Dealing with death is hard enough without the addition of legal matters. While many of us wish assets would just handle themselves upon the death of a loved one, those in charge of administering the estate need to make sure all assets are accounted for and protected.
As the baby boomers and members of Generation X age, we will be faced with a crisis concerning what to do with their digital assets upon death. Although the way we interact with the digital world has changed drastically over the past thirty years, there is good news for lawyers in Colorado. Colorado has recognized this oncoming crisis and has enacted a new law. The Revised Uniform Fiduciary Access to Digital Assets Act (Act) addresses potential issues of dying in the digital age.
The new Act defines a digital asset as "an electronic record in which an individual has a right or interest." This definition is broad and may encompass many specific assets: social networking sites; email; e-commerce accounts; photo sharing sites; music and video accounts; electronic access to store accounts, credit cards, bank accounts, and reward benefits; online gaming; and other webpages. The definition of a digital asset needs to be broad because changes to the law cannot keep up with rapid technological advances in the digital world.
The Act regulates authorized access to digital assets in a multitude of situations, including access to digital assets under a will, power of attorney, conservatorship, by a personal representative or trustee of a trust, and a custodian of the digital asset. This article will explain the Act's procedure for accessing digital assets by a personal representative or successor trustee of a trust upon the trustor's death.
I. Authorized Access for Personal Representative
If a deceased user consented, either through the custodian of the digital asset (by using an online tool) or through a last will and testament, the personal representative of the user's estate may request access to the digital asset. The key to authorizing access is "consent." If the user has consented, the personal representative has the ability to gain access by sending to the custodian of the asset a written request, a copy of the death certificate of the user, Letters of Administration or Letters Testamentary (if a probate is required) or a Small Estate Affidavit (if no probate is required), and a copy of the last will and testament.
It is important for practitioners to grant a personal representative access to digital assets in a client's last will and testament. Without this grant of authority (consent), the personal representative will likely face barriers to gaining authorized access upon the client's passing. The law has changed to allow access to digital assets, so the authority we draft in a client's estate planning documents needs to change as well.
II. Authorized Access for Trustee
When an individual creates a trust, and subsequently passes away, the trust should have a named successor trustee. The successor trustee may request that the custodian of the digital asset disclose the contents of electronic communications, as well as a catalog of the electronic communications, sent or received by the deceased user. In order to gain access to this information, the successor trustee needs to send a written request to the custodian of the assets, along with a certified copy of the trust (that includes consent to disclosure of electronic communications) and a certificate of trust.
Practitioners should include language in trusts that gives the trustor's consent to disclosure of electronic communication and any other digital asset upon their death. Without this grant of authority, it is unlikely that the successor trustee will be able to gain access to any digital assets of the deceased.
III. Federal Law Versus State Law
While the new Act is meant to bring flexibility to the access and disposition of digital assets in Colorado, it is still unclear what implications this Act will have for the application of federal law. Because not all digital assets have a situs, or physical location, a multitude of laws might apply.
There is currently a tension between federal communication privacy law and the new Colorado Act. The Federal Computer Fraud and Abuse Act makes it illegal for someone to intentionally access a computer, without authorization, thereby obtaining "[i]nformation contained in a financial record of a financial institution." A financial record can be merely a record pertaining to the relationship a customer has with the financial institution. A simple example is an online bank statement. If a family member dies and you use her login information to gain access to her bank statements, you just violated the Computer Fraud and Abuse Act. That is considered unauthorized access under federal law.
So, the question becomes, what constitutes authorized access? The Computer Fraud and Abuse Act does not address how a fiduciary may gain authorized access. Colorado is attempting to fix this hole. Under Colorado law, a fiduciary may now access a digital asset, such as an online bank statement, as long as the fiduciary has authority as personal representative or Trustee. This creates a potential conflict between federal law and Colorado law. Colorado law allows fiduciary access to digital assets, so long as the user consented, but federal law is silent on whether a fiduciary is an authorized user.
The Revised Uniform Fiduciary Access to Digital Assets Act has created flexibility by allowing fiduciaries, such as personal representatives and trustees, access to the digital assets of a deceased user. Due to the silence of federal law regarding a fiduciaries authority to gain access to digital assets, it is too early to tell if Colorado law will impact a custodian's decision to release information upon a fiduciary's request.
† Molly T. Zwerdlinger is an Associate in the law firm of ambler keenan mitchell johnson. She received her B.A. in political science and sociology from Colorado State University. She was awarded her Jurisprudence Doctorate from the University of Denver Sturm College of Law. Molly's practice emphasizes estate planning, probate, and trust administration.
 Colo. Rev. Stat. §§ 15-1-1501 to 1518 (2016).
 Id. § 15-1-1502(10).
 Id. § 15-1-1503(1) to (2).
 Id. § 15-1-1507(1)(d).
 Id. §§ 15-1-1512 to 1513.
 18 U.S.C. § 1030(a)(2)(A).
 Id. § 1030(e)(5).