Vermont Bar Journal, Vol. 40, No. 2 Fall 2014, Vol. 40, No. 3 | Page 32
by Jeffrey P. Guevin, Esq.
Dealing with Data:
Coming to Terms with Digital Estates
In The Age of Spiritual Machines: When
Computers Exceed Human Intelligence,
Ray Kurzweil, now a Google executive, argued that by 2020, we will all be uploading
our selves (note the space) to the Internet /
World Wide Web, where we will live forever.1 Until then, however, we must contend
with a more mundane problem: as Attorney James Lamm put it, “What to Do When
Your Client Is Six Feet Under but His Data Is
in the Cloud.”2
In probate, we have a decedent’s estate:
“the collective assets and liabilities of a
dead person.”3 In bankruptcy, the property of a living person constitutes the bankruptcy estate. With the advent of the Internet and the increasing pervasiveness of the
World Wide Web in our lives, the idea of a
“digital estate” was born: the body of one’s
digital assets and liabilities (electronicallystored data), some of which may be inheritable.
Just about everyone reading this article,
as well as the vast majority of those who will
not ever read it, use the Internet.4 For many,
the first, perhaps only, experience will be
with email. For an increasing majority, however, it is not an exaggeration to say that
everything is done online: shopping, banking, networking, publishing, creating documents, storing photos, chatting with friends
or grandkids, even managing a business.
Each of these activities requires an account,
access for which is protected by a password. Therein lies the rub: with restricted
access come issues simply inapplicable to
tangible assets. These issues, in addition to
widespread technophobia, lead many lawyers to ignore digital estate planning, but I
think we do so at our peril.
32
Background
Two federal laws in particular restrict access to personal information and seek to
punish “unauthorized users” as criminals.
The Computer Fraud and Abuse Act provides that mere unauthorized access of an
account is a criminal offense, punishable
by a fine, prison, or both.5 In addition, the
Stored Communications Act forbids both
unauthorized access and unauthorized disclosure.6 Many states have adopted similar
laws. In Vermont, both civil and criminal liability obtain:
A person who knowingly and intentionally and without lawful authority, accesses any computer, computer
system, computer network, computer
software, computer program, or data
contained in such computer, computer system, computer program, or computer network shall be imprisoned
not more than six months or fined not
more than $500.00, or both.7
A person damaged as a result of a violation of this chapter may bring a civil action against the violator for damages and such other relief as the court
deems appropriate.8
These laws, in concert with the panoply
of Terms of Service agreements (TOS) users unthinkingly “Accept” when creating
online accounts, make virtually any virtual
access not by the account-holder subject to
criminal prosecution and civil action. Further, while these laws positively forbid access, only a handful of state laws positively endorse access, even where it would be
otherwise permitted, leaving fiduciaries on
unsteady legal ground. The question is: can
THE VERMONT BAR JOURNAL • FALL 2014
we find purchase? Can we adequately plan
for our own digital estates, let alone those
of others? I believe the answer is “Yes.”
Analysis
In the spirit of self-healing doctors, let’s
imagine our own estates. A will, perhaps a
trust, a power of attorney, and an advance
directive comprise the standard estate
plan. During life, an attorney in fact must
be able to identify and access key information, such as financial accounts and personal records. After death, the administrator or
executor must collect the assets of the estate, preserve them from damage or loss,
settle debts, and distribute the remainder
to beneficiaries. Often, a trustee or successor trustee of an inter vivos trust plays
both pre- and post-mortem roles. Similarly,
in business succession planning, we are required to ensure that clients are cared for
after their attorney’s incapacity or death by
trusting a business associate with access to
confidential and privileged data.9
Data Identification / Collection
Quick: Name every computer or website
into which you have entered personal information, from your name to your Social Security Number to whether you like men or
women or both. Can’t do it? Neither can I.
Privacy advocates may be loath to admit it,
but a great—perhaps the greatest—part of
the problem of keeping personal information private is that we share it with so many
corporate persons. With our digital estates,
however, a greater, opposite problem may
well prevail: the people who need the information the most do not have access to it.
If you were unavailable, who knows the
extent of your digital estate? Have you
elected to receive bank statements only
online? Does your mortgage servicer reach
into your bank account each month to pay
your bill? Do you have intellectual property,
such as a copyrighted blog or a patented
design stored in the “cloud”? Are all your
family pictures stored on Flickr? How and
where are your client contact information
and calendar stored?
These are but a few examples of the hundreds or more varieties of critical digital assets: data that have business, financial, or
high sentimental value. Yet, few of us (myself included) even have a list of these accounts. Further, we not infrequently change
business relationships, systems, and onwww.vtbar.org