Is iCloud safe for storing a will?

No. Apple's Digital Legacy Contact program has significant limitations — it doesn't guarantee access to all file types, requires setup before death, and Apple still holds the encryption keys for most iCloud data. Your family could be locked out permanently.

Does iCloud use zero-knowledge encryption?

Only for certain data categories like Health and Passwords. Most iCloud Drive files, including documents you upload, are encrypted with keys that Apple holds. Apple can access this data and must comply with government requests.

What happens to iCloud files when someone dies?

Without a Digital Legacy Contact set up, Apple may refuse to grant access to the deceased's iCloud account. Even with a court order, the process can take months and Apple may delete the account after 3 years of inactivity.

iCloud Is Not a Safe Place for Your Will

Apple can lock your family out of iCloud forever. Digital Legacy Contact has limits. Here's why zero-knowledge encryption is the only real protection for your most important documents.

Your Photos Will Survive. Your Will Might Not.

Here's something that should bother you: Apple stores 2.2 billion photos uploaded to iCloud every single day. Holiday snapshots, selfies, memes your kid sent you at 2 AM — all safely synced, all perfectly preserved.

But that scanned copy of your will you uploaded in 2019? The mortgage deed sitting in your iCloud Drive? The insurance policy that would pay out €500,000 to your surviving partner?

When you die, your family might never see those files again.

How iCloud Actually Works After You Die

Let's say you pass away tomorrow. Your partner knows your documents are "somewhere in the cloud." They try to log in with your Apple ID.

Problem 1: They don't know your password. Maybe you shared it once, years ago. Maybe you changed it since. Maybe you had a 27-character random string from your password manager — which is also locked behind your face or fingerprint.

Problem 2: Two-factor authentication. Even with the password, they need the code sent to your phone. The phone that's now sitting in a drawer, battery dead, possibly already wiped by a well-meaning family member.

Problem 3: Apple won't just hand over the keys. Apple's official process requires a court order. Not a death certificate — a court order specifically naming the requestor as having legal authority to access the account. In many countries, this takes months. In some, it's nearly impossible.

"But I Set Up a Digital Legacy Contact"

Apple introduced Digital Legacy Contact in 2021. It sounds perfect: you designate someone who can request access to your account after you die. Problem solved, right?

Not exactly.

Here's what Apple doesn't emphasize in their marketing:

Your Legacy Contact doesn't get your passwords. They get access to photos, messages, notes, and files — but any data protected by end-to-end encryption (like Health data, saved passwords in Keychain, and payment information) is excluded.

They need your access key AND a death certificate. If they lost the QR code or access key you shared with them, they're back to square one.

There's a time limit. Apple can delete the account after three years — and your Legacy Contact must request access within that window.

It doesn't work with Managed Apple IDs. If your iCloud account is linked to a business or school, Legacy Contact isn't available at all.

The biggest issue: Apple holds the keys. They decide what your family gets access to, when, and under what conditions. If there's a dispute, Apple's terms of service win — not your intentions.

The Fundamental Problem: Apple Holds Your Keys

This is the part most people don't understand about iCloud — or any mainstream cloud storage.

When you upload a document to iCloud Drive, Apple encrypts it. That sounds secure. But Apple also holds the encryption keys. This means:

Apple can read your files (and does, for CSAM scanning and law enforcement requests)
Apple decides who gets access to your files after you die
A court order or government subpoena can unlock your entire vault
If Apple makes a mistake, your files could be exposed to the wrong person — or deleted entirely

Compare this to zero-knowledge encryption, where only you hold the decryption key. The service provider literally cannot read your files. Not for law enforcement, not for internal audits, not for anything. If you lose your key, the data is gone — but if you share your key with someone you trust, they get everything. No court orders. No corporate gatekeepers.

This isn't a theoretical difference. It's the difference between "Apple will decide what happens to my documents" and "I already decided."

Your Family's iCloud Nightmare: A Real Scenario

Maria, a 42-year-old Italian expat living in Amsterdam, stored everything in iCloud. Tax returns, her Dutch will, rental agreements, her husband's pension information, their children's passport copies. She paid for the 2TB plan. She felt organized.

When Maria died in a car accident, her husband Carlo tried to access her iCloud account. He knew her email but not her password. He found her phone, but Face ID wouldn't work — Apple locks biometric access after 48 hours without the passcode.

Carlo contacted Apple Support. They told him he needed a court order from a US court — Apple Inc. is a California company. His Dutch death certificate wasn't enough. His notaris had never dealt with this before.

Four months and €3,000 in legal fees later, Carlo got a limited data download from Apple. It included Maria's photos and notes. But the will she'd scanned — filed in iCloud Drive under a folder called "Important" — wasn't in the export. Apple's system had categorized it differently, and the Legacy Contact feature Maria never set up wouldn't have covered it anyway.

The will was eventually found in paper form at their notaris. But the pension documents, insurance overview, and financial accounts list? Those existed only in iCloud. Some were recovered. Some weren't.

What Should You Actually Do?

Stop treating iCloud like a document vault. It's not built for this. It's built for convenience — syncing your photos across devices, keeping your calendar up to date, making sure your shopping list appears on your Apple Watch.

For documents your family will need when you die or can't speak for yourself, you need three things:

1. Zero-knowledge encryption. No company should be able to read your documents or decide who gets access. You hold the keys, period.

2. A deliberate access mechanism. Not "my wife knows my password" (she might not when it matters). Not a Legacy Contact with limitations. A system designed from day one for the specific scenario where you're gone and someone you trust needs in.

3. European infrastructure. If you're an EU resident, your documents should live on EU-owned servers, outside the reach of the US CLOUD Act. "EU region" on AWS isn't the same thing — Amazon is still a US company subject to US law.

The Swiss Bank Account for Your Documents

LegacyShield was built for exactly this problem. Every document you upload is encrypted with AES-256-GCM on your device before it ever leaves your browser. We can't read your files. We can't give them to anyone — not Apple, not a government, not a hacker.

When you need someone to access your vault — because you're gone, or because you're in a hospital bed and can't type — they use an unlock phrase that you chose. No court orders. No corporate helpdesks. No months of waiting.

Your photos can live in iCloud. Your will shouldn't.

Start securing your documents today →