As the complexity of online life continues to grow in our ever-connected society, it can be easy for people to forget or simply undervalue the necessity of planning to distribute their digital assets. Digital or virtual assets surround us on a daily basis. This category includes the photos on your phone, the NFT you purchased last week, the Facebook messages you sent, your credit card reward points, and even the movie you downloaded from Amazon to watch on the plane.
While these assets range widely in scope, they can carry great economic and emotional value for your loved ones or business interest. So why are these important assets so often overlooked in traditional estate planning?
One possible reason could be that people just assume that their loved ones could just enter their username and password into the appropriate website and gain full access to their accounts. However, the practical complexity of that plan quickly balloons. Websites can have security questions that a descendant might not know how to answer. Bank or Work-related logins may ping the original user’s phone and, without access to the phone, the account becomes quickly out of reach. Or, worse still, the loved one may not even know an account exists and may never learn of the digital assets contained on that platform.
Additionally, two federal laws may prevent descendants with usernames and passwords from accessing their loved one’s accounts: the Computer Fraud and Abuse Act (CFAA) and the Stored Communications Act (SCA). The CFAA imposes both criminal and civil liability on those who access another’s computer, computer system, or network without authority or even just exceeds their given authorization. The SCA goes one step further. It prohibits access to another’s computer without permission or access that exceeds the scope of authorization. The SCA also prohibits a computer service provider (like Yahoo!) from disclosing electronic communications without the account holder’s permission. See Ajemian v. Yahoo!, Inc., 478 Mass. 169, 84 N.E.3d 766 (2017).
Currently, digital assets are primarily governed by the user agreement on the appropriate website. This complicates issues because user agreements typically only allow the actual user to access the user’s account. Each website provides its own unique way for a third party to gain access to an account. This means that figuring out what each website needs for a descendant to access an account can be extremely frustrating and time-consuming.
Thankfully, Georgia adopted the Revised Uniform Fiduciary Access to Digital Assets Act (RUFDAA) in 2018. O.C.G.A. § 53-13-1 covers all digital assets but divides up the type of asset based on the type of information sought by the descendent or representative. For example, the Georgia RUFDAA distinguishes between a “catalogue of electronic communications” (i.e., “information that identifies each person with which a user has had an electronic communication, the time and date of the communication, and the electronic address of the person”) and the actual “content of an electronic communication.”
Interestingly, access to digital assets may be granted by a user in two unique ways. One, through the use of an online tool. An example of an online tool is Facebook’s legacy contact feature – which allows a designated person to post a final message on Facebook, download a copy of what the original user shared, and remove the account entirely. Or two, through the use of a will, trust, or power of attorney. Directions in either of these forms override the website’s terms of service, but if the user has both a will and an online tool – the online tool controls.
Thanks to Georgia’s RUFDAA statute, digital assets may be disposed of in a Will or transferred to a trust. However, these solutions may present their own unique practical problems. First, it is never a good idea to write down every username and password that someone possesses. This gives anyone with access to the list the ability to log in to every important website that was written down – from bank accounts to Twitter. Additionally, Wills become public records, and a list of every username and password would soon compromise the purpose of writing it down in the first place. As such, it may be more prudent to create an independent digital access letter that could list the usernames and passwords and be put in a safe place. The Will would then reference this document which would help with an unintentional disclosure when the Will is made public.
Another solution could be the use of a Digital Asset Protection Trust (DAP Trust). The individual would place the digital property, rights, and licenses (for the downloaded Amazon movie) into a revocable DAP trust. Because it’s revocable, the trust could be updated at any time with new passwords or security questions, and it would never become a public record, unlike the will solution. The trust would hold the licenses and rights to all the digital assists and could be transferred as soon as the triggering event occurs. This is still a developing point of law, and the use of a Wills, Trust, an Estate attorney would be vital in this execution.
An additional emerging solution to this problem is to appoint a “digital executor.” The idea here is that one very trusted person could be designated to handle the digital assists of the decedent according to the original account holder’s instructions. This person could be told to message friends in an online gaming community, back up email accounts, collect Coinbase crypto statements, and even delete your Google search history. While the digital executor could be the same person as the normal executor, the digital executor almost needs to be more trusted as the digital executor would have access to everything an individual did online.
This area of the law is evolving, and the use of a knowledgeable wills, trusts, and estates attorney is of the utmost importance to bring your digital asset planning to life. Contact our office to speak with one of Thrift McLemore’s will, trust, and estate attorneys.
