Compliance Essentials

Financial institutions, privacy, EFT Code and deceased estates

Category: Financial Services, Intellectual Property, Privacy | by David Jacobson

Digital Property and the Laws of Inheritance from TechNews World discussses whether executors have the right to obtain passwords to websites and email services used by a deceased.

Starting with a discussion of the Yahoo case when Yahoo refused to give the parents of a US Marine killed in Iraq access to their son’s email account without court approval, the article then considers wider inheritance issues.

How does this apply to Australian internet service providers and financial institutions?

Assuming the provider or the institution can even access your personal confidential password, the general principle is that the provider will not release a person’s personal information without proof that the third party enquirer is properly authorised either as an attorney (if the account holder is still alive) or an executor or administrator (if the account holder is deceased).

Section 69AA of the Banking Act only gives ADI’s the power to deal with a deceased’s depositor’s  money in an account; it does not discuss the right to other information such as passwords. Usually a financial institution will only disclose information to a person who claims to be an executor after they produce a certificate of death and evidence of their appointment as executor or administrator.

In Australia, the EFT Code is silent about a person or their financial institution giving their estate details of their passwords to different accounts. The assumption must be that in giving your password to your executors you have authorised any electronic transaction they undertake.

The bottom line is that passwords and usernames which give access to online data such as financial records, journals, emails and photos can be just as valuable as cash and property and should be securely stored in a place accessible to beneficiaries. An online business customer should not assume that their estate will automatically be given their information by their service provider.

UPDATE 16 June: I have just received a notice from my telecommunications provider that it has amended my general terms to clarify that "personal information" may include numbers I have called, the time of a call and the location of a call. The amendment allows it to disclose personal information to emergency services organisations. No mention of disclosure to my estate.

Print Friendly, PDF & Email
LinkedIn
 

Your Compliance Support Plan

We understand you need a cost-effective way to keep up to date with regulatory changes. Talk to us about our fixed price plans.

Support Plans