The term “estate planning” generally includes documents such as a Last Will & Testament, financial power of attorney, health care power of attorney and maybe a trust. However, to address the growing online presence of individuals from young to old, estate planning has grown to include planning of an individual’s digital assets on their death or disability as well. In fact, recent articles suggest that the average user possesses upwards of 90 online accounts. What exactly happens to those accounts when your clients die?
Many people assume that an executor or a family member will gain access to the accounts, but for many states, that is not currently the case. The laws in most states do not grant an executor or family member access to online accounts at the time the owner passes away. The model Uniform Fiduciary Access to Digital Assets Act (UFADAA) was drafted to provide states with consistent rules and procedures for accessing digital information, however, many digital access providers have vigorously fought to stop states from passing legislation similar to the UFADAA. In an effort to take a step forward, some states have passed slimmed down legislation to allow limited access to certain accounts, such as email. In addition to state laws, each individual digital access provider has their own rules and requirements for gaining access to personal information.
Because access to digital accounts following the death of a family member can be daunting, it is important that clients implement an effective digital estate plan. The principles which guide traditional estate planning are also applicable to digital estate planning. Keeping important documents updated and in a place where family members and/or an executor can access the information is especially important with digital accounts. Most people have a myriad of email addresses, passwords, pin numbers, reset questions, thumbprints, secret knocks and code phrases that grant us access to our accounts. However, how many of those access keys are accessible by a family member and/or executor?
There are currently four methods to transfer access upon death: written instructions, access through specific digital providers, password managers and digital legacy services.
Many digital users record their passwords and access information and store the instructions in a secure place, such as a personal safe or safe deposit box. If the information is updated regularly and stored in a safe location, this can be the cheapest and simplest method to transfer access to a surviving family member or executor. However, because passwords and other login information change regularly, it is important that the written instructions be updated regularly as well. The necessary upkeep of recording and storing this information can require a significant time investment.
Many digital account providers are beginning to provide solutions to this issue. For example, Facebook now allows users to designate a profile executor who can access the account upon the death of the account creator. Twitter allows the person authorized to act on behalf of the deceased person to request an account to be deactivated. Email providers, like Google and Yahoo, will consider granting access to an account (or certain limited information) by the authorized person following a review of a written request, and a Gmail user can designate an Inactive Account Manager who may access certain information if the account is inactive for a designated period. While these individual solutions are helpful, it is difficult to prepare each account to be accessed by a surviving family member or executor, since each provider has different rules.
Third-party password managers, like LastPass, KeePass and Dashlane, all provide methods to send access information to certain designated individuals on the death of the user. Generally, all password managers have the ability to share stored information with others; however, some password managers provide springing access. For example, LastPass allows users to choose one or more accounts to which they want to grant access and send an advance email to any individual. The email contains a link, which once activated, begins a countdown clock. During the designated timeframe, the original sender has the ability to reject access. In the event that the original sender does not reject access, then the individual gains access to the information provided. With password managers, there is a fear of accounts being hacked and outsiders gaining access to information, so it is critical to research the options and choose a service provider carefully.
Digital Legacy Services
A new type of company, sometimes referred to as a digital legacy company, is popping up to help transfer digital access information to family members and/or executors. Some services, like Legacy Locker (now owned by PasswordBox) or Estate Assist, allow a death notification to grant access while other services, such as Death Switch, use email and the lack of response to determine when to send access information to a designated user. Almost all of the digital legacy services charge a fee, and just as with password managers, digital legacy providers are often susceptible to hackers.
Regardless of the method used to transfer digital access, every individual who uses online services should take the following steps:
- Make a list of online accounts;
- Determine which accounts family and friends should be able to access following your death or incapacity;
- Develop a plan or choose a method to transfer the necessary access information; and
- Add a provision to your Last Will & Testament granting an executor or personal representative access to your accounts if permitted under state law.
Christopher A. Steele is an attorney in the Trusts and Estates Practice at Chamberlain Hrdlicka (Atlanta). He counsels clients in a variety of tax and estate matters including planning for business owners.