Unlike physical assets, the holders of digital assets rarely enjoy control over how those assets are used or distributed after their lifetime – even in the presence of a ‘social media will.’ This results, in large part, from the limited, contractual nature of the property interest individuals retain in digital assets as a result of the widespread use of restrictive end user license agreements and terms of service.
While these limitations have generated a broader debate about the extent of property interests and contractual limitations on individual ownership, one of the most contentious and recurrent concerns raised has been how digital assets are dealt with after death. Digital assets include properties like movies, music, and books in digital format, which have obvious economic value and are not owned. As they are licensed to the purchaser, they are merely a licensee and cannot bequeath that interest to another individual. The digital assets which have proved the most problematic to deal with after death are social media and email accounts as several recent cases have illustrated.
In the 2015 case of In re Facebook Ireland Ltd, the Berlin Regional Court granted the parents of a deceased minor access to her online profile to regulate the inheritance of digital assets in what was considered one of the first judicial considerations of how digital assets are dealt with after death. In that case, the deceased had reportedly given her account login details to her parents before her death but the company, having been informed of her death by a Facebook friend, “memorialised” her account after which it was effectively frozen and could only be deleted or remain unaltered, even in circumstances where the login details were known by a third party (in this case her parents).
The parents of the deceased requested access to her social media account, which Facebook refused as the page had been memorialised. The complainants subsequently sued to obtain access to the profile and the Landgericht Berlin upheld their complaint. The court ordered Facebook to grant the complainants access to the account, finding that Facebook lacked a legitimate interest in preventing such access, in particular as she had been a minor at the time of her death. The court noted the deceased’s rights of personality would not be sufficient to prohibit such an order noting that parents were responsible for the protection of such rights in cases involving minors. Nor did the court consider that data protection laws prevented access, dismissing Facebook’s argument that not only the deceased’s privacy but also the privacy of those with whom she communicated would be implicated, drawing an analogy to a private diary which formed part of an inheritance. Facebook appealed the decision and the Berlin Court of Appeal In re Facebook Ireland Ltd. 2, overturned the regional court’s decision finding that the respondents had no right of access to their daughters account or its contents under the communications secrecy law passed in 2009.
This approach would seem to stand in direct opposition to the US position expressed in the 2016 decision of the Massachusetts Appeals Court in Yahoo v Ajemian. In this case, the court ruled legal representatives of a deceased account holder could access messages to discern the deceased’s intent for their estate, without any express permission to do so. Yahoo argued that permitting such access was a violation of the privacy protections offered by the Stored Communications Act (SCA) as well as being in breach of the company’s terms of service. The Supreme Judicial Court found the SCA did not bar estate administrators from accessing electronic assets in order to perform their duties and acknowledged that while courts should “jealously” guard privacy this must be tempered by the public interest in access. The court concluded the SCA did not prohibit Yahoo from disclosing the contents of the account in these circumstances.
This decision would seem to contradict that of the US District Court for the Northern District of California in Re Request for Order Requiring Facebook, Inc to Produce Documents in which the court refused the family of a deceased account holder access, again citing the SCA and noting the Act did not compel Facebook to disclose information to the family as the information involved was not the property of the individual but rather information held by a third party.
In both the German and US cases the companies involved have cited privacy concerns as their main justification in preventing access to digital assets after death. This seems somewhat disingenuous given the extensive mining of individual communications, which many users incorrectly presume to be entirely private, and which such companies rely on to provide targeted advertising and thus ensure their profit model. In particular, Google, while defending claims that it had processed the content of emails to provide targeted advertisements in a manner which violated the privacy of its users argued, in a line redolent of the US third-party doctrine, that individuals could have no legitimate expectation of privacy in information disclosed to third parties and thus could not be surprised if their emails were processed in this manner.
Nor is a privacy argument necessarily tenable on substantive grounds. At common law, privacy is a personal right and as such does not survive death as a cause of action for its breach is neither assignable nor descendible. Thus, a decedent’s family or friends could not sue email or social networking service providers for a violation of privacy rights but neither could a service provider claim a privacy interest of the account holder in refusing to disclose the contents of an account. Equally, while data protection laws will apply to an individual’s digital assets during their lifetime those laws cease to apply on death as data protection rights are also considered personal rights. An argument for refusal based on privacy could, however, be pleaded in relation to the rights of those other users whose communications would be revealed, although as the decisions of the court of first instance and court of appeal in the German case illustrate, the success or otherwise of such arguments will depend on both the legislation governing inheritance and communications in individual jurisdictions.
Several US States, most notably Connecticut have sought to minimise this jurisdictional uncertainty by adopting statutes based on the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA) a model law developed by the Uniform Law Commission to enable fiduciaries to manage digital assets of deceased or incapacitated individuals. Others, like Rhode Island and Delaware, have enacted their own legislation enabling family members to access digital accounts of deceased relatives and pass digital assets in wills.
However, no federal legislation has provided the necessary clarity as to the position more generally. The EU, which has yet to consider such issues in Union law, is similarly placed for a legislative reckoning with what, if any, digital assets are heritable. Perhaps more significant will be the need to engage with whether the public interest in permitting fiduciary access in certain situations will cause the courts to reconsider the limits of freedom of contract in situations where individuals contract for digital assets.
Róisín Costello graduated from the Trinity College School of Law with first class honours and holds Masters degrees in International Affairs and Law from the Institut d’études politiques de Paris and Georgetown Law respectively. During her LLM at Georgetown Róisín was a research assistant for the Georgetown Centre on Privacy and Technology Law and a Consumer Protection and Public Interest clerk at the Electronic Privacy Information Centre in Washington DC. Following graduation Róísín worked in law and policy in London and Dublin including acting as a local expert for the World Bank Report on Women, Business and the Law, and as a policy analyst with the Institute for International and European Affairs. Róisín is currently undertaking her Ph.D. at Trinity College where her research focuses on the impact of digital technologies on fundamental rights and the Rule of Law in the United States and the European Union.
 See, Jacoba Urist ‘The Social Media Will: An Expert Guide to Your Digital Afterlife’ The Atlantic, 14 May 2012, https://www.theatlantic.com/technology/archive/2012/05/the-social-media-will-an-expert-guide-to-your-digital-afterlife/257112/
 In re Facebook Ireland Ltd, Landgericht Berlin, No. 20 O 172/15, opinion filed 12/22/15
 See, Memorialized Account, at https://www.facebook.com/help/1506822589577997
 In re Facebook Ireland Ltd., Kammergericht, No. 21 U 9/16, appeal filed, 2/1/16
 Yahoo v Ajemian 84 N.E.3d 766 (Mass. 2017), cert. denied, No. 17-1005, 2018 WL 489291 (U.S. Mar. 26, 2018). See also, Ajemian v YahooInc; Massachusetts Supreme Judicial Court Holds that Personal Representatives May Provide Lawful Consent for Release of a Decedent’s Emails, Harvard Law Review at https://harvardlawreview.org/2018/05/ajemian-v-yahoo-inc/
 18 USC 2701
 Re Request for Order Requiring Facebook, Inc to Produce Documents and Things, Case no C12-80171 LHK (PSG)(20 September 2012) US District Court, Northern District of California, San Jose Division
 In re Google Inc Gmail Litig., 936 F. Supp. 2d 1381, 1382 (J.P.M.L. 2013). See also, Jessica Guynn, Google Must Face Suit over Scanning of Messages in Gmail, Judge Rules, LA TIMES, http://articles.latimes.com/2013/sep/26/business/la-fi-tn- google-gmail-scanning-lawsuit-judge-ruling-20130926.
 Public Act No. 16-145 at https://www.cga.ct.gov/2016/ACT/PA/2016PA-00145-R00HB-05606-PA.htm. See also, James D Lamm, Christina L Kunz, Damien A Riehl, Peter John Rademacher, ‘The Digital Death Conundrum: How Federal and State Laws Prevent Fiduciaries from Managing Digital Property,’ 68 University of Miami Law Review (2014) 385.
 HB 5443 (2017) at http://webserver.rilin.state.ri.us/BillText17/HouseText17/H5443.pdf
 HB 345 (2014) at http://www.legis.delaware.gov/BillDetail?legislationId=23219
 See generally, Damien McCallig, ‘Facebook after death: an evolving policy in a social network,’ 22(2) International Journal of Law and Information Technology (2014) 107