On May 10, 2011, I was quoted in The Columbus Dispatch in the article “Cyberlife Could go on Without You” by Rita Price.
The article talks about estate planning issues for passwords, online accounts, and digital property. The article quotes my suggestion to do a “Digital Fire Drill,” which I described in detail in a previous posting.
In the April 2011 issue of Intellectual Property Magazine, I was quoted extensively in the article “Welcome to My World, Won’t You Come on In” by Catherine White (subscription or free trial registration required).
The article discusses preserving e–mails, online accounts, electronic data, and other digital property after death, with a special focus on video games and virtual worlds. The article also walks through ownership issues and intellectual property issues related to digital property.
On April 19, 2011, Sony’s PlayStation Network was compromised by a hacker (link). Sony believes that user account information was obtained, including the user’s real name, home address, e–mail address, birth date, username, password, credit card number, and credit card expiration date! According to CNN, Sony’s PlayStation Network has 70 million users that may be affected by this data breach.
This is another reminder of how important it is to use separate, strong passwords for each online account that you have. As I mentioned in a previous posting, a recent study concluded that 75% of users had the same password for both their e–mail accounts and their social networking accounts. If hackers are able to obtain your username and password from one company, they may try the same username and password combination at other popular Web sites. The Sony PlayStation Network breach this month follows breaches of personal customer information of Honda and Acura customers in January 2011, McDonald’s customers in December 2010, and Gawker Media users in December 2010. For a detailed list of other reported data breaches, see the list at Privacy Rights Clearinghouse, a nonprofit consumer organization (at this time of this posting, they listed 2,447 publicly–reported data breaches since 2005!).
I’ve previously written about ways to keep track of and securely store your important passwords and online account information. For online accounts, Microsoft recommends creating strong passwords of 14 characters or more with a combination of uppercase letters, lowercase letters, numbers, and symbols. It’s difficult to remember strong passwords, and it’s easy to make a typo when entering them. As I’ve mentioned before, there are tools that enable you to create and maintain an encrypted electronic list of passwords and online accounts on your smartphone or your computer, and these tools can integrate with your Web browser and automatically look up and enter your passwords for your online accounts. For example, LastPass, KeePass, 1Password, and RoboForm, among others.
Remember to let your family members and fiduciaries know where you keep your “master” password to unlock your encrypted electronic list of passwords and online accounts, and make sure they know where your encrypted electronic list is kept too.
On April 15, 2011, I participated in an hour–long panel discussion titled “Your Digital Afterlife” that was broadcast on public radio station WFAE 90.7 FM in the Charlotte, North Carolina, area. Mike Collins, the host of the “Charlotte Talks” daily talk show moderated, and Evan Carroll, co–author of the book “Your Digital Afterlife” was the other co–panelist with me.
Topics addressed by the panel included estate planning for passwords, online accounts, and digital property; intellectual property rights in the digital world; financial value in video games and other digital property; what happens to your online accounts after you die; and more. You can download an MP3 audio file of the panel discussion from the “Charlotte Talks” latest audio podcast or listen from their archives.
Idaho recently passed Senate Bill No. 1044 that takes effect July 1, 2011, to give the conservator of an incapacitated person or the executor (personal representative) of a deceased person’s estate powers over some types of online accounts:
§ 15–3–715. TRANSACTIONS AUTHORIZED FOR PERSONAL REPRESENTATIVES—EXCEPTIONS. Except as restricted or otherwise provided by the will or by an order in a formal proceeding and subject to the priorities stated in section 15–3–902 of this code, a personal representative, acting reasonably for the benefit of the interested persons, may properly:…
(28) Take control of, conduct, continue or terminate any accounts of the decedent on any social networking website, any microblogging or short message service website or any e–mail service website.
§ 15–5–424. POWERS OF CONSERVATOR IN ADMINISTRATION.…
(3) A conservator, acting reasonably in efforts to accomplish the purpose for which he was appointed, may act without court authorization or confirmation to:…
(z) Take control of, conduct, continue or terminate any accounts of the protected person on any social networking website, any microblogging or short message service website or any e–mail service website.
If you compare this with the recently enacted Oklahoma Statutes § 58–269 that took effect November 1, 2010, and that I wrote about recently, you will see that the wording is essentially the same. However, the Oklahoma law only applies after a person dies—the Idaho bill will apply while a person is alive but under an incapacity, as well as after a person dies.
As I mentioned regarding the Oklahoma law, this new Idaho bill may be useful to show the company holding the online account that the conservator or executor has authority to act on behalf of the person. However, like the Oklahoma law, the new Idaho bill doesn’t change the Terms of Service contract between the person and the company holding the online account—so it doesn’t give the person (or the person’s estate) new property rights or contract rights that didn’t exist before the person became incapacitated or died. As I’ve mentioned before, many online accounts in their Terms of Service provide that the online account terminates when a person dies.
Another problem for the state laws that attempt to resolve issues of incapacity or death for a person’s online accounts is that the online service provider could be located in another state or another country, so there are potential conflict of laws issues that must be resolved.
Special thanks to Robert L. Aldridge, an estate planning attorney in Boise, Idaho, for bringing this bill to my attention.
On April 6, 2011, the Senate Committee on the Judiciary held a hearing on “The Electronic Communications Privacy Act: Government Perspectives on Protecting Privacy in the Digital Age.” Representatives from the Department of Justice (PDF link) and the Department of Commerce (PDF link) testified.
A key issue is whether to update the federal laws related to privacy and protection from unreasonable searches of e–mails and other electronic communications.
As more electronic communications are saved long–term at the service provider’s facility (instead of the early days of e–mail where the messages were typically downloaded from the service provider and saved long–term locally by the person once it was opened), privacy advocates are asking Congress to update the federal laws. The general concept was that these laws protected a person’s privacy while the electronic communications were in transit from the sender to the recipient (while the communication was held by the service provider), but these laws did not offer the same level of protection if the communication was held long–term by the service provider.
On March 30, 2011, a group of technology companies and privacy advocates issued a joint statement urging Congress to update the federal laws regarding government access to e–mails, voicemails, and other electronic data stored by electronic communications service providers in the cloud. As described in an April 7, 2011, article at Wired.com, the government can request and collect a person’s e–mails stored at your service provider without a warrant if it is older than 180 days. The source of the government’s authority to do this is 18 U.S.C. § 2703 of the Stored Communications Act (18 U.S.C. § 2701–2712), which is part of the Electronic Communications Privacy Act of 1986. Technology has definitely changed since 1986!
Under 18 U.S.C. § 2703 of the Stored Communications Act, for electronic communications, such as e–mails and voicemails, that are in “electronic storage” by a provider of electronic communications services for 180 days or less, the government generally needs a search warrant to compel disclosure of the contents. Otherwise, the government can generally use a court order under 18 U.S.C. § 2703(d), without a search warrant, to obtain the contents if “there are reasonable grounds to believe that the contents…are relevant and material to an ongoing criminal investigation.”
If the electronic communication has been opened but the data is stored for 180 days or less, the government might assert that the data is no longer in the protected category “electronic storage” and assert that no search warrant is needed. In other words, the government argues that the 180–day protection applies while the electronic communication is “in transit” from sender to recipient. The Ninth Circuit Court of Appeals in Theofel v. Farey-Jones, 359 F.3d 1066 (2004), disagreed with this argument, stating that opened electronic communications still are in “electronic storage” and still require a search warrant within the first 180 days of storage. Page 123 of the Department of Justice manual “Searching and Seizing Computers and Obtaining Electronic Evidence in Criminal Investigations” (PDF link to Chapter 3) states that “federal law enforcement within the Ninth Circuit is bound by the Ninth Circuit’s decision in Theofel, but law enforcement elsewhere may continue to apply the traditional interpretation of ‘electronic storage.’ ” Additional information on how the government can request your electronic communications is summarized at the EFF’s Surveilance Self–Defense Web site.
As technology continues to evolve and we move more of our personal data to storage “in the cloud,” it is important for federal laws to keep pace. It will be interesting to watch what the Senate Committee on the Judiciary recommends following this hearing. On a related topic, I previously wrote about the March 16, 2011, Senate Committee on Commerce, Science, & Transportation hearing on The State of Online Consumer Privacy.
Previously, I’ve written about estate planning for video games and virtual worlds, including the potential financial value that family members and fiduciaries should consider for inventory and estate tax return purposes. As I have mentioned before, Edward Castronova, associate professor of telecommunications at Indiana University, in a May 2009 interview with CNN, estimated that $1 billion per year is converted into virtual currencies, primarily for video games (link).
In some of these video games and virtual worlds, there are established markets for selling and exchanging video game characters and their virtual items and property. Some games even permit exchanges of virtual currency for real–world dollars. For example, in November 2010, a player of the Entropia Universe video game paid $635,000—that’s real–world U.S. dollars—to buy in–game virtual real estate (an Asteroid Space Resort). To the outside observer, this seems like a lot to spend on a video game! But, according to an article describing the sale, this virtual real estate generates significant in–game virtual currency that can be converted to real–world dollars. That article reports that the previous owner paid $100,000 for the same virtual real estate in 2005 and earned that investment back within the first eight months of owning it.
Some video games even allow donations of in–game virtual currency to real–world charities. Following the March 11, 2011, earthquake and tsunami that damaged Japan, EVE Online video game players donated $44,607.50 to the Red Cross during a two–week charity drive. According to an April 2, 2011, article, EVE Online players have donated about $155,000 to charities since 2004, including charity drives following the Haiti earthquake and the flooding in Pakistan. More information about this EVE Online charitable giving and converting video game virtual currency into real–world charitable donations is available in this April 3, 2011, PC Magazine article by David Murphy.
In the last few years, there have been discussions about implementing in–game virtual wills to dispose of in–game characters and their virtual property, items, and currency when the video game player dies (link; link). I am not aware of any video game company currently implementing in–game virtual wills, but presumably these could function like a transfer–on–beneficiary designation like a person can use with a retirement account or a life insurance policy.
With the potential local law issues and conflict–of–law issues for virtual wills, it is important for video game and virtual world players to plan ahead and incorporate their digital property into their real–world estate plan. Beyond just writing down the account name and password for the fiduciaries to access the account, the fiduciaries and family members need to know if there are monthly fees to keep the video game or virtual world account open (so the video game character and its virtual property and currency are not deleted), what the approximate real–world value may be, and either how to transfer it or where to sell it. A little time spent planning ahead can make the administration much more efficient when the video game or virtual world player becomes incapacitated or dies.
March 31 is World Backup Day—a day to remind us to backup our important computer data (and smartphone data), as well as a reminder to test our backup software, storage media, and data restoration procedures. The World Backup Day Web site has more information about why to backup and how to backup. There’s also a good article at Lifehacker about data backups with their picks and tips for the best online backup services, best offline (local) backup software, and how to backup smartphones and online accounts.
For family members and fiduciaries dealing with an incapacitated or deceased person’s computers and smartphones, it is very important to make a backup of the storage media before attempting to power on these devices. Simply turning on and booting up a smartphone or computer can overwrite or wipe out important data. That data might be useful in discovering the person’s online accounts and passwords. Also, if there is a current or potential future law enforcement investigation or civil suit involving the incapacitated or deceased person, it is important to preserve potential electronic evidence, including data stored in smartphones, computers, and storage media, to avoid obstruction of justice or contempt charges.
First, if there is an investigation or civil suit, the family members and fiduciaries should consider using an independent computer forensics company to make an exact image copy of the storage media to preserve the original data and to preserve the chain of custody of the electronic evidence (cite). If the incapacitated or deceased person is charged with a crime, the family members and fiduciaries should consult with a criminal defense attorney about available objections and how to assert and preserve privileges in the investigation. This is more difficult with hard drives, CDs, DVDs, and other storage media because the subpoena may request the storage media as a whole, and that storage media could contain privileged materials. It is important to negotiate a proper procedure for the forensic analysis of the storage media so that counsel can review and identify privileged data before it is examined by law enforcement (cite).
Second, even if there is no investigation or civil suit, consider hiring a computer security or computer forensics expert (or at least following the same methodology) if family members or fiduciaries believe there is valuable digital property on the person’s smartphone, computer, or storage media. Ideally, make an exact image copy of the storage media before it is first accessed so that copies of the original data can be preserved and examined without fear of altering or destroying any important data.
You could hire a computer security or forensics expert to make an image copy of the storage media before you attempt to boot the device. Or, family members or fiduciaries can make images copies of storage media themselves using free or commercial software. For example, Clonezilla is free software that makes image copies of storage media used by Microsoft Windows, Apple Mac OS, and Linux based operating systems, and this software can be run from a bootable CD, bootable DVD, or bootable USB flash drive to avoid the problems of overwriting or wiping out data when booting from an operating system from the same hard drive that has the person’s important data. Popular commercial software that makes image copies of storage media includes Symantec’s Norton Ghost and Acronis True Image.
The New York Times posted an opinion piece about a person’s right of publicity after death on March 27, 2011, titled “The New Grave Robbers” by Ray D. Madoff. I saw this article mentioned on the TaxProf Blog. The opinion piece argues in favor of federal legislation to limit the duration that a person’s right of publicity lasts after death.
As the article mentions, currently a person’s right of publicity is handled by state law. Not all states have a right of publicity. For those states that do have a right of publicity, some say the rights end at the person’s death, and others say the rights continue after death.
State and federal laws also protect a person’s right of privacy, but most of these privacy protections end at the person’s death. The January 29, 2010, California Court of Appeals decision in Catsouras v. Department of California Highway Patrol, 104 Cal. Rptr. 3d 352 (Cal. App. 2010), determined that surviving family members have a right to sue for invasion of privacy in “death images of a decedent.” Previously, California cases said that a person’s right to privacy is purely personal—that right dies along with the person. The California Curt of Appeals distinguished the “death images of a decedent” from written or pictorial media regarding the life of the person, noting, “Families have a right not to be embarrassed or humiliated by the outrageous display or exposure to public view of the remains of a loved one.”
For family members and fiduciaries dealing with a person’s right of privacy or right of publicity after death, a significant challenge is enforcing those rights on the Internet. For copyright infringement, there is a streamlined process to enforce the copyright on the Internet by contacting online service providers with a DMCA takedown notice and requesting that they remove infringing uses promptly. I previously wrote about the DMCA takedown notice procedure in more detail. There is no similar, streamlined procedure to enforce a right of privacy or right of publicity. For example, in the Catsouras case mentioned above, the court documents allege that “graphic and horrific photographs” of an accident scene were taken by the California Highway Patrol and then leaked to the Internet. The family members reported that they hired a firm to get the photos removed from Internet sites. As of May 2010, they removed the photos from about 2,500 Web sites, but the photos reportedly continue to spread on the Internet faster than the firm can remove them (cite). As part of this court process, the family members are asking for copyright ownership of the photos so they can use DMCA takedown notices to request that the photos be removed from the Web sites.
For more information about recent developments and proposals on intellectual property rights on the Internet and in digital property, see my recent posts about the March 16, 2011, Senate Committee on Commerce, Science, & Transportation hearing on The State of Online Consumer Privacy and the March 15, 2011, Obama Administration White Paper on Intellectual Property Enforcement Legislative Recommendations.
On March 16, 2011, the Senate Committee on Commerce, Science, & Transportation held a hearing on The State of Online Consumer Privacy. As part of an effort to protect consumer privacy, the purpose of the hearing was to look at “commercial practices that involve collecting, maintaining, using, and disseminating large amounts of consumer information.”
Online consumer privacy is a hot topic right now. In a recent survey by Opera Software, when asked “What worries you the most in your daily life?,” 25% of people in the U.S. said having their online privacy being violated (for example, being a victim of Internet fraud) worried them most, compared with 27% saying being hurt in a traffic accident, 23% saying becoming bankrupt, 22% saying fear of losing their job, and 17% saying relationship problems.
There have been many articles written recently about significant changes in consumer privacy policies by Facebook, Google, and other Internet service providers. There is an interesting infographic that shows how significantly Facebook’s default privacy settings have changed over the years. On the other hand, there can be consumer benefits to sharing more information with companies, such as getting personalized product recommendations from Amazon.com based on your past purchases or even location–awareness applications for mobile phones that deliver coupons or deal alerts to you when you walk into a particular store.
Government agencies have been looking into consumer privacy issues recently. The Federal Trade Commission released a preliminary FTC staff report titled Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers in December 2010. The Department of Commerce’s Internet Policy Task Force also released a report in December 2010 titled Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework. Both the Chairman of the FTC and the Assistant Secretary for Communications and Information at the Department of Commerce testified at the March 16 Senate hearing.
There is an overview of the March 16 Senate hearing in this Computerworld article by Jaikumar Vijayan. For more details about what the FTC, Department of Commerce, ACLU, and others discussed at the hearings, you can watch an archived Webcast or read the testimony of each participant.
Estate Planning Attorney
