Google Accounts- Estate Planning Challenges

Managing Google assets in an estate plan begins with Google. Google offers a voluntary tool called the Inactive Account Manager, which allows users to designate trusted contacts to access their account data under specific conditions, such as prolonged inactivity. Additionally, Google has policies for handling requests from fiduciaries (like those with power of attorney or trustees) to access accounts, but these requests are subject to strict legal requirements and are not guaranteed to be accepted based solely on private directives like a power of attorney (POA) or trust.

Inactive Account Manager: Google’s Legacy Tool

Google’s Inactive Account Manager lets users plan for what happens to their account if they become inactive for a specified period (e.g., 3 to 18 months). Users can:

• Add up to 10 trusted contacts to be notified of inactivity.

• Choose to share specific data (e.g., Gmail emails, Google Photos, Drive files) with these contacts. The contacts receive an email with a link to download the designated data but do not gain full control of the account.

Alternatively, users can set their account to be deleted after the inactivity period.

This tool is optional and must be set up by the account holder while they are still active. It’s not a “requirement” but rather a proactive option for users to manage their digital legacy. If this tool is not set up, fiduciaries or family members must rely on Google’s postmortem request process, which is more complex and far less certain. Worse, it might necessitate probate; Google requires a court order in many case.

Google’s Stance on Private Directives (Power of Attorney or Trust)

Google does not automatically accept private directives like a power of attorney (POA) or trust to grant access to a Gmail account, whether the account holder is incapacitated or deceased. Here’s why:

• Legal Requirements for Access Requests: Google has a strict policy for handling requests to access a deceased or incapacitated user’s account. For deceased users, Google requires a U.S. court order directed to Google LLC, specifying that disclosure does not violate laws like the Electronic Communications Privacy Act (ECPA) and the Stored Communications Act (SCA). The court order must be emailed to postmortemrequests@google.com. A court order protects Google from claims of third parties or adverse regulatory actions by governmental entities. Google explicitly states that it cannot accept other forms of legal documentation, such as wills, trusts, proof of power of attorney, or small estate documents, to satisfy this requirement.

• Power of Attorney (POA) Limitations: For living but incapacitated users, a general POA does not automatically grant access to a Google accounts such as Gmail. It is important to appreciate that Google’s policies prioritize user privacy and security, and they typically require the account holder’s direct consent or a court order to release account data. Even with a POA, fiduciaries often struggle to gain access because Google may not recognize the POA as sufficient legal authority under the SCA, which governs the disclosure of electronic communications.

• Practical Impediments: There are also impediments which arise the circumstances. For example, in cases where a POA holder tries to reset a password, Google’s recovery process (e.g., 2FA-sending a verification code to a linked phone number or backup email) often fails if the account holder cannot provide the necessary information due to incapacity. Google does not offer a streamlined process to bypass this with a POA.

• Trusts and Other Directives: Similarly, a trust document granting a trustee authority to manage digital assets is not sufficient on its own for Google to grant access. While a trust can confer legal authority under state laws like the Revised Uniform Fiduciary Access to Digital Assets Act (RUFADAA), Google’s policies prioritize federal laws like the SCA and ECPA over private directives. RUFADAA (adopted in states like Ohio and Missouri) allows fiduciaries to manage digital assets if the user has given explicit consent through an online tool, will, trust, or POA, but Google often requires a court order to comply, especially for accessing the content of communications (e.g., email contents) as opposed to non-content data (e.g., a catalog of emails).

Non-US residents: For non-U.S. residents (e.g., in the UK or Portugal), this process becomes even more challenging due to jurisdictional issues, as Google requires the court order to be issued or domesticated through a U.S. court.

Challenges and Privacy Concerns

Google’s stringent requirements reflect a broader tension between user privacy and fiduciary access. The company has stated in court filings that Gmail users have “no legitimate expectation of privacy,” citing their terms of service, which allow automated scanning of emails for features like targeted ads. This stance has been criticized by privacy advocates, as it suggests Google prioritizes its own access to data over third-party access, even by legally appointed fiduciaries. For example, even “confidential mode” does not prevent Google from accessing email contents, further complicating trust in the platform for sensitive communications.

For fiduciaries, the court order requirement can be a significant barrier, especially for international users or those without the resources to obtain a U.S. court order. Even in the U.S., the process can be time-consuming and costly, often taking 30 days or more to process, as noted in older guidelines from Google (circa 2007). This can leave fiduciaries unable to access critical information, such as financial records or health data stored in Gmail, during a time-sensitive period like incapacity, guardianship contests, or estate administration.

Recommendations for Users

Given Google’s policies, users should take proactive steps to ensure their Gmail account can be accessed by trusted individuals:

• Set Up the Inactive Account Manager: This is the most straightforward way to designate access to trusted contacts after a period of inactivity.

• Document Access Instructions Separately: Use a secure service like LegalVault® to store Gmail login credentials and two-factor authentication (2FA) details, ensuring fiduciaries can access them without violating Google’s terms of service.

• Use a Digital Assets Inventory: Inform your loved ones about your accounts and where to obtain information by preparing and maintaining a Digital Assets Inventory.

• Include Digital Assets in Estate Plans: While a POA or trust may not be sufficient for Google to grant access, these documents can still provide legal authority under RUFADAA to request access, and they can guide fiduciaries in seeking a court order if necessary.

• Consider Alternatives: For highly sensitive communications, users might explore end-to-end encrypted email services like ProtonMail, which offer greater privacy but these may have their own access challenges for fiduciaries.

Conclusion

Google does not have a prescribed designated access or legacy requirement but offers the Inactive Account Manager as an optional tool for users to plan for their digital legacy. Google does not reflexively accept private directives like a power of attorney or trust as sufficient to grant access, typically requiring a U.S. court order to comply with federal privacy laws. This approach prioritizes user privacy but can create significant hurdles for fiduciaries, especially in time-sensitive situations or for non-U.S. residents. Users should proactively manage their Gmail and Google account access through Google’s tools and secure storage solutions to ensure their digital assets are accessible to trusted individuals when needed.