Fiduciary’s Access Rights To Decedent’s Digital Assets

What happens to a person’s digital assets when he or she passes away? They still have email, social media, and bank accounts.  This could be an uncomfortable topic.  However, any unauthorized access to a person’s online account that is password protected will constitute a violation of state or federal law.  For example, checking on a deceased relative’s emails or wrapping up any lingering business is forbidden as it can violate Section 2511 (unlawful interception) or Section 2701 (unlawful access).  Yet, California, in hopes to give an acceptable bit of leeway to the federal law has passed a new statute.  So, what is this statute? How might it allow you to take care of the lingering communications of decedents? What can a person do?

Revised Uniform Fiduciary Access To Digital Assets Act

The Act allows an individual to use either an online tool to give access to online data or digital assets, including, but not limited to, electronic communications. In the absence of a tool, a trustee, personal representative, or other fiduciary, could be named via a will or other instrument.  While this doesn’t impair the terms-of-use, it does allow a custodian (a/k/a “service provider”) to grant the fiduciary either full access to an account, sufficient access to complete the necessary task, or access to physical copies of digital assets.  Naturally, a service provider can charge for this task and does not need to disclose deleted assets.

The service provider may also claim that there is an undue burden if the decedent gives permission to all the digital assets. This would allow the service provider to disclose all, some, or none of the assets.  However, the service provider may require a death certificate, appointment letter, account identification, evidence linking the account, affidavit declaring the digital assets are required, linking the account to the trust, or a written request for the disclosure.

After sufficiently proving the identity to the service provider, a custodian must oblige with the fiduciary’s request for access, or to close out the account. Even if the fiduciary continues to care for it, all legal duties that would apply to physical property would apply to the accounts.

How is this applied in practice?

Importantly, this does not apply to digital assets of employers used by employees in the ordinary course of business. Thus, if an employer were to pass away, there could be no will designating a successor or fiduciary.

Applying this elsewhere, assume we have two individuals: Aaron and Daron. Daron names Aaron as the executor of his estate, and has a data vault, containing the information for various bank accounts and investments he has had throughout the years, as well as an email account. Daron dies, and in his will allocates various assets to family members, and instructs Aaron to print out and distribute the email communications he had with each person.

Without the statute, any action by Aaron to honor Daron’s requests would be legally dubious. However, with the statute, Aaron is given permission, turning his access into an authorized access.  Yet, with the statute, Aaron is given permission, but only as far as his duty as an executor of the will.

At our law firm, we assist clients with legal issues related to internet, technology, and cyberspace laws.  You may contact us to set up an initial consultation.