Revised Uniform Fiduciary Access to Digital Accounts Act Adopted by Four States

By:  Chris Koa and Walter Impert

 

With the shift from traditional hard copy paper documents towards electronic records stored Cloud Computing-based software and services (eg, iCloud, Dropbox, Google Drive, etc.), access to and use of digital assets by fiduciaries after death or incapacitation of the owner has emerged as a key estate planning consideration.  As our the world becomes more digital, these so called digital assets encompass an ever broadening array of information, including online financial accounts and account statements, tax records, documents and related correspondence communicated through email accounts, social media accounts, online file cabinets containing potentially decades of photographs and personal documents, and other electronic material of potentially significant personal and monetary value stored online through various Cloud Computing services—

Access to digital assets is governed by a complex, evolving array of privacy, data protection and criminal computer fraud laws and a broad range of potential Cloud service provider terms-of- service agreements.

Since the beginning of March 2016, four states –led by Oregon on March 3 and followed by Wyoming on March 7, Tennessee on March 8 and Florida on March 10– have enacted model legislation based on the Revised Uniform Fiduciary Access to Digital Accounts Act (“Revised UFADAA”), which was originally drafted by the National Conference of Commission on Uniform State Laws.

The Revised UFADAA is designed to ensure that account holders can retain control of their digital property and plan for its ultimate disposition after their death and to avoid circumstances where online service providers delete accounts of decedent account holders without authorization or refuse to hand over access and information to permitted fiduciaries.

The Revised UFADAA facilitates the roles and responsibilities of fiduciaries (including personal representatives of decedents’ estates, conservators, trustees and attorneys-in-fact) to access and take control of digital assets to enable fiduciaries to protect, manage and distribute digital assets to enable proper administration of estates while protecting decedents’ privacy rights after death while balancing administrative burdens on Cloud service provider custodians of digital assets.

Under the Revised UFADAA:

  • Fiduciaries can access and manage certain digital property including electronic files stored in the Cloud (although fiduciaries are not allowed to access digital communications,including email, text messages, and social media accounts, without the account holder’s consent);
  • Planning for the disposition or deletion of digital assets after death or incapacity can be accomplished through the following (in order of relative priority under the Revised UFADAA):
    • use of online tools provided by the Cloud service provider custodians as the clearest possible indication of the user’s intent;
    • instructions in estate planning documents (such as wills, trusts, powers of attorney or other records), a copy of which must be provided to the Cloud service provider when fiduciaries request access;
    • the Cloud service terms-of-service when the user has not otherwise provided direction; or
    • the default rules under the Revised UFADAA when the user has not otherwise provided direction and the Cloud service terms-of-service are silent.
  • Fiduciaries are not able to take actions that the users would not have been able to take under the Cloud service terms-of-service; and
  • Cloud service provider custodians may comply with a request for access to digital records by either allowing the fiduciary to reset the password so that the fiduciary can access the user’s account or may give the fiduciary a copy of the user’s digital assets

From a practical perspective, advance planning can include referencing digital assets in fiduciary documents such as a power of attorney, will, or trust instrument.  It may also be wise to to maintain a secure list of digital assets –including applicable user names and passwords– so that fiduciaries can be informed that the accounts exist and, in cases where the law has not yet caught up to digital reality, gain access to the information contained in those accounts upon incacapity or death.