BILL ANALYSIS                                                                                                                                                                                                    Ó



                             SENATE JUDICIARY COMMITTEE
                         Senator Hannah-Beth Jackson, Chair
                             2015-2016  Regular  Session


          AB 691 (Calderon)
          Version: April 20, 2016
          Hearing Date: May 3, 2016
          Fiscal: No
          Urgency: No
          TMW

                            PURSUANT TO SENATE RULE 29.10
          
                                        SUBJECT
                                           
               Revised Uniform Fiduciary Access to Digital Assets Act

                                      DESCRIPTION  

          This bill would establish the Revised Uniform Fiduciary Access  
          to Digital Assets Act (RUFADAA) and authorize a decedent's  
          personal representative or trustee (fiduciary) to access and  
          manage digital assets and electronic communications, as  
          specified.  This bill would authorize a person to use an online  
          tool to give directions to the custodian of his or her digital  
          assets regarding the disclosure of those assets.  This bill  
          would specify that, if a person has not used an online tool to  
          give that direction, he or she may give direction regarding the  
          disclosure of digital assets in a will, trust, power of  
          attorney, or other record.

          This bill would require a custodian, as specified, of the  
          digital assets to comply with a fiduciary's request for  
          disclosure of digital assets or to terminate an account, except  
          under certain circumstances, including when the decedent has  
          prohibited this disclosure using the online tool.  This bill  
          would make custodians immune from liability for an act or  
          omission done in good faith in compliance with these provisions.

                                      BACKGROUND  

          In order to address privacy concerns with the use of computers  
          and other digital and electronic communications, Congress passed  
          the Electronic Communications Privacy Act of 1986 (ECPA) (18  
          U.S.C. Sec. 2510-22) to update the Federal Wiretap Act of 1968.   
          (The Electronic Communications Privacy Act of 1986 (ECPA),  
          Bureau of Justice Assistance, Office of Justice Programs, U.S.  
          Dept. of Justice (July 30, 2013)  [as of Apr. 14,  
          2016].)  The ECPA has been revised over the years by several  
          pieces of legislation, including the Uniting and Strengthening  
          America by Providing Appropriate Tools Required to Intercept and  
          Obstruct Terrorism Act of 2001 (USA Patriot Act), "to keep pace  
          with the evolution of new communications technologies and  
          methods, including easing restrictions on law enforcement access  
          to stored communications in some cases. . . .  The ECPA, as  
          amended, protects wire, oral, and electronic communications  
          while those communications are being made, are in transit, and  
          when they are stored on computers.  The [ECPA] applies to email,  
          telephone conversations, and data stored electronically."  (Id.)  
           The ECPA reflects a general approach of providing greater  
          privacy protection for materials in which there are greater  
          privacy interests.  (Id.)

          Notably, the ECPA is primarily targeted at limiting government  
          access to private user information.  However, this federal law  
          applies to communications sent or received by users and  
          restricts all access to the records and contents of those  
          communications, including access by an executor, administrator,  
          or trustee of a deceased user.  California state law provides  
          specified discovery procedures for parties in civil actions,  
          which include estate and trust proceedings, to obtain documents  
          that are stored electronically.  Those procedures were enacted  
          under AB 5 (Evans, Chapter 5, Statutes of 2009), which  
          established the Electronic Discovery Act.

          However, internet service and electronic storage providers are  
          subject to both federal and state electronic communications  
          privacy laws, which may conflict when a person, other than the  
          user sending or storing electronic communications or the  
          recipient of an electronic communication, attempts to obtain the  
          records or contents of the electronic records and  
          communications.  This is problematic when the executor,  
          administrator, or trustee (fiduciary) of a deceased user or  
          recipient is tasked with marshalling the decedent's assets and  
          liabilities in order to administer the decedent's trust or  
          estate.  Since many individuals are now receiving invoices and  
          billing in electronic form as a way to go "paperless,"  
          performing many financial transactions online, as well as  
          primarily corresponding through electronic means, obtaining the  
          decedent's electronic communications may be the only way for the  
          fiduciary to determine the assets and liabilities of the  








          AB 691 (Calderon)
          Page 3 of ? 


          decedent.  By 2014, seven states had enacted laws to grant some  
          degree of access of a decedent's electronic communications to  
          fiduciaries.

          In California, SB 849 (Anderson, 2014) would have authorized a  
          decedent's personal representative to request, and would have  
          authorized an electronic communication service or remote  
          computer service to provide, access to the electronic mail  
          account of a decedent or to copies of the content of the  
          account, subject to any applicable service agreement.  SB 849  
          was held in this Committee after testimony was taken.

          In July 2014, the National Conference of Commissioners on  
          Uniform State Laws (NCCUSL) approved the Uniform Fiduciary  
          Access to Digital Assets Act (UFADAA), which was recommended for  
          enactment in all states "to vest fiduciaries with the authority  
          to access, control, or copy digital assets and accounts[,] . . .  
           remove barriers to a fiduciary's access to electronic  
          records[,] and to leave unaffected other law, such as fiduciary,  
          probate, trust, banking, investment, securities, and agency  
          law."  (NCCUSL, Uniform Fiduciary Access to Digital Assets Act  
          (Apr. 2, 2015)  [as of Apr. 14, 2016] p. 1.)

          UFADAA was recently revised to clarify the application of  
          federal privacy laws and give legal effect to an account  
          holder's instructions for the disposition of digital assets.   
          According to NCCUSL, the 2014 UFADAA provided fiduciaries with  
          default access to all digital information, but the revised act  
          (RUFADAA) protects the contents of electronic communications  
          from disclosure without the user's consent, and fiduciaries can  
          still access other digital assets unless prohibited by the user.

          Prior versions of this bill would have enacted the Privacy  
          Expectation Afterlife and Choices Act, which is an alternative  
          approach to disclosure of a decedent's electronic information.   
          Recent amendments to the bill would adopt a modified version of  
          RUFADAA and establish procedures for a decedent's personal  
          representative or trustee to obtain digital assets and  
          electronic information from the custodian of those assets and  
          information.

                                CHANGES TO EXISTING LAW








          AB 691 (Calderon)
          Page 4 of ? 


           
           Existing law  authorizes a decedent's personal representative or  
          the public administrator to take possession or control of all of  
          the decedent's property to be administered in the decedent's  
          estate, and requires the personal representative to take all  
          steps reasonably necessary for the management, protection, and  
          preservation of the estate in his or her possession.  (Prob.  
          Code Secs. 7601(a), 7602, 9650(a)(1), (b).)

           Existing law  defines "fiduciary" to mean the decedent's personal  
          representative or the trustee of the decedent's trust.  (Prob.  
          Code Sec. 16323.)  Existing law defines "personal  
          representative" to mean the executor, administrator,  
          administrator with the will annexed, special administrator,  
          successor personal representative, public administrator, as  
          specified, or a person who performs substantially the same  
          function under the law of another jurisdiction governing the  
          person's status.  (Prob. Code Sec. 58(a).)

           Existing law provides that the personal representative has the  
          management and control of the estate and prescribes fiduciary  
          duties to the personal representative, including using ordinary  
          care and diligence in managing and controlling the decedent's  
          estate.  (Prob. Code Sec. 9600.)

           Existing law  requires the personal representative to file with  
          the court clerk an inventory of property to be administered in  
          the decedent's estate together with an appraisal, which must be  
          filed within four months after letters are first issued to a  
          general personal representative; however, the court may allow  
          such further time for filing an inventory and appraisal as is  
          reasonable under the circumstances of the particular case.   
          (Prob. Code Sec. 8800.)

           Existing law  , if the personal representative refuses or  
          negligently fails to file an inventory and appraisal within the  
          time allowed, upon petition of an interested person, authorizes  
          the court to: (1) compel the personal representative to file an  
          inventory and appraisal; (2) remove the personal representative  
          from office; and (3) impose on the personal representative  
          personal liability, which may include attorney's fees, for  
          injury to the estate or to an interested person that directly  
          results from the refusal or failure.  (Prob. Code Sec. 8804.)









          AB 691 (Calderon)
          Page 5 of ? 


           Existing law  requires the account to include both a financial  
          statement and a report of administration, as specified, and  
          requires the statement of liabilities in the report of  
          administration to include information as to whether notice to  
          creditors was given, as specified, creditor claims were filed,  
          as specified, creditor claims were not paid, satisfied, or  
          adequately provided for, and whether any real or personal  
          property is security for a claim, whether by mortgage, deed of  
          trust, lien, or other encumbrance.  (Prob. Code Sec. 10900.)

           Existing law  provides that if a report of status of  
          administration is made, the report must show the condition of  
          the estate, the reasons why the estate cannot be distributed and  
          closed, and an estimate of the time needed to close  
          administration of the estate.  (Prob. Code Sec. 12201(a).)  The  
          court is authorized to require the personal representative to  
          appear before the court to show the condition of the estate and  
          the reasons why the estate cannot be distributed and closed.   
          (Prob. Code Sec. 12202(a).)

           Existing law  authorizes a trustee or beneficiary of a trust to  
          petition the court concerning the internal affairs of the trust  
          or to determine the existence of the trust; proceedings  
          concerning the internal affairs of the trust include proceedings  
          to determine questions of construction of a trust instrument,  
          the existence or nonexistence of any immunity, power, privilege,  
          duty, or right, determining the validity of a trust provision,  
          ascertaining beneficiaries and determining to whom property  
          shall pass or be delivered upon final or partial termination of  
          the trust, to the extent the determination is not made by the  
          trust instrument, and settling the accounts and passing upon the  
          acts of the trustee, including the exercise of discretionary  
          powers.  (Prob. Code Sec. 17200.)

           Existing law , the Electronic Discovery Act (EDA), establishes  
          procedures, evidentiary privileges, and judicial review for the  
          request and production of electronically stored information, as  
          defined.  (Code Civ. Proc. Secs. 1985.8, 2031.285.)

           Existing law  authorizes claims of evidentiary privilege on the  
          grounds that the matter sought to be disclosed is a  
          communication made in confidence in the course of the  
          lawyer-client, lawyer referral service-client,  
          physician-patient, psychotherapist-patient, clergy-penitent,  








          AB 691 (Calderon)
          Page 6 of ? 


          husband-wife, sexual assault counselor-victim, domestic violence  
          counselor-victim, or human trafficking caseworker-victim  
          relationship, the communication is presumed to have been made in  
          confidence and the opponent of the claim of privilege has the  
          burden of proof to establish that the communication was not  
          confidential.  (Evid. Code Sec. 917(a).)  Further, a  
          communication between persons in one of these types of  
          relationships does not lose its privileged character for the  
          sole reason that it is communicated by electronic means or  
          because persons involved in the delivery, facilitation, or  
          storage of electronic communication may have access to the  
          content of the communication.  (Evid. Code Sec. 917(b).)
           Existing law  makes document production provisions under the  
          Civil Discovery Act, which includes the EDA, applicable to civil  
          actions and trial courts in which the civil action is pending,  
          and defines "electronic" to mean relating to technology having  
          electrical, digital, magnetic, wireless, optical,  
          electromagnetic, or similar capabilities, and "electronically  
          stored information" to mean information that is stored in an  
          electronic medium.  (Code Civ. Proc. Sec. 2016.020.)
           
          Existing federal law  , under the Electronic Communications  
          Privacy Act (ECPA), limits the disclosure by an electronic  
          communication service or remote computing service of electronic  
          communication of a user and provides definitions for "electronic  
          communication," "user," electronic communications system," and  
          "electronic communication service."  (18 U.S.C. Sec. 2510 et  
          seq.)  

           Existing federal law  , the Stored Communications Act (SCA),  
          defines "remote computing service" to mean the provision to the  
          public of computer storage or processing services by means of an  
          electronic communications system.  (18 U.S.C. Sec. 2711(2).)

           Existing federal law  prohibits a person or entity providing an  
          electronic communication service to the public from knowingly  
          divulging to any person or entity the contents of a  
          communication while in electronic storage by that service, and  
          prohibits a person or entity providing remote computing service  
          to the public from knowingly divulging to any person or entity  
          the contents of any communication which is carried or maintained  
          on that service:
           on behalf of, and received by means of electronic transmission  
            from (or created by means of computer processing of  








          AB 691 (Calderon)
          Page 7 of ? 


            communications received by means of electronic transmission  
            from), a subscriber or customer of such service; and
           solely for the purpose of providing storage or computer  
            processing services to such subscriber or customer, if the  
            provider is not authorized to access the contents of any such  
            communications for purposes of providing any services other  
            than storage or computer processing.  (18 U.S.C. Sec.  
            2702(a)(1)-(2).)
          
           Existing federal law  also prohibits a provider of remote  
          computing service or electronic communication service to the  
          public from knowingly divulging a record or other information  
          pertaining to a subscriber or customer of such service (not  
          including the contents of communications) to any governmental  
          entity.  (18 U.S.C. Sec. 2702(a)(3).)

           Existing federal law  authorizes disclosure of the content of  
          electronic communications to an addressee or intended recipient  
          of such communication or an agent of such addressee or intended  
          recipient, as otherwise authorized under ECPA or the SCA; or  
          with the lawful consent of the originator or an addressee or  
          intended recipient of such communication, or the subscriber in  
          the case of remote computing service.  (18 U.S.C. Sec. 2702(b).)

           Existing law  authorizes disclosure of a record or other  
          information pertaining to a subscriber or customer of an  
          electronic communication service or remote computing service  
          (not including the contents of communications) as otherwise  
          authorized, with the lawful consent of the customer or  
          subscriber; or to any person other than a governmental entity.   
          (18 U.S.C. Sec. 2702(c).)

           This bill  would establish the Revised Uniform Fiduciary Access  
          to Digital Assets Act (RUFADAA), and provide the following  
          definitions:
           "account" means an arrangement under a terms-of-service  
            agreement in which the custodian carries, maintains,  
            processes, receives, or stores a digital asset of the user or  
            provides goods or services to the user;
           "carries" means engages in the transmission of electronic  
            communications;
           "catalogue of electronic communications" means information  
            that identifies each person with which a user has had an  
            electronic communication, the time and date of the  








          AB 691 (Calderon)
          Page 8 of ? 


            communication, and the electronic address of the person;
           "content of an electronic communication" means information  
            concerning the substance or meaning of the communication,  
            which meets all of the following requirements:
             o    has been sent or received by a user;
             o    is in electronic storage by a custodian providing an  
               electronic communication service to the public or is  
               carried or maintained by a custodian providing a  
               remote-computing service to the public; and
             o    is not readily accessible to the public;
           "court" means the superior court presiding over the probate  
            proceedings which have been initiated to administer the estate  
            of the deceased user, or, if none, the superior court sitting  
            in the exercise of jurisdiction in the county of the user's  
            domicile, and the court, as defined, would have exclusive  
            jurisdiction over proceedings brought under this bill;
           "custodian" means a person that carries, maintains, processes,  
            receives, or stores a digital asset of a user;
           "designated recipient" means a person chosen by a user using  
            an online tool to administer digital assets of the user;
           "digital asset" means an electronic record in which an  
            individual has a right or interest, but does not include an  
            underlying asset or liability, unless the asset or liability  
            is itself an electronic record;
           "electronic" means relating to technology having electrical,  
            digital, magnetic, wireless, optical, electromagnetic, or  
            similar capabilities;
           "electronic communication" has the same meaning as the  
            definition in Section 2510(12) of Title 18 of the United  
            States Code;
           "electronic communication service" means a custodian that  
            provides to a user the ability to send or receive an  
            electronic communication;
           "fiduciary" means an original, additional, or successor  
            personal representative or trustee;
           "information" means data, text, images, videos, sounds, codes,  
            computer programs, software, databases, or other items with  
            like characteristics;
           "online tool" means an electronic service provided by a  
            custodian that allows the user, in an agreement distinct from  
            the terms-of-service agreement between the custodian and user,  
            to provide directions for disclosure or nondisclosure of  
            digital assets to a third person;
           "person" means an individual, estate, business or nonprofit  








          AB 691 (Calderon)
          Page 9 of ? 


            entity, public corporation, government or governmental  
            subdivision, agency, or instrumentality, or other legal  
            entity;
           "personal representative" means an executor, administrator,  
            special administrator, or person that performs substantially  
            the same function under any other law;
           "power of attorney" means a record that grants an agent  
            authority to act in the place of the principal;
           "record" means information that is inscribed on a tangible  
            medium or that is stored in an electronic or other medium and  
            is retrievable in a perceivable form;
           "remote-computing service" means a custodian that provides to  
            a user computer processing services or the storage of digital  
            assets by means of an electronic communications system, as  
            defined in Section 2510(4) of Title 18 of the United States  
            Code;
           "terms-of-service agreement" means an agreement that controls  
            the relationship between a user and a custodian;
           "trustee" means a fiduciary with legal title to property under  
            an agreement or declaration that creates a beneficial interest  
            in another, and this term includes a successor trustee;
           "user" means a person that has an account with a custodian;  
            and
           "will" includes a codicil, a testamentary instrument that only  
            appoints an executor, or an instrument that revokes or revises  
            a testamentary instrument.

           This bill  would apply to:  (1) a fiduciary acting under a will  
          executed before, on, or after January 1, 2017; (2) a personal  
          representative acting for a decedent who died before, on, or  
          after January 1, 2017; (3) a trustee acting under a trust  
          created before, on, or after January 1, 2017; and (4) a  
          custodian of digital assets for a user if the user resides in  
          this state or resided in this state at the time of the user's  
          death.

           This bill  would not apply to a digital asset of an employer used  
          by an employee in the ordinary course of the employer's  
          business.

           This bill  would authorize a user to use an online tool to direct  
          the custodian to disclose to a designated recipient or not  
          disclose some or all of the user's digital assets, including the  
          content of electronic communications.








          AB 691 (Calderon)
          Page 10 of ? 



          This bill  would provide that, if the online tool allows the user  
          to modify or delete a direction at all times, a direction  
          regarding disclosure using an online tool would override a  
          contrary direction by the user in a will, trust, power of  
          attorney, or other record.

           This bill  would provide that if a user has not used an online  
          tool to give direction or if a custodian has not provided an  
          online tool, a user may allow or prohibit in a will, trust,  
          power of attorney, or other record the disclosure to a fiduciary  
          of some or all of the user's digital assets, including the  
          contents of electronic communications sent or received by the  
          user.

           This bill  would specify that a user's direction through the  
          online tool or testamentary document would override a contrary  
          provision in a terms-of-service agreement that does not require  
          the user to act affirmatively and distinctly from the user's  
          assent to the terms-of-service agreement.

           This bill  would not change or impair a right of a custodian or a  
          user under a terms-of-service agreement to access and use  
          digital assets of a user, and does not give a fiduciary or  
          designated recipient any new or expanded rights other than those  
          held by the user for whom, or for whose estate or trust, the  
          fiduciary or designated recipient acts or represents.
                                      
           This bill  would provide that a fiduciary's or designated  
          recipient's access to digital assets may be modified or  
          eliminated by a user, by federal law, or by a terms-of-service  
          agreement when the user has not provided any direction, as  
          specified.

           This bill  , when disclosing the digital assets of a user, would  
          authorize the custodian, in its sole discretion, to do any of  
          the following:
           grant the fiduciary or designated recipient full access to the  
            user's account;
           grant the fiduciary or designated recipient partial access to  
            the user's account sufficient to perform the tasks with which  
            the fiduciary or designated recipient is charged; and
           provide the fiduciary or designated recipient with a copy in a  
            record of any digital asset that, on the date the custodian  








          AB 691 (Calderon)
          Page 11 of ? 


            received the request for disclosure, the user could have  
            accessed if the user were alive and had full capacity and  
            access to the account.

           This bill  would authorize a custodian to assess a reasonable  
          administrative charge for the cost of disclosing digital assets  
          and would not require a custodian to disclose a digital asset  
          deleted by a user.
           
          This bill  would provide that if a user directs or a fiduciary or  
          designated recipient requests a custodian to disclose some, but  
          not all, of the user's digital assets, the custodian need not  
          disclose the assets if segregation of the assets would impose an  
          undue burden on the custodian. 

           This bill  , if the custodian believes the direction or request  
          imposes an undue burden, would authorize the custodian,  
          fiduciary, or designated recipient to petition the court for an  
          order to do any of the following:  (1) disclose a subset limited  
          by date of the user's digital assets; (2) disclose all of the  
          user's digital assets to the fiduciary or designated recipient;  
          (3) disclose none of the user's digital assets; and (4) disclose  
          all of the user's digital assets to the court for review in  
          camera.

           This bill  , if a deceased user consented to or a court directs  
          disclosure of the content of electronic communications of the  
          user, would require the custodian to disclose to the personal  
          representative of the estate of the user the content of an  
          electronic communication sent or received by the user if the  
          personal representative gives to the custodian all of the  
          following documentation:
           a written request for disclosure in physical or electronic  
            form;
           a certified copy of the death certificate of the user;
           a certified copy of the letter of appointment of the  
            representative, a small-estate affidavit, as specified, or  
            court order;
           unless the user provided direction using an online tool, a  
            copy of the user's will, trust, power of attorney, or other  
            record evidencing the user's consent to disclosure of the  
            content of electronic communications; and
           if requested by the custodian, any of the following:
             o    a number, user name, address, or other unique subscriber  








          AB 691 (Calderon)
          Page 12 of ? 


               or account identifier assigned by the custodian to identify  
               the user's account;
             o    evidence linking the account to the user; and
             o    an order of the court finding any of the following:  (1)  
               that the user had a specific, identifiable account with the  
               custodian; (2) that disclosure of the content of the user's  
               electronic communications would not violate Chapter 121  
               (commencing with Section 2701) of Part 1 of Title 18 of,  
               and Section 222 of Title 47 of, the United State Code, or  
               other applicable law; (3) unless the user provided  
               direction using an online tool, that the user consented to  
               disclosure of the content of electronic communications; and  
               (4) that disclosure of the content of electronic  
               communications of a user is reasonably necessary for estate  
               administration.

           This bill  , unless the user prohibited disclosure of digital  
          assets or the court directs otherwise, would require a custodian  
          to disclose to the personal representative of the estate of a  
          deceased user a catalogue of electronic communications sent or  
          received by the user and digital assets, other than the content  
          of electronic communications, of the user, if the personal  
          representative gives to the custodian specified documentation.

           This bill  , unless otherwise ordered by the court, directed by  
          the user, or provided in a trust, would require a custodian to  
          disclose to a trustee that is not an original user of an account  
          the content of an electronic communication sent or received by  
          an original or successor user and carried, maintained,  
          processed, received, or stored by the custodian in the account  
          of the trust if the trustee gives to the custodian specified  
          documentation.

           This bill  , unless otherwise ordered by the court, directed by  
          the user, or provided in a trust, would require a custodian to  
          disclose, to a trustee that is not an original user of an  
          account, the catalogue of electronic communications sent or  
          received by an original or successor user and stored, carried,  
          or maintained by the custodian in an account of the trust and  
          any digital assets, other than the content of electronic  
          communications, in which the trust has a right or interest if  
          the settlor of the trust is deceased and the trustee gives to  
          the custodian specified documentation.









          AB 691 (Calderon)
          Page 13 of ? 


           This bill  would provide that the legal duties imposed on a  
          fiduciary charged with managing tangible property apply to the  
          management of digital assets, including all of the following:   
          (1) the duty of care; (2) the duty of loyalty; and (3) the duty  
          of confidentiality.

           This bill  would make all of the following applicable to a  
          fiduciary's or designated recipient's authority with respect to  
          a digital asset of a user:
           except as otherwise specified, a fiduciary's or designated  
            recipient's authority is subject to the applicable  
            terms-of-service agreement;
           a fiduciary's or designated recipient's authority is subject  
            to other applicable law, including copyright law;
           in the case of a fiduciary, a fiduciary's authority is limited  
            by the scope of the fiduciary's duties; and 
           a fiduciary's or designated recipient's authority may not be  
            used to impersonate the user.

           This bill  would provide that a fiduciary with authority over the  
          property of a decedent or settlor has the right of access to any  
          digital asset in which the decedent or settlor had a right or  
          interest and that is not held by a custodian or subject to a  
          terms-of-service agreement.

          This bill  would specify that a fiduciary acting within the scope  
          of the fiduciary's duties is an authorized user of the property  
          of the decedent or settlor for the purpose of applicable  
          computer-fraud and unauthorized-computer-access laws.
           
          This bill  would provide that a fiduciary with authority over the  
          tangible, personal property of a decedent or settlor has the  
          right to access the property and any digital asset stored in it  
          and is an authorized user for purposes of any applicable  
          computer-fraud and unauthorized-computer-access laws.

           This bill  would authorize a custodian to disclose information in  
          an account to a fiduciary of the decedent or settlor when the  
          information is required to terminate an account used to access  
          digital assets licensed to the user.

           This bill  would authorize a fiduciary of a decedent or settlor  
          to request a custodian to terminate the user's account, but the  
          request for termination must be in writing, in either physical  








          AB 691 (Calderon)
          Page 14 of ? 


          or electronic form, and accompanied by specified documentation.
           This bill  , not later than 60 days after receipt of the  
          information required, as specified, would require a custodian to  
          comply with a request from a fiduciary or designated recipient  
          to disclose digital assets or terminate an account; if the  
          custodian fails to comply with a request, the fiduciary or  
          designated recipient would be authorized to apply to the court  
          for an order directing compliance.

           This bill  would require the court order directing complaint to  
          contain a finding that compliance is not in violation of Section  
          2702 of Title 18 of the United States Code.

           This bill  would authorize a custodian to notify a user that a  
          request for disclosure of digital assets or to terminate an  
          account was made.

           This bill  would authorize a custodian to deny a request from a  
          fiduciary or designated recipient for disclosure of digital  
          assets or to terminate an account if the custodian is aware of  
          any lawful access to the account following the date of death of  
          the user.

           This bill  would not limit a custodian's ability to obtain or to  
          require a fiduciary or designated recipient requesting  
          disclosure or account termination to obtain a court order that  
          makes all of the following findings:
           the account belongs to the decedent, principal, or trustee;
           there is sufficient consent from the decedent, principal, or  
            settlor to support the requested disclosure; and
           any specific factual finding required by any other applicable  
            law in effect at that time, including, but not limited to, a  
            finding that disclosure is not in violation of Section 2702 of  
            Title 18 of the United States Code.

           This bill  would make a custodian and its officers, employees,  
          and agents immune from liability for an act or omission done in  
          good faith and compliance with the RUFADAA.

           This bill  would require, in applying and construing the RUFADAA,  
          which is based upon a uniform act, consideration to be given to  
          the need to promote uniformity of the law with respect to its  
          subject matter among states that enact similar acts.









          AB 691 (Calderon)
          Page 15 of ? 


           This bill  would specify that it modifies, limits, or supersedes  
          the federal Electronic Signatures in Global and National  
          Commerce Act (E-SIGN) (15 U.S.C. Sec. 7001 et seq.), but does  
          not modify, limit, or supersede Section 101(c) of that act (15  
          U.S.C. Sec. 7001(c)) or authorize electronic delivery of any of  
          the notices described in Section 103(b) of that act (15 U.S.C.  
          Sec. 7003(b)).

           This bill  would make disclosure of the contents of the deceased  
          user's or settlor's account to a fiduciary of the deceased user  
          or settlor subject to the same license, restrictions, terms of  
          service, and legal obligations, including copyright law, that  
          applied to the deceased user or settlor.

           This bill  would specify that if any provision or application of  
          the RUFADAA to any person or circumstance is held invalid, the  
          invalidity does not affect other provisions or applications of  
          the RUFADAA that can be given effect without the invalid  
          provision or application, and, to this end, the provisions of  
          the RUFADAA are severable.

                                        COMMENT
           
          1.  Stated need for the bill  
          
          The author writes:
            
            Prior to the digital age, the memorabilia of our lives was  
            stored in a cardboard box in our parent's attic or under their  
            bed.  Today, a significant portion of the information about  
            our lives is kept online on our personal accounts.  Whether  
            it's Facebook, Twitter, YouTube or even email, the information  
            stored online are today's version of the photo albums, videos,  
            and hand-written journals of yesterday. 

            Most people expect the contents of these online communications  
            to remain private, even after they pass away; it's likely the  
            recipients of those messages likely expect the same.   
            According to a recent Zogby poll, over 70 [percent] of  
            Americans say their private online communications and photos  
            should remain private after they die, unless they gave prior  
            consent for others to access.  Only 15 [percent] say that  
            estate attorneys should control their private communications  
            and photos, even if they gave no prior consent for sharing.








          AB 691 (Calderon)
          Page 16 of ? 



            With no statute currently in place in California protecting  
            the online information of the newly deceased, families are  
            left responsible for accessing their loved ones information,  
            often times causing unnecessary financial and emotional  
            burdens'  during a time that is already painfully difficult.

            AB 691 addresses this issue by striking a balance between  
            providing a clear path for fiduciaries to access relevant  
            information to handle the deceased person's estate, while  
            respecting the privacy choices of not just the deceased person  
            but those with whom the deceased was communicating.

          2.  Digital assets  

          With the explosion of the various uses of the Internet,  
          including electronic communication through email, social media  
          Internet Web sites, blogs, and electronic media purchases  
          through such Internet Web sites as iTunes and Amazon.com,  
          questions regarding ownership and access to those "digital  
          assets" upon death or incapacity are becoming more common.   
          According to the National Conference of Commissions on Uniform  
          State Laws (NCCUSL), these digital assets, which range from  
          online gaming items to photos, to digital music, to clients,  
          have real value:  American consumers valued their digital  
          assets, on average, at almost $55,000.  (NCCUSL, Draft of  
          Fiduciary Access to Digital Assets Act (Apr. 10, 2014), p. 1,  
          citing Green, Passing Down Digital Assets, Wall Street Journal  
          (Aug. 31, 2012)  [as of Apr. 16, 2016].)  The ability of a  
          personal representative to gain access or control over those  
          digital assets is unclear and is subject to both federal privacy  
          and computer "hacking" laws as well as state probate law.  

          As the author points out, recent polls show that individuals  
          want their private online communications and photographs to  
          remain private after they die, unless they have provided consent  
          for someone else to access this content.  Online content posted  
          or transmitted by Internet users raises a host of legal issues,  
          including user ownership of digital assets and privacy  
          protection for Internet users.  When someone dies, three  
          particular issues rise to the surface - access to the deceased  
          user's (decedent) electronic communications and digital assets,  








          AB 691 (Calderon)
          Page 17 of ? 


          control of the decedent's electronic communications, online  
          financial accounts and digital assets, and disclosure by the  
          providers of electronic communication and remote computing  
          services (custodian) of the decedent's online content.

          Complicating these issues are the terms of service agreements  
          that most Internet service providers and Internet Web sites  
          require their users to agree to in order to use these services  
          and sites.  For example, Yahoo's terms of service provide that  
          the user's account is non-transferable and any rights to user's  
          Yahoo ID or contents within the account terminate upon the  
          user's death.  (Yahoo, Terms of Service, General Information, No  
          Right of Survivorship and Non-Transferability  [as of July 4,  
          2015].)  On the other hand, Microsoft provides a "Next of Kin"  
          process that allows the content, including all emails and  
          attachments thereto, in the user's Outlook account to be  
          released to the user's next of kin following an authentication  
          process, after which the account contents are released by way of  
          a data DVD shipped to the next of kin.  (Microsoft, Next of Kin  
          Process for Outlook.com  [as of Apr. 16, 2016].)

          SB 849 (Anderson, 2014) attempted to address these issues  
          regarding the digital assets of decedents and would have  
          provided a personal representative access to a decedent's  
          electronic mail account, as well as access to copies of the  
          content of the account, subject to the applicable terms of  
          service agreement.  When SB 849 was reviewed by this Committee,  
          the complex issues of digital assets were considered, including  
          what is a digital asset, and how can the decedent's fiduciary  
          marshal all of the decedent's assets when the types of digital  
          assets continues to expand and there is no comprehensive  
          definition as to what may be considered a digital asset (i.e.,  
          original emails, bitcoin, credits purchased on Facebook, blog  
          content, digital music, etc.).

          This bill would resolve those issues by defining a digital asset  
          to mean an electronic record in which an individual has a right  
          or interest, but would not include an underlying asset or  
          liability, unless the asset or liability is itself an electronic  
          record.  Further, the scope of this bill is limited and only  
          applies to electronic information being requested from the  
          custodians of the digital assets by a decedent's personal  








          AB 691 (Calderon)
          Page 18 of ? 


          representative, administrator, executor, or trustee (fiduciary)  
          for the purpose of ascertaining the decedent's assets and  
          liabilities.

          3.  Revised Uniform Fiduciary Access to Digital Assets Act  
            (RUFADAA)  

          This bill would enact the RUFADAA and provide procedures through  
          which a decedent's fiduciary could obtain access to, or a  
          catalogue or content of, the decedent's digital assets from the  
          custodian of those digital assets.  According to NCCUSL:

            The purpose of the [RUFADAA] is twofold.  First, it gives  
            fiduciaries the legal authority to manage digital assets and  
            electronic communications in the same way they manage tangible  
            assets and financial accounts, to the extent possible.   
            Second, it gives custodians of digital assets and electronic  
            communications legal authority to deal with the fiduciaries of  
            their users, while respecting the user's reasonable  
            expectation of privacy for personal communications.  The  
            general goal of the act is to facilitate fiduciary access and  
            custodian disclosure while respecting the privacy and intent  
            of the user.  It adheres to the traditional approach of trusts  
            and estates law, which respects the intent of an account  
            holder and promotes the fiduciary's ability to administer the  
            account holder's property in accord with legally-binding  
            fiduciary duties.  The act removes barriers to a fiduciary's  
            access to electronic records and property and leaves  
            unaffected other law, such as fiduciary, probate, trust,  
            banking, investment securities, agency, and privacy law.   
            (NCCUSL, Revised Uniform Fiduciary Access to Digital Assets  
            Act (2015) (Mar. 8, 2015)  [as of Apr. 16, 2016] p. 1.)

          Although the RUFADAA, approved for use in all 50 states, would  
          apply to personal representatives of decedents' estates,  
          conservators for protected persons and individuals, agents  
          acting pursuant to a power of attorney, and trustees, this bill  
          would adopt a modified version of RUFADAA and would not provide  
          for conservator access to a conservatee's digital assets.

          NCCUSL states that the RUFADAA was recently approved and  
          represents a consensus reached among stakeholders, including  








          AB 691 (Calderon)
          Page 19 of ? 


          technology firms, privacy advocates, bankers, and the trust and  
          estate bar.  NCCUSL asserts that the "consensus was the result  
          of a concerted effort by all parties over the last few months to  
          agree on a reasonable regulatory framework that will balance the  
          privacy interests of internet users with the need for  
          fiduciaries to perform their tasks and ensure the orderly  
          transfer of a decedent's assets to heirs.  It gives legal effect  
          to an internet user's wishes when they are known, and provides  
          reasonable default rules that apply if the user has not  
          expressed a contrary intent.  The act represents the best  
          opportunity to enact uniform legislation for an industry that  
          operates in every state."  RUFADAA has been formally endorsed by  
          the Association of American Retired Persons (AARP), the Center  
          for Democracy and Technology, Facebook, Google, and the National  
          Academy of Elder Law Attorneys.  (NCCUSL, Legislative Fact Sheet  
          - Revised Uniform Fiduciary Access to Digital Assets Act (2015)  
           [as of Apr.  
          16, 2016].)

          To date, 10 states (Colorado, Florida, Idaho, Indiana, Michigan,  
          Oregon, Tennessee, Washington, Wisconsin, and Wyoming) have  
          enacted RUFADAA, and at least 18 other states have introduced  
          RUFADAA legislation this year.  (NCCUSL, Fiduciary Access to  
          Digital Assets Act, Revised (2015)  
           [as of Apr. 16, 2016].)

          4.  Terms of service agreements
           
          This bill would not change or impair a right of a custodian or a  
          user under a terms-of-service agreement to access and use  
          digital assets of a user, and does not give a fiduciary or  
          designated recipient any new or expanded rights other than those  
          held by the user for whom, or for whose estate or trust, the  
          fiduciary or designated recipient acts or represents.  This bill  
          would provide that a fiduciary's or designated recipient's  
          access to digital assets may be modified or eliminated by a  
          user, by federal law, or by a terms-of-service agreement when  
          the user has not provided any direction, as specified.

          As discussed under Comment 2, provider terms of service  
          agreements establish varying degrees of release of account  








          AB 691 (Calderon)
          Page 20 of ? 


          content.  Some providers state that upon the user's death, the  
          account contents are non-transferrable, while others provide  
          some degree of content disclosure to family of the deceased  
          user.  These terms of service agreements may also include choice  
          of law and forum clauses that limit the user's ability to file  
          an action against the electronic information provider.  For  
          example, Yahoo specifies that any and all claims, causes of  
          action or disputes (regardless of theory) arising out of or  
          relating to the terms of service, or the relationship between  
          the user and Yahoo, shall be brought exclusively in the courts  
          located in the county of Santa Clara, California or the U.S.  
          District Court for the Northern District of California.  (Yahoo,  
          Terms of Service, General Information, Choice of Law and Forum  
                                                                          
          [as of Apr. 16, 2016].)

          Although the terms of service agreement may provide a choice of  
          law or forum clause, this bill specifically permits, pursuant to  
          the definition of "court" provided in this bill, the decedent's  
          fiduciary to file an action to compel disclosure of digital  
          assets in the superior court presiding over the probate  
          proceedings initiated to administer the decedent's estate or, if  
          none, the superior court in the county of the decedent's  
          domicile.

          5.  Privacy protections  

          This bill would provide protections for a deceased user's  
          private electronic communications by establishing the  
          circumstances under which the custodian of the electronic  
          communications could disclose those communications.  This bill  
          would establish a three-tier priority system for determining the  
          user's intent for disclosure of his or her electronic  
          communications.

          First in priority, the bill would authorize disclosure pursuant  
          to the user's designation through an online tool.  This tool  
          would provide the most current reflection of the user's intent  
          for disclosure to another person.  Second, the user can provide  
          directions in an estate plan for the disposition of the user's  
          digital assets.  The custodian would then be able to rely on the  
          testamentary document containing these disclosure instructions,  
          which would then have legal effect pursuant to this bill.









          AB 691 (Calderon)
          Page 21 of ? 


          If the user did not provide any direction regarding disclosure  
          of digital assets, the terms-of-service governing the account  
          would apply. If the terms-of-service do not address fiduciary  
          access to digital assets, the default rules provided in the bill  
          would apply.  (NCCUSL, Revised Uniform Fiduciary Access to  
          Digital Assets Act (2015) (Mar. 8, 2015)  
           [as of  
          Apr. 16, 2016] p. 11.)

          6.  Fiduciary duties  

          A decedent's fiduciary has a duty to the decedent to execute the  
          terms of the decedent's testamentary documents.  The fiduciary  
          is also subject to multiple statutory duties, including care and  
          loyalty, to the beneficiaries of the decedent's estate or trust.  
           A decedent's fiduciary is also required to keep the  
          beneficiaries reasonably informed and fully disclose all  
          material information necessary to protect the beneficiaries'  
          interests.  In addition to the duties of care and loyalty, this  
          bill would also establish the fiduciary's duty of  
          confidentiality.

          As stated by the author, most people expect the contents of  
          their electronic communications to remain private after they  
          pass away, and the recipients and senders of those messages  
          likely expect the same.  To the extent the decedent limits  
          access to his or her electronic information so that the  
          information is only disclosable to or accessible by the  
          fiduciary, either through the online tool or pursuant to  
          testamentary documents, this bill inherently incorporates the  
          decedent's expectation that the fiduciary will maintain the  
          decedent's confidentiality upon receiving the electronic  
          information.

          Arguably, the duty of confidentiality provision goes to the  
          heart of the privacy concerns this bill seeks to address.  Since  
          the fiduciary would only be able to receive the content of or  
          access to the electronic communications pursuant to the  
          decedent's online designation, authorization in a testamentary  
          document, or by court order for the purpose of administering the  
          decedent's trust or estate, this provision effectively resolves  
          much of the concern regarding disclosure of the decedent's  
          confidential electronic communications.  However, the duty of  








          AB 691 (Calderon)
          Page 22 of ? 


          confidentiality may conflict with the fiduciary's duty to  
          disclose material information to the beneficiaries.  In the  
          event the beneficiaries seek information obtained by the  
          fiduciary from the custodian that the fiduciary believes is  
          confidential and not pertinent to the administration of the  
          estate or the trust, the fiduciary could petition the court for  
          instructions on whether the fiduciary has to disclose the  
          information to the beneficiaries.

          7.  Custodian immunity from liability  

          This bill would make a custodian and its officers, employees,  
          and agents immune from liability for an act or omission done in  
          good faith and compliance with the RUFADAA.  According to  
          comments pertaining to this provision provided in RUFADAA:

            This section establishes that custodians are protected from  
            liability when they act in accordance with the procedures of  
            this act and in good faith.  The types of actions covered  
            include disclosure as well as transfer of copies.  The  
            critical issue in conferring immunity is the source of the  
            liability.  Direct liability is not subject to immunity;  
            indirect liability is subject to immunity. 

            Direct liability could only arise from noncompliance with a  
            judicial order issued under sections 7 to 15.  Upon  
            determination of a right of access under those sections, a  
            court may issue an order to grant access under section 16.   
            Section 16(b) requires that an order directing compliance  
            contain a finding that compliance is not in violation of 18  
            U.S.C. Section 2702.  Noncompliance with that order would give  
            rise to liability for contempt.  There is no immunity from  
            this liability. 

            Indirect liability could arise from granting a right of access  
            under this act.  Access to a digital asset might invade the  
            privacy or [] harm the reputation of the decedent, protected  
            person, principal, or settlor, it might harm the family or  
            business of the decedent, protected person, principal, or  
            settlor, and it might harm other persons.  The grantor of  
            access to the digital asset is immune from liability arising  
            out of any of these circumstances if the grantor acted in good  
            faith to comply with this act.  If there is a judicial order  
            under section 16, compliance with the order establishes good  








          AB 691 (Calderon)
          Page 23 of ? 


            faith.  Absent a judicial order under section 16, good faith  
            must be established by the grantor's assessment of the  
            requirements of this act. 

            Further, Section 16 (e) allows the custodian to verify that  
            the account belongs to the person represented by the  
            fiduciary.  (NCCUSL, Revised Uniform Fiduciary Access to  
            Digital Assets Act (2015) (Mar. 8, 2015)  
             [as of Apr. 16, 2016] p. 30.)

          Accordingly, the intent of the custodian immunity provided in  
          this bill is to protect the custodian from liability for  
          disclosure of a digital asset as long as the custodian was  
          acting in good-faith compliance with a judicial order requiring  
          disclosure of the digital assets.  On the other hand, these  
          comments make clear that the custodian would not be immune from  
          direct liability due to noncompliance with a judicial order.
          8.  Electronic signatures

           This bill establishes procedures relevant to electronic records.  
           The Electronic Signatures in Global and National Commerce Act  
          (E-SIGN) (15 U.S.C. Sec. 7001 et seq.) establishes legal parity  
          between electronic records and signatures and their paper and  
          ink counterparts.  (R. A. Wittie, J. K. Winn, Electronic Records  
          and Signatures Under the Federal E-SIGN Legislation and the UETA  
           [as of Apr.  
          16, 2016].)  To the extent a state law effectively deviates from  
          E-SIGN's requirements for electronic transactions, E-SIGN  
          provides a two-prong approach for an exemption to preemption of  
          the state law.  The second prong, relevant to this bill,  
          requires all of the following:  
           the alternative procedures or requirements are consistent with  
            E-SIGN;
           as compared to E-SIGN, those procedures or requirements do not  
            require or give greater legal status or effect to  
            implementation or application of a specific technology or  
            technical specification for the functions of creating,  
            storing, generating, receiving, communicating, or  
            authenticating electronic records or electronic signatures;  
            and
           the state law specifically refers to E-SIGN.  (15 U.S.C. Sec.  








          AB 691 (Calderon)
          Page 24 of ? 


            7002(a)(2).)

          After the enactment of E-SIGN, NCCUSL took steps to protect its  
          uniform laws from E-SIGN preemption claims.  To meet the second  
          prong of E-SIGN's preemption test and provide a defense against  
          such claims, NCCUSL created a standard provision (known as "the  
          Standard Section") for its uniform acts that provide for  
          electronic records, agreements, or signatures.  The Standard  
          Section has already been included in a number of uniform acts  
          enacted by California, and is also included in this bill.   
          (Study L-750, Staff Memorandum 2013-14, Uniform Adult  
          Guardianship and Protective Proceedings Jurisdiction Act:   
          E-SIGN (Mar. 28, 2013) Cal. Law Revision Comm.  
           [as of Apr. 16,  
          2016] pp. 7-9.)

          9.  Opposition's concerns

           A coalition of privacy stakeholders are opposed to this bill and  
          argue that the prior version of the bill, which would have  
          adopted a different approach to the same problem by establishing  
          the Privacy Expectation Afterlife and Choices Act (PEAC), was  
          superior to the current version of the bill.  The opposition  
          states that, despite repeated requests and inquiries since last  
          September, they were not included in any subsequent discussions  
          of the bill.  As a result, the opposition contends that serious  
          privacy implications have not been adequately considered or  
          addressed.  The opposition urges the author to amend the bill  
          to: (1) require fiduciaries to specify the account for which  
          they are requesting records and provide an affidavit to the  
          custodian that the disclosure of the user's digital assets is  
          reasonably necessary for estate administration; (2) clarify  
          accessibility to the decedent's account or digital assets; (3)  
          clarify several definitions, including custodian, which is  
          currently overbroad and could apply to public libraries that  
          provide computers for public use; and (4) clarify that the bill  
          does not require a custodian to access a password protected or  
          encrypted account where the custodian does not already have such  
          access.


           Support  :  AOL; California Bankers Association; California  
          Chamber of Commerce; CompTIA; Google; Internet Association;  
          State Privacy and Security Coalition, Inc.; Yahoo








          AB 691 (Calderon)
          Page 25 of ? 



           Opposition  :  American Civil Liberties Union of California;  
          Consumer Federation of California; Consumer Watchdog; Electronic  
          Frontier Foundation; Privacy Rights Clearinghouse

                                        HISTORY
           
           Source  :  Facebook; TechNet

           Related Pending Legislation  :  None Known

           Prior Legislation  :

          SB 849 (Anderson, 2014) See Background.

          AB 5 (Evans, Chapter 5, Statutes of 2009) See Background.

           Prior Vote  :

          Senate Judiciary Committee (Ayes 7, Noes 0)
          Senate Judiciary Committee (Ayes 6, Noes 0)
          Assembly Floor (Ayes 79, Noes 0)
          Assembly Privacy and Consumer Protection Committee (Ayes 11,  
          Noes 0)
          Assembly Judiciary Committee (Ayes 10, Noes 0)

                                   **************