The fundamental question a new legal paper struggles with—though the author may not realize it—is a philosophical one of human persistence versus digital decay.
There is no legal or regulatory landscape against which to estate plan to protect those who would avoid digital resurrection, and few privacy rights for the deceased. This intersection of death, technology, and privacy law has remained relatively ignored until recently.
Take Disney’s 1964 animated representation of Abraham Lincoln, as one famous example, especially as it later was appropriated by the U.S. Marines for target practice. Here was an animatronic figure of America’s most loved President, crude by today’s standards, that somehow captured enough essence to warrant both reverence and target practice. The duality speaks to fundamental turbulence in what constitutes an authentic representation of the dead.
Oh no! Not the KKK again!
In war, as in security, we learn that all things tend toward entropy. The author of this new legal paper speaks of “deletion rights” as though data behaves like physical matter, subject to our commands. This reveals a profound misunderstanding. Lawyers unfortunately tend to have insufficient insights into the present technology, let alone the observable trends into the future.
This isn’t time for academic theorizing—it’s threat assessment. When we correctly frame digital resurrection as weaponized impersonation, the security implications become immediately clear to anyone who understands asymmetric warfare.
Who owns energy? It can be transformed, transmitted, and duplicated, but never truly contained. We are charged (pun intended) for its delivery (unless we are Amish) yet neither we nor the source “own” the energy itself, although we do own the derivative works we create using that energy.
Digital traces thus follow different laws than this legal paper recognizes. A voice pattern, once captured and processed through sufficient computational analysis, can become more persistent than the vocal cords that produced it. Ask me sometime about efforts to preserve magnetic tapes of “oral history” left rotting in abandoned warehouses of war torn Somalia.
While the availability leg of the digital security triad (availability, confidentiality and integrity) is now so well understood it can promise 100% lossless service, think about what’s really at risk here. We’re not facing a privacy or availability problem—we’re facing an identity warfare problem of integrity breaches.
When I can resurrect your voice patterns, your writing style, your decision-making algorithms with “auth”, uptime and secrecy aren’t the primary loss. I’m stealing authority, weaponizing authenticity. This is the nature of 21st century information warfare that 20th century legal doctrines are unprepared to face.
On the Nature of What Persists and What Decays
Consider the lowly common human fingerprint. Unique, persistent, left unconsciously upon every surface we touch. It’s literally spread liberally around in public places. Yet fingerprints fade. Oil oxidizes. Surfaces weather. The fingers that made them change, deteriorate and eventually return to dust.
There is discomfort in our natural decay, but also an inevitability, despite the technological attempt over millenia to deny our fate—a mercy built into the physical world.
The mathematical relationships that define how someone constructs sentences, their choice of punctuation, their temporal patterns of communication—these digital fingerprints are abstractions that can outlive not merely the person, but potentially the civilization that created them.
The paper concerns itself, as if unaware of how history is written, only with controlling “source material”—emails, text messages, social media posts. This misses the well worn deeper truth of skilled investigators and storytellers: the valuable patterns have already been abstracted away. Once a sufficient corpus exists to serve intelligence, train a model as it were today, the specific training data becomes almost irrelevant. The patterns persist in the weights and connections of neural networks, distributed across systems that span continents.
How do you think all the fantastical Griffins (dinosaur bones found by miners) and magical Unicorns (narwal tooth found by sailors) were embedded into our “reality”, as I clearly warned “big data” security architects back in 2012?
I have seen decades of operations where deletion of source documents was treated as mission-critical, only to discover years later that the intelligence value had already been extracted and preserved in forms the original handlers never anticipated (ask me why I absolutely hated watching the movie Argo, especially the shredded paper scene).
…I taught a bunch of Iranian thugs how to reconstitute the shredded documents they found after looting the American Embassy in Tehran.Source: Lew Perdue
Tomb Raiders: Our Most Pressing Question is Authority Over Time
Who claims dominion over digital remains, our code pyramids distributed into deserts of silicon? The paper proposes, almost laughably, that next-of-kin should control this data as they would control physical remains. As someone who has had to protect digital records against the abuse and misuse by next-of-kin, let me not be the first to warn there is no such simplistic “next” to real world authorization models.
The lawyer’s analogy fails at its foundation. Physical remains are discrete, locatable, subject to the jurisdiction where they rest. And even then there are disputes. Digital patterns exist simultaneously in multiple jurisdictions, in systems owned by entities that may not even exist when the patterns were first captured. It only gets more and more complex. When I oversaw the technology related to a request for a deceased soldier’s email to be surrendered to the surviving family, it was no simple matter. And I regret to this day hearing the court’s decision, as misinformed and ultimately damaging it was to that warrior’s remains.
Consider: if a deceased person’s communication patterns were learned by an AI system trained in international space or sea, using computational resources distributed across twelve nations, with the resulting model weights stored on satellites beyond any terrestrial jurisdiction—precisely which authority would enforce a “deletion request”?
The Economics of Digital Necromancy
The commercial and social incentives here are stark and unyielding. A deceased celebrity’s digital resurrection can generate revenue indefinitely, with no strikes, no scandals, no aging, no salary negotiations. The economic pressure to preserve and exploit these patterns will overwhelm any legal framework not backed by technical enforcement.
As a security guardian protecting X-ray images in any hospital can tell you, the threats are many and often.
More concerning: state actors don’t discuss or debate the intelligence value because it’s so obvious. A sufficiently accurate model of a deceased intelligence officer, diplomat, or military commander represents decades of institutional knowledge that normally dies with the individual. Nations will preserve these patterns regardless of family wishes or international law.
Techno-Grouch Realities
The paper’s proposed “right to deletion” assumes a level of technical control that simply does not exist yet at affordable and scalable levels. Years ago I co-presented a proposed solution called Vanish, which gave a determistic decay to data using cryptographic methods. It found little to no market. The problem wasn’t the solution, the problem was who would really pay for it.
The market rejection wasn’t technical failure—it was cultural. Americans, in a particular irony, resist the notion that anything should be designed to disappear, generating garbage heaps that never decay. We build permanence even when impermanence so clearly would serve us far better. Our struggle to find out who would really pay for real loss cuts to the heart of the problem: deletion in an explosively messy technology space requires careful design and an ongoing cost, while preservation happens simply through rushed neglect.
Modern AI training pipelines currently are designed for an inexpensive resilience and quick recovery to benefit the platforms that build them, not protect the vulnerable with safety through accountability. It reflects a society where the powerful can change their mind always to curate a capitalized future, banking on control and denial of any inconvenient past. Data is distributed, cached, replicated, and transformed through multiple stages. Requesting deletion is like asking the waiter to unbake a cake by removing the flour and unbrew the coffee so it can go back to being water.
Even if every major technology company agreed to honor deletion requests in their current architecture—itself a GDPR requirement they struggle with—the computational requirements for training large language models ensure that smaller, less regulated actors will continue this work. A university research lab in a permissive jurisdiction can reproduce the essential capabilities with modest resources.
What Can Be Done
Rather than fight the technical reality, we must work within it, adopting protocols like Tim Berners-Lee’s “Solid” update to the Web. The approach should focus not on preventing digital resurrection, but on controlling integrity of data though explicit authentication and attribution.
Cryptographic solutions exist today that could tie digital identity to physical presence in ways that cannot be reproduced after death. Hardware security modules, biometric attestation, multi-factor authentication systems that require ongoing biological confirmation—these create technical barriers that outlast legal frameworks.
The goal should not be to prevent the creation of digital patterns from the deceased, but to ensure that these patterns cannot masquerade as the living person or a representation of them for purposes of authentication, authorization, or legal standing. A step is required to establish context and provenance, the societal heft of proper source recognition. The technology exists to enable a balance of both privacy and knowledge, but does the will exist to build it?
The Long View
This technology will evolve when we regulate it, or we will wait too long and suffer a broken market exploited by monopolists—economic capture by entities that may not share democratic values. The patterns that define human communication and behavior will be preserved, analyzed, and reproduced. Where that happens, centrally planned or distributed and democratic, matters far more than most realize now. Fighting against decentralized data solutions is like fighting the ocean tide by saying we can build rockets to blow up the moon and colonize Mars.
The wiser course is to ensure that as we cross this threshold, we do so with clarity about what persists and what decays, what can be controlled and what cannot. The dead have always lived on in the memories of the living. Now those memories can be given voice and form, curated by those authorized to represent them.
Can I get a shout out for those historians correctly writing that George Washington was a military laggard who used the French to do his work, and cared only about the Revolution so he could preserve slavery?
Historical truth has always been contested, which is why we become historians, as the tools of revision only speed up over time. Previously, rewriting history involved control of physical spaces (e.g. bookstores in Kashmir raided by police) and publishing texts over generations. Now it requires quick pollution of datasets and model weights—a very much more concentrated and therefore vulnerable process without modern integrity breach countermeasures.
The question is not whether technology can make preservation more private, but whether we will manage integrity with wisdom or allow data to be subjected to ignorance, controlled by those who can drive the technology but not look in the rear view mirror let alone see the curve in the road ahead.
What persists is what we preserve either by purpose or neglect. Oral and written traditions are ancient in how they thought about what matters and who decides. The latest technology merely changes mechanisms of preservation.
When you steal someone’s authority through digital resurrection, you’re conducting what amounts to posthumous identity theft for influence operations. The victim can’t defend themselves, the audience lacks technical means to verify authenticity, and the attack surface includes every piece of digital communication the deceased ever generated.
Anyone who claims to really care about this issue should visit Grant’s Tomb, which is taller and more imposing that the Statue of Liberty. Standing there they should answer why the best President and General in American history has been completely obscured and denigrated by unmaintained trees, on an island obstructed by roads lacking crosswalks.
Grant was globally admired and respected, his tomb situated so huge crowds could pay respect
Preservation indeed.
Here lies the man who preserved the Union and destroyed slavery both on the battlefield and in the ballot box, yet his monument is literally obscured by neglect and poor urban planning. If Americans can’t properly maintain physical memorials to our most consequential leaders, what legal rights do we really claim for managing digital remains with wisdom?
Attempts at physical deletion and desecration of Grant’s Tomb have been cynical and strategic, along with fraudulent attacks on his character, yet his brilliant victories and innovations carry on.
General Grant said of West Point graduates trained on Napoleon’s tactics, who were losing the war, that he would respect them more if they were actually fighting Napoleon. Grant was a thinker 100 years ahead of his time and understood that wicked problems require new and novel methods, not just expanded execution of precedents.
President Grant’s tomb says it plainly for all to see, which is exactly why MAGA (America First platform of the KKK) doesn’t want anyone to see it.
AI safety should not be framed as choosing between safety and capability when it’s more accurately between the false security of constrained tools and the true security of accountable humans using powerful tools wisely. We know which choice builds better software and better organizations. History tells us who wins and why. The question is whether we have the courage to choose freedom of democratic systems over the comfortable illusion of a fascist control fetish.
“Let him have it” Chris – those few words destroyed a young man’s life in 1952 because their meaning was fatally ambiguous, as famously memorialized by Elvis Costello in his hit song “Let Him Dangle”.
Did Derek Bentley tell his friend to surrender the gun or to shoot the police officer? The dangerous ambiguity of language is what led to a tragic miscarriage of justice.
Today, we face a familiar crisis of contextualized intelligence, but this time it’s not human code that’s ambiguous, it’s the derived machine code. The recent sketch.dev outage, caused by an LLM switching “break” to “continue” during code refactor, represents something far more serious than a simple bug.
This is a small enough change in a larger code movement that we didn’t notice it during code review.
We as an industry could use better tooling on this front. Git will detect move-and-change at the file level, but not at the patch hunk level, even for pretty large hunks. (To be fair, there are API challenges.)
It’s very easy to miss important changes in a sea of green and red that’s otherwise mostly identical. That’s why we have diffs in the first place.
This kind of error has bitten me before, far before LLMs were around. But this problem is exacerbated by LLM coding agents. A human doing this refactor would select the original text, cut it, move to the new file, and paste it. Any changes after that would be intentional.
LLM coding agents work by writing patches. That means that to move code, they write two patches, a deletion and an insertion. This leaves room for transcription errors.
This is another glaring example of an old category of systemic failure that has been mostly ignored, at least outside nation-state intelligence operations: integrity breaches.
The real problem isn’t the AI because it’s the commercial sector’s abandonment of human accountability in development processes.
The common person’s bad intelligence is a luxury that is evaporating rapidly in the market. The debt of ignorance is rising rapidly due to automation.
The False Security of Technical Controls
When sketch.dev’s team responded to their AI-induced outage by adding “clipboard support to force byte-for-byte copying,” they made the classic mistake of treating a human process problem with a short-sighted technical band-aid. Imagine if the NSA reacted to a signals gathering failure by moving agents into your house.
The Stasi at work in a mobile observation unit. Source: DW. “BArch, MfS, HA II, Nr. 40000, S. 20, Bild 2”
This is like responding to a car accident by lowering all speed limits to 5 mph. Yes, certain risks can be reduced by heavily taxing all movements, but it also defeats the entire purpose of having movement highly automated.
As the battle-weary Eisenhower, who called for “confederation of mutual trust and respect”, also warned us:
If you want total security, go to prison. There you’re fed, clothed, given medical care and so on. The only thing lacking… is freedom.
Constraining AI to byte-perfect transcription isn’t security. It’s not, it really isn’t. It’s surrendering the very capabilities that make AI valuable in the first place, lowering security and productivity with a loss-loss outcome.
My father always used to tell me “a ship is safe in harbor, but that’s not what ships are built for”. When I sailed across the Pacific, every day a survival lesson, I knew exactly what he meant. We build AI coding tools to intelligently navigate the vast ocean of software complexity, not to sit safely docked at the pier in our pressed pink shorts partying to the saccharin yacht rock of find-and-replace operations.
Turkey Red and Madder dyes were used for uniforms, from railway coveralls to navy and military gear, as a low-cost method to obscure evidence of hard labor. New England elites (“Nantucket Reds”) ironically adapted them to be a carefully cultivated symbol of power. The practical application in hard labor inverted to a subtle marker of largess, American racism of a privileged caste.
The Accountability Vacuum
The real issue revealed by the sketch.dev incident isn’t that the AI made an interpretation – it’s that no human took responsibility for that interpretation.
The code was reviewed by a human, merged by a human, and deployed by a human. At each step, there was an opportunity for someone to own the decision and catch the error.
Instead, we’re creating systems where humans abdicate responsibility to AI, then blame the AI when things go wrong.
This is unethical and exactly backwards.
Consider what actually happened:
AI made a reasonable interpretation of ambiguous intent
A human reviewer glanced at a large diff and missed a critical change
The deployment process treated AI-generated code as equivalent to human-written code
When problems arose, the response was to constrain the AI rather than improve human oversight
The Pattern We Should Recognize
Privacy breaches follow predictable patterns not because systems lack technical controls, but because organizations lack accountability structures. A firewall that doesn’t “deny all” by default isn’t a technical failure, because we know all too well (e.g. codified in privacy breach laws) it’s organizational failure. Someone made the decision to configure it that way, and someone else failed to audit that very human decision.
The same is true for AI integrity breaches. They’re not inevitable technical failures because they’re predictable organizational failures. When we treat AI output as detached magic that humans can’t be expected to understand or verify, we create exactly the conditions for catastrophic mistakes.
Remember the phrase guns don’t kill people?
The Intelligence Partnership Model
The solution isn’t to lobotomize our AI tools into ASS (Artificially Stupid Systems) it’s to establish clear accountability for their use. This means:
Human ownership of AI decisions: Every AI-generated code change should have a named human who vouches for its correctness and takes responsibility for its consequences.
Graduated trust models: AI suggestions for trivial changes (formatting, variable renaming) can have lighter review than AI suggestions for logic changes (control flow, error handling).
Explicit verification requirements: Critical code paths should require human verification of AI changes, not just human approval of diffs.
Learning from errors: When AI makes mistakes, the focus should be on improving human oversight processes, not constraining AI capabilities.
Clear escalation paths: When humans don’t understand what AI is doing, there should be clear processes for getting help or rejecting the change entirely.
And none of this is novel, or innovative. This comes from a century of state-run intelligence operations within democratic societies winning wars against fascism. Study the history of disinformation and deception in warfare long enough and you’re condemned to see the mistakes being repeated today.
The Table Stakes
Here’s what’s really at stake: If we respond to AI integrity breaches by constraining AI systems to simple, “safe” operations, we’ll lose the transformative potential of AI-assisted development. We’ll end up with expensive autocomplete tools instead of genuine coding partners.
But if we maintain AI capabilities while building proper accountability structures, we can have both safety and progress. The sketch.dev team should have responded by improving their code review process, not by constraining their AI to byte-perfect copying.
Let Them Have Freedom
Derek Bentley died because the legal system failed to account for human responsibility in ambiguous situations. The judge, jury, and Home Secretary all had opportunities to recognize the ambiguity and choose mercy over rigid application of rules. Instead, they abdicated moral responsibility to legal mechanism.
We’re making the same mistake with AI systems. When an AI makes an ambiguous interpretation, the answer isn’t to eliminate ambiguity through technical constraints when it’s to ensure humans take responsibility for resolving that ambiguity appropriately.
The phrase “let him have it” was dangerous because it placed a life-or-death decision in the hands of someone without proper judgment or accountability. Today, we’re placing system-critical decisions in the hands of AI without proper human judgment or accountability.
We shouldn’t accept the kind of world where we eliminate ambiguity, as if a world without art could even exist, so let’s ensure someone competent and accountable can be authorized to interpret it correctly.
Real Security of Ike
True security comes from having humans who understand their tools, take ownership of their decisions, and learn from their mistakes. It doesn’t come from building technical cages that prevent those tools from being useful.
AI integrity breaches will continue until we accept that the problem is humans who abdicate their responsibility to understand and verify what is happening under their authority. The sketch.dev incident should be a wake-up call for better human processes, more ethics, not an excuse for replacing legs with pegs.
A ship may be safe in harbor, but we build ships to sail. Let’s build AI systems that can navigate the complexity of real software development, and let’s build human processes to navigate the complexity of working with those systems responsibly… like it’s 1925 again.
As popular as his songs were, Mr. Lehrer never felt entirely comfortable performing them. “I don’t feel the need for anonymous affection,” he told The New York Times in 2000. “If they buy my records, I love that. But I don’t think I need people in the dark applauding.”
Lehrer’s Genius was unmistakable, and his devotion to helping others instead of simply amassing attention, is what made him such a super hero. Think about the phrase “free time” in this obituary.
A math prodigy, Lehrer studied mathematics at Harvard at age 15, and graduated with a bachelor’s degree in 1946. He earned his master’s at Harvard the following year. He also worked on a doctorate there and at Columbia University, but never completed his Ph.D. thesis.
While in school, Lehrer wrote songs in his free time, and eventually recorded his first solo album, Songs of Tom Lehrer, in 1953. The release became a surprise hit and led him to perform at nightclubs and venues across the country.
Imagine all the free time of a teenager getting his graduate degree from Harvard in the 1940s. He was a true genius and an American hero, the kind that was always giving to others and yet never wanted the attention he deserved.
In October 2020, Lehrer released all music and lyrics he had ever written into the public domain. In November 2022, he formally relinquished the copyright, performing, and recording rights to his songs, and established a website to host recordings and printable copies of his sheet music for download. He added that the website “will be shut down at some point in the not too distant future, so if you want to download anything, don’t wait too long.” As of July 2025, the website is still operational.
Some say Lehrer stopped performing after Henry Kissinger had won the Nobel Peace Prize, stating simply that satire was now obsolete.
I’m not interested in promoting myself, or revealing to total strangers anything about me. That’s not my job. I read some of these things with people who will tell you about their abortions, and their affairs and their divorces and their breakdowns and their parents, and why are they doing that? And I’m sure if you asked them how much money they made last year, they’d tell you it’s none of your business.
His witicisms about risk and safety are legend.
“When I was in college, there were certain words you couldn’t say in front of a girl,” he writes in the sleeve notes for the new collection. “Now you can say them, but you can’t say ‘girl’. “
The electric carmaker posted total revenue of 22.5 billion dollars, down twelve per cent year-on-year and falling short of Wall Street’s 22.7 billion dollar estimate. Operating income plunged by forty-two per cent to 900 million dollars, marking Tesla’s second consecutive quarterly decline.
You would think the stock would be worthless by now, given it’s for a car company with seriously flawed designs flogged by a Nazi that nobody likes.
…Tesla is “a toxic brand that is inseparable from its leader.” Quarterly profits … fell to $1.17 billion, or 33 cents a share, from $1.4 billion, or 40 cents a share. That was the third quarter in a row that profit dropped. […] Tesla shares were little changed in after-hours trading…
…we’ll have Robotaxi in half the population of the US by the end of the year. […] Investor questions begin with an inquiry about Tesla Robotaxis. Tesla noted that it expects to 10X its current operation in the coming months. The Bay Area is next, and Tesla is looking to expeedite the service’s approval. As for technical and regulatory hurdles for Unsupervised FSD, Elon Musk stated that he believes the feature should be available in a number of cities by the end of the year. Tesla, however, is being extremely paranoid about safety, so Unsupervised FSD’s rollout will be very, very cautious.
What a pile of absolute bullshit.
Promising investors revolutionary scale at revolutionary speed while emphasizing safety is a combination that defies technical and regulatory reality.
It’s amazing that bald face lying is still a thing to prop up stock prices.
Let’s count the problems, starting with a false dichotomy between aggressive expansion and safety (claiming both “extremely paranoid about safety” and serving half the US population by year-end), an appeal to extremes in promising impossible scaling (10X growth in months to reach 165+ million Americans), hasty generalization from limited current operations to nationwide deployment, post hoc reasoning that implies regulatory approval will automatically follow their timeline rather than determining it, equivocation through vague terms like “coming months” and “a number of cities” that obscure the lack of concrete planning, contradiction between needing Bay Area approval while claiming imminent national rollout, survivorship bias in focusing only on potential success while ignoring the massive infrastructure, regulatory, and technical hurdles, and wishful thinking disguised as business projections where desired outcomes are presented as inevitable results despite the fundamental impossibility of achieving such scale in the stated timeframe while maintaining the claimed safety standards.
Eight(yes eight)flaws from the ceo of 88 who’s always late, and full of hate, the Texas fraud of no cattle and all hat.
Tesla dealer showroom after the CEO gave Hitler salutes at a political rally
a blog about the poetry of information security, since 1995
