What Will Become of Your Digital Assets?

If you’re reading this, that’s a good indication that you have an e-mail account.  You probably have a number of other on-line accounts, too—Facebook, Twitter, Instagram, and so on.  You may conduct a great deal of business exclusively on-line as well.  Perhaps you have money saved with a bank that exists only on-line, or you may have chosen to receive financial statements only via e-mail.  But have you given much thought to what will become of all these electronic communications and other digital assets (and they really should be thought of as assets) after you die or become incapacitated?

Chances are you haven’t … unless you’re a trusts-and-estates practitioner, in which case you can’t help but have noticed the lack of guidance on this issue from either the Legislature or the courts—even as we’ve come to live more and more of our lives “in the cloud,” so to speak.  Few decedents leave clear guidance as to their wishes regarding their digital assets, and policies are varied and often difficult for users to find (if they even exist) among the companies that act as custodians for on-line accounts.

All of this adds up to a growing problem, but one that the Uniform Law Commission set out to address by promulgating the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA) in 2016.  This week, the BBA Council, acting on the recommendation of our Trusts & Estates Law Section, voted to endorse that Massachusetts adopt RUFADAA.

Joe Bierwirth, of Hemenway & Barnes, presented the proposal to the Council alongside his Trusts & Estates co-chair, Andy Rothstein of Goulston & Storrs.  “This is an area of the law where we very much need some guidance, given the absence of statutes or case law,” Bierwirth told Issue Spot.  “While practitioners may not agree 100% on the ideal approach, adoption of RUFADAA would be helpful in setting the ground rules.”

This proposed uniform act, which has already been adopted in some form by at least 24 other states, would modernize fiduciary law for the Internet age.  It would provide some clarity to the law concerning a growing problem, helping Internet account providers, users, their fiduciaries, and the courts by creating a formal process to determine a fiduciary’s authority to access digital assets, while allowing a user to have control over how that process will play out in their case.

Fiduciaries are the people appointed to manage our property when we die or lose the capacity to manage it ourselves.  The bill explicitly covers personal representatives (who manage decedents’ estates), conservators (appointed to assist protected persons), trustees (only for the purpose of managing trust property), and agents acting under power of attorney.

Nearly everyone today has digital assets, such as documents, photographs, e-mail, and social media accounts, yet fiduciaries are often prevented from accessing those accounts by password protection or restrictive terms of service.  Digital assets may have real value, both monetary and sentimental, but they also present novel privacy concerns.  RUFADAA seeks to balance the interests of fiduciaries in managing digital assets in furtherance of their responsibilities with the privacy interests of the user—and potentially those with whom they communicated—against unwarranted disclosure.

The bill does so in part by establishing a hierarchy to determine the preferences of the user: First is a so-called “online tool” by which a user has named someone to manage their digital assets upon death or incapacity.  That person is considered the “designated recipient” under the bill, rather than a fiduciary, and the user could conceivably name a different person for each account.  The user could also direct the provider not to allow any access.

Next in the hierarchy is a will or other properly executed document, either allowing or prohibiting access.  Finally, in the absence of either of the above, the provider’s terms-of-service agreement will apply as a default.

The other way the bill balances interests is by granting a fiduciary full access to the content of electronic communications, in particular, only when authorized by the user, or when the user was the originator of the communication.  In other instances, unless a court orders otherwise, the fiduciary’s access is limited to a catalog of the communications, including such information as the addressee, sender, and date and time—rather than the full content.

It should also be noted that RUFADAA leaves unaffected other laws, such as fiduciary, probate, trust, banking, investment securities, agency, and privacy law.  Any fiduciary would still be prohibited from violating fiduciary responsibilities by divulging or publicizing any information obtained through RUFADAA.  It also does not grant a fiduciary access to an employer’s internal e-mail account that was used by the user.

One complication in all this has been the Electronic Communications Privacy Act of 1986, also known as the Stored Communications Act (18 U.S.C. Section 2701, et seq.)  Created in a pre-World Wide Web era, when few people held on-line accounts, that law set out to protect the content of a user’s electronic communications by prohibiting service providers from voluntarily disclosing a user’s content unless authorized, or under certain exceptions.  One of those exceptions has to do with “lawful consent” of the user, but the SCA is silent as to whether fiduciaries should be considered to have the consent of the users for whom they act.

As a result, the Supreme Judicial Court recently heard arguments in a case (Ajemian v. Yahoo!, Inc.) that pits Yahoo! against a user’s next of kin, who are seeking access to his Yahoo! account.  That case turns on whether the Act prohibits disclosure of the contents of a deceased e-mail account-holder’s account, including the communications contained therein, to the administrators of his or her estate—in this instance, represented by his two siblings, who argue that they should have access, under one of the Act’s exceptions, as their late brother’s agents.  Yahoo! asserts that the exception does not apply, and that the company is therefore barred from disclosing the contents of the e-mails at issue.

We will know soon what the Court decides, and how the Legislature chooses to address the issue (if at all).  But we appear to be a bit closer to finally having some clarity in this area.  In any event, as Trusts & Estates Section co-chair Andy Rothstein points out, “Regardless of what is ultimately enacted, it’s simply good practice to include decisions about digital assets as part of the estate-planning process.”

—Michael Avitzur
Government Relations Director
Boston Bar Association