Estate Planning for Digital Assets

Yesteryear, assets were mostly tangible and intangible property and money, usually held in bank accounts. While most gratuitous transfers — gifts and bequests — are still such property, many people have significant digital assets, such as software, online music and e-books, Bitcoins, and money held in online accounts, that must also be handled when they die. Questions to ask yourself include:

• What digital assets do you own?
• What rights do you have regarding those assets?
• What digital assets can or should be transferred?

Many no longer keep paper statements of their financial accounts, so it may be necessary for the personal representative of the estate to access those accounts to retrieve all the statements, to see what was being paid and possibly how much is still owed. Certain digital assets, such as a blog or website may have to be valued, and possibly sold, if it has value and no heirs want to continue it.

Along with usernames and passwords, provide information on how each account is used, if it is not obvious from the nature of the account and from the listed transactions, and provide answers to challenge questions so that your personal representative or your heirs are not locked out of your account.

If you keep all your passwords in a password program, then list what that program is, where it is located, and the master password to the program. List the passwords separately, in case something goes wrong with the software. The password program may provide an option to print all the passwords.

Because of privacy laws, one provision of the will should be to include the right to access, manage, modify, distribute, and dispose of your digital property and to get copies of any electronically stored information from any person or entity that possesses that information. If necessary and possible, include the right to decrypt any information or bypassing, resetting, or recovering any password or any other type of authentication.

What Rights Do You Have Regarding Your Digital Assets?

Access to most online digital assets requires login credentials, which should be stored securely somewhere, but they should never be left in a will or trust document. Instead, inform the personal representative for your estate or a close family member, someone that you can trust, about the location of this document. Additional information also needed: automatic payments from bank accounts, including connected accounts such as PayPal accounts and checking accounts, and automatic payments from credit cards. These accounts must be closed at your death. Therefore, the executor of your estate must have your passwords to effectively manage these accounts, or even to know about them. Some online providers may automatically close dormant accounts.

Most software, e-books, and online music are licensed, so these assets are not owned by the end-user. The digital asset may be licensed per user or per device. In these cases, you have a license to use, view, or listen to them, but what can be done with such property and whether it can be transferred is governed by the terms of the license. Example: Microsoft License Terms. E-books and music are generally nontransferable and they cannot be legally copied, because most are protected by digital rights management (DRM) software.

Most websites are governed by their Terms of Service. One thing to note about the terms of service is whether there is a provision that specifies what happens after the death of the account owner. If not, most terms of service stipulate that the rights to the online asset are nontransferable. Although you could provide your heirs with login information, it may not be legal or it would violate the terms of service. If your heirs live with you, then find out if there is a sharing provision for your family.

Social media websites generally have different policies regarding the death of an account owner. For instance, Facebook and Instagram allow the account to be deleted or to have your timeline to be memorialized once the company receives proof of your death and of the relationship between you and the person giving the instructions. Twitter generally does not give others access to a decedent's account, but will delete the account after receiving specific information. Twitter, for instance, requires additional information about the deceased, including a copy of the death certificate, and proof of your own identification.

The Law Governing the Transfer of Digital Assets

Property owned by the decedent that is held at online accounts, such as money in bank deposits, must be transferred by will, trust, or by a nonprobate transfer. Most banks, for instance, allow you to name a beneficiary of your account in the event of your death, and retirement accounts generally require that you name one or more beneficiaries. In these cases, the beneficiaries must prove their identification and prove that the account owner has died, generally by providing a death certificate. The transfer of most other digital assets will be facilitated by supplying login credentials for each of the accounts.

Even with login credentials, access to digital assets may be restricted by law or by a Terms of Service of the service provider or custodian of the digital asset. Online accounts are generally governed by terms-of-service agreements and additional state and federal laws may limit access to these accounts. Additional care should be taken to prevent unauthorized users from getting the account information; otherwise, bank accounts could be emptied before they are transferred to the rightful heirs.

The Uniform Fiduciary Access to Digital Assets Act provides rules for how personal representatives of estates can access online accounts. The Act provides some protection against privacy since the executor does not have carte blanche access to all the decedent's online accounts, such as email. Access to electronic communications, such as text messages, email, and social media accounts, are restricted unless the personal representative or other fiduciary received the decedent's consent in a will, trust document, power of attorney, or by some other means.

This Uniform Law Commission webpage provides information on which states have implemented the Digital Assets Act or is in the process of implementing it, and even includes tracking information on how the legislation is developing. Even if your state has not enacted the Digital Assets Act, the Act itself does provide good guidance on how to manage digital assets of a decedent.

The Digital Assets Act adopts a 3-tiered approach for accessing digital assets. The 1^st tier of the law gives priority to the online providers method of handling inactive accounts of a decedent, such as Google's Inactive Account Manager. Google's tool for instance, allows you to set up a certain email that will be sent to specified persons when your account has been inactive after a certain duration. Additionally, Google requests a phone number for the contact so that they can be called to confirm their identity. You can allow your contact to download all the information in your accounts or to delete one or more accounts or all the accounts.

If an online tool is not available or if the decedent did not use the tool, then the 2^nd tier of the law depends on any directions given by the decedent in a will, trust document, power of attorney, or by some other means.

If no other information was provided about online accounts, then the 3^rd tier stipulates that the terms of service will govern, which, usually restricts access to the account by anyone other than the account owner.

Take various steps to ensure that all your digital assets are covered:

• Create a list of all online accounts and passwords and keep it in a safe place. Using a password manager may be advantageous since some of them provide a way to reveal all passwords and the associated websites. It will also allow your personal representative to see the websites you visited recently. An online cloud account can also be used, such as Microsoft OneDrive or Dropbox. In fact, it would be a good idea to store all your estate documents, insurance policies, tax returns, and any other important documents on the website — encrypted, of course! Cloud storage will ensure that all documents are in one or more places, automatically backed up, and the documents can contain links to the relevant websites of your digital assets. Include your digital asset plan in your will or trust document, but do not provide passwords that can easily be read by anyone.
• A will or trust document should include specific bequests, but should also include a general plan to cover those accounts not listed in the estate document. After all, online accounts are constantly opened and closed, and most people do not update their estate documents immediately. If a trust is set up, then a pour-over will should have directions about any online accounts not included in the trust document. Besides login information, instructions should be provided for each digital asset as to how it should be managed or transferred and to whom.
• There should be specific instructions for the personal representative as to what they are permitted to access. For instance, should they be allowed to read your emails and text messages?
• Photos and video should also be backed up locally, either to thumb drive, external hard drive, DVDs or a home network drive.
• When picking a personal representative, pick someone with at least some technical know-how.

Most states require wills to be witnessed as evidence of their authenticity. However, a document supplementing a will that provides passwords and other information should serve as evidence that the decedent actually wrote the document, although "should" does not mean courts will accept that evidence. Indeed, states should allow proof of authenticity when private keys are used to encrypt wills. Then the public keys allow anyone to decrypt the will, which will prove that the decedent wrote the will.

Bitcoins and Other Cryptocurrencies

Bitcoins or other cryptocurrencies are stored only in blockchains, but to transact in cryptocurrency requires private keys usually stored in a digital wallet, usually an app on your phone or laptop. A user ID and password is required to use wallets. Digital wallets are software that store private keys which generate public keys to process Bitcoin or other cryptocurrency transactions.

Anyone who has your private keys can steal your cryptocurrency, even if the private keys are held off-line. If the private keys are lost, then the cryptocurrency will be lost; so, it would behoove you to backup your private keys.

Wallets come in several types. Web wallets or online wallets store the keys on a Web server. You can keep custody of your keys or allow the online company to manage the keys in an exchange wallet or custodial wallet. However, if you do not control your own keys, then the company controls your cryptocurrency, which means you must transact with the company to transact in your cryptocurrency. In either case, always keep backups of your keys because if something happens to the online wallet, you may lose access to your cryptocurrency controlled by keys in that wallet.

Mobile wallets are software stored on mobile phones, making them convenient to use, but if the phone is lost or stolen, then the keys will be lost. Private keys can also be stored on computers, but they have the same security issues as phones, though they are less likely to be lost or stolen. The best way to protect your keys is to store them off-line, in so-called off-line or cold-storage wallets. This offers the most security but the least convenience since it is not connected online. But for the same reason, it cannot be spent without transferring it to a thumb drive or some other means.

A paper wallet, or so-called cold storage, is simply a printout of all the private keys. Private keys can actually be printed and saved since the private keys are nothing more than alphanumeric sequences.

You can have any number of wallets, and it can offer more security to have your keys stored in different wallets on different devices. Additionally, you can bequeath those wallets to particular heirs without stipulating the amount that they contain, which will only be known to the person receiving the wallet. Unlike passwords for online accounts, wallet passwords are often irrecoverable.

Cryptocurrency wallets create private keys internally to use for transactions. Therefore, backup the entire wallet to save all your cryptocurrency. A good way to backup the wallet is to encrypt it and back it up to cloud storage in several places, such as Microsoft's OneDrive or Google Drive or Dropbox or others. By encrypting the wallet, even if someone gains access to your online cloud accounts, your wallets will still be secured. Additionally, if something would happen to any of the online services or if the software files would become corrupted on one service, then you still have backups on the other services. Additionally, use a strong password to ensure that a copy is kept secure since if you lose the password, you will lose any cryptocurrency associated with that password. A strong password should contain at least 16 characters, including lowercase and uppercase letters, numbers, punctuation marks, and other characters. Generally, such passwords are hard to memorize, so keep a secure copy of those passwords, stored off-line, where you will remember where you put them, even years later. Be sure that trusted family members know where the passwords are, because without the passwords, the cryptocurrency will be lost.