Death seemed easier before the Internet.
In those days, loved ones could handle any unfinished business by following a paper trail.
Bank statements and unpaid bills would leave a breadcrumb path of sorts — easy to negotiate.
Now that Americans have built their lives online, however, the trail is less clear-cut — and less easily contained.
Which explains why legal experts encourage individuals to consider the digital estate when drafting a will or considering the possibility of incapacitation.
“I think the landscape in this regard is changing quickly,” said Robert Dunn, a lawyer specializing in estates and trusts at the firm Bailey Cavalieri in Columbus.
“And individuals, when they’re planning, need to recognize this and plan accordingly, … giving thought as to how they want these assets disposed of or handled after their death.”
A digital estate, according to the Ohio State Bar Association, encompasses everything from social-media accounts — such as Facebook, Tumblr and Twitter — to online banking and even an Xbox 360 gaming account.
During estate planning, though, clients don’t typically raise the issue of online accounts, said Samir Dahman, founder of a Columbus law firm bearing his name.
When he mentions a digital estate to clients, they’re often caught off-guard, he said.
“They’re usually thinking about who will take care of their children and how they’ll be provided for,” he said.
But unprotected online activity could carry serious risks: Unpaid electronic bills might lead to financial harm, valuable possessions such as unpublished manuscripts or photographs might be lost, and identities can be stolen. A person might also have private or embarrassing secrets or accounts that he or she wouldn’t want others to access.
To protect digital activity, lawyers say, people should make a list of all online accounts — including passwords — and provide clear instructions to a friend or relative about how each should be handled in the event of the person’s death or incapacitation.
The authority to access those accounts should be officially granted — say, through a will or durable power of attorney.
The master list of accounts should be kept in a location that is secure but easy for the designated overseer to access.
Some experts suggest keeping the list in a safe-deposit box, in a personal safe with a combination lock at home, in a file cabinet with a key or even with a lawyer. The list might be on a flash drive or even on paper.
“Low-tech is good tech when it comes to planning for the unexpected,” said Sean O’Malley, communication manager for the Office of Information Technology at Ohio University in Athens.
For a master list kept digitally on a phone or computer, lawyers advise using a software program such as Dashlane or 1Password, which protects the information with encryption.
Your designee would need to know the password to that application to access account information.
The person you choose as an executor to handle digital, health-care and financial affairs should be someone you trust completely, Dunn said.
“Each circumstance is different as to who is appropriate to serve that role,” he said.
Some people choose two individuals — one for the computer side of things, the other for the physical.
The person left to oversee your affairs might still run into challenges, cautioned Mark Watson, head of an Ohio State Bar Association committee on digital assets.
Although some states have addressed the question of who can access digital accounts, Ohio has not; and no federal law outlines the rights of heirs regarding online accounts, Watson said.
Someone who has a password to an account, he said, could run afoul of Ohio’s computer-hacking statute, even if appointed as a trustee or an executor. The third-party provider could deny access because the laws aren’t clear, Watson said.
“User agreements don’t provide for it. Someone can face criminal prosecution, and (that) could result in jail time. Having access doesn’t mean it’s perfectly legal.”
User agreements for an individual site trump any others, he said.
“Everything goes back to the user agreement,” he said. “Even if you are truly trying to help someone, it doesn’t mean the law doesn’t prohibit it.”
Social-networking sites such as Facebook, Twitter and Google+ have gradually introduced guidelines for families who want to gain access to a loved one’s account in the event of a death or an incapacitation.
As an example, Facebook on its website outlines various options for loved ones who obtain the necessary documentation, including proof of death. They can:
- Turn an account into a memorial. In such cases, the word Remembering appears atop the deceased’s Facebook page, and others can post memories and share photos on the deceased’s timeline.
- Delete the account. This option leads to the loss of all information posted by the deceased person. To delete an account, a loved one must provide the deceased person’s name, his or her relationship to the deceased and a link to the deceased person’s timeline.
- Turn off an account. For situations that might prove temporary, Facebook can deactivate an account rather than delete it permanently.
For Facebook users who plan ahead, the company allows them to name a “legacy contact” in their profile settings — which allows that contact to write a final message on the deceased’s behalf, provide information about a memorial service, update the deceased’s profile picture and cover photo, and respond to friend requests.
The legacy contact can’t access the deceased’s account, read messages, remove any friends or delete information on the timeline.
Financial, medical accounts
With financial and medical accounts, an online guardian needs to be granted official access, Dahman said. Gaining access on behalf of someone who has died or become incapacitated, he said, generally requires you to:
Prove the relationship between you and the user.
This can be done with a signed declaration stating that you are immediate family or a copy of the durable-power-of-attorney document.
Provide proof of the account user’s death via an obituary or a death certificate.
Ensure that you are authorized to access the account.
Generally speaking, access to either or both such accounts, Dunn said, comes down to a person’s wishes.
“In both situations, it is important to be specific as to the access a person wishes to allow.”
A digital checklist
Experts recommend creating a master list of digital accounts and passwords, and placing it in a secure location for loved ones. The Ohio State Bar Association suggests including:
- Email and cross-platform login information
- Websites, hosting services and URLs
- Social-media accounts such as Facebook, Google+, LinkedIn, MySpace and Twitter
- Video-game and virtual-world accounts such as Xbox 360
- Audio and visual content such as YouTube, GarageBand, Google Docs and Scribd
- Financial-service accounts such as banking, credit cards, auto debiting and shopping accounts
- Medical records
- Photo-sharing sites such as Flickr and Picasa
- Companies whose bills you pay directly online
- Cloud computing devices and remote storage