Technological advancements have dramatically changed consumer habits and how people communicate, store, access, and transfer information, and shop. COVID-19 has further fast-tracked and increased global dependence on digital communications and online activities to conduct personal and business affairs. To address the growing need for guidance surrounding lawful access to digital assets and information by a fiduciary, Pennsylvania enacted Act 72 of 2020 on July 23, 2020 (“Act 72”). The legislation, based on the Revised Uniform Fiduciary Access to Digital Assets Act (“RUFADAA”), took years of perseverance by its sponsor, Senator Tom Killion, and numerous interested parties. Act 72 adds a new Chapter 39 to the Probate Estates and Fiduciaries Code (“PEF Code”) and a new “hot power” to Pennsylvania’s general power of attorney law under PEF Code §5601.4. This new “hot power” specifies that an agent may access the electronic communications and digital assets of the principal only if the power of attorney clearly grants the agent the authority to do so. Lastly, Act 72 inserts an additional subpart (23) to PEF Code §711 to clarify that all matters pertaining to Chapter 39 are within the jurisdiction of orphans’ court. Act 72 is effective 180 days after enactment, or January 19, 2021, and the provisions concerning the additional “hot power” in §5601.4(a)(9) apply to powers of attorney executed on or after January 19, 2021. This article provides a general overview of this new legislation. Except as otherwise indicated, all references are to RUFADAA instead of the corresponding sections of PEF Code Chapter 39.
RUFADAA outlines the legal authority of a fiduciary to access a person’s digital assets, including pictures, books, accounts, videos, websites, domain names, loyalty programs, documents, electronic communications, social media accounts, monetized digital assets, digital collectibles, and other digital interests and accounts governed by a Terms of Service Agreement (“TOSA”). Under RUFADAA, digital assets are defined as “an electronic record in which an individual has a right or interest. The term does not include an underlying asset or liability unless the asset or liability is itself an electronic record.” Many digital assets carry sentimental value, monetary value, or personal information. Some digital assets and accounts are not able to be conveyed, such as the iCloud service, as the user only has a lifetime license in the account.
Historically, accessing electronic communications and accounts or information stored digitally was addressed by two federal laws, the Electronic Communications Privacy Act, which incorporates the Stored Communications Act (“SCA”) and the Computer Fraud and Abuse Act (“CFA”). The SCA safeguards the privacy of a user and limits accessibility to contents of files stored by service providers and records held about subscribers. The CFA punishes unauthorized entry to computers and data. Neither law addressed access by a fiduciary. RUFADAA sought to clarify resulting uncertainties by providing for access by four different types of fiduciaries: a personal representative of a decedent’s estate, an agent under a power of attorney, a trustee of a trust, and a guardian of an incapacitated person’s estate.
Access to digital assets that are governed by a TOSA are subject to a three-tiered hierarchy in determining priorities for access by a fiduciary under RUFADAA’s default rules. First priority is given to the person named by the user in an online tool (called a “designated recipient”). RUFADAA defines an online tool as an electronic service provided by a custodian that allows the user, in an agreement distinct from the TOSA, to provide for the disclosure or nondisclosure of digital assets to a third person. In some ways an online tool is akin to a beneficiary designation on a conventional asset. Right now, only a few service providers offer the option of an online tool on their platform; however, as this option becomes more available, advisors will need to ensure the use of online tools is cohesive with an individual’s estate plan. The next priority is granted to the person authorized by the user in his or her estate planning documents (power of attorney, will, trust, or other record), whereby an individual may choose to either permit or exclude a fiduciary from accessing part or all of the user’s digital assets. Finally, if there is no other direction provided, the TOSA will control, unless the TOSA is silent on fiduciary access to digital assets, in which case the default rules under RUFADAA will apply.
It should be noted that a fiduciary accessing the local content of an individual’s personal computer or other device is permissible under RUFADAA, provided such entry is not otherwise prohibited. However, an employee’s use of an employer’s digital assets during the ordinary course of business is not covered under RUFADAA.
In the absence of user direction, a fiduciary might be able to obtain information relating to digital assets by court order directing the service provider to produce such information. However, estate planning incorporating digital asset planning is the best practice to minimize and avoid unnecessary and expensive litigation.
Section 3908 of the PEF Code, regarding disclosure of a catalogue of the deceased user’s electronic communications and digital assets other than the content of such communications, differs from RUFADAA by providing that the issuance of letters testamentary or letters of administration by the register of wills shall have the same force and effect as a finding of the orphans’ court, if the personal representative files an affidavit with the register of wills setting forth certain information (for example, identifying the user’s email address or account, providing evidence connecting it to the decedent, and a statement that the disclosure of the digital assets is reasonably necessary for the estate’s administration). Like RUFADAA, it permits such disclosure unless the user prohibited disclosure of digital assets or the court directs otherwise. By contrast, the provisions of Section 3907 of the PEF Code, regarding disclosure of the content of a deceased person’s electronic communications, allow such disclosure only if the deceased user consented to or a court directs such disclosure. The intent behind these provisions in Section 3907 of the PEF Code is to avoid disregarding the deceased user’s expectation of privacy relating to the content of electronic communications as provided under the SCA.
Now that Pennsylvania has advanced toward recognizing a more digitalized future, advisors should meet the challenge by informing clients about this new law and planning for the digital present.