Dealing with the death of a user: The possibility to inherit digital assets
Alin Daniel Florescu, Attorney-at-law at Markó & Udrea Attorneys-at-law

Article by Alin Daniel Florescu, Attorney-at-law at Markó & Udrea Attorneys-at-law

  1. Introduction

In the past, the assets of a person were, for the most part, tangible. Even photos, documents, receipts, bills, music, movies etc. were tangible or were fixed on a tangible media such as CDs or DVD’s. After death, it was usually easy to identify the property of the deceased and to split it between the rightful heirs. But nowadays there is an extra layer of difficulty in dying. Many of our family heirlooms, photos, videos and assets are digitized and stored on computers, smartphones, flash drives, email accounts, clouds, online platforms, apps etc. Most of us have a lot of these digital assets, but almost none of us think about what will happen to them after we die. In the UK, research shows that 85% of participants have not considered the digital implications of their death yet1. Similarly, a legal practice regarding this matter has not yet been formed, since lawyers often leave out digital assets from their discussions with clients regarding estate planning.


Similarly, many internet service providers („ISPs”) do not regulate, or inadequately regulate the fate of the digital assets after the user’s death. Given the growing number, variety and importance of these digital assets, as well as the lack of legislation, it is important for the ISPs to be proactive and carefully regulate what happens to one’s digital assets after death.

  1. The so called „digital assets”

Digital assets are new, diverse and they constantly change, therefore they are lacking a proper legal definition, at least in the European Union. Legal scholars have defined digital assets as „any intangible asset of personal or economic value, created, purchased or stored online2. The European Union Blockchain Observatory & Forum3more technically defines the digital assets as „a string of characters, often stored in a binary format, that represent values or rights that can be exercised within a specific context”.In the United States, there is legislation4that defines the digital asset as „an electronic record in which an individual has a right or interest. The term does not include an underlying asset or liability unless the asset or liability is itself an electronic record.”

All of these definitions hint in the direction that anything can be a digital asset, as long as it is electronically stored. The first digital assets that come to mind are e-mails, social networking accounts, documents, videos, cryptocurrencies, tokens etc. However, as our lives shift more and more towards the digital world, many digital assets become unexpectedly valuable and tradeable for fiat currency. For example, in the Entropia Universe, a massive multiplayer online game designed by Swedish software firm MindArk, you can buy properties with real world money. Entropia uses an in-game currency called PED (Project Entropia Dollars) that can be exchanged back and forth to USD at a fixed rate of 10:1. The biggest transaction ever recorded in this game was a nightclub called „Club Neverdie” which was sold for 635.000 USD5. The user who bought the virtual nightclub can, of course, recover his investment from the earnings of the club. However, people are also spending billions for in-game purchases that are purely visual and give you no in-game advantage. The most famous example would be the purchase of the item „Ethereal Flames Pink War Dog” for 38.000 USD in the game Dota 26. This item represents a unique appearance of an in-game courier that does not do anything different than the default courier (other than looking extremely cool, obviously). Therefore, it has become increasingly popular for people to spend enormous amounts of real-world money for virtual items that may or may not have economic value outside the game.

Similarly, besides the emotional value of a social media account, with the growing trend of influencer marketing likes and followers have gained economic value as well7. While someone may be reluctant to go through a great ordeal to gain access to their late grandmother’s Facebook account, inheriting a social media account with hundreds of thousands of followers might be very valuable.

  1. The main issues of inheriting digital assets

Notwithstanding the lack of a proper legal definition of the digital assets and their delimitation from the traditional assets, under the principle of universal succession recognized by most of the continental legal systems, including Romania, the entire estate of the deceased is passed onto the successors. Therefore, at the first glance, it should be simple. Irrespective of the nature of the asset, digital or not, it should be transferred along with the rest of the estate. However, the problem is far more complex, depending on the nature of the digital assets.

The key legal issue regarding the social media accounts relates to whether the content and/or user account is the user's property or not. While the user may think he owns the social media account, this is not the case with most ISPs like Google, Facebook, Instagram etc.

User accounts are created by contracts between ISPs and users, and the account itself, as well as the underlying software, are the property / intellectual property of the ISP8. However, the majority of the legal scholars agree that the content of the account (photos, posts, videos, messages) remains the property of the user9. Therefore, at least in theory, such content can be inherited. 

But how would the user’s heirs access the account if they lack the log-in information? Again, in theory, it should not be a problem. This matter should be treated similarly as inheriting some jewelry stored by a third party in a lockbox for which they don’t have the key. In this case, they would simply present to that third party the proper documentation for proving they are the rightful heirs and they should be granted access to the goods. But most of the high-profile ISP’s terms of service agreement (“ToSA”) state that, while content remains owned by the account holder, the license to use the account ends on death and the users cannot pass the account onto their heirs10. Therefore, even if the heirs have the log-in information, accessing the decedent’s account would breach the ToSA.

  1. The current practice of the ISPs regarding the possibility to inherit digital assets

Currently, many ISPs do not have procedures in place to cater for the death of a user. This, of course, may become a problem, especially considering the growing importance of digital assets and the lack of legislation in this domain.

While having this issue regulated in the ToSA certainly helps, it is not guaranteed that such clauses would be enforced by court. In the United States, the father of a late marine sued Yahoo! after the company refused to grant him access to the e-mail account of his deceased son11on the basis of the non-transferability clause contained in the ToSA. In the end, the court ordered Yahoo! to provide the family with a CD containing copies of the e-mails in the account, but without granting the family access to the e-mail account or log-in information. This decision is consistent with the interpretation that, while the content of the account is the property of the user, the account in itself remains the property of the ISP. 

In Germany12, Facebook refused to grant access to a deceased girl’s Facebook account to her parents, invoking duties of confidence and post-mortem privacy. The Court of Appeal in Berlin supported Facebook’s stance, but the Federal Supreme Court of Justice overturned the decision, relying on the principle of universal succession contained in the German Civil Code. The higher court rejected Facebook's argument that this was a contract of a highly personal nature, and therefore rights did not transmit to heirs.

In order to avoid the public backlash and the bad publicity derived from such situations, ISPs have developed ways of granting the families access to certain parts of the decedent’s account13. For example, Google lets you add up to 10 trusted friends and family members who should be notified if you haven’t logged in for periods ranging between 3-18 months. You can also specify what parts of your data are shared with those contacts in the case of such inactivity. Similarly, Facebook offers the option of a “Legacy Contact” and in the event of the demise of the account holder, family members can request Facebook to “memorialize” the page via an online form after providing proof of death. After the page is memorialized, the person specified as the Legacy Contact can respond to friend requests, update the profile picture or cover photo and can also download a copy of what was shared on the social network. Other ISPs like Microsoft, Twitter, Instagram and LinkedIn have implemented similar procedures.

  1. Recommendations for the ISPs

As shown above, in the absence of legislation regarding this subject, ISPs should take matters into their own hands and clearly regulate in their ToSA whether or not and to what extent their services and products are transmissible after the user’s death. The procedures implemented by high-profile ISPs like Facebook and Google are a good start in this direction, however such procedures may clash with the imperative rules of intestate succession, as well as the legal formalities for the validity of the will. For example, under Romanian law, the will has to be either authenticated by a public notary, or handwritten in its entirety and signed by the testator14. Absent such requirements of form, the will is null and void. Therefore, a “digital will” such as the one implemented by Google, where you can allow anyone you choose to access and download your data after your death, may be successfully contested by the legal successors and declared invalid by a court of law on grounds of lack of the required form.

Moreover, the ISPs cannot rely on the data protection rules to deny access to a decedent’s account, as the GDPR does not protect post-mortem privacy. This is also confirmed by the above-mentioned decision from Germany.

ISPs should also clearly specify the nature and the rights of the user over the products and services they are selling. In this sense, many digital assets are not owned by their users and, more often than not, users may be unaware of this fact. As such, many ISPs that advertise “selling” music, videos and books, specify in their ToSA that the purchaser is, in fact, buying a non-transferable license to access and use digital content, with the license expiring upon user’s death15. Items purchased on iTunes, for example, are not owned by their user and cannot be transferred to the user’s successors. Therefore, ISPs should properly inform their potential users about the ownership of their products, in order to avoid unnecessary disputes.

When drafting their policies, ISPs should pay attention to the legal framework regulating this matter in the jurisdiction in which they conduct their business. While laws explicitly regulating digital assets may not yet exist, rules of copyright, consumer protection, inheritance and property in general may still be applicable. Therefore, the procedures of the ISPs should be in line with these regulations. This is, of course, easier said than done for ISPs conducting business internationally. The applicable legislation, especially in matters of inheritance is usually determined by the citizenship and/or the domicile of the user, therefore the ISPs could not take into consideration and comply with all of the different national legislations. This underlines once again the importance and necessity of regulation in this domain at an international level.

Last, but not least, ISPs should specify in their ToSA the necessary documentation to be provided by the heirs when requesting access to the accounts of the deceased. As such, the ISPs should not comply with any request from the heirs based only on the death certificate of the user, which only proves the death as a fact, but not the existence or extent of the rights of a specific person over the assets of the deceased. ISPs should only grant access to the decedent’s assets after receiving proper proof that the person making such request is the rightful heir to inherit the assets in question. Under Romanian law, such proof can only be made with the heir certificate, document which contains information regarding the estate, the number and capacity of the heirs, as well as their quotas from the estate. If such document does not contain clear provisions regarding which heir shall inherit the digital assets, the request to access them must be made, under Romanian law, by all of the heirs mentioned therein, jointly.

  1. Conclusion

It is still debatable whether a password protected social media account should, in fact, be treated the same way as the decedent’s clothes or car, and thus if it should be, by default, passed onto the successors through legal succession. After all, our social media accounts have become an important part of our private lives and we should consider if we are comfortable with the thought that our families will have access to all our digital conversations after our demise.

Until the proper legislation arrives, the best solution at this moment for the ISPs is to have in place a solid policy, drafted in accordance with the current legislation and case law, to determine the legal nature of the assets they provide and what happens to them after the user’s death.

1Digital Legacy Association, Digital Death Survey 2017, available at:

2Edina Harbinja, Legal Aspects of Transmission of Digital Assets on Death, (PhD diss, University of Strathclyde, 2017), p18-25;

3The European Union Blockchain Observatory & Forum, Blockchain and the future of digital assets, 2020, p. 7;

4Revised Uniform Fiduciary Access to Digital Assets Act (2015), Section 2, par. (10);



7Agnes Veszelszki, Like Economy: What is the economic value of likes? – Society and Economy 40 (3), 2018

8Edina Harbinja, Digital inheritance and post-mortem privacy in Europe, 2019

9Dubravka Klasicek, Digital inheritance, Interdisciplinary Management Research XIV, 2018

10Edina Harbinja, op cit.

11Rebecca G. Cummings – The Case Against Access to Decedents’ E-mail: Password Protection as an Exercise of the Right to Destroy,2014

12Federal Supreme Court of Justice (BGH), Docket no. III ZR 183/17, 12.07.2018

13How to bequeath your Gmail, Facebook, other digital accounts to your family, heirs, available at:

14Art. 1040, 1041 and 1043 of the Romanian Civil Code;

15A. C. Eichler - Owning What You Buy: How iTunes Uses Federal Copyright Law to Limit Inheritability of Content, and the Need to Expand the First Sale Doctrine to Include Digital Assets; Houston Business and Tax Law Journal, Vol. 16/2016

April 22, 2024 17:16
The European Data Protection Board recently clarified a series of key issues r...more »
April 01, 2024 15:57
Opinion article by Denisa Simion, Manager, Financial Advisory, Corporate ...more »
January 24, 2024 09:20
Numerous renewal energy projects were blocked as a result of the minutes of th...more »
January 11, 2024 11:55
Article by Flavius Florea, Counsel Wolf Theiss  In an era dominated by ...more »
Govnet Next Events