Who Do You Want Making Decisions About Your Online Accounts If You Die or Become Incapacitated? A Proposed New York Statute Would Give You the Right to Choose

Kadeen Wong, Esq., and Kevin Matz, CPA, Esq., LLM
Published Date:
Sep 1, 2016

Have you ever wondered what will happen to the contents of your Facebook, LinkedIn, and personal e-mail accounts if you die or become incapacitated? Does your family know what accounts you have? Do they have the authority to access, use, or terminate those accounts? If you think you have this all figured out because you have written down a master list of all your accounts with logins and passwords, you may be sadly mistaken; however, a proposed New York State statute—if signed into law by Governor Cuomo—might soon be coming to your rescue.

 As explained in the bill memorandum accompanying Bill Number A09910, the wide use of digital assets has created an urgent need for legislation that deals with the administration of these assets upon the death or incapacity of the user. As a practical matter, there should be no difference between a fiduciary’s ability to gain access to information from an online bank or other Internet-based business and the fiduciary’s ability to gain access to information from a business with a brick and mortar building.   

Unfortunately, the terms of service (TOS) agreements that you sign with online companies—and clicking on an “acceptance of terms” button qualifies as a signature—will generally prohibit you from allowing others to access your account or for you to transfer those digital accounts upon your death or incapacity. There are also federal laws that criminalize or penalize the unauthorized access of computers and digital accounts and prohibit most Internet service providers from disclosing account information to anyone without the user’s consent. These laws include the Electronic Computer Privacy Act (“ECPA”), the Stored Communications Act (“SCA”), which is part of the ECPA, and the Computer Fraud and Abuse Act (“CFAA”). 

The CFAA protects against access by anyone who intentionally accesses a computer without authorization or exceeds authorized access. The SCA contains two relevant prohibitions.  First, the SCA makes it a crime for anyone to intentionally access without authorization a facility through which an electronic communications service is provided; it also prohibits anyone from intentionally exceeding an authorization to access that facility. Second, the SCA prohibits an electronic communications service from knowingly divulging the contents of a communication that is stored by—or maintained on—that service unless disclosure is made to (1) an addressee or intended recipient of such communication or (2) an agent of such addressee or intended recipient or (3) with the lawful consent of the originator or an addressee or intended recipient of such communication.                      

The SCA is often the basis on which Internet service providers refuse to release the contents of a deceased user’s account. In addition to these federal privacy laws, there are state privacy laws. All fifty states, including New York, have enacted laws that criminalize or penalize the unauthorized access to computer systems. Accordingly, without legislation, many Internet service providers will likely continue to refuse to provide access or to release content upon the death or incapacity of a user on the basis of privacy concerns or for fear of liability.                     

The proposed New York statute would add new Article 13-A to the New York Estates, Powers and Trusts Law (“EPTL”) and would be titled “Administration of Digital Assets.” It is based largely on a proposal from the Uniform Law Commission, known as the Revised Uniform Fiduciary Access to Digital Assets Act (“RUFADAA”). RUFADAA attempts to give fiduciaries the authority to manage and dispose of digital assets in a manner that is comparable to the administration of the tangible property of a deceased or an incapacitated person. Both RUFADAA and the proposed New York statute give an individual the power to plan for the administration of their digital property by providing instructions in a will, trust instrument, or power of attorney, among other means.       

Importantly, the proposed New York statute distinguishes between giving fiduciaries access to the “content” of a user’s information, as opposed to a “catalogue” of such information.  The “content” of an electronic communication is defined as the substance or meaning of the communication in the electronic record that has been sent or received by the user—and is held in electronic storage by a custodian. For example, the content of an account holder’s electronic communication can be photos, videos, posts, or e-mail messages. In contrast, a “catalogue” of an electronic communication means information that identifies each person with which a user has had an electronic communication, the time and date of the communication, and the electronic address of the person. It does not give you the details of the communication, only the identifying information described above.           

Subject to certain exceptions and limitations, the proposed New York statute will allow users to use an “online tool” or—if he or she chooses—provisions in wills, trust instruments, and powers of attorney to permit a designated recipient or fiduciary with access to the actual content of the electronic records and, in certain instances, the catalogue as well. An “online tool” is defined in the proposed New York statute as an electronic service provided by a custodian (which will often be the online service provider) that allows the user, in an agreement distinct from the TOS agreement, to provide directions for disclosure or nondisclosure of digital assets to a third person. It is critical to note that if an online tool allows the user to modify or delete a direction regarding disclosure at any time, such direction will override a contrary direction in the user’s will, trust instrument, or power of attorney. A user’s direction in an online tool, will, trust instrument, or power of attorney also overrides a contrary provision in the TOS agreement that does not require the user to act affirmatively and distinctly from the user’s assent to the TOS agreement.    

The proposed New York statute also sets forth procedures for disclosing digital assets and generally requires the custodian to comply with a properly formatted information request that meets certain statutory requirements within sixty days of its submission. The proposed New York statute also provides that a fiduciary may not “impersonate” the user. Fiduciaries will have the same rights as an account holder to access digital assets, but only for the limited purpose of carrying out their fiduciary duties. For example, a fiduciary will not be able to impersonate the account holder by sending e-mails from the user’s account, but may access the content of the user’s e-mails. Similarly, a court-appointed guardian may have limited access to an incapacitated person’s account, but may not impersonate the incapacitated person by maintaining the ongoing use of the account.                                         

What this all means is that New Yorkers will likely soon have an opportunity to effectively designate who can obtain access to their digital records upon their death or incapacity and, moreover, whether they might wish to prohibit such disclosure either in whole or in part.  Although this can be done by will, trust instrument, or power of attorney, the Internet service providers’ online tools might work well too, and, as noted above, the proposed New York statute provides that a direction regarding disclosure using an online tool overrides a contrary direction by the user in a will, trust instrument, or power of attorney. Accordingly, we should remind our clients (1) to carefully consider their dispositive wishes for their digital assets; (2) to address their dispositive wishes for their digital assets in their wills, trust instruments, and powers of attorney, where appropriate; and (3) to ensure that such wishes contained in their wills, trust instruments, and powers of attorney have not been inadvertently overridden by a contrary direction contained in an online tool that might be out of date.

Kadeen L. Wong, Esq., is an attorney at the law firm of Kevin Matz & Associates PLLC, with offices in New York City and White Plains, NY. Ms. Wong’s practice involves estate planning, trust and estate administration and related tax matters. She assists high-net-worth clients with implementing their estate planning objectives, including the preparation of wills, trust agreements and related instruments. Ms. Wong is a member of the NYSSCPA Estate Planning Committee and is also a member of the New York State Bar Association, the Westchester Women's Bar Association and the Westchester County Bar Association. She can be reached by email at kwong@kmatzlaw.com, or by phone at 914-512-7761.

Kevin Matz, CPA, Esq., LLM (Taxation) is the managing attorney of the law firm of Kevin Matz & Associates PLLC, with offices in New York City and White Plains, NY. Mr. Matz is a CPA (in which connection he is a past chairman of the NYSSCPA Estate Planning Committee), and writes and lectures frequently on estate and tax planning topics. His practice is devoted principally to domestic and international estate and tax planning and he is a Fellow of the American College of Trust and Estate Counsel. He can be reached by email at kmatz@kmatzlaw.com, or by phone at 914-682-6884.

Views expressed in articles published in Tax Stringer are the authors' only and are not to be attributed to the publication, its editors, the NYSSCPA or FAE, or their directors, officers, or employees, unless expressly so stated. Articles contain information believed by the authors to be accurate, but the publisher, editors and authors are not engaged in redering legal, accounting or other professional services. If specific professional advice or assistance is required, the services of a competent professional should be sought.