Digital Assets

To illustrate the impact of this transition to a digital world, consider whether you have the following as physical items or just digital versions:

The very likely answer is that all of these items have recently transitioned to digital (and online) formats.

What Are Digital Assets?

One basic definition is a digital asset is any digitally stored content or an online account owned by an individual. A more detailed definition is files, including but not limited to, emails, documents, images, audio, video, and similar digital files which currently exists or may exist as technology develops or such comparable items as technology develops, stored on digital devices, including, but not limited to, desktops, laptops, tablets, peripherals, storage devices, mobile telephones, smartphones, and any similar digital device which currently exists or may exist as technology develops or such comparable items as technology develops, regardless of the ownership of the physical device upon which the digital asset is stored.[1]

In short, digital assets are all of the files / content on your devices (laptop, tablet, phone, external hard drive and USB drives) and in your online accounts. Some digital assets have a physical component, but many exist only in electronic form. Some replace physical assets (photo albums), while others only exist in digital form (for example, a character in an online game). The potential problems are that they need to be accessed using a username and password, and they are often located on a device which is owned and controlled by a third-party.

Some example of digital assets would be the content on these devices

Another category of digital assets are online accounts, such as:

[1] Evan Carroll, The Digital Beyond, January 30, 2012

Estate Planning and Digital Assets

Just like traditional (physical) assets, digital assets can have financial or sentimental value. The management and distribution of your digital assets at your incapacity and passing needs to be specifically addressed in your estate plan. General references to property are insufficient to provide authority over digital assets. Your Financial Power of Attorney, Will and Trust all need to include specific references to digital assets with clear authorization to access (including changing the password), delete and transfer your digital assets. You can also suggest that your attorney in fact, personal representative and successor trustee retain a technical advisor to assist them with your digital assets.

Your estate planning documents need to address 4 unique issues regarding your digital assets: Access, Account Deletion, Asset Distribution and Account Transfer.

Access

As part of your estate planning, you need to provide access to your family and personal representative / successor trustee to your digital assets. They will need access for a number of personal and financial reasons, in addition to closing your estate. At minimum, access requires that your designated representative has your username, password and security question answers for each account. It is very likely that your family or representative will not be able to access all of your digital assets even with that information because of restrictions in the applicable User Agreements.

Many social media providers prohibit third-party access to accounts and transferring content. For example, Facebook allows the addition of a “legacy contact” to make one last post on your behalf at your passing. That contact can respond to new friend requests, update the cover photo and profile and archive your posts and photos. Previously, when Facebook verified a member’s death, it “memorialized” the account, meaning the account could be viewed but could not be edited or managed.

Additionally, your family will need access in order to close accounts and notify providers to prevent identity theft. Until the official databases are properly updated to reflect someone’s recent passing, criminals may be able to open credit cards, apply for jobs and get a state identification card in the decedent’s name.

Account Deletion

Much of our online life is very personal, and we may not want it seen after our passing. Unlike letters to specific people, email accounts include all of your message to everyone, including some you may not want your family members to read.  As a result, part of planning for your digital estate is deciding which assets/accounts should be deleted. In the absence of your directions, things you consider private may be revealed after your passing.

Asset Distribution

Once you have facilitated access and determined what assets should be deleted, you need to determine what will be distributed and to whom. The Terms of Service for a particular online provider will significantly impact this issue. Some online providers do not consider the content of email and other accounts to be property of the account owner which can be inherited, while others simply prohibit transferring an account to another person.

It will be especially important to determine what happens to digital assets which are in a physical device, like a phone or laptop, as opposed to online, including whether you want to pass on both the device and all of its content.

Account Transfer

Sometimes, it’s the account itself that you want to transfer, not the contents. This would be important, for example, if you had an online business that your family wanted to continue. As noted above, whether an account can be transferred will be determined by the provider’s Terms of Use. Most online accounts cannot be transferred to a new user. And many prohibit anyone other than account owner from even accessing the account.

Estate Administration and Digital Assets

Personal Representatives and successor trustees have a number of obstacles when it comes to accessing and managing digital assets. The first is simply knowing what assets and accounts exist. The second is having the username, password and security question answers for each account. For example, does anybody else know your?

• Phone Unlock Code
• Laptop password
• E-mail user name, password and security questions
• Home WiFi network access code
• Home security system access code and code word

Many devices, including most smartphones, encrypt their data (like photos), this encryption cannot be easily defeated, making access impossible without the passcode, potentially resulting in loss of assets with significant sentimental value.

Your estate plan needs to specifically authorize your personal representative, successor trustee and agent under a power of attorney to access your digital assets and online accounts. You should consider very carefully who should have access to which accounts. And whether that person has sufficient technical knowledge to use them. Many providers require your documents to include very clear language that authorizes access; while others require a court order to provide access.

Personal representatives and successor trustees are not going to be able to access all of decedent’s digital assets given company policies and current state and federal laws. Without express authorization and the username, password and security questions answers, your personal representative and success trustee will find it difficult, if not impossible, to gain access.

Another issue is that some things which are inheritable assets in physical form, like records and books, are a non-transferable license in digital form. Two of the best-known accounts in this category are Apple’s iTunes libraries and Amazon’s Kindle libraries. Both are licenses and the content of the account cannot be transferred to another account. iTunes allows a limited ability to transfer ownership to allow access, but content cannot be transferred to another account. You can physically give someone a device containing your Kindle Library, but they cannot transfer the content of your Kindle Library to their account.

A number of unique steps are involved when administering estates which include digital assets, including:

Digital Assets and Account Owner Privacy

Traditionally, a deceased person is not considered to have a right to privacy. The shift to digital assets, however, has changed that analysis.  Service providers have frequently cited the account owner’s privacy rights as reason why access is denied, especially to social media and email accounts, after the death of the account’s owner.

This issue also illustrates how electronic media are different from traditional media. If you sent someone a letter, only the recipient could see it. If your family gains access to your email account after your death, they will be able to see all of your messages, including those you considered private and wouldn’t have wanted your family to read.

Access to Digital Assets

Access to your digital assets following your incapacity or death is very frequently a major issue for your family, personal representative and successor trustee. Even for accounts for which they have the username and password, to get access, they will need to deal with three additional issues: User Agreements, Federal Law and State Law. In many circumstances, one or more of these will prevent your family, or designated fiduciary, from gaining access.

User Agreements / Terms of Service

Another way in which digital assets are unique is that whether or not they can be accessed by or transferred to someone else (inherited) is largely determined by a private contract, which user very likely did not read, and not state law. The User Agreement / Terms of Service (also called a click wrap agreement) for each online account are different. The transferability of online accounts is usually addressed in one of four ways: transfer is prohibited, transfer is at provider’s discretion, transfer is allowed at death with submission of specific documentation and transfer is not addressed. Some providers will close the accounts upon receiving notice of the owner’s death and delete its contents. Most providers require a detailed court order prior to providing access. Generally, account providers will not give user names or passwords to either the family or legal representative of a deceased account owner.

Federal Laws

Two Federal laws impact the accessibility and transferability of online accounts. Both of them were passed in 1986, long before the significant growth of digital assets and use of social media, making them an obstacle to access in the emerging digital world.

Stored Communications Act (18 U.S.C. Sec 2702)(1986)

This Federal Law creates privacy rights to protect the contents of certain electronic communications and files by certain providers of electronic communications services or remote computing services. If the law applies, an online account service provider is prohibited from disclosing the contents of electronic communications and files. The law does not contain an express exemption regarding transferring the contents of an online account to a personal representative during estate administration.  The statute does allow third parties to access a user’s account with the user’s “lawful consent.” “Lawful consent” can be provided by authorizing an agent under a power of attorney or personal representative with the clear authority to access user’s accounts and digital assets. Many family members and fiduciaries have had their access requests to a deceased family member’s email and social media accounts denied because of this law.  Many of the state fiduciary access laws were drafted to give fiduciaries the required “lawful consent” under this statute by including such consent in estate planning documents.

Computer Fraud and Abuse Act (18 U.S.C. Sec 1030)(1986)

In certain circumstances, this law makes it a criminal offense (a felony) to access another person’s account, even with the password. This law was passed to prevent fraud and reduce identity theft, but it can also be a major obstacle to families accessing the online accounts and digital assets of a deceased family member. Many service providers cite this statute when refusing to allow family members to use or reset the password for deceased person’s account.

State Laws

In the absence of updated Federal Laws, many states have enacted laws to provide access to the online accounts of incapacitated and deceased people. To assist the states in developing these laws, the Uniform Law Commission promulgated a Fiduciary Access to Digital Assets Act (FADAA) in 2015. By May 2017, 32 states had enacted some form of fiduciary access law, many based on the FADAA. The FADAA sets a default rule which allows personal representatives, successor trustees and agents under a power of attorney access to a disabled or deceased person’s online accounts. These default rules limit access to an account catalogue for certain information regarding electronic communications, not the actual content of the account. Default rule provides fiduciary with sender, recipient, date and time, but not the substantive content of the message. Access to the actual content of the communications requires a court order.

This default rule can be changed, allowing access to the actual content of the account without a court order, in three ways:

Via the Account Provider
An account provider can offer account setting options which address future access by third parties. Goggle and Facebook have adopted this type of system. For these accounts, the account holder names a specific person to get access in case of the account ower’s disability or death. The designated person may not be the fiduciary responsible for his / her estate, since you must name a specific individual, you cannot use a title or position.

Under a Will, Trust Agreement or Power of Attorney
Account holder can also include instructions regarding third-party access in their will, trust or power of attorney. However, any contrary terms in account settings or service agreement will control over provisions in will, trust or power of attorney. So, even if granted by your estate plan documents, access may not be available or access may only be available to a different person depending on the account’s Terms of Service and settings.

By the Terms of the Service Agreement
The statute allows account providers to determine the extent of third-party access and they can require a specific court order to provide any access.

Steps You Can Take to Assist with Accessing Your Digital Assets

To assist your family with managing, deleting and distributing your digital assets at your incapacity or death, three steps need to be taken.

The most important part of planning for digital assets is the preparation (and updating) of a detailed inventory of these assets. This inventory needs to go beyond a list of passwords. The inventory also needs to include: URLs / websites, User name, Password and Security Question Answers. It’s also a good idea to include a list of common information like mother’s maiden name, first pet, city where you grew up and first car, since these items are often used as security questions, with the inventory. (Security questions will be needed since the personal representative / successor trustee will be accessing the account from a different computer and location than the account owner.) It will be difficult, if not impossible, to gain access to the account without this information.

Preparing that detailed list, of course, violates what we have all been told about computer security and identity theft. Therefore, careful security of that that document is essential. One option is encrypting the document and keeping the passcode at a separate location. One of the big decisions that will need to be made during the planning process is whether to provide your designated personal representative / successor trustee / agent under power of attorney with copy of the list or just its location prior to your incapacity or death.

If you store your data on the cloud, or use a back-up to the cloud, another preparation step is  backing the data up to a local, physical device that your family will find easier to access. Many account providers, like Facebook, make downloading (backing up) your data to a local device simple. This technique can be especially useful for family photos since the devices can be given directly to the intended beneficiaries, without requiring them to navigate the rules of an online service provider. However, beneficiary may still need the PIN or password to access the device.