In an increasingly technological society, digital assets have become a vital part of nearly everyone’s life. By digital assets, we generally mean both digital files (e.g., photos, music, emails, and documents) and digital accounts (e.g., Facebook, LinkedIn, and Gmail). A login ID and password are common for both categories, especially digital accounts. These services help us stay connected with friends and provide a means for people to share ideas, thoughts, and feelings. But have you thought about what happens to your digital assets when you pass away? Few people have.
In some cases, disputes over access to a deceased individual’s digital assets have led to lengthy legal battles and newsworthy headlines. They can be emotional and gut-wrenching. In one case, a young woman died after falling from the twelfth floor of her apartment building. Family members sought access to a social networking account to help determine if her death was a suicide. The deceased woman used this account on a regular basis; her family hoped its contents would shed light on her state of mind around the time of her death. Surviving family members were left without answers when the court ruled that the social networking site was not required to provide the family access.
In another case, a blogger passed away leaving an account full of photos and memories. Despite protest, the account was closed and unavailable to her family. These problems are not limited only to social media and entertainment accounts. With more and more financial information housed and controlled online, members of your family may also be put to unnecessary expense to access your accounts in the event of your death. With this as background, the question remains: What should you do to protect your interest in these assets?
Three main bodies of law—federal law, state law, and service provider agreements—control access to and use of digital assets.
There are two relevant federal laws: the Computer Fraud and Abuse Act and the Stored Communications Act. Both are generally designed to protect against unauthorized access to computers and electronic files. This is a worthwhile goal, but both statutes can impede your family’s access to your accounts on your behalf. Social networking sites and even financial institutions often cite these laws as a reason to not allow any access to accounts after a death.
States have introduced legislation intended to ease the hardship placed on families by these federal laws. A handful of states have passed laws that give your representatives, such as your executor, at least limited access to your accounts. Other states are working together to draft a Fiduciary Access to Digital Assets Act (FADAA). FADAA would provide a comprehensive and uniform set of state laws giving fiduciaries access to a deceased individual’s digital assets. In adopting FADAA, a state would provide clarity and guidance for its citizens when planning for postmortem management of digital assets.
Despite these efforts, most states have yet to enact laws covering fiduciary access to a deceased’s digital assets. Without such laws, the rules covering access to these assets are often the terms of service provider agreements. Some providers’ agreements, such as Shutterfly’s, do not address what happens at the death of an account holder. Others do. For example, Google’s Gmail agreement allows for the possibility of releasing emails to a personal representative of the deceased account holder, but only upon court order.
While federal law, state law, and terms of service agreements all provide hurdles for loved ones to jump over, many companies are coming up with creative solutions to prevent these problems before they arise. In 2013, Google became the first service provider to craft a solution for a user’s account in case of death or incapacity with its Inactive Account Manager. This function allows the user to determine what will happen when the account becomes inactive for an amount of time selected by the accountholder. The user can decide that the data will be deleted or sent to a specified individual.
Applications such as 1Password, mSecure, LastPass, KeePass, and RoboForm consolidate login information for multiple accounts in a single place. Simply providing family members and friends with login information for a single account can help provide them access to all of your accounts.
More-comprehensive legislation will help bring clarity to this area. However, as is the case with other areas of your financial life, you should treat these laws as a default or backup to a complete and up-to-date estate plan that you have prepared. For example, you are the only one in a position to say which digital assets should be forwarded to a particular individual and which should be destroyed.
With this in mind, we recommend our clients follow three steps to protect their digital assets:
1. Identify and create an inventory of digital assets. You can see our inventory form at http://www.tstewartlaw.com/Digital-Assets-and-Online-Account-Inventory.pdf.
2. Store the inventory in a secure and private location. For a hard-copy format, you may want to use a safe deposit box or a safe at your home. For an inventory in an electronic file or multiple electronic files, consider creating a master password for the storage device.
3. Add provisions to your will and trust, and consider powers of attorney relating to these digital assets.
Digital assets will continue to become a more important part of what we all leave behind one day. Staying informed about how to protect this part of your legacy, and being proactive in doing so, just makes sense.