21-Aug-17
Digital Assets: Fiduciaries Navigating the Cloud
As I promised at this morning’s meeting, what follows is a summary of the Michigan Fiduciary Access to Digital Assets Act (Act). I apologize in advance for it not being riveting reading!
Take-Away: Fiduciaries now have access to digital assets as authorized by the Act. It is important that the governing instrument that authorizes the fiduciary’s access to digital assets include giving the authority to access the content of the digital assets, not just access to those assets. In addition, the fiduciary should confirm that no other person has been designated with authority to access digital assets with the digital custodian, since that designated person will effectively negate the authority granted to the fiduciary to access the digital assets under a governing instrument. Finally, a separate Certificate of Trust that references the trustee’s authority to access the content of the settlor’s digital assets should be prepared and made available to the trustee.
Background: Michigan’s statute that authorizes a fiduciary’s access to digital assets became effective on June 27, 2016. It grants access to digital assets to Agents acting under Durable Powers of Attorney, Personal Representatives of a decedent’s probate estate, Trustees that serve under Trusts, and court appointed Conservators, IF the governing instrument (or court order) grants that authority to the fiduciary. If the fiduciary possesses the right to deal with the principal (or decedent, or settlor, or ward’s) personal property and tangible financial assets, then they also will have similar rights to digital assets.
Key Definitions:
- Digital Asset: Electronic record in which the user has a right or interest. Examples would be email accounts, brokerage accounts, social media accounts, and anything stored in the ‘cloud’ or a ‘dropbox.’ Excluded however, are an employer’s digital assets used by an employee for ordinary business. Therefore, if an employee uses their employer’s email for personal business, a fiduciary may not access that account. [Section 3(4)]
- Digital Custodian: Person that carries, maintains, processes, receives, or stores digital assets of the user. Examples: Microsoft, Apple, Facebook.
- Fiduciaries That May Access Digital Assets: Agents acting under a Durable Power of Attorney; Personal Representatives of a Probate Estate; Trustee of a Trust; and Court Appointed Conservators. HOWEVER, some Digital Custodians permit an on-line tool that permits the user of the account to designate a person with authority to access their account; if that designation is in place that designation will override the authority granted to fiduciaries to access the user’s digital assets under a governing instrument. Example: Facebook permits the designation of a ‘legacy contact’ to have access to the account user’s profile after the user’s death. Giving the personal representative of their probate estate similar authority will not work by virtue of the ‘legacy contact.’ [Section 3(1)]
Fiduciary Access: A fiduciary must request access to the account user’s digital assets. That request is made to the digital custodian including: (i) a written request for disclosure- physical letter or electronically; (ii) a copy of the user’s death certificate (if germane); (iii) a copy of the fiduciary’s Letters of Authority, or a copy of the Durable Power of Attorney; and/or (iv) a Certificate of Trust, or a copy of a Will or Durable Power of Attorney that ‘evidences consent to disclosure.’ [Section 7]
Custodian Response:
- Additional Information: Even if the fiduciary furnishes to the custodian the information identified above, the custodian possesses the right to ask for additional information, including: (i) the unique account identifier assigned by the custodian to the account user; (ii) evidence that links the account to the account user, g. perhaps an email reference; (iii) an affirmation from the fiduciary that states that the requested disclosure is necessary to the administration of the user’s estate or affairs; and (iv) a court order that finds the requested disclosure if necessary to administer the user’s estate.
- Time: The custodian must respond and comply within 56 If the custodian does not timely respond, then the fiduciary must petition the local court for and order of disclosure. [Section 16]
- Disclosure: The custodian may respond in any of three different ways: (i) the custodian grants full access to the user’s account; or (ii) the custodian grants partial access to the user’s account ‘sufficient to enable the fiduciary to perform their required duties,’ g. access to view the user’s brokerage account but not trade that account; or (iii) provide a copy of the digital assets that the user could have accessed if still alive, e.g. forward copies of photographs stored in the ‘cloud.’ [Section 6] However, the digital custodian does not have to disclose assets/records that were previously deleted by the account user. [Section 6(2)]
- Non-disclosure Directive: Despite what access that might be given in the account user’s governing instrument, if there exists within the user’s digital account a direction of no disclosure, that on-line directive will take precedence over an inconsistent authorization of access by the fiduciary in the user’s governing instrument. [Section 4(1)]
- Terms of Service Agreement (TOS) Controls: If no access to digital assets is authorized in the account user’s governing instrument, and the TOS agreement says otherwise, then no access is given to the fiduciary without a court order. Restated, access may be eliminated by the TOS agreement if the account user has not provided for directions that authorize access. [Section 4, expressly granting access; Section 5(3) denying access if Section 4 is not fully complied with by the user]
- Costs: The custodian can charge a reasonable fee for the disclosure. [Section 6(2)]
- No Disclosure: A disclosure may be denied by the digital custodian if the custodian concludes that a request for part of the digital assets associated with the user’s account imposes an undue burden on the custodian. In this situation, either the custodian or the fiduciary can seek a court order to compel disclosure (or protection.) The resultant court order can either order: (i) a subset of digital assets or information limited by date to be disclosed; (ii) all of the user’s assets; (iii) none of the user’s assets; or (iv) production of all of the user’s assets to the court for the court to determine, in private, what portion of the digital assets may be disclosed. [Section 6(4)]
Impact on Fiduciaries: The Act addresses many aspects of the fiduciary’s role and it relationship with its beneficiaries and the federal laws that deal with, and are intended to protect, digital assets from being stolen and the digital user’s expectations of privacy.
- Duties: The customary legal duties imposed on a fiduciary associated with handling tangible personal property apply to the authorized fiduciary’s management of digital assets, e.g. duties of care, loyalty, and confidentiality. [Section 15]
- Protect Copyrights: Except as may be addressed to the contrary in the TOS Agreement, an authorized fiduciary must respect all copyrights associated with the digital assets.
- No Impersonation of User: Consistent with existing federal law that makes criminal violation of electronic communications and protects privacy expectations in electronic communications, an authorized fiduciary may not impersonate the account user. In short, while a fiduciary may step into the shoes of the decedent or settlor, those shoes do not include impersonating the decedent or settlor.
- Unrestricted Access: An authorized fiduciary that is granted authority over the settlor’s property possesses the right to access the settlor’s digital assets in which the settlor holds a right or interest that is not subject to a TOS Agreement.
- Computer Fraud Immunity: An authorized fiduciary who acts within the scope of its fiduciary duties is an authorized user of the property of the settlor [e.g. computers; software] for the purpose of applicable state and and federal computer fraud and unauthorized computer access criminal laws.
- Computer Access: An authorized fiduciary possesses the right to access the property of the user, e.g. the user’s computer, and any digital assets stored in it, and will thus be treated by law as an authorized user.
- Exoneration: An authorized fiduciary is immune for liability for an act taken in good faith compliance with the Act.
- Termination: An authorized fiduciary can request the digital custodian to terminate the account user’s account.
Trustees: A few Sections expressly deal with Trustees and their access to digital assets of the settlor. Other sections expressly deal with Personal Representatives, Agents and Conservators’ access. Most of these other sections are the same, depending upon which fiduciary is involved with the digital assets. For simplification purposes, reference will only be made to those Sections of the Act that pertain to Trustees.
- Original User: If the Trustee opened the digital account as its own account, the custodian must disclose any digital assets of the account including a catalogue of communications sent or received by that account. In this case, the Trustee is already the user of the digital assets, and there should be no limits on accessing its own account. [Section 11]
- Content v. Catalogue: If the Trustee seeks to obtain the contents of the settlor-user’s account, then the procedure of Section 12 must be followed and its requirements met. Content of the settlor-user’s account is distinguished from only a Catalogue of Contents or activity of the settlor-user’s account which is addressed in Section 13.
- Section 12-Content: “Unless otherwise ordered by the court, directed by the user, or provided in a trust, a digital custodian SHALL DISCLOSE to a trustee, that is not an original user of an account, the CONTENT of an electronic communication sent or received by an original or successor user and carried, maintained, processed, received, or stored by the digital custodian in the account of the trust IF the trustee gives to the digital custodian ALL of the following: (a) a written request for disclosure in physical or electronic form; (b) a certificate of trust under [MCL 700.7913] that includes consent to disclosure of the contents of electronic communications to the Trustee; (c) a certification of the trustee, under penalty of perjury, [aka an affidavit] that the trust exists and that the trustee is a currently acting trustee of the trust; (d) if requested by the digital custodian, any of the following: (i) a number, username, address or other unique subscriber or account identifier assigned by the digital custodian to identify the trust’s account; and (ii) evidence linking the account to the trust.”
- Section 13- Catalogue: This section is almost identical, word-for-word with Section 12 with only one difference. This Section, which only authorizes a catalogue of communications sent or received by the settlor in his/her digital asset account, drops from the requirement in the Certificate of Trust the phrase “that includes consent to disclosure to the contents of electronic communications to the trustee.” Therefore, if only a catalogue of communications sent or received is needed, a conventional Certificate of Trust should work. If contents of the digital assets is needed, then the Trustee will have to send a Certificate of Trust that expressly identifies the access to contents the settlor intends the trustee to possess.
Conclusion: As we work with our clients and encourage them to periodically update their estate planning instruments, it is important to include in that discussion the need for amendments to their Durable Powers of Attorney, Wills and Trusts to update the scope of the disclosure of their digital assets to their fiduciaries. In older estate planning documents often reference was only made to the fiduciary having access to the individual’s digital assets. Most digital custodians will interpret that power to have access as excluding the contents of those digital assets, in their effort to avoid violating federal electronic communication and privacy criminal statutes. Any amendments to existing estate planning documents should include magic words like access to the contents of all of my digital assets, regardless of the digital custodian of those assets and notwithstanding any contrary intent I may have express or elected in any Terms of Service Agreement, or words of comparable effect. Since petitions to courts may be required from time to time by the trustee under the Act, a secondary question for clients to address in their governing instruments is whether those additional expenses should be borne by all trust beneficiaries, or only those trust beneficiaries who will directly benefit from the digital account that requires the follow-up petition after the custodian denies the request, or address who should pay the custodian’s reasonable fee for responding to the trustee’s disclosure request. Finally, many lawyers may need to be prompted to prepare a specific Certificate of Trust that references the authority granted to the Trustee to obtain access to the contents of the settlor’s digital assets; the current Michigan statute that references what needs to be included in a Certificate of Trust to comply with the Trust Code does not reference digital assets, so drafting attorneys may now want to create two Certificates of Trust for their clients: one that is generic and complies with the Michigan Trust Code, and a second Certificate of Trust that expressly incorporates, probably verbatim, the power granted by the settlor to the trustee to access the contents of the settlor’s digital assets.