The Florida Fiduciary Access To Digital Assets Act (Chapter 740)

PROBATE CORNER

By: David M. Garten, Esq.

ARTICLE:  The Florida Fiduciary Access To Digital Assets Act (Chapter 740)

The Florida Fiduciary Access to Digital Assets Act (“Act”) went into effect on July 1, 2016.  The goal of the Act is to facilitate fiduciary[1] access while respecting the privacy and intent of the account holder.  It allows the fiduciary to “step into the shoes” of the account holder and access, control, and/or copy digital assets from online accounts from banks, FaceBook, Google, Gmail, Instagram, etc., including account histories and user account information. The Act supplements the rights of an account holder under the Electronic Communications Privacy Act of 1986 (“ECPA”), 18 U.S.C. § 2510-22.

The Act was also drafted in light of the fact that a deceased account holder likely registered with an on-line service by consenting to a terms-of-service agreement (“TOSA”). TOSAs specify the conditions controlling the relationship between an account holder and a custodian. The Act recognized that in most situations, the account holder likely consented to the TOSA by clicking “I agree” without ever reading it. The TOSA generally describe the account holder’s rights in using the service, how personal information will be protected, the conditions on information sharing, and the account holder’s rights upon death. The Act has taken into account a custodian’s possible refusal to grant fiduciary access simply because the deceased account holder consented to a blanket TOSA by specifying that fiduciary access, by itself, will not be deemed a violation of a TOSA or deemed an unauthorized transfer of an account.

In general, the Act accomplishes three purposes: First, it provides fiduciaries the legal authority to manage digital assets and electronic communications in the same manner that they manage tangible assets and accounts. Second, the Act provides custodians of digital assets and electronic communications the legal authority they need to interact with the fiduciaries of their users while honoring the user’s privacy expectations for his personal communications. Most importantly, a custodian is granted immunity from liability for acts or omissions done in good faith compliance with the Act. And third, the Act gives users the ability to plan for the management and disposition of their digital assets if they should die or become unable to manage their assets by vesting fiduciaries with the authority to access, control, or copy digital assets and accounts.

The fiduciary’s access to digital assets does not mean that the fiduciary is entitled to “own” the asset or otherwise engage in transactions with the asset. Consider, for example, funds in a bank account or securities held with a broker or other custodian, regardless of whether the bank, broker, or custodian has a brick-and-mortar presence. The Act affects records concerning the bank account or securities, but does not affect the authority to engage in transfers of title or other commercial transactions in the funds or securities, even though such transfers or other transactions might occur electronically.

The following examples are contained in the RPPTL White Paper:

Access to digital assets by personal representative: D dies with a will that is silent with respect to digital assets. D has a bank account for which D received only electronic statements, stored photos in a cloud-based Internet account, and an e-mail account with a company that provides electronic-communication services to the public. The PR needs access to the electronic bank account statements, the photo account, and e-mails. The PR has the authority to access D’s electronic banking statements and D’s photo account because they fall under the Act’s definition of a “digital asset.” This means that if these accounts are password-protected or otherwise unavailable to the PR, then the bank and the photo account service provider must give access to the PR upon request.  The PR is also able to request that the e-mail account service provider grant access to e-mails sent or received by D because the ECPA permits the service provider to release the catalogue[2] to the PR. The service provider may provide the PR access to the content of an electronic communication sent or received by D if the service provider is permitted under 18 U.S.C.§2702(b) to disclose the content. The bank may release the catalogue of electronic communications or content of an electronic communication for which it is the originator or the addressee because the bank is not subject to the ECPA.

Access to digital assets by guardian: G is seeking appointment as the guardian for P.  P has a bank account for which P received only electronic statements. P has stored photos in a cloud-based internet account and P has an e-mail account with a company that provides electronic communication services to the public.  G needs access to the electronic bank account statements, the photo account, and e-mails. Without a court order that explicitly grants access to P’s digital assets, including electronic communications, G has no authority pursuant to the Act to access the electronic bank account statements, the photo account, or the e-mails. See §740.04, F.S.

Access to digital assets by agent under a POA: X creates a power of attorney designating A as X’s agent. The power of attorney expressly grants A authority over X’s digital assets, including the content of an electronic communication.  X has a bank account for which X receives only electronic statements, X has stored photos in a cloud-based Internet account, and X has a game character and in-game property associated with an online game. X also has an e-mail account with a company that provides electronic-communication services to the public. A has the authority to access X’s electronic bank statements, the photo account, the game character and in-game property associated with the online game, all of which fall under the Act’s definition of a “digital asset.” This means that, if these accounts are password-protected or otherwise unavailable to A as X’s agent, then the bank, the photo account service provider, and the online game service provider must give access to A upon request. As X’s agent, A is also able to request that the e-mail account service provider grant access to e-mails sent or received by X because the ECPA permits the service provider to release the catalogue. The service provider may provide A access to the content of an electronic communication sent or received by X if the service provider is permitted under 18 U.S.C.§2702(b) to disclose the content. The bank may release the catalogue of electronic communications or content of an electronic communication for which it is the originator or the addressee because the bank is not subject to the ECPA.

Access to digital assets by trustee: T is the trustee of a trust established by S. As trustee, T opens a bank account for which T receives only electronic statements. The bank has a TOSA with D regarding the use of electronic communications. S transfers into the trust (in compliance with the TOSA) a game character and in-game property associated with an online game and a cloud-based Internet account in which S has stored photos.  S also transfers to the trust (in compliance with the TOSA) an e-mail account with a company that provides electronic-communication services to the public. T is an original account holder with respect to the bank account and T has the ability to access the electronic banking statements. T, as the successor account holder to S, may access the game character and in-game property associated with the online game and the photo account because both are defined as digital assets under the Act. This means that, if these accounts are password-protected or otherwise unavailable to T, then the bank, the photo account service provider, and the online game service provider must give access to T upon request.  T, as successor account holder of the e-mail account, is also able to request that the e-mail account service provider grant access to e-mails sent or received by S because the ECPA permits the service provider to release the catalogue. The service provider may provide T access to the content of an electronic communication sent or received by S if the service provider is permitted under 18 U.S.C.§2702(b) to disclose the content. The bank may release the catalogue of electronic communications or content of an electronic communication for which it is the originator or the addressee because the bank is not subject to the ECPA.

Access notwithstanding terms in a TOSA. D, who is domiciled in Florida, dies. D was a professional photographer who stored valuable digital photos in an online storage account provided by C.  PR is appointed by a court in Florida to administer D’s estate. PR needs access to D’s online storage account to inventory and appraise D’s estate assets and to file the estate tax return.  During D’s lifetime, he entered into a TOSA with C for the online storage account.  The choice-of-law provision selects the law of state Y (not Florida) to govern the contractual rights and duties under the TOSA.  A provision of the TOSA prohibits fiduciary access to the digital assets of an account holder, but D did not agree to that provision by an affirmative act separate from D’s assent to other provisions of the TOSA. State Y does not have a law governing digital assets. Because PR’s access to D’s assets is fundamental to carrying  out PR’s fiduciary duties, a court should apply the Act to void the TOSA provision prohibiting PR’s access to D’s online account, even though the TOSA selected the law of state Y to govern the contractual rights and duties under the TOSA.

Fiduciary’s access to email account with employer: D dies while employed by Company Y.  Company Y has an internal email communication system available only to its employees. The PR of D’s estate believes that D used Company Y’s email system for some financial transactions that PR cannot find through other means. PR requests access from Company Y to the emails. Company Y did not have a TOSA with D regarding the use of electronic communications. Company Y is not a custodian as defined under the Act because it is a private e-mail service provider[3]; therefore, any digital assets created through employment belong to Company Y and the PR does not have access to the internal emails.

[1] The Act pertains to the following fiduciaries: (1) personal representatives, (2) guardians of the property of minors or incapacitated persons, (3) agents acting pursuant to a power of attorney, and (4) trustees. See §740.002(13), F.S.

[2] Catalog of electronic communications” means information that identifies each person with which a user has had an electronic communication, the time and date of the communication, and the electronic address of the person. See §740.002(4), F.S.

[3] ECPA does not apply to private e-mail service providers such as employers and educational institutions. See 18 U.S.C. §2702(a)(2).