After death, who controls the digital legacy for users of service providers like Facebook and Twitter?
This simple question prompted the research contained in this article and will hopefully continue the conversation about whether laws should be updated for email, social media and blog users to advance plan their digital estates.
Devoid of any options under current law, people are now left with just one estate planning option: Give someone their account passwords.
This limitation is not optimal considering that few people think to give someone their passwords, and identity theft could easily leave a deceased user’s accounts vulnerable. It further is not a viable option for those users who become incapacitated.
Unfortunately, present law does little to guide users of free Internet services in planning much of anything related to their digital assets. Unless legislators adopt new guidelines or service providers agree to a uniform method to control digital assets after death, digital legacies are essentially lost in cyberspac
This article examines present law and several of the popular free service providers’ terms of service in relation to planning a person’s digital legacy in the event of death or incapacity. Omitted from this discussion are the estate planning issues that might affect children, users of pay-for-access social networks, Internet gaming, privately hosted email and blogs, and business ownership interests that include digital assets.
II. PLANNING THE DISPOSITION OF AN ESTATE
Every day there are hundreds of millions of users online making eCommerce thrive. Cyberspace is the glue that connects the entire world’s population for business, pleasure, and even political revolutions. People use the Internet to upload and transmit billions of files with digital content through various email providers, social networks, and blogging hosts.
Transmissions of digital content create virtual maps of users’ daily lives that grow each time a user accesses an Internet service provider’s network. By December 2011, Facebook had 854 million users and an infrastructure to handle over 120 billion messages per month; Flickr surpassed 6 billion images hosted (with 3,000 images uploaded ever minute); Twitter users transmitted 200 million messages each day; 48 hours of videos were posted on YouTube every minute; Yahoo claimed to have 302 million email users; and 4.2 billion professionally-oriented searches of LinkedIn profiles were conducted.
Today’s Internet users have made transmitting content to other users a way of life. Online socializing is so popular that one study believes Internet users’ social relations have and will continue to improve through the year 2020. Unless a user takes active steps to erase content they uploaded, or the service provider removes the content from its server, user data (and the many years of effort creating it) can sit on a server for as long as the service provider allows.
A. What are Digital Assets?
For purposes of this article, a digital asset is an account established by an individual through a free Internet service. Service providers offer individuals the use of free electronic mail, social networking and blogging platforms as an incentive to access their sites. Service providers that offer these services for free are interested in having large numbers of users, as the more populated the site the more attractive it is for online advertisers.
The federal law currently recognizes some digital assets as quasi-property rights under the U.S. Criminal Code, but beyond sanctioning unauthorized releases of stored digital content, the law is silent as far as conferring property status for these assets. The federal law also recognizes the popularity and importance of Internet service providers in copyright piracy matters, but individual users (or the content in their accounts) are otherwise virtually ignored.
The following are examples of digital assets that are used by billions of people to transmit, share, and store data through their everyday web activities. Significantly, there exist few laws that definitively recognize or protect them. The Congress and federal agencies appear more focused on consumer privacy issues with service providers than with consumer property rights when it comes to digital assets.
Behind Internet search, electronic mail is the second most popular activity by on-line users.
Email is the preferred method of direct communication in the United States as handwritten letters and notes transmitted by the U.S. Postal Service slowly fade from mainstream culture. The declining use in the postal service can also be attributed to society becoming more paperless as people file their income taxes, pay their bills, shop and bank online. A user simply needs an email address in order to receive confirmation of any electronic transaction.
Users of email quickly embraced its advantages over phone calls, faxes and next-day delivery services because the services were free and users could save, archive, and retrieve email with relative ease. Today’s email users are very dependent on the efficiencies service providers offer, especially the ability to store transmitted correspondences and attached files. Some of the most popular email service providers are Google’s Gmail, Yahoo, AOL and Microsoft’s Hotmail.
Because email may be used as a way to search for someone in cyberspace, some users create multiple email accounts to avoid being identified as a member of a particular website or in an effort to manage their online reputation. For a deceased person, the content of their email might shed some insight into who they were as a person, could disclose family secrets or horrors, or be nothing more than harmless writings the owner never deleted. A person’s email may also be something as simple as communications a family might want to access as a reminder of their loved one.
The volume of email a person sends during a lifetime might, if printed, fill a warehouse. Before the digital age, documents, correspondences and messages between people were generally saved in desks, dressers, cabinets or some other secure, but easy to find, location. After the writer’s death, these documents could be retrieved and read by surviving family members.
Aside from being a cyber repository for communication, email may have a more practical consequence if a person were to die or become incapacitated. A person’s email account might contain important information or data (such as online invoices and bills, identifying information such as social security number, or other time-sensitive correspondences) that require immediate attention. Every consumer transaction in eCommerce requires two things: the user’s payment information, and email address. In the event of death or incapacity, if the email account were not readily accessible, there could be some unknown liability against the user, the user’s estate or the fiduciary of the estate.
Email is not easy to access like a box of personal correspondence or a decedent’s mail. Without access to the email account, representatives of decedent’s estates will be required to send blanket subpoenas or commence litigation to simply receive the most basic information about their decedents.
The contents contained in an email account are very important for post-mortem administrations, and without the user’s account name and password, these contents can be lost forever.
ii. Internet Social Networks
Online social networking sites are extremely popular with users of the Internet today. Social networks are designed as communities (e.g., a place to meet and share content with select friends) or based on common interests (e.g., matchmaking, music, picture or video sharing, business networking). Web users may also be inclined to have personal profiles registered with several online social networks. Some of the most popular free social networks are Facebook, Myspace, Google+ and LinkedIn.
Internet social network providers allow a user to create a personal profile, manage the digital content uploaded to that profile, add other users to their network, and communicate with specific users or their entire network of friends. Data files, email and private discussions are regularly transmitted through a person’s social network profile.
Profiles and accounts of those who participate in social networking contain tremendous personal value. All of the content uploaded and stored in a profile account is a reflection upon the creator and becomes part of their digital legacy. These profiles can remain hosted in cyberspace if a user should die or become incapacitated.
Web logs (or blogs) might be defined as a person’s online soapbox, where almost anything that interests the user can be discussed or uploaded. Some of the digital records that can be posted include videos or photos, personal musings and criticisms, and public exchanges with other bloggers. Blogs are popular with readers who may subscribe as a follower to a blogger and receive notification when new content is posted by the blogger. Some of the popular providers of free blogging are Twitter, Youtube, Flickr, blogger.com, and WordPress.
Most blogs are intended for public viewing and bloggers encourage commentary or re-publication of the content they post. In addition, readers can incorporate one blogger’s content to a social network profile or blog maintained by a different service provider.
Due to the advertising restrictions placed on bloggers by the free service providers, many in the blogosphere have elected to take control of their blogs and pay for web hosting services themselves, such as through the services of GoDaddy.com. By taking complete ownership of their blog, these bloggers are not confined to as many of the restrictions of the free service providers’ terms of service. For example, individuals who own or self-host their blogs can transfer their blogs at death (as with any other non-digital assets) however they decide.
The many forms of communication and published commentary that become the blog contents will remain public after a person’s death or incapacity. Whether this content should be removed or remain on the Internet in perpetuity is a decision that only a blogger who is alive and competent can make.
B. Administering a Digital Estate
Applying the present (but limited) body of law to estate planning and the administration of digital assets is a frustrating endeavor. One challenge is that it is unclear what requires estate planning to begin with. A more troubling challenge is how a person can effectuate the disposition of something that may not even be defined as an asset under present law?
Whether a person is incompetent or deceased, managing the assets of an estate comprised of real and tangible personal property is relatively straightforward: these are readily identifiable properties and the law provides sufficient guidance in how these assets should be handled. With digital assets, planning is not so straightforward.
Every state has a procedure that allows for the administration of a deceased person’s assets by an appointed representative of their estate. There are similar statutes that govern the management of assets for an incapacitated person. The third-party representatives who handle these administrations are called fiduciaries. These appointed fiduciaries must adhere to strict duties of loyalty, trust and diligence to their charges (i.e., the decedent’s heirs or the incapacitated person) in how the assets are managed under their care.
It bears consideration whether digital assets have any value that would require an administration by a fiduciary. Alternatively, does a fiduciary have the right to access another person’s email, social network or blog account to handle an estate or conservatorship administration? Perhaps the ultimate administration question is for users: do they want their digital assets continued, accessed or disclosed to anyone?
The personal representative is the fiduciary appointed by a probate court and is given the ultimate authority to transfer assets from the decedent’s name to designated heirs. Decisions and instructions for managing a decedent’s estate are provided in the person’s last will and testament or the particular state’s probate statute.
A conservator is the fiduciary appointed by a probate court to preserve the assets of an incapacitated person during their incapacity. A power of attorney is a fiduciary appointed by a person, not the probate court, to handle that person’s financial transactions during their incapacity. If a person has a designated power of attorney, a conservatorship proceeding is usually unnecessary as the power of attorney can handle most of the same tasks without judicial oversight.
The principal objective of an estate administration is to dispose of an individual’s assets, file estate and income tax returns on behalf of the decedent, and satisfy any outstanding liabilities in an orderly manner; wills, trusts, beneficiary designations and assignments are some of the instruments used to accomplish these tasks. For an incapacitated person, the objective is to preserve the person’s estate during the period of incapacity; powers of attorney, trusts and co-ownership of assets are methods used to manage the incapacitated person’s estate.
Estate planning involves making arrangements for most intangible assets, such as investment and retirement accounts, bank accounts, life insurance and annuity contracts. Owners of these assets can designate specific beneficiaries, add a co-owner to an account, reserve a life estate for themselves, or assign an interest in the asset to a third-party.
These designations are usually covered by the owner’s account or contract and are governed by an extensive body of state and federal law. Subject to the web host’s terms of service, similar arrangements can be made by individuals who own their blogs and websites.
Digital assets are not the same as a 401k plan or life insurance policy, they are akin to family heirlooms or other sentimental objects that do not require extensive planning. However, the ultimate disposition could have substantial personal or moral value to the creator of the digital asset, or to the surviving family members.
Unfortunately, only Connecticut, Idaho, Indiana, Oklahoma and Rhode Island recognize email as something a personal representative has the authority to administer. Of these five states, only Idaho grants conservators the authority to access an email account.
If a person were to realize the extent of the digital content their accounts held, it might be a pause for concern. . . what if their digital content disappeared? What if their account were read by family members?
ii. Life Leases
In a non-digital world, the type of relationship created with service providers is called a life license or life estate. All rights and usage to the property subject to the lease revert to the licensor or remainderman upon the lessee’s death. For example, imagine a rancher who held a life lease to property. During the rancher’s life, the animals could be bred, raised, sold, or moved to other property as the rancher decided. When the rancher died, his or her rights to use the property would cease, but ownership of the herd would be transferred to the rancher’s surviving family members not to the owner of the remainder interest.
In a digital world, the concept of a life license means that ownership of the content may belong to the user and under the user’s control during life. The license allows the user to freely upload or transfer content through the site and remove that content during the user’s life. In order to manage and remove content from a site, however, users must also be alive and capable of doing so.
Essentially, all of the rights a user might have under their license are eliminated at death because the ability to remove or access the users content is assigned to the service provider. If a user becomes incapacitated, these rights might be suspended or terminated depending upon how long the user is incapacitated. As a result, Google, Facebook, Myspace, LinkedIn and Twitter could become their users’ remaindermen if their terms of service so provided.
It is unclear whether there is recourse, or a post-mortem right, for the user’s estate to take control of the digital content under these licenses. In general, a person’s post-mortem rights are limited under the common law; where actions for physical injuries or wrongful death, completion of a contract and appropriation of an individual’s name after-death may be allowed, actions for invasion of privacy and defamation end at a person’s death.
In the United States, Internet activities can be governed by several sources of law, including statutes, treaties, administrative regulations and traditional common law. Applying these existing laws to cyberspace is complicated, especially with jurisdiction and choice of law issues that often arise.
The legal issues in this paper, however, are relatively simple in relation to cyberlaw. Whether it is possible to plan a person’s digital estate is answered by looking to the laws that govern property and contracts: (i) is an online account, or the content in an Internet service provider’s account, recognized as transferable property, and, if so, (ii) to what extent any property rights can supercede the obligations of a contract signed by the property owner during life. For estate planning purposes, the high-tech laws that govern eContracts and digital intangible properties need to be reviewed rather than the statute of frauds and other laws governing possessory interests and chattels.
B. Property Rights
Digital content or property can be anything (e.g., letters, memos, thoughts, ideas, expressions, videos, songs, photos, communications, musings and gobbledygook) transmitted and stored in an online environment. But is this content so substantial that it should be given protection under the law as a property right? This question leads back to the question of what needs to be protected.
Is the digital asset the content created by the user or is it the account that stores the content?
i. Intangible Property
Whether a digital asset is or could be transferable as an intangible property is unclear under federal law. Some of the rights a person might have in their digital asset are protected against unauthorized disclosures of communications stored by an electronic communications service under the Stored Communications Act (“SCA”); the Copyright Act may govern other rights.
While the SCA does recognize a right with regard to “stored electronic communications,” such as stored email, it goes no further than that. The SCA creates a privacy right that can be waived by individual users. In other words, it is not a property right that would cover all digital assets.
For example, content posted on a blog or social network would not be protected under the SCA because the content is shared with the public; but email and private chats between users would be covered communications. The SCA, therefore, falls short in defining most digital assets because the purpose of social networks and blogs is to publicly disseminate user content.
Property considerations for digital assets are better suited under the Copyright Act for purposes of this discussion. Copyrights and the Internet have become closely connected; especially as service provider networks are frequently used as the platform for displaying and sharing digital content.
The Copyright Act protects works of authorship that are “original” and which can be “perceived, reproduced or otherwise communicated” to others. An unregistered, original work may still be considered an “original work,” but authors have no right to prosecute infringements of “common law copyrights.” In order to enforce a copyright in federal court, the author or owner must register their work with the U.S. Copyright Office.
The challenge for owners of digital assets is applying the Copyright Act’s standards, (i.e., originality of their content, compilations, and publication) to their habits as users of service providers. These standards will prevent most content posted on social networks and blogs from protection under the Copyright Act.
A single blog entry, such as a person’s video diary or daily musing could be protected property if the content were original. For most bloggers, registering their original works with the U.S. Copyright Office is either something they do not consider or is not cost effective as they regularly and freely post new content. Once their unregistered content is posted (or published), it becomes part of the public domain. This may be discouraging to bloggers, but they are not prohibited from registering their content (or their entire blog as a compilation) under the Copyright Act before publishing it.
A social network user posting a “mood” or “hello” on a profile is not the type of work for which copyright protection is intended. Many of these are simply observations or commentary, not creative works of authorship.
Likewise, an email or email account is not a copyrightable work. A poem transmitted through email, however, could be considered an original work by the author.
The transmission of data poses a problem for the administration of a digital asset. Consider a writer who sent a poem through personal email. The content is still covered by the Copyright Act as an original, unregistered and unpublished work; but who controls the content if the writer is deceased? The unknown recipient of the email who now possesses the content? If a fiduciary were unable to access the account to know of its existence in the first place, the writer’s estate could suffer damages because it cannot even attempt to register the work under the Copyright Act.
For digital assets, the method of transmitting or storing a work (i.e., the account) is not the protected property under copyright law, rather it the method used to engage in infringements. For example, the services offered by YouTube and Flickr are simply platforms for users to share video or photographic content to other users. Users surely post unauthorized copyrighted material (both knowingly and unknowingly) considering the number of files uploaded every day. The Copyright Act imposes a duty upon service providers to remove any content that infringes upon the copyright of the owner upon receiving notice of the infringement.
Publication of an unregistered work will result in a waiver of whatever rights the owner had in the work under the fair use doctrine;  this may be the case if the content is shared and re-transmitted by the user’s followers. But transmitting or uploading content to the Internet would probably be considered a publication of the content, rather than a performance by the author. The Copyright Act allows for broadcasts or displays as protected public performances, irrespective of the medium, so this question could be open to further debate for blog posts.
Considering the enormous amount of content uploaded through service providers every day, the registration process and alleged infringements would shut down the entire copyright system. Extending full copyright protection to individual email accounts, social network profiles and blogs is also contrary to the spirit of copyright protection.
As a result, planning a digital legacy begins and ends not with the actual content, as a property right, but with the parties who control the storage and method of transmitting the content.
C. Contractual Rights
In order to create a digital asset, a user must establish a relationship with an Internet service provider. This is accomplished by logging onto a provider’s website and agreeing to the provider’s terms of service; in other words, by clicking accept, a contract is formed between the user and the service provider.
Under the common law, an agreement is valid upon its creation and the express terms and conditions will govern the parties to that agreement. This is also true with online contracts. Absent fraud in the formation, courts are reluctant to deviate from agreed terms in contracts, even if those terms are considered one-sided or unfair. The terms of service governing digital assets are enforceable contracts between the site and user, just as any other signed contract.
State and federal laws govern the validity of electronic records and signatures for eCommerce transactions, including the contracts users sign to create digital assets. When it adopted the Electronic Signatures in Global and National Commerce Act (“E-Sign”), Congress was “[c]areful to preserve the underlying consumer protection laws governing consumers’ rights to receive certain information in writing,” so it included special requirements on businesses. While Congress may have had consumers in mind in 2001, E-Sign may need to be revisited as consumers’ privacy rights seem to be a lesser concern to service providers.
Although the federal E-Sign preempts state laws that govern contracts, it gives way to the Uniform Electronic Transactions Act (“UETA”) for electronic contracts signed in those states that have adopted the UETA. What this means is that state law will control the rights of the parties to an electronic contract agreed to by a resident of that state. There are many transactions covered by UETA, including purely state matters under the Uniform Probate Code.
Some legal scholars have criticized website service providers who offer unfair and adhesive terms of service to web users, such as the choice of forum or state law for disputes between the parties. Courts have and will continue to side with website service providers under a theory that users do not have to accept the terms of service (i.e., clicking I decline) or access the site.
Applying the courts favorable view of eContracts, there is an estate planning roadblock when users accept the terms of service offered by free email, blogging and social network providers. What the terms of service may be in January 2012 could change by October 2012.
ii. Terms of Service – Generally
The problem with planning a digital legacy is that the popular service providers offer terms of service that can be interpreted in multiple ways, or simply ignore a person’s digital legacy.
While most service providers do not claim ownership of their users’ original content, they do maintain tremendous, if perhaps inadvertent, control over users’ stored content. For users who simply want to have email or be part of a large digital or online community, understanding their rights under terms of service can be confusing, but understanding the legal effect of accepting of those terms of service may not be fully appreciated.
An especially interesting term of service is one where the provider retains a unilateral right to change the eContract without the user having any right to negotiate the proposed change. When a service provider makes a unilateral change to the terms of service (or an amendment to the previously accepted contract), a single issue is raised: whether the service provider gave the user adequate notice of that change. If adequate notice of the changed term is given, users who continue to access the site will be doing so subject to the amendment to their original agreement with the service provider.
An unusual characteristic of Facebook’s service is that it gives its users an opportunity to comment, object and vote on changes to its terms of service. This allows its users to understand and consider how those changes may affect their use of the site and the content they transmit through Facebook.
Microsoft’s service agreement (which covers its Hotmail and Messenger services) provides that any changes to its terms of service can be made without giving notice of the change to users. In addition, Microsoft user services should be unaware of another term of service that allows Microsoft to terminate its services without notice to users.
The other major service providers simply reserve the important right to modify or change their terms of service at any time. Google’s January 24, 2012 announcement that its Universal terms of service would be changed, effective March 1, 2012, offered users an opportunity to ask questions or close their accounts, but did not give its users an opportunity to negotiate (or object to) the new terms of service.
Another important term that users may accept when they create a digital asset is the waiver of their right to assign the account. This is not an uncommon condition in most contracts, but when a user waives this right, it can have serious consequences to their estate plan. How a service provider’s terms of service can have affect a user’s estate plan is discussed in IV., infra.
D. Uniform Probate Code (“UPC”)
While eighteen states have officially adopted the UPC, every state has law that governs decedent’s estates and incapacitated individuals in a similar manner to the UPC. The purpose of a probate law is to provide administrative mechanisms to manage the estates of deceased and incapacitated persons.
The range of powers granted by a probate court to a personal representative is broad. They include the authority to settle claims, perform under contracts, file tax returns, and transfer assets from the estate to the beneficiaries and other third parties. A conservator and power of attorney’s authority is to “preserve” an incapacitated person’s assets until the person regains capacity. The UPC gives fiduciaries the lawful right to stand in the shoes of the (deceased or incapacitated) person to perform under existing contracts and to deal with that person’s property interests.
When terms of service prohibit the assignment or access to a service provider’s account, the fiduciary is bound by the incapacitated or deceased person’s prior decision to enter into that contract. As a result, if the account is not accessible by a third-party under the terms of service, the fiduciary is, therefore, bound by that term.
For example, in accordance with its terms of service in December 2011, Microsoft recently adopted a thorough procedure for users of its services. This procedure is designed to provide the following assistance:
Microsoft Next of Kin Process: What to do in the event of the death or incapacitation of a loved one with a Hotmail account.
If you have lost a family member, or have a family member who has become medically incapacitated, the following information will help you contact Microsoft regarding their Windows Live Hotmail or MSN Hotmail account. 
Whether this procedure can be relied upon as a continuing right under the terms of Microsoft’s service depends on the remaining terms of service between Microsoft and the user. Nevertheless, this procedure was designed to preserve the digital legacies of Microsoft users.
Although the 2008 amendments to the UPC included an updated definition for the terms record and signature to incorporate electronic signatures and electronic records, the drafters did not consider digital assets in this latest version of the UPC. This leaves the digital assets of a decedent in limbo and the personal representative has no authority to handle the assets in the manner that a deceased person may have intended.
As of March 2012, Connecticut and Rhode Island recognize a personal representative’s authority to access electronic mail. The States of Indiana and Oklahoma confer authority upon a personal representative to access all of the digital assets of a decedent. The State of Idaho is the only state that confers authority upon both conservators and personal representatives to access a user’s digital assets.
If digital assets were recognized as property owned by incapacitated persons and decedents’ estates under state and federal law, fiduciaries would have the authority to deal with them, as with all other assets under current law. Because a decedent’s digital rights cannot be uniformly transferred to heirs under present probate law, a uniform procedure allowing a user’s rights to be protected during incapacity and after death is necessary.
E. Federal Transfer Taxes
An estate planning discussion related to users’ rights in their digital assets would be incomplete without analyzing the estate, gift and generation-skipping transfer tax consequences to the user.
The business model used by many service providers makes tax planning for the type of digital assets discussed in this paper relatively easy. Essentially, service providers’ terms of service allow users to exclude digital assets from the federal transfer taxes.
The term of service that prohibits or restricts transfers or assignments of accounts can be reasonably interpreted to forbid lifetime and testamentary transfers of user accounts. As a result, if a digital asset cannot be assigned or transferred by the user, it cannot be taxable under the federal estate, gift and generation-skipping transfer taxes.
Assuming a digital asset could be transferred or assigned at death, the term of service that expressly prohibit users profiting from their accounts would render most digital assets worthless. For example, if an asset generated income, such as a self-hosted blog that received advertising income, the transfer or assignment of that blog during the owner’s life, or at death, would be considered a taxable transfer. Because free Internet social networks and blog sites strictly forbid commercial exploitation of their networks, the accounts most likely have no transferable value.
An interesting digital asset to analyze under the federal estate tax is the email account. The monetary value of most personal email accounts is probably little to none, likely having the same value as a deceased relative’s letters and family documents. But, the contents of a celebrity’s account could have a tremendous amount of value under the estate tax.
For example, if J.D. Salinger had a Yahoo account, imagine the substantial value its contents would have considering his decades of silence since publishing Catcher in the Rye. The simple fact that Yahoo’s terms of service would terminate Salinger’s account upon his death would mean that the digital asset would be excluded from his gross estate. But if the J.D. Salinger account were registered through Microsoft’s Hotmail, whose terms of service may allow a third-party to access the account’s contents, the value of the contents would be includible in his gross estate.
The idea of this analysis is not to argue for the sudden inclusion of digital assets in the gross estate. Rather the lack of a uniform method to deal with digital assets after death can be taken to an absurd level. Imagine if a person made the decision to join one social network over another based on the estate tax consequences, or how the United States Tax Court interpreted Microsoft’s terms of service versus Yahoo’s terms of service.
If the changes recommended in this article were made by service providers or legislators, email accounts would be assets subject to taxation under the estate, gift and generation-skipping transfer taxes. Nevertheless, because the value of most users’ accounts is probably nominal, transfer taxes should not be a substantial concern for planning a digital estate.
IV. Estate Planning under Service Provider Terms of Service.
Terms of service can have various effects on an individual’s estate plan. By no means should a person make a decision to join or discontinue an account with any particular service provider, based solely on their terms of service, because these terms of service can be modified at any time upon proper notice.
As a result, the following analysis of the current terms of service and planning opportunities offered by some of the popular service providers is provided for the sole purpose of demonstrating the need for a uniform method to plan a person’s estate. Readers should not rely upon the following for estate planning purposes.
A. Rights Affected by Terms of Service.
There are four terms of service that all users should understand if they are concerned with their digital legacy: (i) ownership of their content, (ii) storage of their content, (iii) termination of the account, and (iv) third-party access to their content. These four terms play an important role in determining what rights an account user really has in the event of death or incapacity.
For example, if an individual were incapacitated, their power of attorney or conservator could be prevented from “preserving” the account content depending upon the particular provider’s terms of service; but another provider’s terms of service might not impose the same restriction.
i. Ownership of Account Content
While most users might think their stored digital content is their own property, that is not the case if the content can be deleted or the account terminated due to inactivity (relevant to this paper, if the user died and the account has not been accessed for a period of time).
In other words, under the service providers’ terms of service, how far does an ownership right really go? Does ownership mean the underlying pre-uploaded or pre-transmitted content, the content (as stored) in the account, or the “registered account” itself?
America Online and Microsoft do not claim ownership over user content transmitted through their services. These sites simply provide a platform for users to transfer their data. Microsoft’s “Next of Kin” procedure does preserve the contents of a deceased or incapacitated user’s account from the “Help” page, but this too could be contradicted or preempted by other terms of service.
The terms of service for Yahoo, Myspace, LinkedIn, Twitter, and Facebook are similar in that they recognize a users’ ownership of their original content; users are simply licensing these services to upload their information. The licenses offered by Yahoo, Facebook, and Twitter, however, allow these providers to use the uploaded content without compensating the user, essentially exploiting user material (whether or not copyrighted) without having to pay for it.
Under Google’s Universal terms of service, the content of any user remains the property of the user. The YouTube service acknowledges the user’s ownership rights in their content, but also provides that use of the service includes a non-exclusive license that will continue after the content is removed from its service.
Missing from all of these terms of service is the simple recognition that a user’s ownership rights include (a) the right to freely transfer or assign their stored content, and (b) any moral right a user may have in their account. The moral rights might include the user’s network of friends, email contacts, followers or comments posted in response to the published content, or the files a user expected their provider to keep or store on the service provider’s server.
ii. Storage of Content
Although the more popular service providers acknowledge an individual’s ownership of the content uploaded to their service, this is irrelevant to a digital legacy if the content is not available upon death or incapacity. This raises some interesting questions, such as how long will the content you created (and purportedly own) be accessible after your death? Or if your coma keeps you off-line for a few months, will the content be there when you awaken?
The restriction on the amount of storage provided by Gmail and Google+ may be a concern for users who have years of content stored in their account, as the content could be deleted (or no longer saved) if it is too old or voluminous.
Facebook’s terms of service do not make any representations as to how long it will store user content. Facebook includes a definition of an active user, but does not describe the rights or benefits of being an active user. There is no term that relates to user content or what could happen to an account if a person is no longer an active user, such as whether their profile or content will remain on Facebook in perpetuity. User content posted to Facebook will remain on the service, unless the account is terminated or the content removed by the user. According to Facebook, this means content will be available, but inaccessible to the public.
The terms of service for LinkedIn and Yahoo make no representations or warranties regarding the storage of any content hosted through their services.
The terms of service for AOL represent that it will neither store any user content nor remove any content if a user’s account is terminated. This term is circuitous because older content may remain on AOL’s server, but it may be removed at AOL’s discretion too.
Myspace specifically reserves the right to limit the storage of a user’s profile content. The terms also provide that Myspace has the discretion to delete any content posted or transmitted by a user with or without any reason or notice to the account holder. Twitter expressly reserves the right to remove content and does not guarantee the storage of any content uploaded through its service. Microsoft disclaims responsibility to store any user content and that it may delete or remove content if a user violates the terms of service.
Storage is an expensive cost to service providers and users cannot reasonably expect their content to remain on a server forever. But service providers need to give their users some assurances that account content will be stored for a reasonable and defined period of time or that the content will be removed from closed accounts. Service providers could also offer to charge a fee for longer-term content storage, or assist users in backing up their content.
iii. Termination of Account
If an account is terminated, it should be obvious that all digital content will be erased or deleted. But what are the reasons or causes that would give rise to a user’s account being terminated?
The Twitter terms of service give Twitter the right to terminate an account or reclaim a username at all times. This right appears to be limited to its users who violate the “Twitter Rules” posted on the site. Misuse of LinkedIn’s services by violating the “Do’s and Don’ts” will result in the termination of a user’s account. Violating Facebook’s terms of service can also result in a termination of a user’s account.
Violations of the terms of service with Myspace may result in the termination of a member’s profile and removal of all content, with the listed prohibitions being (a) the access of another user’s profile, and (b) the sale or transfer of all or a part of a user’s profile.
Users should analyze (and regularly review) the terms of service they have with any service provider with whom they have valuable or large volumes of content stored. The fact that an account (and its contents) could be terminated because the user died or has not accessed that account for a short period of time is a concern. Temporarily not accessing an account because of a lengthy hospitalization, incapacity, or other medical condition should not be used as an excuse to terminate a user’s account content.
iv. Access to Account
The decision to grant or deny access to a digital asset is the entire purpose of this paper. If a person wanted to continue their digital legacy, are there limitations on a fiduciary from accessing a decedent or ward’s account?
Google’s general terms of service require that the user of an account be the registered user in order to access the YouTube, Gmail, Google+ and Blogger.com services. There does not appear to be any penalty for access by persons other than the registered user.
A LinkedIn user cannot assign their account or allow another person to access their account without notifying and receiving authorization from LinkedIn. Facebook prohibits the transfer of a user’s account, disclosure of an account password or access to another user’s account without the written permission of Facebook.
Access and use of a Twitter account is allowed only if the party accessing the account has agreed to the Twitter terms of service in advance.
Yahoo prohibits access by a third-party to its email and chat service (but does not mention its Flickr service), unless authorized by local law. This could mean that a person might confer authority upon a fiduciary to access their Flickr account, but not Yahoo’s email services. This is an interesting provision (or oversight) because it could also be interpreted to mean that a power of attorney or conservator is permitted to access the account, but not a personal representative.
AOL does not prohibit its users from disclosing or providing access to their accounts, but it disclaims all liability for third-party access to a user’s account. AOL simply warns its users to safeguard their passwords and user names.
If a Myspace account holder discloses their password to another person, the user’s account will not be terminated under ¶4 of the Myspace terms of service. This provision, however, could also be interpreted to give Myspace the right to terminate a user’s profile in the event a designated agent of the user (e.g., power of attorney, conservator or personal representative) is deemed an assignee of the account under ¶¶2 and 8 of the Myspace terms of service.
Whether service providers consider access to an account an assignment of the account is unknown. Clearly, transferring an account to a beneficiary is an assignment of an ownership interest. But authorizing an agent to access an account should not be considered the transfer of an ownership interest in the account.
B. Rights of Deceased Users
Although a person could be registered with numerous service providers, whatever rights they have in their account after death will be determined by the service provider’s terms of service. The following is a summary of the rights a decedent might have in their digital assets according to the terms of service of the more popular service providers.
The only service provider discussed in this article that explicitly denies a user’s post-mortem rights in their digital asset is Yahoo. According to its terms of service,
¶27. General Information. No Right of Survivorship and Non-Transferability. You agree that your Yahoo! account is non-transferable and any rights to your Yahoo! ID or contents within your account terminate upon your death. Upon receipt of a copy of a death certificate, your account may be terminated and all contents therein permanently deleted.
Appointing a digital administrator or beneficiary to a Yahoo account is, therefore, prohibited. Surviving family members who may have a user’s account password should be careful not to inform Yahoo of the user’s death until such time as the content is backed-up.
On February 15, 2012, Microsoft introduced their “Next of Kin” procedure wherein a decedent’s Hotmail contents, which include all email and attachments, address book and contact lists can be delivered to the user’s designees on a DVD. While Microsoft prevents direct access to the decedent’s accounts, it does recognize the importance of its users’ digital legacies.
Following traditional estate planning methods, Microsoft respects the authority conferred upon a power of attorney, conservator, personal representative, or other individual designated by will or trust. In addition, Microsoft will provide assistance to the appointed person in closing any accounts.
On February 22, 2012, Google introduced an arduous Two Part process that purports to give survivors of deceased users access to their Gmail (only) account “in rare cases.” The most glaring problem with the Google Two Part process is that an appointed personal representative will be prohibited from accessing the Gmail contents unless they are able to comply with Part 1 of this process. In order to comply with Part 1, the appointed person is required to deliver “an email message that you have received at your email address, from the Gmail address in question.”
If the deceased user’s appointed fiduciary is a corporate fiduciary (e.g., the trust department of any bank), the odds of having an email from the deceased user’s Gmail account are nil. If the appointed individual is no longer alive (e.g., a simultaneously killed spouse), or someone with whom the decedent did not email from their Gmail account (e.g., court appointed public administrator or guardian ad litem), Part 1 of the Two Part Process cannot be met.
In addition to having to comply with this strange Two Part process, survivors of a deceased Gmail user are also not guaranteed access to the account because Google retains the sole discretion to release the account contents.
Any decision to provide the contents of a deceased user’s email will be made only after a careful review, and the application to obtain email content is a lengthy process. Before you begin, please understand that Google may be unable to provide the Gmail account content, and sending a request or filing the required documentation does not guarantee that we will be able to assist you.
Users of any of Google’s services (including Gmail) should consider the terms of service of the respective sites for purposes of granting access to their accounts, which include delivering their passwords to a trusted person. Google’s Universal terms of service do not expressly prohibit (or give rise to a breach in the terms of service for) a decedent’s estate or a digital administrator from accessing the content held in a Gmail, Google+ or any of Google’s other services.
By way of contrast, the YouTube terms of service provide that assignments of accounts and unauthorized account access are prohibited. So if access by an estate is considered an assignment of the account, the access is prohibited and if a personal representative’s use is deemed unauthorized, the account could be terminated. Depending upon Google’s interpretation, a breach of the terms of service would result in the account being deleted. If read apart from Google’s Universal terms of service, Blogger.com accounts may be accessed by an estate or digital personal representative.
Other than blatantly violating the YouTube service, Google does not provide a deceased user’s family with the ability to terminate any of its Google services. Without a mechanism that would allow for an account to be removed from the Internet, a decedent’s digital legacy could through Google linger in perpetuity.
Users of LinkedIn are prohibited from assigning their account to a third-party, therefore designating a beneficiary to the account is not allowed. Granting access to an account by a decedent’s estate should be allowed, unless LinkedIn considered a fiduciary to be a “third-party” assignee. For purposes of signing into (or accessing) a user’s account, the terms of service provide that this remains the obligation of the user who may authorize access to their account.
The terms of service for AOL strictly prohibit the assignment of the AOL Terms of Service. This prohibition does not prevent a third-party from accessing the user’s account if the passwords were simply given to the person accessing the account. As a result, appointing a digital administrator may be allowed, but designating an account beneficiary would be forbidden under the terms of service.
AOL does provide limited assistance for access to an account for family members of a deceased AOL user.
A third-party could have the right to access an account if that third-party accepted Twitter’s terms of service, therefore it appears that a Twitter account could continue after the user’s death by either an appointed beneficiary or fiduciary.
Twitter provides support for personal representatives or verified family members to cancel deceased users’ account.
While the Myspace’s terms of service do not reference a deceased user’s profile or uploaded content, a reasonable interpretation of the term “sale” or “transfer” would not include a decedent’s estate accessing the account. These terms of service seem to allow the appointment of a digital administrator, but prohibit an account beneficiary.
Surviving family members may notify Myspace of a user’s death and attempt to cancel the account, subject to Myspace’s discretion.
Facebook takes a vastly different approach with its deceased users than the other service providers discussed. Rather than allowing an individual to access or cancel the users account, it encourages survivors to create a “Tribute Page” for the deceased person. While the “Page” is not the actual user’s profile, Facebook allows the page to be managed by an “authorized representative,” who may or may not be the representative of the user’s estate.
What Facebook does not consider is that the deceased user’s profile persists for many years after a person’s death, unless the definition of a “nonactive” user means deceased users. Other users can freely post derogatory comments or advertise on the decedent’s profile without any rights reserved for the user’s family. If the terms of service provided that a non-active user’s profile would be deleted after a period of inactivity, this problem would be solved. But a reasonable interpretation of Facebook’s terms of service is that Facebook prohibits both the appointment of a digital administrator and beneficiary of the user’s profile.
Clearly, the terms of service for the most popular and frequently used service providers do not consider how a user might plan their digital estate. Without adopting uniform terms of service for deceased and incapacitated users, service providers neither service nor provide the substantial population of users who (a) rely on their services, and (b) have created tremendous wealth for them.
V. ESTATE PLANNING FOR DIGITAL LEGACIES UNDER CURRENT LAW
The options available for planning a digital legacy are, admittedly, limited under existing law. A user can deliver a list of their accounts and passwords to a family member or other trusted person.
While access to many accounts would be a violation of the terms of service, the account holder has no choice but to take this risk if they want to preserve their content and avoid having their account(s) terminated. This is not a very good option, to say the least, but this is the best planning option available to users.
The real consideration for planning a digital legacy is whether a designee will honor the user’s restrictions, such as (i) not sharing the content with various people, or (ii) not impersonating a deceased or comatose user?
A. Prepare a Separate Writing Related to Digital Assets
A written statement should be prepared in accordance with UPC section 2-513 to provide evidence of the user’s testamentary intent for the handling and disposition of their digital assets. Although section 2-513 is limited to tangible personal property, a hand-signed (as opposed to eSigned) statement is evidence that can be used if the user’s intent were ever questioned in a probate proceeding. The writing should include each service provider, account password and email address used to register the account.
Bequeathing an account password to someone may seem to be as harmless as giving that person access to an account, but it is actually a gift of the contents in the account. The user should be aware that anything of value within that account would become the property of the recipient. This means that the recipient could do whatever he or she desired as the “owner” of the content.
If there are reservations about giving someone the contents of the account, the user should include instructions or wishes with their written statement that outline the intended uses for the content. These wishes may include instructions to terminate or close the account, whether access should be limited to reading, printing, or downloading the content, or whether any of the content should be shared with additional people. The purpose in preparing this writing is to explain what the user wants to happen with their digital legacy.
For example, if a user did not want his or her spouse to access their private email, existing state law probably does not give a spouse the right to access or view the account. Most terms of service for providers do not include a spousal “right” or “privilege” to accounts, but there could be instances where a court or service provider might be inclined to honor a surviving spouse’s request if the decedent’s intent is unknown.
Without a list of instructions or evidence of intent, the consequences could be traumatic for many surviving family members of the user if a court granted carte blanche access to a decedent or incompetent person’s accounts. So long as the user provides a testamentary instruction that either granted or denied access to their digital asset, this instruction should be honored by most probate courts.
Individuals preparing this list (or any other type of instructions) should make a clear reference to the existence of this writing in their power of attorney, will and trust documents. For purposes of safekeeping their instructions, the user must make its existence known to the person(s) designated as their beneficiary, including where it may be found in the event of death or incapacity.
B. Appointment of a Digital Administrator
Appointing a digital administrator is important for a user’s digital legacy and to limit potential liabilities in the event an account is not accessed. If a digital asset contained sensitive information, for example an email that subjected the user to liability, that liability will carry over to the estate.
If a personal representative failed, or did not take reasonable action, to gain access to a decedent’s email account, there could be personal liability for any damages suffered by the estate as a result of their inaction. For example, if there were a time sensitive email in the decedent’s account or an online billing were not discontinued by the personal representative. At a minimum, if the decedent expressly conferred authority on the personal representative, the fiduciary would know in advance that it has potential exposure if it does not attempt to access the decedent’s accounts. If the decedent appointed a fiduciary and a digital administrator, the fiduciary should be relieved of any liability for the unknown contents in the accounts.
A person’s estate plan should include an appointment of a special digital administrator or a reference to digital assets as something the fiduciary has the authority to manage. The digital administrator’s authority to access the accounts should be clearly defined as:
(i) specific (e.g., terminate the accounts or notify service providers of the user’s death),
(ii) limited (e.g., access to email accounts only, content may be read but not published, the content cannot be shared with certain people, etc.), or
(iii) general (e.g., unfettered access to all email, social networks, and blog accounts).
It is important that the decedent’s intent be clearly expressed as to whom the authority has been conferred.
Fiduciary appointments involving digital assets should include a statement that it has been executed by the user in accordance with the SCA, specifically referencing that the user intended the release to be valid under 18 U.S.C.S. §2702(b) and (c). A statement to this effect is necessary for all power of attorney, personal representative and trustee appointments that include authority over digital assets.
Finally, individuals might consider contracting with a commercial agency to handle their post-mortem digital legacy. Several online organizations offer these services where a person’s accounts, passwords, and appointed individuals are registered and given assistance in the process of post-mortem planning with digital assets. If a commercial service were designated as the user’s digital administrator, the user is appointing an experienced party that is familiar with the intricacies of digital assets and service providers. A commercial digital administrator might be analogous to the appointment of a bank or trust company as the fiduciary for the user’s estate or trust.
Until the issues analyzed in this article are clearly defined under state and federal law, fiduciaries should be concerned about the digital assets and their hidden liabilities.
VI. PROPOSED STANDARDIZATION OF INTERNET TERMS AND CONDITIONS
The best solution for a business problem is to resolve it privately or through an agreement, not with additional legislation or litigation. Service providers need to recognize the importance their services play in their users’ lives. People rely heavily on these sites and do have an expectation that the content they upload or transmit through their sites will be preserved, stored and available as the users decide.
Before federal legislators impose a statutory method for protecting digital assets, service providers should adopt their own industry model. This model should offer basic terms of service that (i) grants users a limited right to appoint a person who may access an account, and (ii) sets forth a reliable storage protocol in the event of a user’s death or incapacity.
The recommendations proposed below give users an opportunity to appoint a special administrator and a beneficiary of their digital assets. While these appointments may appear to overlap, their purposes are different. The principal reason for the separate designations relates to ownership of the content.
A beneficiary becomes the owner of a decedent’s account content, whereas the decedent’s estate becomes the owner of an account accessed by a digital administrator. A digital administrator also has broader authority to access the user’s account in the event of death and incapacity. A beneficiary has a right to access the account contents upon the user’s death only.
The proposed terms of service also allow for the appointment of primary and successor administrators and beneficiaries to their accounts. The reason for allowing successor appointees follows standard estate planning practice to include a successor in the event the primary appointee is deceased or otherwise unavailable.
To prevent fraud or misuse of the appointment feature, the proposed terms of service restrict the account to being available only for reading, downloading, saving and printing by the designee. Under no circumstances should a designee be able to send new messages, post new blogs or upload new content; in other words, impersonate the user. An automatic reply would be a desirable feature from the service provider if a new message were sent to the account (or profile or blog), such as “this account is no longer active or receiving messages.”
To implement the proposed appointments, a provision that required interested users click the feature should be included in service providers’ terms of service, not as a separate “help” or “support” feature. In addition, users would agree to waive their privacy rights with regard to these appointments.
If a user failed to click the separate terms for a designee appointment, their inaction would be a waiver of the transfer rights and the default terms of service for the provider would control.
Finally, users should be given an option to click an election that requires the service provider to terminate their account and contents upon receiving notice of the user’s death.
B. Recommended Terms of Service
The following terms of service achieve the goals of (i) protecting user content, and (ii) protecting service providers who offer these options:
1. Appointment of Administrator. An individual user may designate one primary and two successor individuals as their “special administrator” in the event of the user’s death or incapacity. To appoint a special administrator, the user must submit the name and email address of each designated administrator under the account settings. Users may change or revoke their appointment at any time. If a special administrator is not designated or the email address provided by the user is invalid, in the event of the user’s death or incapacity, the account will not be available to any other person and the account will be terminated. If an account is terminated, all data, content and materials contained within the account will be permanently erased, as provided in ¶5 below.
2. Assignment of Account. An individual user may designate one primary and two successor beneficiaries of their account who shall succeed to the account upon the user’s death. To appoint a beneficiary, the user must provide the name and email address of each designated beneficiary. Users may change or revoke a beneficiary appointment through their account and privacy settings at any time. If a beneficiary is not designated or the email address provided by the user is invalid, in the event of the user’s death, the account will not be available to any person and the account will be terminated. If an account is terminated, all data, content and materials contained within the account will be permanently erased, as provided in ¶5 below.
3. Access by Digital Administrators and Designated Beneficiaries. An individual appointed by the user as a digital administrator or beneficiary of an account shall have the limited right to (a) access the user’s account, (b) review the contents of the account, and (c) print, download or save the contents of the account to an external device. The appointed digital administrator(s) or beneficiary(ies) shall have no right to send or respond to any e-mail or instant message, add or accept new friends or members to the user’s network, or directly communicate with any person from the account or otherwise transmit content through the user’s account.
4. Notice of Death or Incapacity. A. If a user appointed a beneficiary or digital administrator in their account settings, notice of the user’s death or incapacity by the appointed beneficiary or digital administrator will result in the designated individual having access as provided in ¶3 above. Notice to the service provider shall be considered valid upon receipt of a death certificate from the appointed individual.
B. In the event the appointed beneficiary or digital administrator does not notify the service provider of the user’s death or incapacity, the service provider will notify the user when their account has not been accessed for more than one hundred eighty (180) days. If the user fails to access his or her account for thirty (30) days after this notice has been sent to the user’s registered email account, the service provider will send notice that the account has not been accessed to the email address of the appointed (and successor) digital administrator(s) or designated beneficiary(ies) that the account has been inactive under these terms of service. If a designated beneficiary or digital administrator does not respond to the service provider’s notice, or does not attempt to access the account, the service provider may terminate the account and delete the contents in accordance with ¶5 below.
5. Termination of the Account. Accounts that are not accessed for a period of one hundred eighty (180) days will be subject to termination. Subject to ¶4 above, if the account user appointed a digital administrator, as defined in ¶1, or designated a beneficiary, as defined in ¶2 above, the account will be terminated if more than two hundred forty days elapse without (a) access to the account by the user, (b) notice to the service provider from the appointed digital administrator of the user’s death or incapacity, or (c) the beneficiary has informed the service provider of the user’s death.
6. Waiver of Privacy. The user acknowledges that the user is over the age of eighteen (18) years old and has the capacity to appoint the parties set forth in ¶¶1 and 2 above. The appointment of a digital administrator or beneficiary of their account is an express waiver of any privacy rights the user and the user’s heirs, assigns and estate may have against the service provider under any state or federal law, including any rights under Gramm-Leech-Bliley, 15 U.S.C.S. §6801, et seq., Health Insurance Portability and Accessibility Act, 42 U.S.C.S. §1320d, et seq., Fair Credit Reporting Act, 15 U.S.C.S. §1681, et seq., Stored Communications Act, 18 U.S.C.S. §2701, et seq., and Family Education Rights Privacy Act, 20 U.S.C.S. §1232g.
Although service providers offer their standard service to users for free, some do offer additional or premium services for a fee. These “pay services” can include larger data storage, more search features, additional site content, and additional communication applications. There is a level of inconvenience to the service provider (and a tremendous incentive for users to pay for this service) if the recommended terms of service were adopted. If the cost to service providers preserving digital legacies were so prohibitive, this inconvenience should be offered to users for a nominal charge (e.g., $1 or $5).
VII. PROPOSED CHANGES TO UNITED STATES LAW TO MANAGE A DIGITAL LEGACY
Without an industry standard that properly dealt with a deceased or incapacitated user’s digital assets, changes to state and federal law are necessary to give individuals a limited right to plan their digital legacies. At the same time, legislators must exercise restraint in how they regulate Internet service providers, being mindful that less regulation is usually better for consumers and business.
It is incumbent upon legislators to deal with the present technology and expectations of Internet users, especially at a time when the federal government continues its push for a paperless (or digital) society through its own policies.
State laws properly govern the rights of incapacitated persons, decedents’ estates and most property law issues. If the individual states were given the ability to create their own definitions or method to transfer digital assets, the interests of users and service providers would surely become convoluted.
From a practical standpoint, this must be a federal issue because service providers have the ability to maneuver around individual state laws by simply amending their terms of service relative to the choice of law. From a legal standpoint, federal law protects against the argument that state laws are preempted by one of the many federal privacy laws covering a person’s identifying information. Therefore, it is incumbent upon Congress to make necessary amendments to current U.S. law.
A. Federal law
Congress should adopt one of the following alternatives to resolve the concerns in this article.
i. Alternative One – Creating a Limited Property Right in Digital Assets
If an individual had a quasi-property right to the content stored in their email, social network profile and blog accounts, a user could direct their digital legacy as they decided and not according to the service provider’s of terms of service. But where should this property right be included in the United States Code?
The fact that some of the content in a user’s account are “stored electronic communications,” the SCA would seem to be the logical federal law to amend. The SCA, however, is a criminal privacy statute. Several courts have interpreted the SCA and held that it cannot be used in non-criminal proceedings, such as requests for the disclosure of stored communications pursuant to a civil subpoena. The exceptions to SCA, likewise, do not consider the stored communications of a deceased user as a privacy violation. Therefore, creating a property right within the SCA seems illogical considering the nature of Title 18.
Creating a section in the Copyright Act to recognize rights in digital assets makes more sense than in the U.S. Criminal Code. The Copyright Act defines and protects property rights and the interests of intellectual property owners. When it adopted the DMCA in 1998, Congress recognized the popularity of the Internet, as well as the importance of both service providers and the digital medium in protecting copyrights. So important are the service providers in online copyright piracy, the DMCA has an immunity provision for Internet service providers who identify persons who use their services to infringe on the copyrights of others.
In 1998, there was also an overwhelming need to grant special status for vessel hull designers under federal law. As a result, Congress created Chapter 13 in the Copyright Act just for that special class of persons because there was a gap under the existing trademark, patent and unfair competition statutes. Why not make a specially designed provision in the Copyright Act for digital assets?
A new chapter in the Copyright Act would allow Congress to create a more limited right than the right it created for vessel hull designers. This chapter could create a moral right for users in their digital assets. The right would have property-like status that a user could assign or direct in the event of death or incapacity.
The concept of moral rights is not a new concept in the United States, as the Copyright Act already protects the moral rights of artists under the Visual Artists Rights Act (“VARA”). Under VARA, artists are given a right to object or prevent the “distortion, mutilation or modification” of an artistic work under a theory that any manipulation to their work would cause injury or damage the artist’s name, honor and reputation. California, Massachusetts and New York provide moral rights to artists in their states with similar protections as the VARA.
The moral rights created by VARA, however, protect an artist’s creative integrity during life. These rights allow the artist to prevent a work from being manipulated or changed in such a way that the artist’s reputation might be damaged. When the artist dies, his or her moral rights are terminated.
Today’s web users abandon the moral rights in their digital assets when they delete or remove content, or when they decide not to access an account. These are conscious decisions; death or incapacity are not conscious decisions and they should not dictate a user’s digital legacy.
Considering the personal attachment and reputations people create through email, blogs and social networking, a moral right is an appropriate status that protects the integrity of users’ digital legacies after life. The Copyright Act is clear that an artist’s moral right is a supplement to any other copyright protection the artist may have under the Act. Therefore, an artist’s moral rights under VARA are not nearly as extensive as a full-blown copyright; a moral right in a digital asset should be similarly limited.
If Congress were to adopt an amendment to the Copyright Act (or adopted a new chapter elsewhere in the U.S. Code) it must be a carefully defined amendment. The Copyright Act should simply give protected status for digital assets, such as a limited right protecting the content stored in digital accounts only. Congress should not make the accounts or the underlying content as copyrighted property.
The present law dealing with digital assets is bad public policy. If a person has testamentary intent and does not want to abandon their digital legacy, the federal law should give people an opportunity to make this decision in advance. Providing a transferable moral right gives users the opportunity to make their own decisions with regard to their digital legacies.
ii. Alternative Two – Mandatory Terms of Service
Implementing the second alternative is as easy as a federally mandated term of service in the same form as the proposed terms set forth in V.B., supra. The authority to impose these terms of service are Titles 15 and 47 of the United States Code which regulate Commerce and Trade, and Telegraphs, Telephones and Radiotelegraphs; Congress has used the authority conferred upon it by the Constitution to regulate the Internet under these Titles on previous occasions.
The Federal Trade Commission (“FTC”) has the authority to prevent unfair methods of competition and seek redress for conduct that may be injurious to consumers. The FTC has direct authority under E-Sign to provide consumer protection for the validity and legal effect of electronic contracts in interstate and foreign commerce, and must report to Congress if any statutory changes are necessary under E-Sign.
Under the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (“CAN-SPAM”), the FTC was conferred regulatory authority (along with other federal agencies) to enforce the provisions of the act that related to commercial email sent to consumers. Under the Children’s Online Privacy Protection Act, the FTC was given the authority to protect the interests of children who surfed the Internet.
The FTC is also authorized to seek redress against specific violators of the Federal Trade Commission Act (the “FTC Act”), to promulgate rules to prevent unfair acts and violations, and make recommendations to Congress for legislative changes. Google and Facebook have been the targets of recent FTC actions based on changes to their privacy policies.
But whether service providers are engaging in deceptive or misleading activities to their users is not the point of this article; nor is it to discuss Internet users’ privacy rights. The FTC has the authority to investigate whether consumers are harmed by not having the ability to control their digital legacies. If this issue were compelling enough, it can issue appropriate and mandatory terms of service through its regulatory authority under the FTC Act, E-Sign or request the specific authority from Congress.
Congress has also delegated authority to the Federal Communications Commission (“FCC”) to regulate various elements of online activities. For example, the Communications Assistance for Law Enforcement Act (“CALEA”) is a federal law that directly uses Internet service providers as a partner in fighting online crime.
Under CALEA and the FCC’s regulations, service providers are already aware of their obligations to Internet users and the digital content transmitted by them.  Providers of “information services” and “electronic messages” can be compelled to amend these terms of service in such a way as to respect the content their users entrust to them as hosts. If the FCC does not already have the regulatory authority to impose these terms of service, Congress could delegate that authority under Title 47.
Congress should take whatever action is necessary to require that service providers allow users the right to provide for a post-mortem disposition of their digital assets. If they are using service providers to enforce criminal laws, why not give a majority of Internet users a limited right to transfer or assign their account to a designated digital administrator or beneficiary.
In the event Congress were compelled to approve either of the proposed alternatives, any new legislation must include a provision granting service providers immunity from (a) civil suits brought by a user’s surviving family members, and (b) liability under the federal privacy statutes. Various types of immunities currently exist for service providers under the SCA, DMCA, and the Communications Decency Act, therefore, if either alternative were adopted, service providers would need an additional immunity to protect them from civil actions brought by users and their survivors.
There is great potential for “sour grapes” litigation from family members aggrieved by a user’s decision to give access to their digital assets to one person over another or to completely exclude a family’s access. The privacy statutes and state laws governing wills, trusts and testamentary transfers would be used as a theory for many of these actions. The service providers should not be targeted as the “deep pocket” against whom someone would blame for a user’s unpopular testamentary decision.
If an individual failed to designate a beneficiary or administrator for their digital assets, the service provider should not be held liable for their failure to act.
If Congress did not feel compelled to take action in this area, there are changes that can be made at the state level. Ideally, states would not take it upon themselves to adopt any of the alternatives (or versions thereof) in VII.A., supra., for their residents. Any individual state legislation would create an incredible amount of confusion for users and service providers. It is therefore recommended that the limited changes, as provided hereinafter, be made to state law to recognize digital assets.
The UPC was amended a few years ago to recognize electronic signatures. In the spirit of that amendment, it should be further updated by (i) allowing a person to provide instructions related to digital assets in the event of death or incapacity, (ii) including a provision allowing for the appointment of a digital or special administrator, and (iii) granting fiduciaries the authority to take control of a person’s digital assets. The special administrator’s authority should be exercised in conjunction with the overall authority conferred upon the personal representative.
A new paragraph (28) must be included under section 3-715, Transactions Authorized for Personal Representatives, Exceptions. This new paragraph would provide the following:
(28) to access, print, download or otherwise preserve the digital content, including any stored electronic communications under 18 U.S.C.S. 2701, et seq., of any account the decedent created as an account user through a “service provider,” as that term is defined in 17 U.S.C.S. 512(k)(1)(A)
A similar provision should be included as section 5-425(26) for the authority of a conservator appointed for an incapacitated person.
UPC section 2-510 relates to the doctrine of incorporation by reference, where a testator may incorporate a separate writing or instructions into a will. This section should provide that the contents of an account, as defined in proposed section 3-715(28), can be included in this separate writing. If digital assets were recognized as property under federal law, this section 2-510 would still need to be updated to recognize digital assets as intangible property.
Section 2-513 of the UPC authorizes a decedent to include a statement with his or her will to dispose of items of tangible personal property. The purpose of the written statement is to provide an effective method of disposing a decedent’s personalty without a great deal of effort. In their 2008 Comments to the UPC, the drafters noted that “[t]he typical case covered by this section would be a list of personal effects and the persons whom the decedent desired to take specified items.” The digital assets, as defined in proposed section 3-715(28), should be included as an asset that designated in a statement by the decedent under section 2-513.
Section 3-617 of the UPC provides for the appointment of a special administrator of the decedent’s estate. This should be amended to allow the special administrator to deal with digital assets, as defined in proposed section 3-715(28), separate from the personal represenative.
Finally, the UPC allows for an expedited administration to transfer assets by affidavit when the value of the estate is less than $5,000. The purpose of this section is limited to small administrative procedures, but section 3-1201(b) directs transfer agents of securities to honor the affidavit and change the stock registration. Section 3-1201(a) allows the affidavit process to transfer debt instruments, stocks and chose in actions to designated beneficiaries. This section should be amended to include the expedited transfer of digital assets, as defined in proposed section 3-715(28).
The overall lack of uniformity in the terms of service for some of the most popular Internet service providers is frustrating for estate planning purposes considering the number of people that use email, blogs and social networks. For anyone who has a preference for or against allowing their digital content to be shared or deleted in the event of their death or incapacity, the current terms of service must be revised.
The traditional estate planning tools are of little use to planning a digital legacy. Until service providers acknowledge the disservice to their customers, the hundreds of millions of daily users may seek alternative service providers who are genuinely concerned with the digital content transferred through their sites.