protect post-mortem dignity and third-party privacy, and enable lawful succession at scale. Using a comparative doctrinal and policy-analysis approach, the study triangulates primary legal sources (statutes, regulations, case law), official platform documentation and 2022-2025 peer-reviewed scholarship. It first consolidates a functional taxonomy spanning direct-value digital assets, derivative-value accounts and sentimental/cultural records. It then synthesizes international experience: the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA) authority hierarchy in the United States; the EU’s exclusion of deceased persons in General Data Protection Regulation (GDPR) paired with Member-State rules (e.g., France’s post-mortem directives); Germany’s inheritable-contract doctrine; evolving industry guidance; and heterogeneous platform tooling (designation, memorialization, export and scoped access). Building on these findings, the paper proposes a China roadmap that clarifies concepts and authority, mandates privacy-preserving, auditable disclosure via standardized evidence packages and Application Programming Interfaces (APIs), and scales pre-death designations through usable defaults. The contribution is a layered governance model—statutory baselines, standards, platform implementation and user planning—that is legally coherent, operationally feasible and culturally sensitive.

Downloads

Download data is not yet available.

References

[1] DataReportal and Kepios. Digital 2025: global statshot. Retrieved from: https://datareportal.com/reports/digital-2025-july-global-statshot, 2025. Accessed September 3, 2025.

[2] Google. Updating our inactive account policies (two-year inactivity deletion). Retrieved from: https://blog.google/technology/safety-security/updating-our-inactive-account-policies/, 2023. Accessed September 3, 2025.

[3] Google. About Inactive Account Manager. Retrieved from: https://support.google.com/accounts/answer/3036546, n.d. Accessed September 3, 2025.

[4] Öhman C J, Watson D. Are the dead taking over Facebook? A big data approach to the future of death online. Big Data & Society, 2019, 6 (1): 2053951719842540.

[5] European Union. General Data Protection Regulation (GDPR), Recital 27 (deceased persons out of scope). Retrieved from: https://gdpr-info.eu/recitals/no-27/, 2016. Accessed September 3, 2025.

[6] France. Loi Informatique et Libertés, Art. 85 (post-mortem directives) (consolidated text). Retrieved from: https://www.legifrance.gouv.fr/, n.d. Accessed September 3, 2025.

[7] Germany—Bundesgerichtshof (BGH). Facebook inheritance case, case no. III ZR 183/17. Retrieved from: https://www.loc.gov/item/global-legal-monitor/2018-09-07/germany-federal-court-of-justice-rules-digital-social-media-accounts-inheritable/, 2018. Accessed September 3, 2025.

[8] UK Information Commissioner’s Office (ICO). What is personal data?. Retrieved from: https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/personal-information-what-is-it/what-is-personal-data/, n.d. Accessed September 3, 2025.

[9] Uniform Law Commission. Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA): final act with comments. Retrieved from: https://www.uniformlaws.org/viewdocument/final-act-with-comments-40, 2015. Accessed September 3, 2025.

[10] China Internet Network Information Center (CNNIC). The 55th statistical report on China’s Internet development (Dec. 2024 data; English ed.). Retrieved from: https://www.cnnic.com.cn/IDR/ReportDownloads/202505/P020250514564119130448.pdf, 2025. Accessed September 3, 2025.

[11] Civil Code of the People’s Republic of China, Art. 127 (data & online virtual assets). English translation. Retrieved from: https://www.chinalawtranslate.com/en/civilcode/, 2020. Accessed September 3, 2025.

[12] Apple. Legacy Contact-Digital Legacy. Retrieved from: https://support.apple.com/HT212360, 2024. Accessed September 3, 2025.

[13] Meta. Memorialization and legacy contacts. Retrieved from: https://www.facebook.com/help/1568013990080948, n.d. Accessed September 3, 2025.

[14] Microsoft. Accessing Outlook.com, OneDrive and other Microsoft services when someone has died. Retrieved from: https://support.microsoft.com/en-us/account-billing/accessing-outlook-com-onedrive-and-other-microsoft-services-when-someone-has-died-ebbd2860-917e-4b39-9913-212362da6b2f, n.d. Accessed September 3, 2025.

[15] Morse T, Birnhack M. The continuity principle of digital remains. New Media & Society, 2024, 26(9): 5240-5258.

[16] Allen A L, Rothman J E. Postmortem privacy. Michigan Law Review, 2024, 123 (2): 285.

[17] Nwabueze R N, White L. Privacy law and the dead—a reappraisal. Journal of Media Law, 2024, 16 (2): 253-277.

[18] Kasket E. Access to the digital self in life and death: privacy in the context of posthumously persistent Facebook profiles. SCRIPTed, 2013, 10 (1): 7-26.

[19] Doyle D T, Brubaker J R. Digital legacy: a systematic literature review. Proceedings of the ACM on Human-Computer Interaction, 2023, 7 (CSCW2): 268.

[20] Kohl U. What post-mortem privacy may teach us about privacy. Computer Law & Security Review, 2022, 46: 105717.

[21] Schäfer B. Post-mortem privacy and intergenerational trust. Computer Law & Security Review, 2023, 49: 105858.

[22] Nakagawa, H. Using deceased people’s personal data in AI systems. Retrieved from: https://doi.org/10.1007/s00146-022-01549-1, 2024. Accessed September 3, 2025.

[23] Office of the Australian Information Commissioner (OAIC). What is personal information?. Retrieved from: https://www.oaic.gov.au/privacy/your-privacy-rights/your-personal-information/what-is-personal-information, n.d. Accessed September 3, 2025.

[24] Office of the Privacy Commissioner (New Zealand). Health Information Privacy Code 2020. Retrieved from: https://www.privacy.org.nz/assets/New-order/Privacy-Act-2020/Codes-of-practice/Health-information-privacy-code-2020/Health-Information-Privacy-Code-2020-website-version.pdf, 2020. Accessed September 3, 2025.

[25] International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). ISO/IEC 27001:2022 information security, cybersecurity and privacy protection—information security management systems—requirements. Retrieved from: https://www.iso.org/standard/27001, 2022. Accessed September 3, 2025.

[26] International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC). ISO/IEC 27701:2019 security techniques—extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management—requirements and guidelines. Retrieved from: https://www.iso.org/standard/71670.html, 2019. Accessed September 3, 2025.

[27] National Institute of Standards and Technology (NIST). Privacy Framework. Retrieved from: https://www.nist.gov/privacy-framework, 2020. Accessed September 3, 2025.

[28] National Institute of Standards and Technology (NIST). Security and Privacy Controls for Information Systems and Organizations (NIST SP 800-53, Revision 5). Retrieved from: https://csrc.nist.gov/pubs/sp/800/53/r5/upd1/final, 2020. Accessed September 3, 2025.

[29] American Bar Association (ABA), Real Property, Trust and Estate Law Section. How to protect digital assets in an estate plan. Retrieved from: https://www.americanbar.org/groups/real_property_trust_estate/resources/ereport/2025-winter/how-protect-digital-assets-estate-plan/, 2025. Accessed September 3, 2025.

[30] Law Society of England and Wales. Property (Digital Assets etc) Bill. Retrieved from: https://www.lawsociety.org.uk/en/topics/private-client/property-digital-assets-etc-bill, 2025. Accessed September 3, 2025.

[31] Society of Trust and Estate Practitioners (STEP). Digital assets: a call to action. Retrieved from: https://www.step.org/research-reports/digital-assets-call-action, 2021. Accessed September 3, 2025.

[32] NHS England (Transformation Directorate). Access to the health and care records of deceased people. Retrieved from: https://transform.england.nhs.uk/information-governance/guidance/access-to-the-health-and-care-records-of-deceased-people/, 2024. Accessed September 3, 2025.

[33] Personal Information Protection Law of the PRC (PIPL), Art. 49 (close relatives’ rights for deceased). English translation. Retrieved from: https://www.chinalawtranslate.com/en/Personal-Information-Protection-Law/, 2021. Accessed September 3, 2025.