Legacy Locker

We’ve been receiving a lot of questions lately as to why Legacy Locker doesn’t “guarantee” user data against loss, corruption, theft or other shenanigans.

That got us thinking – Why don’t we guarantee our members’ content?  The easy answer is that our lawyers told us not to because it would expose us to all kinds of liability.  So, we never really put a lot of thought into any such guarantees. But then we asked ourselves: Should we guarantee? Is it the “right” thing to do?  Or are we just being paranoid and trying to cover our…ass..ets…in the event disaster strikes?

Aside from the legal implications, any security breach would be disastrous.  We pride ourselves on the security apparatus we have already put into place.  Practically speaking, it is far superior to what most other websites currently employ.  But what about other websites we all use every day?  We depend on them to ensure our data is protected, and they depend on our trust.   This begs the question: Do any of the major websites guarantee our stored information?

For banking institutions and credit card companies, it is good business to reimburse their customers if someone hacks into an account, steals an ATM card or “phishes” credit card numbers off an unsecure connection.  These companies understand that they MUST do something to instill trust in the system.  That’s why they agree to make you whole again: not because they’re legally liable, but because it’s just good business. But the question remains (FDIC Insurance aside): Are they legally responsible for reinstating your trust and funds? I thought so until I read the fine print.

I was surprised to discover that not one of the major websites (Google, Facebook, Yahoo, Citibank, etc.) assumes liability for the content you store online; the banks don’t either.  All have pretty strong language in their Terms of Service that eliminate their liability from just about anything and everything (including Yahoo’s disclaimer about seizures that may result from looking at the monitor for too long).

Essentially, they’re all the same.  It’s fairly boilerplate language that encompasses two main themes: Full disclaimer of warranties and complete limitation of liability.

Disclaimer of Warranties – this means that the site is provided to you “as is” and the user has no reasonable expectation that the website will function properly, protect your stored data or be free from error.  It’s similar to buying a piece of property with a quitclaim deed. No warranties or guarantees. You’re buying it how it is and have no right to protest if it doesn’t work to your expectations.

Limitation of Liability – When using these sites, you are agreeing they will not be liable for just about any type of damage or loss you may incur.  These limitations extend to loss of profit, goodwill or business reputation, or other intangible losses.

Facebook is a different kind of animal than other more traditional storage websites.  Specifically, they do not guarantee that User Content you post on the site will not be viewed by “unauthorized persons” and it is not responsible for circumvention of any privacy or security measures contained on the site.  You should also know that even after you deactivate your account, your content may be cached and archived, thus still viewable.

So although online content is rarely, if ever, subject to an all-inclusive guarantee, our security infrastructure is superior to best practices because, above all, we respect our clients and their information, and have utilized every known strategy in protecting their sensitive data.

Below are links to some major websites’ Terms of Service regarding protection of your valuable data.

We would love to hear your thoughts on the matter.

Gregg Delman
Director of Business Development

Facebook

Google

Yahoo!

Citibank Online

ING

Lastpass.com

Please note that the material contained in this blog is not legal advice and is not to be relied upon in a court of law. Furthermore, any federal tax advice contained in this communication, including attachments and enclosures, is not intended or written to be used, and may not be used, for the purpose of (i) avoiding tax-related penalties under Internal Revenue Code or (ii) promoting, marketing or recommending to another party any tax related matters addressed herein.

An interesting article went live on the NYT Gadgetwise blog yesterday about a subject near and dear to our business; specifically the piece was about dealing with the digital afterlife, and what is referred to as “morning after” messaging.  The article referred to Legacy Locker (and a few other sites) and stated “many of them charge an annual fee and there’s no guarantee that the companies will outlast your lifetime.”   Following that brusque dismissal, the focus of the piece is on the opinion of Adele McAlear, a marketing and social media expert.

Adele raises many excellent questions regarding digital life and the importance of planning for the future of your digital assets. She also provides several suggestions on how to plan for that future.  However, we believe that while the advice is good in theory, the practical implications are fairly lacking, here are some specific examples.

From Gadget Wise:

“Ms. McAlear recommends leaving your final instructions as an encrypted file on your computer or place them in a sealed envelope or safety deposit box. ‘Just make sure that your digital executor knows where to look and will remember the password,’ she said.”

This sounds like a great idea – except that practically speaking, there’s no easy way to do any of those things.  An encrypted file on a computer is subject to security breaches, hard drive failures, accidental deletion, and a host of other issues.  And finding a digital executor who “knows where to look and will remember the password…”?  Sounds good, but it’s missing the “How, exactly, would this happen?”  It’s a great suggestion with no practical way to execute it.

In my case for instance, nobody knows how my computer’s folder structure works except me.  My PC is personal and private, both by intention and by happenstance.  By the same token, I wouldn’t be able to find anything on my wife’s computer unless she tells me where to look. Also, it’s entirely possible that I don’t want a single individual to administer all of my accounts.  Maybe my wife should handle my Facebook and my email accounts, but my close friend and business partner should administer my blog or sell my domain names.

Essentially, what this post is suggesting is precisely what Legacy Locker does, only without the infrastructure or processes, and without any security, backup, redundancy, or ease of access. Consider:

• Legacy Locker lets you add as many individual accounts (“digital assets”) as you like, including things like your email addresses, your Flickr and Facebook, even the password to your PC
• Each of those assets can be assigned to different beneficiaries who will administer those accounts, and each asset can include accompanying instructions like “please delete my profile here” or “please contact all my friends to let them know when the funeral will take place”
• Legacy Locker has secure encryption and redundant storage for these assets to make sure no gets access to them until they’re supposed to
• Only the information specified will go to a given beneficiary, and you can select as many beneficiaries as you like
• Information and assets are automatically delivered after the account holder’s death is confirmed.  That’s as opposed to a letter in a safety deposit box that might lie unopened, or an encrypted file that’s likely to stay encrypted because someone forgot the password

The post further suggests that everyone

“… keep an inventory of all your log-ins and passwords for all your accounts, such as e-mail, social networks, photo- and video-sharing sites, blogs, Web sites, forums, online gaming, Skype, IM, PayPal, eBay and so on.”

My question is, where should they keep that stuff?  In an excel spreadsheet on your hard drive?  That’s subject to theft, failure, corrupted files, loss, accidental deletion, and numerous other dangers.  Write them down on scraps of paper and keep them in your safety deposit box?  That’s incredibly inefficient, hard to update,  and hard to keep track of (I can’t even think of the last time I went to my bank’s branch during work hours – can you?).

The post also tells us to

“Be sure to specify what you would like to be done with your digital legacy. Do you want your accounts closed? Status changed? Avatars removed?”

Again, while we agree that this is the right thing to do, we think Legacy Locker is the simplest, most straightforward way to actually get it done.  Our service allows you to, in a simple, step-by-step manner, methodically add all of your digital assets to your locker, create special instructions, and specify the appropriate recipient to a given asset.  Without Legacy Locker, a person concerned with their digital accounts after their passing have a lot of hoops to jump through in order to ensure that:

1. their digital assets are accounted for
2. there’s a good way for someone to actually receive those assets
3. the storage and eventual transfer of that information is secure, redundant and up to date

Towards the end, an additional suggestion reads:

“You would do best to choose someone who is Internet savvy and understands how social networks and online accounts function…”

Once again, that’s a great suggestion.  But those people don’t exactly grow on trees.  Not everyone has access to a trusted person who who is a social media expert and techno-whiz, and is also a person with whom you trust your entire digital life. In some ways, this is like telling everyone that instead of seeing a doctor professionally, they should be friends with someone who has medical training and have them treat you when you’re ill.  Or to be friends with someone who’s good at “fixing stuff” rather than see a mechanic when your car starts to spurt smoke from under the hood.

We live in a society of specialization, where professionals become educated and experts in their respective fields.  Legacy Locker is a team of experts who specialize in the best, most secure way to transfer digital information in the event of death or disability.  Trying to ad-hoc a process for transferring critical information is likely to result in loss of data, security failure, and / or a serious imposition on someone you’re trying to shoe-horn into a role that may not be comfortable for them.  Legacy Locker allows you to break parts of your digital legacy into discrete chunks, store and transfer those securely, and apportion them to the people most appropriate to a given task.

We started Legacy Locker for a reason.  There simply was no good way to ensure that the content, accounts, information and other paraphernalia of digital life will be managed or transferred in the event of your death.  We agree with every one of the concerns raised in the NYT article – it’s precisely because of those same concerns that we started this company.  We take this problem very seriously, and we work hand in hand with estate planning attorneys and other estate planning professionals to ensure that we are in lock step with the practical realities of digital estate planning. These are the right questions.  But without Legacy Locker, they’re not the right answers.

Last Friday, our CEO and Founder Jeremy Toeman presented the case for Legacy Locker to a room packed with estate planning attorneys from around the country at the American Bar Association’s (ABA) Real Property Trust and Estate Joint Tax Conference. The ABA is the largest voluntary professional association in the world. With more than 400,000 members, the ABA provides law school accreditation, continuing legal education, information about the law, programs to assist lawyers and judges in their work and initiatives to improve the legal system for the public.

Jeremy’s speech reinforced the idea that online assets have value, and estate planners now need to ensure their client’s online content is protected and preserved. The topic focused on the tangible value of online accounts and assets, how they should be incorporated into estate plans and how Legacy Locker is a valuable tool toward that end.

Panelist Members Included:

Moderator:
Karin C. Prangley, Krasnow Saunders Cornblath LLP, Chicago, IL

Panelists:
Robert N. Karelitz, Fiduciary Trust, Boston, MA
Karin C. Prangley, Krasnow Saunders Cornblath LLP, Chicago, IL
Jeremy Toeman, Legacy Locker, San Francisco, CA

Jeremy speaks about the importance of online assets and Legacy Locker from Jeremy Toeman on Vimeo.

Governments are traditionally behind the curve when it comes to formulating policy around new technology. That is why I was surprised to learn that states like Connecticut, Indiana and Rhode Island now require websites (the “custodians” of electronically stored documents or information) to provide the estate’s personal representative access to online content.

Indiana’s official provision is *IC 29-1-13-1.1* :

* Electronically stored documents of deceased
* Sec. 1.1. (a) As used in this section, “custodian” means any person who electronically stores the documents or information of another person.
(b) A custodian shall provide to the personal representative of the estate of a deceased person, who was domiciled in Indiana at the time of the person’s death, access to or copies of any documents or information of the deceased person stored electronically by the custodian upon receipt by the custodian of:
(1) a written request for access or copies made by the personal representative, accompanied by a copy of the death certificate and a certified copy of the personal representative’s letters testamentary; or
(2) an order of a court having probate jurisdiction of the deceased person’s estate.
(c) A custodian may not destroy or dispose of the electronically stored documents or information of the deceased person for two (2) years after the custodian receives a request or order under subsection (b).
(d) Nothing in this section shall be construed to require a custodian to disclose any information:
(1) in violation of any applicable federal law; or
(2) to which the deceased person would not have been permitted access in the ordinary course of business by the custodian.
/As added by P.L.12-2007, SEC.1./

Parsing the legalese for a moment, this means that the State of Indiana now officially recognizes the value in requiring the inclusion of online assets into the gross estate. Connecticut and Rhode Island have similar provisions but only apply to email accounts (please email me if you know of any additional states). Furthermore, the Indiana provision outlines the elaborate procedure for actually gaining access to online content in Section (b). This could potentially increase the cost of wrapping up an estate due to the burdensome and time consuming procedure for accessing these online assets.

A major issue that I have not seen discussed yet is that Indiana’s progressive measure sets up a conflict between what the State of Indiana wants for their citizenry and what websites will actually disclose. Section (d) Sub 1 & 2 basically take the teeth out of this provision by not requiring disclosure if such disclosure violates applicable federal law (i.e. Digital Millennium Copyright Act) or the decedent would not have been permitted access during the normal course of business (i.e. violates a website’s Terms of Service or Privacy Policy). The latter is a shakier argument but may still work if a website can successfully assert that the deceased had a license to use said website and that license expired upon death.

States like Connecticut, Indiana and Rhode Island want your next of kin to have access to online content and you need to help ensure it. You don’t want your loved ones to be denied access because a website asserts a provision like Indiana’s Section (d) Sub 1 or 2 as a valid exception to enforcement of probate code. Legacy Locker is the perfect resource to circumvent such an escape clause completely and allow your estate representative to include online content into your cumulative estate.

Gregg Delman
Director of Business Development

Disclaimer:
This Blog/Web Site is made available by Legacy Locker, Inc. for educational purposes only, not to provide legal advice. The Blog/Web Site should not be used as a substitute for competent legal advice from a licensed professional attorney in your state.

Please note that the material contained in this blog is not legal advice and is not to be relied upon in a court of law. Furthermore, any federal tax advice contained in this communication, including attachments and enclosures, is not intended or written to be used, and may not be used, for the purpose of (i) avoiding tax-related penalties under Internal Revenue Code or (ii) promoting, marketing or recommending to another party any tax related matters addressed herein.