BILL ANALYSIS �Ó
SENATE JUDICIARY COMMITTEE
Senator Hannah-Beth Jackson, Chair
2015-2016 Regular Session
AB 691 (Calderon)
Version: September 4, 2015
Hearing Date: September 10, 2015
Fiscal: No
Urgency: No
TMW
PURSUANT TO SENATE RULE 29.10
SUBJECT
The Privacy Expectation Afterlife and Choices Act
DESCRIPTION
This bill would establish the Privacy Expectation Afterlife and
Choices Act and provide procedures for the disclosure of
electronic communication records, information, or contents, as
specified, of a deceased user of an electronic communication
service or remote computing service (provider).
BACKGROUND
In order to address privacy concerns with the use of computers
and other digital and electronic communications, Congress passed
the Electronic Communications Privacy Act of 1986 (ECPA) to
update the Federal Wiretap Act of 1968. (The Electronic
Communications Privacy Act of 1986 (ECPA), Bureau of Justice
Assistance, Office of Justice Programs, U.S. Dept. of Justice
(July 30, 2013) [as of Sept. 9,
2015].) The ECPA has been revised over the years by several
pieces of legislation, including the Uniting and Strengthening
America by Providing Appropriate Tools Required to Intercept and
Obstruct Terrorism Act of 2001 (USA Patriot Act), "to keep pace
with the evolution of new communications technologies and
methods, including easing restrictions on law enforcement access
to stored communications in some cases. . . . The ECPA, as
amended, protects wire, oral, and electronic communications
while those communications are being made, are in transit, and
�
AB 691 (Calderon)
Page 2 of ?
when they are stored on computers. The [ECPA] applies to email,
telephone conversations, and data stored electronically." (Id.)
The ECPA reflects a general approach of providing greater
privacy protection for materials in which there are greater
privacy interests. (Id.)
Notably, the ECPA is primarily targeted at limiting government
access to private user information. However, this federal law
applies to communications sent or received by users and
restricts all access to the records and contents of those
communications, including access by an executor, administrator,
or trustee of a deceased user. California state law provides
specified discovery procedures for parties in civil actions,
which include estate and trust proceedings, to obtain documents
that are stored electronically. Those procedures were enacted
under AB 5 (Evans, Chapter 5, Statutes of 2009), which
established the Electronic Discovery Act.
However, internet service and electronic storage providers are
subject to both federal and state electronic communications
privacy laws, which may conflict when a person, other than the
user sending or storing electronic communications or the
recipient of an electronic communication, attempts to obtain the
records or contents of the electronic records and
communications. This is problematic when the executor,
administrator, or trustee (fiduciary) of a deceased user or
recipient is tasked with marshalling the decedent's assets and
liabilities in order to administer the decedent's trust or
estate. Since many individuals are now receiving invoices and
billing in electronic form as a way to go "paperless,"
performing many financial transactions online, as well as
primarily corresponding through electronic means, obtaining the
decedent's electronic communications may be the only way for the
fiduciary to determine the assets and liabilities of the
decedent. By 2014, seven states had enacted laws to grant some
degree of access of a decedent's electronic communications to
fiduciaries.
In California, SB 849 (Anderson, 2014) would have authorized a
decedent's personal representative to request, and would have
authorized an electronic communication service or remote
computer service to provide, access to the electronic mail
account of a decedent or to copies of the content of the
account, subject to any applicable service agreement. SB 849
was held in this Committee after testimony was taken.
�
AB 691 (Calderon)
Page 3 of ?
In July 2014, the National Conference of Commissioners on
Uniform State Laws (NCCUSL) approved the Uniform Fiduciary
Access to Digital Assets Act (UFADAA), which was recommended for
enactment in all states "to vest fiduciaries with the authority
to access, control, or copy digital assets and accounts[,] . . .
remove barriers to a fiduciary's access to electronic
records[,] and to leave unaffected other law, such as fiduciary,
probate, trust, banking, investment, securities, and agency
law." (NCCUSL, Uniform Fiduciary Access to Digital Assets Act
(Apr. 2, 2015) [as of Sept. 9, 2015] p. 1.)
UFADAA was recently revised to clarify the application of
federal privacy laws and give legal effect to an account
holder's instructions for the disposition of digital assets.
(NCCUSL
[as of Sept. 9, 2015].) According to
NCCUSL, the 2014 UFADAA provided fiduciaries with default access
to all digital information, but the revised act protects the
contents of electronic communications from disclosure without
the user's consent, and fiduciaries can still access other
digital assets unless prohibited by the user.
This bill does not enact the revised UFADAA, but, instead, would
provide for the disclosure of electronic communications, as
specified, by providers to personal representatives or trustees
of deceased users for the purpose of administering the deceased
user's estate or trust and resolving issues regarding assets or
liabilities of a decedent's estate.
CHANGES TO EXISTING LAW
Existing law authorizes a decedent's personal representative or
the public administrator to take possession or control of all of
the decedent's property to be administered in the decedent's
estate, and requires the personal representative to take all
steps reasonably necessary for the management, protection, and
preservation of, the estate in his or her possession. (Prob.
Code Secs. 7601(a), 7602, 9650(a)(1), (b).)
Existing law defines "fiduciary" to mean the decedent's personal
representative or the trustee of the decedent's trust. (Prob.
�
AB 691 (Calderon)
Page 4 of ?
Code Sec. 16323.) Existing law defines "personal
representative" to mean the executor, administrator,
administrator with the will annexed, special administrator,
successor personal representative, public administrator, as
specified, or a person who performs substantially the same
function under the law of another jurisdiction governing the
person's status. (Prob. Code Sec. 58(a).)
Existing law provides that the personal representative has the
management and control of the estate and prescribes fiduciary
duties to the personal representative, including using ordinary
care and diligence in managing and controlling the decedent's
estate. (Prob. Code Sec. 9600.)
Existing law requires the personal representative to file with
the court clerk an inventory of property to be administered in
the decedent's estate together with an appraisal, which must be
filed within four months after letters are first issued to a
general personal representative; however, the court may allow
such further time for filing an inventory and appraisal as is
reasonable under the circumstances of the particular case.
(Prob. Code Sec. 8800.)
Existing law , if the personal representative refuses or
negligently fails to file an inventory and appraisal within the
time allowed, upon petition of an interested person, authorizes
the court to: (1) compel the personal representative to file an
inventory and appraisal; (2) remove the personal representative
from office; and (3) impose on the personal representative
personal liability, which may include attorney's fees, for
injury to the estate or to an interested person that directly
results from the refusal or failure. (Prob. Code Sec. 8804.)
Existing law requires the account to include both a financial
statement and a report of administration, as specified, and
requires the statement of liabilities in the report of
administration to include information as to whether notice to
creditors was given, as specified, creditor claims were filed,
as specified, creditor claims were not paid, satisfied, or
adequately provided for, and whether any real or personal
property is security for a claim, whether by mortgage, deed of
trust, lien, or other encumbrance. (Prob. Code Sec. 10900.)
Existing law provides that if a report of status of
administration is made, the report must show the condition of
�
AB 691 (Calderon)
Page 5 of ?
the estate, the reasons why the estate cannot be distributed and
closed, and an estimate of the time needed to close
administration of the estate. (Prob. Code Sec. 12201(a).) The
court is authorized to require the personal representative to
appear before the court to show the condition of the estate and
the reasons why the estate cannot be distributed and closed.
(Prob. Code Sec. 12202(a).)
Existing law authorizes a trustee or beneficiary of a trust to
petition the court concerning the internal affairs of the trust
or to determine the existence of the trust; proceedings
concerning the internal affairs of the trust include proceedings
to determine questions of construction of a trust instrument,
the existence or nonexistence of any immunity, power, privilege,
duty, or right, determining the validity of a trust provision,
ascertaining beneficiaries and determining to whom property
shall pass or be delivered upon final or partial termination of
the trust, to the extent the determination is not made by the
trust instrument, and settling the accounts and passing upon the
acts of the trustee, including the exercise of discretionary
powers. (Prob. Code Sec. 17200.)
Existing law , establish, under the Electronic Discovery Act
(EDA), procedures, evidentiary privileges, and judicial review
for the request and production of electronically stored
information, as defined. (Code Civ. Proc. Secs. 1985.8,
2031.285.)
Existing law authorizes claims of evidentiary privilege on the
ground that the matter sought to be disclosed is a communication
made in confidence in the course of the lawyer-client, lawyer
referral service-client, physician-patient,
psychotherapist-patient, clergy-penitent, husband-wife, sexual
assault counselor-victim, domestic violence counselor-victim, or
human trafficking caseworker-victim relationship, the
communication is presumed to have been made in confidence and
the opponent of the claim of privilege has the burden of proof
to establish that the communication was not confidential.
(Evid. Code Sec. 917(a).) Further, a communication between
persons in one of these types of relationships does not lose its
privileged character for the sole reason that it is communicated
by electronic means or because persons involved in the delivery,
facilitation, or storage of electronic communication may have
access to the content of the communication. (Evid. Code Sec.
917(b).)
�
AB 691 (Calderon)
Page 6 of ?
Existing law makes document production provisions under the
Civil Discovery Act, which includes the Electronic Discovery Act
(EDA), applicable to civil actions and trial courts in which the
civil action is pending, and defines "electronic" to mean
relating to technology having electrical, digital, magnetic,
wireless, optical, electromagnetic, or similar capabilities, and
"electronically stored information" to mean information that is
stored in an electronic medium. (Code Civ. Proc. Sec.
2016.020.)
Existing federal law , under the Electronic Communications
Privacy Act (ECPA), limits the disclosure by an electronic
communication service or remote computing service of electronic
communication of a user and provides definitions for "electronic
communication," "user," electronic communications system," and
"electronic communication service." (18 U.S.C. Sec. 2510 et
seq.)
Existing federal law , the Stored Communications Act (SCA),
defines "remote computing service" to mean the provision to the
public of computer storage or processing services by means of an
electronic communications system. (18 U.S.C. Sec. 2711(2).)
Existing federal law prohibits a person or entity providing an
electronic communication service to the public from knowingly
divulging to any person or entity the contents of a
communication while in electronic storage by that service, and
prohibits a person or entity providing remote computing service
to the public from knowingly divulging to any person or entity
the contents of any communication which is carried or maintained
on that service:
on behalf of, and received by means of electronic transmission
from (or created by means of computer processing of
communications received by means of electronic transmission
from), a subscriber or customer of such service; and
solely for the purpose of providing storage or computer
processing services to such subscriber or customer, if the
provider is not authorized to access the contents of any such
communications for purposes of providing any services other
than storage or computer processing. (18 U.S.C. Sec.
2702(a)(1)-(2).)
Existing federal law also prohibits a provider of remote
computing service or electronic communication service to the
�
AB 691 (Calderon)
Page 7 of ?
public from knowingly divulging a record or other information
pertaining to a subscriber or customer of such service (not
including the contents of communications) to any governmental
entity. (18 U.S.C. Sec. 2702(a)(3).)
Existing federal law authorizes disclosure of the content of
electronic communications to an addressee or intended recipient
of such communication or an agent of such addressee or intended
recipient, as otherwise authorized under ECPA or the SCA; or
with the lawful consent of the originator or an addressee or
intended recipient of such communication, or the subscriber in
the case of remote computing service. (18 U.S.C. Sec. 2702(b).)
Existing law authorizes disclosure of a record or other
information pertaining to a subscriber or customer of an
electronic communication service or remote computing service
(not including the contents of communications) as otherwise
authorized, with the lawful consent of the customer or
subscriber; or to any person other than a governmental entity.
(18 U.S.C. Sec. 2702(c).)
This bill would establish the Privacy Expectation Afterlife and
Choices Act and provide for the voluntary disclosure of
electronic records, information, or contents of electronic
communications by a provider to the personal representative of
the estate or the trustee of the trust of a deceased user, as
specified.
This bill would authorize the provider to decline to respond to
a request because of a concern that complying with the request
may violate any other legal authority, be contrary to the wishes
of the user, or be otherwise inappropriate.
This bill would authorize a probate court that has jurisdiction
of the estate or trust of the deceased user to order a provider
to disclose to the personal representative or trustee a record,
information, or contents of an electronic communication if the
court makes specified findings of fact based on a sworn
declaration, indicating the good faith belief and efforts of the
personal representative or trustee, or any other admissible
evidence.
This bill , if no probate proceeding has been opened, would
authorize a personal representative or trustee to file a
verified petition seeking an order compelling the provider to
�
AB 691 (Calderon)
Page 8 of ?
provide the requested records, information, or contents of
communications or stored contents, and would require the
personal representative or trustee to file the petition in the
superior court of the county agreed to by the user in the terms
of service agreement or, in the absence of that agreement, the
county in which the deceased user resided at death.
This bill would subject the disclosure of the contents of the
deceased user's account to the executor or administrator of the
estate or the trustee of the trust to the same license,
restrictions, terms of service, and legal obligations, including
copyright law, that applied to the deceased user, and does not
require a provider to permit a requesting party to assume
control of a deceased user's account.
COMMENT
1. Stated need for the bill
The author writes:
Prior to the digital age, the memorabilia of our lives was
stored in a cardboard box in our parent's attic or under their
bed. Today, a significant portion of the information about
our lives is kept online on our personal accounts. Whether
it's Facebook, Twitter, YouTube or even email, the information
stored online are today's version of the photo albums, videos,
and hand-written journals of yesterday.
Most people expect the contents of these online communications
to remain private, even after they pass away; it's likely the
recipients of those messages likely expect the same.
According to a recent Zogby poll, over 70 [percent] of
Americans say their private online communications and photos
should remain private after they die, unless they gave prior
consent for others to access. Only 15 [percent] say that
estate attorneys should control their private communications
and photos, even if they gave no prior consent for sharing.
With no statute currently in place in California protecting
the online information of the newly deceased, families are
left responsible for accessing their loved ones information,
often times causing unnecessary financial and emotional
burdens' during a time that is already painfully difficult.
�
AB 691 (Calderon)
Page 9 of ?
2. Concerns with recent amendments
This bill would establish procedures for the disclosure of
electronic communication records and content to a deceased
user's personal representative or trustee. Proponents of this
bill assert that this bill would give Californians the right to
decide what happens to private information after they die and
assert that the bill creates a clear path for legitimate
requests for records needed to settle an estate. Proponents
argue that the bill honors a person's wishes by allowing a
personal representative or trustee to see contents of electronic
communications if the person consented to disclosure, permits a
court to order communication records on behalf of an executor or
trustee, complies with existing federal privacy law, avoids
revealing the wrong information to the wrong people, and
protects the privacy of living people who shared private
messages with the deceased person before they died.
Although this bill raises the overall policy issues discussed in
the Committee's analysis of July 13, 2015, the September 4,
2015, amendments to this bill raise additional issues, and the
bill is now opposed by the California Bankers Association (CBA),
the Executive Committee of the Trusts and Estates Section of the
State Bar of California (TEXCOM), and Judicial Council of
California (Judicial Council).
a. Revised Uniform Fiduciary Access to Digital Assets Act
(RUFADAA)
According to NCCUSL, the RUFADAA was recently approved and
represents a consensus reached among stakeholders, including
technology firms, privacy advocates, bankers, and the trust
and estate bar. NCCUSL asserts that the "consensus was the
result of a concerted effort by all parties over the last few
months to agree on a reasonable regulatory framework that will
balance the privacy interests of internet users with the need
for fiduciaries to perform their tasks and ensure the orderly
transfer of a decedent's assets to heirs. It gives legal
effect to an internet user's wishes when they are known, and
provides reasonable default rules that apply if the user has
not expressed a contrary intent. The act represents the best
opportunity to enact uniform legislation for an industry that
operates in every state." NCCUSL notes that the RUFADAA is
undergoing a final style review and the final act will be
published within a few weeks for consideration by state
�
AB 691 (Calderon)
Page 10 of ?
legislatures. In the meantime, NCCUSL recommended that this
Committee "take no action on digital assets legislation until
the [RUFADAA] is available for its consideration."
In addition, CBA asserts that "[d]espite the short time our
members have had to review the [RUFADAA], we conclude that the
[RUFADAA] is superior to the current version of AB 691.
Therefore, we urge the adoption of the [RUFADAA], or at a
minimum, a hybridized version." CBA argues that the RUFADAA
includes important definitions that ought to be adopted in
statute because, to the degree that there is ambiguity over
the definitions and key terms, the more challenging AB 691
will be to administer for all parties. CBA asserts that its
members are interested in being able to comply with the law,
but disagreements over some of the basic elements, or
distinctions in terms between states, will frustrate the
ability to comply with the law to the detriment of
beneficiaries.
b. Confusing and ambiguous terms in the bill
Judicial Council asserts that its probate committee has
reviewed multiple versions of AB 691 during this year and has
identified a variety of problems with the legislation from a
court administration standpoint. Judicial Council states that
this bill, among other things, requires the court to determine
that disclosure of the digital assets of the decedent "is not
in violation of another applicable federal or state law."
Judicial Council argues that it is unclear how a court would
be able to make such a finding. Judicial Council asserts that
the bill would require the fiduciary to make a sworn
declaration regarding facts the fiduciary can establish in
this context but the bill does not appear to eliminate the
court's responsibility to render its own conclusion on this
legal issue. TEXCOM argues that this requirement in the bill
"is a legal conclusion and not a finding of fact as
characterized by the bill. Second, and more importantly,
state superior courts, probate attorneys and California
decedents and their heirs generally are not experts in federal
privacy laws, data storage laws or other laws that might be
relevant to a fiduciary's access to digital assets. Few, if
any, are equipped to assert or determine a finding that the
disclosure of such records does not violate other laws from
other areas of expertise. Requiring state courts and
fiduciaries to establish the absence of a violation seems
�
AB 691 (Calderon)
Page 11 of ?
unnecessary given that AB 691 separately specifies that a
provider shall not be compelled to disclose communications if
such disclosure would violate another applicable law. The
providers and their counsel are highly sophisticated and
knowledgeable about the relevant laws. The provider should be
the party to establish whether there is any violation of such
laws." (Emphasis in original.)
Judicial Council also notes that the bill includes a number of
vague phrases that are confusing and will be difficult for the
court to interpret. Judicial Council states that the bill
requires the court to find that "the request is not in
conflict with the will, trust, or other written, electronic,
or oral expression of the deceased user's intent regarding
access to, or disposition of information contained in or
regarding the account of the deceased user." (Emphasis
added.) Judicial Council argues that this requirement
necessitates "proof of a negative. For example, the fiduciary
could state that to the best of his/her knowledge, the
decedent never made any oral statement anywhere to anyone
regarding contrary intent about the account. However, the
bill imposes an absolute requirement on the court that it must
find that the request does not conflict with any other
statement the decedent has ever made, in any form, at any
time, which would appear to be impossible as a practical
matter." On this point, TEXCOM notes the "impossible task
that will be required as a strict analytical matter for the
court to establish" that the request for electronic
communications does not conflict with any written, electronic,
or oral expression of the deceased user's intent.
TEXCOM argues that this bill uses vague terms which are
confusing for the public to understand and for courts to
apply. TEXCOM asserts that the bill "allows a provider to
refuse disclosure of digital content to a fiduciary in all
cases, even if the decedent consented to disclosure, 'because
of a concern that complying with the request may violate any
other legal authority, be contrary to the wishes of the user,
or be otherwise inappropriate.' This standard for unilateral
denial is unacceptably vague and arbitrary, and is likely to
result in confusion, prolonged or additional judicial
proceedings and litigation over its interpretation." In
addition, TEXCOM notes that this standard should include a
reasonable element ("reasonable concern") to require the
provider to demonstrate some legitimate basis for unilateral
�
AB 691 (Calderon)
Page 12 of ?
denial of disclosure.
c. Burden on the courts
This bill would establish a non-probate procedure through
which the decedent's personal representative or trustee could
seek an order compelling the provider to disclose the
requested records, information, or contents of communications
or stored contents. This procedure would require the personal
representative or trustee to file a petition in the superior
court of the county agreed to by the deceased user in the
terms of service agreement or, in the absence of that
agreement, the county in which the deceased user resided at
death.
Judicial Council notes that this non-probate process for a
personal representative or trustee to use to compel the
provider to disclose requested digital information pertaining
to the deceased user fails to contain any statutory provisions
governing notice or service of such a proceeding before that
order is issued. Judicial Council argues that requiring
notice to providers would create an opportunity for the
providers to participate in the proceeding if they want to
object before the order is issued; however, this bill,
instead, allows a provider served with an order compelling
disclosure of information to make a motion to vacate or modify
that order after the order has been issued by the court.
According to Judicial Council, "[t]he bill will therefore
result in unnecessary proceedings to vacate or modify orders,
forcing fiduciaries and courts to adjudicate the same issues a
second time."
Staff notes that the non-probate procedure would be subject to
the venue selection clause contained in the terms of service
agreement entered into by the decedent; accordingly, the
decedent's family member or trustee may be litigating the
disclosure request in a court in another state. TEXCOM
asserts that venue should be located in the county in which
the deceased user resided at death, as it generally is for
adjudication of post-death administration of a decedent's
affairs.
Notably, the bill does not actually require the provider to
release the electronic records, information, or content unless
it receives an order from the probate court with jurisdiction
over the decedent's estate or trust. Given that the
�
AB 691 (Calderon)
Page 13 of ?
non-probate procedure could result in an order from a court in
another state that does not have jurisdiction over the
decedent's estate or trust, the non-probate procedure
established by the bill may be ineffective in directing the
provider to release the records.
Judicial Council also states that the bill does not establish
a timeline "for a provider to respond to an otherwise lawful
request for information, and the bill allows a provider to
decline to respond to such requests any time the provider
determines, in its sole discretion, that it would 'be
otherwise inappropriate.' These provisions have the potential
to result in unnecessary court hearings and, in the council's
view, may unduly prolong the final administration of estates
and trusts."
TEXCOM states that the bill requires the court to determine
that there are "no other owners of, or persons or entities who
have registered with the provider with respect to, the account
of the deceased user," yet providers may be the sole parties
that have this information. Accordingly, TEXCOM argues that
it is probably impossible for a fiduciary or others to
determine this fact conclusively if the providers refuse to
cooperate with information requests.
TEXCOM further argues that "[i]ndividuals generally do not
expect or wish that administration of their estates will be
consumed by delays and costs resulting from cumbersome
judicial proceedings and litigation, to the detriment of their
heirs and beneficiaries." Judicial Council asserts that, as
presently drafted, the bill will be difficult for courts to
administer and will likely result in unnecessary confusion and
ancillary litigation over its vague and ambiguous terms. CBA
argues that the "underlying public policy is too important to
rush since the result impacts privacy rights and the rights of
beneficiaries." CBA, Judicial Council, and TEXCOM request
that the bill be made into a two-year bill in order to allow
the council and all other stakeholders sufficient time to work
with the author and sponsors over the interim on an
alternative approach modeled after the RUFADAA.
The Electronic Frontier Foundation (EFF), neutral on the bill,
has also indicated the need for continued discussions of the
provisions in the bill and desires that the bill be made a
two-year bill. EFF asserts that further dialogue on the bill
�
AB 691 (Calderon)
Page 14 of ?
could result in agreement on the necessary technical changes
and nomenclature corrections to garner support from the courts
and the privacy communities. EFF further states: "Similar to
our colleagues at the [American Civil Liberties Union (ACLU)],
we believe that with more time and effort, it is possible that
these problems could be resolved to the satisfaction of all
concerned. Regardless of whether the author retains the
existing language in the measure, or amends the bill to
reflect the revised UFADAA, we would welcome and support a
conversation for turning this legislation into a two-year
bill."
Support : AOL; California Chamber of Commerce; California
Hispanic Chambers of Commerce; California State Council of the
Service Employees International Union; Civil Justice Association
of California; Google; Internet Association; match.com; Mental
Health America; TechAmerica; Yahoo!
Opposition : California Bankers Association; Executive Committee
of the Trusts and Estates Section of the State Bar of
California; Judicial Council of California
HISTORY
Source : Facebook; TechNet
Related Pending Legislation : None Known
Prior Legislation :
SB 849 (Anderson, 2014) See Background.
AB 5 (Evans, Chapter 5, Statutes of 2009) See Background.
Prior Vote :
Senate Judiciary Committee (Ayes 6, Noes 0)
Assembly Floor (Ayes 79, Noes 0)
Assembly Privacy and Consumer Protection Committee (Ayes 11,
Noes 0)
Assembly Judiciary Committee (Ayes 10, Noes 0)
**************
�
AB 691 (Calderon)
Page 15 of ?