(a) The legal duties imposed on a fiduciary charged with managing tangible property apply to the management of digital assets, including all of the following:
(1) The duty of care.
(2) The duty of loyalty.
(3) The duty of confidentiality.
(b) All of the following shall apply to a fiduciary’s or designated recipient’s authority with respect to a digital asset of a user:
(1) Except as otherwise provided in Section 873, a fiduciary’s or designated recipient’s authority is subject to the applicable terms-of-service agreement.
(2) A fiduciary’s or designated recipient’s authority is subject to other applicable law, including copyright law.
(3) In the case of a fiduciary, a fiduciary’s authority is limited by the scope of the fiduciary’s duties.
(4) A fiduciary’s or designated recipient’s authority may not be used to impersonate the user.
(c) A fiduciary with authority over the property of a decedent or settlor has the right of access to any digital asset in which the decedent or settlor had a right or interest and that is not held by a custodian or subject to a terms-of-service agreement. Nothing in this subdivision requires a custodian to share passwords or decrypt protected devices.
(d) A fiduciary acting within the scope of the fiduciary’s duties is an authorized user of the property of the decedent or settlor for the purpose of applicable computer-fraud and unauthorized-computer-access laws.
(e) The following shall apply to a fiduciary with authority over the tangible, personal property of a decedent or settlor:
(1) The fiduciary has the right to access the property and any digital asset stored in it. Nothing in this subdivision requires a custodian to share passwords or decrypt protected devices.
(2) The fiduciary is an authorized user for purposes of any applicable computer-fraud and unauthorized-computer-access laws.
(f) A custodian may disclose information in an account to a fiduciary of the decedent or settlor when the information is required to terminate an account used to access digital assets licensed to the user.
(g) A fiduciary of a decedent or settlor may request a custodian to terminate the user’s account. A request for termination shall be in writing, in either physical or electronic form, and accompanied by all of the following:
(1) If the user is deceased, a certified copy of the death certificate of the user.
(2) A certified copy of the letter of appointment of the representative, a small-estate affidavit under Section 13101, a court order, a certified copy of the trust instrument, or a certification of the trust under Section 18100.5 giving the fiduciary authority over the account.
(3) If requested by the custodian, any of the following:
(A) A number, username, address, or other unique subscriber or account identifier assigned by the custodian to identify the user’s account.
(B) Evidence linking the account to the user.
(C) A finding by the court that the user had a specific account with the custodian, identifiable by the information specified in subparagraph (A).
(Added by Stats. 2016, Ch. 551, Sec. 1. (AB 691) Effective January 1, 2017.)