Privacy + Estate Planning = Handling Your Digital Assets After You Die

by Snell & Wilmer

The recently-proposed Revised Uniform Fiduciary Access to Digital Assets Act (“Revised UFADAA”) is a potential solution to a problem that most of us eventually will face:  how will our digital assets be accessed and used (or kept private and destroyed, depending on our wishes) after we die, and by whom?  As 23 states consider enacting this legislation in 2016, the time has come to think about this issue, not only for ourselves, but also for our parents, grandparents and other older relatives who have created on-line accounts that may hold valuable and/or sentimental digital assets.

Paper has long been an unsung hero for the executor of a decedent’s estate. A business card on a decedent’s desk can lead the executor to an attorney who holds a copy of the decedent’s current estate plan; a bank statement in the decedent’s mail can alert the executor to unknown financial accounts or coming-due bills; a note on the decedent’s bedside table can act as a supplement to the decedent’s will. Papers filed with the county clerk clarify ownership of real property. Even sentimental items, like photographs, depend on paper to be stored in an album that can later be distributed to heirs that would appreciate such a keepsake. Property is relatively simple to distribute when there is physical evidence of such property’s existence.

But as the world marches towards on-line accounts, relying on paper to track down property the old-fashioned way is becoming more problematic and less effective. Communications are now often stored only in electronic form; receipts for purchases are often emailed instead of printed; significant contracts are executed with a click of a mouse, and even sentimental things like photographs and family videos are being stored in “the cloud” through online services. Evidence of valuable assets such as digital music files, e-books, or video libraries, or even accumulated frequent traveler points, may not exist in paper form in a person’s records.  Indeed, even the account IDs and passwords needed to access those on-line accounts may themselves only be stored on-line in a “digital wallet”. This digitalization of life can make an executor’s task more difficult as he or she administers a decedent’s estate.

The Problem:  Once You Die,  Existing Rules Make it Hard For Your Estate to Access Your On-Line Accounts

On-line service providers may be hesitant – or even unwilling – to release information stored in digital form by the decedent. A common fear is that unauthorized access to such content could violate the Computer Fraud and Abuse Act. Many on-line service providers attempt to steer clear of this by requiring that an individual agree to terms of service that limit how digital information is accessed once that individual dies. For instance, Apple requires through its Privacy Policy, which is incorporated into Apple’s Terms of Use, legal process (e.g. court order, litigation, etc.) before online account information will be released. (Apple: see Disclosure to Third Parties).  Amazon limits access to an individual’s digital property through its Terms of Use by granting the user a “non-exclusive, non-transferable right” that is only to be used for “your personal, non-commercial purposes”. (Amazon: see Section 3. Rights and Restrictions). This serves to prevent third parties from claiming any right to digital property, even if it is believed that the digital property has been purchased outright. So, while an executor can sell a decedent’s house or close a bank account, that executor could encounter more difficulty in obtaining information that is stored on-line in a digital format.

And this is not simply a challenge at death; such limitations apply during an individual’s life as well in connection with agents acting under a power of attorney, conservators, and trustees.

A Potential Solution:  The Uniform Law Proposal

In hopes of updating the law to the current digital asset landscape, in 2014 the Uniform Law Commission completed a draft of the Uniform Fiduciary Access to Digital Access Act, and then revised it in 2015.  The Revised UFADAA attempts to strike a compromise between a fiduciary’s need to access protected digital information and an online service provider’s obligation to protect the privacy of a decedent-customer. The Revised UFADAA has been endorsed by the National Association of Elder Law Attorneys, Facebook, and Google, among others.

The Revised UFADAA affords a fiduciary the power to manage digital assets as it would tangible assets. A “fiduciary”, is defined as “an original, additional, or successor personal representative, [conservator], agent, or trustee”. Family members of a decedent may not unilaterally claim this power to access digital assets (unless, of course, they have been appointed as a fiduciary).

Many States Are Now Considering the Revised UFADAA

Currently, 23 states have introduced the Revised UFADAA for the 2016 legislative session, including Arizona, Utah and Colorado.  The Revised UFADAA contains the following notable sections:

Section 5 – A fiduciary has the same rights under an online service provider’s terms of services as the decedent. The fiduciary is treated as if standing in the shoes of the “protected person” – the owner of the digital assets. A custodian maintains its same rights under the terms of service. The Revised UFADAA defines a custodian as “a person that carries, maintains, processes, receives, or stores a digital asset of a user”.

Section 6 – A custodian may choose how much access it will give to a fiduciary based on the custodian’s business model. A custodian’s options are:

  • Grant a fiduciary full access to a protected person’s account(s);
  • Grant a fiduciary just enough access to a protected person’s account sufficient to perform the fiduciary’s tasks; or
  • Provide a fiduciary a copy/list of digital assets that could have been accessed by the protected person if they were able to act on their own.

Sections 7 through 14 – Outlines what specific classes of fiduciaries must do in order to make a request of a custodian to access digital assets.

  • Custodians cannot be compelled to grant full access to a decedent’s account(s) if not specifically provided for in a will, trust, power of attorney, or other record, including a court order.
  • At the least, a custodian can provide the copy/list of digital assets, per Section 6.

Section 15 – A fiduciary has the same duties regarding digital assets as with tangible assets, namely a duty of care, loyalty, and confidentiality.

Section 16 – A custodian is immune from liability for an act or omission done in accordance to the Revised UFADAA and if done in good faith.

It bears noting that the scope of Section 6 could be influenced by the wishes of the owner of the digital assets, in that the owner may direct in his or her estate plan the extent of the fiduciary’s access to digital assets.

The prevalence of digital assets has outpaced the law. The Revised UFADAA seeks to grant at least limited access to information concerning digital assets while still providing custodians protection from liability for disclosing information regarding these digital assets. Ultimately, each state must decide whether the Revised UFADAA is its answer to how much access a fiduciary should have regarding digital assets.  Stay tuned for further developments.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Snell & Wilmer | Attorney Advertising

Written by:

Snell & Wilmer

Snell & Wilmer on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.