When I was finishing law school and starting to practice law in the early to mid-1990s, my favourite television show was “Seinfeld.” It satirically and cleverly poked fun at the simple quirks of human behaviour. One of my favourite episodes was when “George” refused to tell anyone his banking password, even if it meant saving someone from a fire in a burning ATM vestibule. No matter what, George would not tell anyone his password, even as people around him demanded he give it to them.
Fast forward 30 years, and we have a modern example of how everything in life nowadays is like a Seinfeld episode come true. As we have become more and more reliant on technology in our everyday lives, our laws and the way we handle legal matters needs to reflect this new e-commerce or e-business reality.
This blog will discuss how lawyers and their clients need to consider new issues when faced with the old standard questions and answers when preparing powers of attorney and wills. The concepts of “digital assets” and “digital information” cannot be a foreign one to us, as the digital age is well upon us. If we do not adapt to it, well, we know what happens with outdated business models: have you gone into a local video store in the past 15 years? Do they even exist, for that matter?
When I meet with clients to help them with estate preparation (doing their powers of attorneys, their wills, or both), I ask them a list of standard questions about what they own and what they owe. As you can imagine, many clients are initially reluctant to tell me about how much money they have in their bank account, their investments and other assets, or their mortgage details, car loan payments, or other debts. There are 3 main reasons I ask for this information:
- Depending upon the asset (or the debt), I need to be aware of how to properly phrase the estate document to address the asset (or debt) upon the person becoming unable to manage the asset or debt, or upon the person’s death. Knowing whether the house is owned in one person’s name, is held jointly with someone, or is not actually owned but is rented/leased, will assist me in allowing the attorney or the executor (as the case may be) to handle the asset, i.e. can it be sold, does it automatically go to someone else upon death, or is there something totally different to consider – these are issues I need to address;
- The information I gather about the person’s estate (their assets and their debts) helps assure me, or others who review the estate preparation documents, that the client is/was mentally competent to instruct me as they knew what assets and debts they had and how to deal with them. As an example, on some occasions I will get a client who tells me they own a home at “123 Any Street East,” only to find out they owned 30+ years go, or they tell me they are a part owner of the Rogers (Skydome) Stadium, and have a million dollars in stolen drug money in the Cayman Islands when they were a hitman for the mob (these are actual statements that were made to me that were not true). Alas, without mental competency, your will or power of attorney will not be valid.
- The information I gather about the person’s estate (their assets and their debts) helps their attorneys and/or executors with a “starting place” to go to manage the person’s affairs upon incapacity or death. The questions I ask and the answers they give me acts as an initial “repository of information” to allow them to discharge their duties.
The fact that some of the assets or debts that people now have are in digital form does not take away from the need to do the same exercise with them. In the client’s will that I prepare, I specify exactly what a “digital asset” is, both for the benefit of the client and for all those who will read it or be guided by it later on. I state the following:
The term “digital assets” includes files stored on my digital devices, including but not limited to, desktops, laptops, tablets, peripherals, storage devices, mobile telephones, smartphones, and any similar digital device which currently exists or may exist as technology develops or such comparable items as technology develops. The term “digital assets” also includes, but is not limited to, emails received, email accounts, digital music, digital photographs, digital videos, software licenses, social network accounts, file sharing accounts, financial accounts, domain registrations, DNS service accounts, web hosting accounts, tax preparation service accounts, online stores, affiliate programs, other online accounts and similar digital items which currently exist or may exist as technology develops or such comparable items as technology develops, regardless of the ownership of the physical device upon which the digital item is stored.
In doing this exercise, I have come to add several modern questions to my list of questions that I would not have asked even a few years ago:
- What social media profiles do you have?
e.g. Facebook, LinkedIn, SnapChat, YouTube Channel, Tik Tok, etc. (to name but a few)
- What digital assets do you own?
e.g. Bitcoin, Cryptocurrency, NFTs (non fungible tokens), etc.,.
- Do you have a digital password for all your devices and for all your online digital accounts, and where do you have them recorded/stored?
Although the first two points are important for their own reasons, I will leave those for another day and another blog to explore in greater detail. For now, I will focus solely on the third item – digital passwords.
If you are like the vast majority of the public, whether you like it or not, you do most of your day-to-day living online. If so, then you are certainly familiar with the need for a digital password. And when I say “password” it could mean a combination of letters, a combination numbers, a combination of letters and numbers, or as is quite common, a combination of letters, numbers and other symbols on a keyboard, such as $, %, & and # signs.
You likely have to use a password for your home and work Wi-Fi, to check your smartphone, to check and do online banking, to shop online and make online purchases, to go onto a laptop or desktop computer at home or at work, to name but a few examples.
At last count, I have 100 plus passwords for both home and work-related matters. I have purposely made my passwords difficult to crack, so unless a person is extremely determined to do so, they will not be broken. The problem with this system is that it is mentally challenging to remember all these passwords, and you cannot simply use “password” or “1234567” as a valid password for any/all your options.
You may not think the issue of passwords is a big deal, but I got the idea to write this blog a little while ago, while driving to work. I heard the story of a parent who lost a teenage child to a tragic accident. To compound the sudden and unexpected death and grief, the parent could not access the deceased child’s smartphone, to allow the parents to give notice to friends and others about the child’s sudden death, the visitation arrangements, or to see all the beautiful photos that the child had on the smartphone. As with many people, the child did not share their password with anyone (as we are all taught to do nowadays, for security reasons). Much like their loved one, all their child’s memories and important information was gone for good, and despite the best of intentions of the parents, the smartphone company would not (or could not) release the password. As of the date of writing this blog, there was no “happily ever after” ending to this story. I hope, one day, that there is one.
This is a sad, but “lesson-learning,” example of how we, in this modern society, must adapt to the technology and prepare for such circumstances. As such, in my practice, I ask the client: who knows your digital passwords? But in asking that question, I advise the client, quite clearly, that I do not want the passwords myself, and this is for several reasons:
- I do not wish to incur the liability that would go with having this information, as such information could get hacked if it were widely known that lawyers had their client’s passwords;
- The information is likely ever-changing, and I do not expect my client to repeatedly call me with the changes they have made to their passwords; and,
- The passwords may be needed in an emergency, and I may be away or unable to relay the passwords to the person who need it, such as a next of kin, in a timely manner.
There is no easy answer to the question, but the question must still be asked and answered. Some people may choose to write them down and tell a trusted person (their attorney or executor) where to find the list (whether physically or on a computer program). Others may choose to tell a trusted person their smartphone passcode and then the person has access to a phone app that stores the person’s passwords, (a password manager or a password keeper). There is no one right way to do this, but it would be a wrong to not do this. And it is for this exact reason that I am now asking my clients during the “instructions phase” to tell me who knows how to access your passwords in case of an emergency. To not do so could perhaps be seen as negligent.
It was not so long ago that we would tell our friends and neighbours that, in case of an emergency, “here’s the key to my house,” to check up on things. Or if there is an emergency, “please call person A or person B.” That was then, but this is now. Those simple ways are no longer suitable for the digitally driven society as the one we live in today.
I started off this blog with a reference to a Seinfeld episode, and it is fitting that I will end it in the same fashion. There was another classic episode where “Elaine” had a limited supply of her favourite contraceptive sponges, and before she would sexually engage with a new partner, she interviewed them to determine whether they were “sponge-worthy.” It was a particularly funny episode to see her question people about this, and to see how nervous they got in trying to prove themselves fit for the task. But as we are almost at the half-way point of the 2020s, perhaps that memorable Seinfeld episode from the 1990s can teach us a valuable lesson today: who can we really trust with our most important passwords, and how do we determine if they are truly “password worthy” of our trust? Never mind Shakespeare: that is the “real” question for 2023, and beyond.