Nearly half of U.S. states have introduced legislation in 2015 to enact the Uniform Fiduciary Access to Digital Assets Act (UFADAA). However, most of those efforts have stalled due to opposition from Internet and telecommunications companies concerned that the act raises privacy questions, conflicts with federal law, and undermines contract rights.
UFADAA is a comprehensive law proposed by the National Conference of Commissioners on Uniform State Laws (NCCUSL) that places access to a wide range of digital assets, including electronic documentation of financial accounts, on par with access to traditional tangible assets.
Its goal is to remove barriers – such as federal privacy laws and state and federal computer fraud and abuse acts – that impede or prevent fiduciary access to the digital assets and records needed to manage and collect assets. It does this in part by declaring that access by fiduciaries is “authorized” under two federal statutes – the Computer Fraud and Abuse Act and the Stored Communications Act section of the Electronic Communications Privacy Act. These laws prevent public communications providers from disclosing certain electronic communications content without the sender or recipient’s consent.
“As the number of digital assets held by the average person increases, questions surrounding the disposition of these assets upon the individual’s death or incapacity are becoming more common,” wrote the NCCUSL commissioners in the act’s prefatory note. “Few laws exist on the rights of fiduciaries over digital assets. Few holders of digital assets and accounts consider the fate of their online presences once they are no longer able to manage their assets.”
In August 2014, Delaware become the only state to enact UFADAA (HB 345), which took effect on January 1, 2015. In addition, Connecticut, Idaho, Indiana, Oklahoma, Rhode Island, Nevada, and Virginia had laws in place to address digital assets prior to the UFADAA’s completion. However, according to uniform state law commissioners, those measures differ with respect to the types of digital assets covered, the rights of the fiduciary, the category of fiduciary included, and whether the principal’s death or incapacity is covered.
So far in 2015, the adoption of the UFADAA has been defeated in Kentucky and Mississippi, and legislation to enact UFADAA in place of Virginia’s current law also failed. Key committees in the Colorado and Maryland legislatures have either postponed considering it or have voted against it. Only in the New Mexico legislature, where the bill (SB 59) passed in the State Senate on February 20, has substantial progress been made toward enactment.
Industry opposition was noteworthy during a March 6 hearing in the Connecticut Legislature on a bill (SB 979) to adopt the UFADAA. “While we support the idea of clearly defining the rules governing access to a decedent’s digital assets, we have serious concerns with this bill’s complete disregard for the privacy of other persons who communicated with the decedent, as well as the privacy of the decedent, and its potential conflicts with federal law and the laws of other states that grant greater privacy protection to online accounts,” said James J. Halpert, the General Counsel of the State Privacy & Security Coalition, in testimony representing communications, technology, retail, and media companies.
According to testimony provided by Tammy Cota, the executive director of the Internet Coalition, which represents companies such as Amazon.com, eBay, Facebook, and Google, the legislation “raises several complex issues regarding user and third-party privacy rights, would override any express wishes made by the decedent to online services, conflict with federal law which prohibits release of such data, create problems with company authentication processes and could perpetuate fraud.”