Uniform Access to Digital Assets by Fiduciaries Act - Final Report of the Working Group (2016)
The Uniform Access to Digital Assets by Fiduciaries Act addresses four types of fiduciaries: a personal representative of a deceased’s estate, a guardian appointed for an account holder, an attorney acting under a power of attorney and a trustee. The Uniform Act confirms that the usual powers of fiduciaries extend to digital assets, with whatever practical implications that extension may have. The Uniform Act does not deal with any other efforts to access digital assets. Family members, friends or other interested persons may seek access, but, unless those persons are fiduciaries, their efforts will be subject to other laws and will not be covered by the Uniform Act.
Digital assets held by individuals are increasing in number and value. A digital asset may be defined as anything that is stored in a binary format or more simply an electronic record. When a person dies or becomes incapacitated, a fiduciary such as a personal representative, guardian, attorney or trustee needs access to these electronic records in order to properly administer the property of the deceased or incapacitated person.
At present, the law does not deal adequately with how fiduciaries may gain access to these digital assets. Neither the right of fiduciaries to deal with digital assets, nor the duty of custodians of digital assets to provide fiduciaries with access to digital assets, is clear to everyone in the digital world. This is becoming more important as we experience the greying of our population and as digital assets held by all individuals in our society increase.
The general goal of the Act is to facilitate fiduciary access while respecting the privacy and intention of the account holder. The Act adheres to the traditional approach of trusts and estates law, which respects the intention of the account holder. The Act also promotes the fiduciary’s ability to administer the account holder’s property in accord with legally binding fiduciary duties.
The scope of the Act is inherently limited by the definition of “digital assets.” The Act applies only to electronic records. The application of the Act does not extend to the underlying tangible asset or liability unless it is itself an electronic record.
The Act is divided into 10 sections.
Section 1 defines terms used in the Act.
Section 2 governs applicability, clarifying the scope of the Act, which fiduciaries have access to digital assets under the Act and the application of the Act to custodians. The Act addresses only the rights of the four types of fiduciaries, and it is designed to provide access without changing the ownership of the digital asset.
Sections 3 to 5 establish the rights of personal representatives, guardians, attorneys acting in accordance with a power of attorney, and trustees to access digital assets. A personal representative has access to all of the deceased’s digital assets unless the deceased has expressly indicated otherwise in a will or other document. A guardian may access digital assets in accordance with a court order. An attorney acting in accordance with a power of attorney has access to all of a donor’s digital assets not subject to the protections of other applicable law unless the donor expressly indicated otherwise; if another law protects the asset, then the power of attorney must explicitly grant access to the asset. A trustee may access any digital asset held by the trust unless that access is contrary to the terms of the trust or to other applicable law. The duties imposed by law on fiduciaries that apply to tangible assets also apply to digital assets.
Section 6 provides that a provision in a service agreement is unenforceable if the provision limits access contrary to this Act.
Section 7 addresses the obligation of a custodian to provide access to a fiduciary of an account holder and other compliance matters.
Section 8 allows a fiduciary to apply to the court for directions.
Section 9 provides custodians with protection from liability.
Section 10 allows for regulations.
Uniform Access to Digital Assets by Fiduciaries Act (2016)
- Application of Act
- Fiduciary’s right to access digital assets
- Fiduciary’s duties in relation to digital assets
- Fiduciary authority
- Agreement unenforceable if access limited
- Access to digital asset
- Fiduciary may apply to court for directions
- Custodian liability protection
1 In this Act:
“account holder” means an individual who has entered into a service agreement with a custodian;
Comment: An “account holder” includes a deceased individual who entered into the agreement during the individual’s lifetime.
“court” means the [superior court of the enacting jurisdiction];
“custodian” means a person who holds, maintains, processes, receives or stores a digital asset of an account holder;
Comment: A “custodian” includes any online service provider as well as any other person that holds, maintains, processes, receives or stores electronic data of an account holder. A custodian does not include most employers because an employer typically does not have a service agreement with an employee.
“digital asset” means a record that is created, recorded, transmitted or stored in digital or other intangible form by electronic, magnetic or optical means or by any other similar means;
Comment: As records may exist in both electronic and non-electronic formats, the definition of “digital asset” clarifies the scope of the Act and the limitation on the type of records to which the Act applies. The term applies to existing records and technologies and to new kinds of records and technologies that may be invented in the future. It refers to any type of electronically stored information, such as
1) any information stored on a computer and other digital devices,
2) content uploaded onto websites, ranging from photos to documents,
3) rights in digital property, such as domain names or digital entitlements associated with online games and material created online.
The fiduciary’s access to a record defined as a digital asset does not entitle the fiduciary to own the asset or otherwise engage in transactions with the asset. Consider, for example, funds in a bank account or securities held with a broker or other custodian, regardless of whether the bank, broker or custodian has a brick-and-mortar presence. This Act affects records concerning the bank account or securities, but does not affect the authority
to engage in transfers of title or other commercial transactions in the funds or securities, even though such transfers or other transactions might occur electronically. This Act simply reinforces the right of the fiduciary to access all relevant electronic communications and the online account that provides evidence of ownership or similar rights. An entity may not refuse to provide a fiduciary with access to online records any more than the entity may refuse to provide the fiduciary with access to hard copy records.
“fiduciary”, in relation to an account holder, means
(a) a personal representative for a deceased account holder,
(b) a guardian appointed for an account holder,
(c) an attorney appointed for an account holder who is the donor of the power of attorney, or
(d) a trustee appointed to hold in trust a digital asset or other property of
an account holder;
Comment: A “fiduciary” refers to the four types of fiduciaries to whom the Act is intended to apply. However, jurisdictions may wish to include separate definitions for each type of fiduciary depending on their Interpretation Act or the meaning given to various terms. A fiduciary is defined as a person. A fiduciary under this Act occupies a status recognized by the law in each jurisdiction, and a fiduciary’s powers under this Act are subject to the relevant limits established by other laws within each jurisdiction. Jurisdictions should insert the appropriate term for a person named in a fiduciary capacity to manage another’s property (for example, in Quebec the term “liquidator” may be used) and the appropriate term for the individual that would be subject to a guardianship order or comparable
proceeding (such as a guardian or curator).
In the definition of “fiduciary”, the term “guardian” is not intended to apply to guardians of a minor who is not deceased and should be defined as it is intended to apply in each jurisdiction. As well, depending on the jurisdiction, this Act is intended to apply to the Public Guardian and Trustee when that office is acting as a trustee or personal representative. Finally, the term “trustee” is not intended to apply to a trustee in bankruptcy.
“record” includes [to be defined by the jurisdiction if not defined in the
general Interpretation Act for the jurisdiction];
Comment: The term “record” should be defined by the jurisdiction if not defined in the Interpretation Act for the jurisdiction.
The term “information” is not defined. However, a jurisdiction may determine that it wishes to define the term to clarify what information the Act applies to.
“service agreement” means an agreement between an account holder and a custodian.
Application of Act
2 (1) This Act applies in relation to the following:
(a) a personal representative for a deceased account holder who died before, on or after the date this Act comes into force;
(b) a guardian appointed for an account holder, whether appointed before, on or after the date this Act comes into force;
(c) an attorney appointed under a power of attorney made before, on or after the date this Act comes into force;
(d) a trustee acting under a trust created before, on or after the date this Act comes into force;
(e) a custodian of, or a person who may be a custodian of, a digital asset created, recorded, transmitted or stored before, on or after the date this Act comes into force.
(2) For certainty, this Act does not apply to an employer’s digital asset that is used by an employee in the ordinary course of the employer’s business.
Comment: This Act applies to fiduciaries who are appointed or instruments that take effect before, on or after the Act comes into force. The Act also applies to custodians and persons who may be custodians of digital assets created, recorded, transmitted or stored before, on or after the Act comes into force. This Act does not change the substantive rules of other law, such as contractual capacity, incapacity, agency, banking, guardianship, contract, copyright, criminal, fiduciary, privacy, probate, property, security, trust, or other applicable law, except to vest fiduciaries with authority, according to the provisions of this Act.
Section 2 (2) clarifies that the Act does not apply to an employer’s digital assets that are used by an employee in the ordinary course of the employer’s business. The Act does not apply to a fiduciary’s access to an employer’s internal email system.
Fiduciary’s right to access digital assets
3 (1) Subject to subsections (2) to (4) and consistent with the source of authority in section 2 (1), the fiduciary of an account holder has the right to access a digital asset of the account holder.
(2) Subject to subsection (4), the fiduciary’s right of access under subsection (1) is subject to the terms of the following, as applicable, that give instructions in relation to the right of access:
(a) the will of the deceased account holder;
(b) [a grant of administration of estate as referred to in the enacting jurisdiction];
(c) a guardianship order;
(d) the power of attorney;
(e) the trust;
(f) an order of the court.
(3) Subject to subsection (4), the fiduciary’s right of access under subsection (1) is subject to instructions in a provision in the service agreement that limits a fiduciary’s access to a digital asset of the account holder if the account holder assents to the provision
(a) on or after the date this Act comes into force, and
(b) by an affirmative act separate from the account holder’s assent to other provisions of the service agreement.
(4) If more than one instruction in relation to the fiduciary’s right to access a digital asset has been given in an order or other document referred to in subsection (2) or given by assent described in subsection (3), the fiduciary’s right to access the digital asset is subject to the most recent instruction.
(5) For the purposes of this section, instructions under a provision of a service agreement may not be given or inferred to have been given by an account holder merely by accessing a digital asset or using an account.
Comment: A fiduciary’s right to access digital assets is subject to the terms of the instrument empowering the fiduciary, such as the will, guardianship order, power of attorney, trust or an order of the court. Each jurisdiction should determine the appropriate term for the instrument it allows to appoint a fiduciary.
Section 3 (4) provides that the “last-in-time” instrument or order takes precedence over any earlier instrument, order or online instructions of an account holder.
Fiduciary’s duties in relation to digital assets
4 The duties imposed by law on a fiduciary in relation to tangible personal property, including requirements on the performance of those duties, also apply to the fiduciary in relation to the digital assets of the account holder.
Comment: Section 4 clarifies that the legal duties imposed on a fiduciary for tangible property also apply to digital assets. A fiduciary’s powers under this Act are subject to the relevant limits established by other laws within each jurisdiction.
5 (1) A fiduciary who has the right under this Act to access a digital asset of an account holder
(a) may, subject to any applicable law, take any action concerning the digital asset that could have been taken by the account holder if the account holder were alive and of full capacity,
(b) is deemed to have the consent of the account holder for the custodian to divulge the content of the digital asset to the fiduciary,
(c) is deemed to be an authorized user of the digital asset.
(2) Unless an account holder assents, on or after the date this Act comes into force and by an affirmative act separate from the account holder’s assent to other provisions of the service agreement, to a provision in the service agreement that limits a fiduciary’s access to a digital asset of the account holder,
(a) any provision in the service agreement that limits the fiduciary’s access to the digital asset of the account holder is void, and
(b) the fiduciary’s access under this Act to a digital asset, despite the service agreement, does not require the consent of any party to the service agreement and is not a breach of any provision of the service agreement.
(3) If a fiduciary has authority over an account holder’s tangible personal property that is capable of holding, maintaining, receiving, storing, processing or transmitting a digital asset, the fiduciary
(a) has the right to access the property and any digital asset stored in it,
(b) is deemed to be an authorized user of the property.
Comment: This section establishes that a fiduciary may take any action concerning a digital asset to the extent of the authority of the account holder and the power of the fiduciary under the law of the applicable jurisdiction.
Generally, the right of access includes accessing the asset, controlling the asset, and copying the asset to the extent permitted by copyright law. As well, the fiduciary is deemed to have the consent of the account holder for the custodian to divulge the content of an electronic communication. Finally, section 5 (1) (c) states a fiduciary is deemed to be an authorized user of the digital asset.
It should be noted that section 342.1 of Canada’s Criminal Code makes the unauthorized use of a computer a crime only if the computer is accessed fraudulently and without “colour of right”. Section 342.1 reads:
Unauthorized use of computer
342.1(1) Everyone is guilty of an indictable offence and liable to imprisonment for a term of not more than 10 years, or is guilty of an offence punishable on summary conviction who, fraudulently and without colour of right,
(a) obtains, directly or indirectly, any computer service;
(b) by means of an electro-magnetic, acoustic, mechanical or other device, intercepts or causes to be intercepted, directly or indirectly, any function of a computer system;
(c) uses or causes to be used, directly or indirectly, a computer system with intent to commit an offence under paragraph (a) or (b) or under section 430 in relation to computer data or a computer system; or
(d) uses, possesses, traffics in or permits another person to have access to a computer password that would enable a person to commit an offence under paragraph (a), (b) or
This means that a fiduciary exercising their duties is not in violation of Canadian law.
For further clarification, when a fiduciary obtains information of a digital asset, it is not a disclosure of personal information that affects the account holder’s right to privacy. No privacy legislation is affected. The fiduciary is obligated to obtain the information to fulfill their duties.
In order to limit fiduciary access to a digital asset in a service agreement, an affirmative act separate from the account holder’s agreement to other provisions of the agreement is required. Further, any provision in a service agreement that limits the fiduciary’s access to a digital asset of the account holder is void. The section clarifies that fiduciary access under this Act is not a violation or breach of a service agreement.
Agreement unenforceable if access limited
6 Despite any other applicable law or a choice of law provision in a service agreement, a provision in a service agreement is unenforceable against a fiduciary to the extent that the provision limits, contrary to this Act, a fiduciary’s access to a digital asset.
Comment: Despite any other law or a choice of law provision in a service agreement, a provision in a service agreement that limits a fiduciary’s access to a digital asset is unenforceable against a fiduciary acting under the Act.
Access to digital asset
7 (1) A fiduciary with a right under this Act to access a digital asset of an account holder may request access from the custodian of the digital asset by making the request in writing and by including with the request [authenticated copies of the documents relevant for the enacting jurisdiction].
(2) A custodian must provide the fiduciary with access to the digital asset of the account holder within 30 days after receipt of the request made under subsection (1) and the applicable document.
Comment: Section 7 imposes on a custodian the obligation to provide access to a fiduciary with a right of access under this Act. It further sets out the documentation that must accompany the fiduciary’s request to access a digital asset of an account holder. For example, if there is a will providing that an individual is a personal representative, a notarized copy of the death certificate and will setting out that the individual is authorized to administer the estate may be required. If there is no will (intestacy), a fiduciary may be required to provide a notarized copy of the death certificate and documents setting out that the fiduciary is the individual authorized to apply for administration of the estate.
The general electronic commerce legislation of each enacting jurisdiction should allow for the writing requirement to be satisfied electronically. Each jurisdiction should refer to its relevant legislation. An “authenticated” copy may include whatever process confirms that the document is a true copy of the original.
Fiduciary may apply to court for directions
8 (1) A fiduciary may apply to the court for directions in relation to the fiduciary’s right to access a digital asset of the account holder.
(2) A fiduciary who follows the directions of the court is discharged with respect to the subject matter of the directions unless the fiduciary is guilty of fraud, wilful concealment or misrepresentation in obtaining the directions.
Comment: Section 8 allows a fiduciary to apply to the court for directions. A fiduciary who follows the directions of the court is protected from liability.
Custodian liability protection
9 A custodian who complies with this Act, the regulations or any order of the court made under this Act is not liable for a loss arising from anything done or omitted from being done, unless it was done or omitted from being done in bad faith.
Comment: Section 9 provides a custodian with liability protection. However, a jurisdiction may address what form of liability protection is consistent with its legislation.
10 The [regulation-making authority for the jurisdiction] may make regulations as follows:
(a) respecting the provision of information by a person, on the request of a fiduciary, as to whether the person is a custodian of a digital asset of another person for whom the fiduciary is acting;
(b) respecting fees that may be charged by a custodian for the provision of access to a digital asset of an account holder by a fiduciary or by a person referred to in paragraph (a) who is responding to a request for information.
Comment: Section 10 allows for regulations. Regulations may relate to information on whether a person is a custodian of a digital asset of an account holder or to fees charged by a custodian for providing access.
11 [in accordance with the practices of the jurisdiction]
Comment: The manner by which the Act is brought into force will be in accordance with the legislative practices of the enacting jurisdiction.