Living and Dying in a Virtual World

by Greg Lastowka and Trisha Hall

A significant portion of a modern decedent’s assets may consist of ‘digital assets’ such as e-books, domain names, and online accounts. Unlike their tangible predecessors, digital assets may be difficult for executors and administrators to obtain. New laws may help facilitate access to digital assets, but it will not be simple to strike an appropriate balance between property, privacy, and contract.

Ubiquitous computing technologies are becoming increasingly enmeshed with our daily lives. Websites and other online platforms keep track of our history of communication, and they may additionally hold valuable intangible property and digital assets we have created or purchased. A quick scan of recent news stories reveals that:

1. Over one billion people maintain Facebook pages.
2. Over one billion people have accounts on Gmail, Hot-mail, or Yahoo!.
3. Over 300 million e-books were sold by Amazon in 2012.
4. Over 25 billion songs have been sold on iTunes.
5. Over 50 million domain names have been registered by GoDaddy.
6. Roughly 175 million tweets were posted on an average day in 2012.
7. Over 70 hours of video are uploaded to YouTube’s servers every minute.
8. Over 70 million people tended virtual farms in Zynga’s Farmville at the height of its popularity, some paying real money to obtain virtual assets.

While these numbers are impressive, they only scratch the surface of a vast landscape of platforms, websites, and account-based social media technologies. As a result, it is increasingly likely that decedents will possess a range of per-sonal accounts holding a range of files, documents, licenses, personal communications, and other forms of intangible property located behind password-protected login screens.

Many of today’s digital assets function in ways that seem analogous to prior forms of personal property. A decedent’s digital photography archive on Flickr (or Instagram, Smugmug, or Picasa) might serve the same purpose as an old-fashioned shoe-box. An account filled with e-books and digital music may replace the library on a set of tangible bookshelves. A blog might replace a daily journal, and a digital folder full of emails might replace a bundle of handwritten letters. Services such as PayPal and Wallet might replace traditional checking accounts. Virtual currencies like bitcoin might replace some portion of a decedent’s portfolio.

Executors and administrators of estates cannot disregard a decedent’s digital assets. In New Jersey, personal representatives of estates are duty-bound to settle and distribute an estate as “expeditiously and efficiently as is consistent with the best interests of the estate.” Moreover, personal representatives are responsible for valuing assets of the estate and paying any state and federal inheritance and estate tax that may be due on those assets. While an online photo archive may not amount to substantial value for these purposes, a decedent’s PayPal or virtual current account may. These duties certainly extend to digital assets and accounts that represent offline monetary value.

However, while executors and administrators can normally reach a decedent’s tangible personal property with relative ease, today’s digital assets are typically password-protected. Decedents may have dozens of accounts, each with its own unique login and password combination. Fiduciaries may not be aware of the existence or location of the decedent’s accounts, and even if they are aware, they may be unable to obtain access if passwords are not written down and kept up to date. Moreover, technology is continually changing, and what may be behind login and password today could be secured in other ways in the future.

For some digital assets, such as bank accounts, access to records can generally be obtained along with the ‘hard’ account assets by providing a death certificate and other documents establishing the authority of the fiduciary to obtain access. However, distributing a decedent’s library of digital content (e.g., e-books and digital music) is a trickier issue. Contract law (in the form of copyright licenses and/or a content platform’s terms of use) will generally limit authorized library access to the original purchaser. While a physical book is subject to inheritance, e-books may be a different story.

Most digital content licenses have no language specifically contemplating what should occur upon the death of the original purchaser, but most licenses are generally limited to personal use. Some commentators have argued that digital content licenses should allow purchasers to transfer digital copies pursuant to copyright’s first sale doctrine, but this claim is controversial, and would seemingly contravene the express licensing terms. These terms may change in coming years, given that Apple and Amazon have sought patents on systems for transferring used digital media assets (e.g., music, videos, and books).

While digital content sellers like Apple and Amazon profit primarily from selling digital content, social media companies (such as Yahoo!, Google, Twitter, and Facebook) profit primarily from selling their user’s attention to advertisers. Social media plat forms tend to give away their services, offering users content created by other users. A fiduciary’s access to a decedent’s content on a social networking platform, therefore, entails access to interpersonal communications, and this can pose difficult privacy issues.

It may seem that a decedent’s beneficiaries should have stronger claims to digital assets the decedent produced, for example the photos, videos, songs, and writings the decedent created and uploaded to an online platform. But this is not always the case. The struggle of the parents of Justin Ellsworth is often used to illustrate the tension between contract, privacy, and property. Ellsworth was a U.S. marine who was killed in Iraq in 2004. Like many others, he had used a Yahoo! email account during his tour of duty to correspond with his friends and family in the states. Ellsworth’s parents sought access to their son’s correspondence because, among other things, Ellsworth had told his father that he planned to make a scrapbook from his letters. However, when Ellsworth’s father contacted Yahoo!, the company explained it would not allow the family access due to its terms of service and the need to protect Ellsworth’s privacy. Eventually, the parents obtained an order from a Michigan probate court directing Yahoo! to provide the family with the emails. The company complied with the order, but the family resented Yahoo’s initial refusal.

Other families of decedents have had similar struggles with email services and social networks. For instance, the parents of a 20-year-old man who had committed suicide complained of waiting a month for Facebook to remove their son’s profile picture, which showed him holding a gun to his mouth. Similar cases of non-responsive social media platforms have been reported. Yet this resistance may reflect valid concerns about current electronic privacy law.

For instance, the federal Stored Communications Act (SCA) generally prohibits any “electronic communication service” (e.g., an email service or a social network) from disclosing “the contents of a communication” to parties other than the sender or recipient, subject to certain limited exceptions. New Jersey law also has a statute, passed in 1993, that roughly mirrors the core language in the SCA.

While both statutes permit services to disclose communications with “the lawful consent of the originator or an addressee,” it is not clear that this exception should apply in all cases. A signed statement from the decedent could serve as proof the decedent intended for specific persons to obtain access to social media accounts. But in the absence of this, it is certainly possible that some decedents will want some communications to remain permanently inaccessible. Correspondents of the decedent might have similar wishes.

Recently, Google launched a new inactive account service that will allow a Google account user (which includes Gmail, YouTube, Blogger, Google+, Wallet and other services) to configure account settings to automatically terminate and delete an account or transfer its contents to a named third party after a period of inactivity and attempts to contact via text message or another email account. This will certainly help in situations where an account provider offers this type of service and the account user actually uses it, but for the near future, this will not be the case for most people.

Even when executors or administrators do have easy access to a decedent’s personal accounts (for instance, when passwords are stored on an accessible computer), there may be other legal concerns. Fiduciaries may access accounts, for instance, in ways that could technically violate New Jersey and federal law. The federal Computer Fraud and Abuse Act and the laws of New Jersey both prohibit, with civil and criminal provisions, unauthorized access to computers. While it seems unlikely a state or federal prosecutor would arrest a fiduciary for trying to obtain access to a decedent’s digital assets, there is no explicit statement in either the federal or New Jersey anti-hacking laws that expressly safeguards the legality of a fiduciary’s access to a decedent’s accounts.

A final wrinkle in the current law is the rise of so-called ‘digital estate planning’ services. There are many services today, each with its own features and designs, which offer to assist users in transferring digital assets after death. Generally, these services are not the work of estate lawyers. Their common feature is that, upon the occurrence of some event (e.g., a failure to check into the service or to reply to an email message from the service), the service pro-vides some person (often designated as a ‘beneficiary’) the ability to access specific accounts of the user. While it is not surprising that these services are increasingly popular, they are surely creating problems as well. Depending on the features of the service, for instance, the decedent’s release of accounts (especially financial accounts) to service-designated ‘digital beneficiaries’ may purport to transfer ownership in a manner that conflicts with the terms of the decedent’s will or with New Jersey’s intestacy rules. Additionally, it is not clear all these services comply with privacy, con-tract, and unauthorized access laws.

Legislation could clear up some issues. While the New Jersey Legislature has yet to address the problem of virtual estates, six other states have made efforts to date. Two states—Rhode Island and Connecticut—have passed laws providing executors and administrators have the right to obtain access to a decedent’s emails. Two other states—Idaho and Oklahoma—currently grant executors and administrators the right to “take control of, conduct, continue, or terminate any accounts of a deceased person on any social networking website, any microblogging or short message service website or any e-mail service websites.” Indiana has passed a law allowing personal representatives and conservators to access a decedent’s electronic documents. And Virginia just recently passed a law allowing the parents of deceased minors to access their accounts.

Legislation is pending in at least eight other states (Hawaii, Maryland, Massachusetts, Nebraska, New Hampshire, New York, North Dakota, and Oregon) which would generally expand fiduciary access rights along the lines of the Idaho and Oklahoma laws. The Hawaii and Massachusetts bills are especially interesting, in that they would overwrite contractual terms that opposed fiduciary access to digital assets. The Massachusetts bill would override terms of service restricting access to email, and the Hawaii bill would override contractual restrictions barring transfers of the decedent’s “digital media,” including “music, video, photographs, audiobooks, audio performances, or games.”

The greatest effort to rewrite the law of digital assets, however, is being undertaken by the Uniform Law Commission (ULC). The commissioners recently established a committee charged to “consider and make recommendations concerning the authority and powers of a fiduciary to access digital information related to a decedent’s estate or the affairs of an incapacitated individual.” The current working draft of the uniform legislation would allow executors, administrators, and personal representatives to “exercise control over the decedent’s digital property to the extent permitted under applicable law and a terms-of-service agreement.”

The current ULC committee discussion draft also innovates in several other ways. For instance, it establishes the decedent’s consent to access as a matter of law, immunizes fiduciaries from liability for acts in compliance with the new law, and provides a mechanism for “interested parties” to challenge the default fiduciary access. It seems likely that some of these provisions will be altered or replaced in later versions. The committee anticipates a final version of the proposed uniform legislation will not be ready until 2014. It would then take more time for states, like New Jersey, to decide whether to adopt the uniform law.

Therefore, for the next few years at least, the unresolved issues of intangible inheritance will remain. The emerging law of virtual estates will require diligent executors and administrators to navigate a complex set of legal and technological rules.