Since 2003, we have seen a significant shift in how our information is stored, delivered, and used. In the past I used to advise clients to look in the mailbox for bills and statements to locate the assets of a deceased loved one. Now, in 2016, the mailbox is electronic and the bills, statements, and other notifications are getting to be all digital. We are seeing our lives transitioning to the internet “cloud” every day. Regardless of how much we like it, or how comfortable we are with it, our lives tomorrow will be different that they are today.
This evolution in how we do what we do is causing, for some of us, a disconnect in how we see our world. What used to be obvious is now more subtle; what used to be challenging is now easier. And because of these changes, we take so much more for granted. Those pictures taken of uncle bob and his kids on Instagram; the documents received from a colleague stored on Dropbox; the credit card bill from Netflix; the invoice of your personal items from Amazon; the profile of you on LinkedIn; remember that payment via bitcoin or PayPal?; and don’t forget your timeline on Facebook. The technological changes we have been experiencing have enabled us to leave an imprint of our lives online in so many ways. And whilst this is nice and it certainly is easy, the question that few are looking at is what happens to these digital ghosts of our lives after we have passed away?
Last year, in 2015, there were approximately 83 million Americans who had atleast one of their online accounts hacked if we look at just the top four hacks of the year[1]. About 80%[2] of all people who pass away in the United States have online accounts of one sort. As time goes on, that number will only increase, as the Gallup pollclearly shows. Of course, the more we go online, the greater the threats from hacks, ID theft, misappropriation of information, and con-artists absconding with ill-gotten funds. One personal anecdote I can share is that of a childhood friend of mine who passed away leaving behind an infant daughter. A miscreant posted on her Facebook page a link to have the friends and family donate money for a “charity” for the benefit of the child. After a time, those funds were collected and the person disappeared into the ether. This is just one case of many where people are abused during a time of emotional stress.
Several challenges face those survivors acting as representatives of the deceased when it comes to closing or accessing the still active accounts of the deceased. First, identifying the active accounts may be an issue if no inventory is left in place. Second, the representative has to have the time to navigate the web sites of these accounts to even determine who to contact or what form to complete so that the account can be closed. Sometimes these accounts may need to be accessed rather than closed, and that’s another significant matter that will be discussed below. Third, not every online account will require the same information to close such the account. For example, while Facebook may simply require proof that the person seeking to close an account is an immediate family member, LinkedIn requires the member’s name, your relationship to them, the company they worked for, a link to the profile, and the member’s email address; just to cite two examples.
As the internet ages with us, a critical mass is developing in the legal community and state legislatures to better help the representatives of the deceased to handle these online accounts. A national framework called the Revised Uniform Access to Digital Assets Act (RUFADDA) has been drafted to enable access and closure to these accounts. The difficult path that lies ahead is in having all states enact laws within their own legislatures that will ratify the RUFADDA. At present about 54%[1] of the states have begun the process of introducing legislation dealing with this. Florida is set to put into law it’s version this July. We can’t forget though that while the United States created the internet, it is worldwide, as are people’s accounts. So while our nation is slowly making strides, many online providers have no process or legal structures in place to allow for the living to handle their loved one’s accounts.
Further, and as I alluded to earlier, there is a bright line that cannot be crossed when dealing with the accounts. Accessing an account requires prior consent from the account owner. When was the last time you completed a form allowing your representative to access your email account. Most likely, the answer is “never.” Here, the Stored Communications Act (SCA) and the Federal Computer Fraud and Abuse Act (FCFAA), actively prevent any unauthorized person from accessing such accounts. Doing so opens the door for civil and criminal penalties against the online account provider and yourself, if you were to access your loved one’s email, for example.
When examining the upcoming legal structure of the states’ work, it is very important to understand that the deceased’s digital assets are exactly that – assets. They must be dealt with in the same way a person’s other assets are handled, and that is by using a durable power of attorney or guardianship while a person is alive, but incapacitated, and through a person’s Last Will or Trust when deceased. This will necessitate a court supervised administration of the estate to deal with the digital estate even if a person had no others financial assets to speak of.
There are things that can be done. First and foremost, speak to an attorney who is versed in digital estate management and who has the understanding and capability to ensure your legal estate documents are up to the future task of providing the prior consent required. Next, work with certain online companies like EstatePass.com to safeguard your information while living and will ensure your and your future representative’s legal rights are protected by having the prior consent on file, or if dealing with the accounts of a deceased loved one, EstatePass.com will provide a simple online tool to help you close the necessary accounts. Remember: simply having a list of accounts and passwords does not protect your rights or give a representative the authority to access these accounts.
[1] Vtech – 5M, 11/2015; Ashley Madison – 37M, 8/15; Office of Personnel Management – 22M, 7/15; Anthem – 18.8M 2/15
[2] http://www.census.gov/content/dam/Census/library/publications/2014/acs/acs-28.pdf
[3] Who Will Delete You? Fiduciary Access to Digital Asset, ActionLine Vol. XXXVII, No. 2 (Winter 2015)