Colorado Code
Part 15 - Revised Uniform Fiduciary Access to Digital Assets Act
§ 15-1-1503. Applicability

Source: L. 2016: Entire part added, (SB 16-088), ch. 71, p. 181, § 1, effective August 10.
This act does not change the substantive rules of other laws, such as agency, banking, conservatorship, contract, copyright, criminal, fiduciary, privacy, probate, property, security, trust, or other applicable law except to vest fiduciaries with authority, according to the provisions of this act, to access or copy digital assets of a decedent, protected person, principal, settlor, or trustee.
Subsection (1)(b) covers the situations in which a decedent dies intestate, so it falls outside of subsection (1)(a), as well as the situations in which a state's procedures for small estates are used.
Subsection (2) states that custodians are subject to the act if the custodian's user was a resident of the enacting state. This includes out-of-state custodians, who must respond to requests for access in the same way that out-of-state banks or credit card companies must respond to requests from a fiduciary requesting access to a customer's account.
Subsection (3) clarifies that the act does not apply to a fiduciary's access to an employer's internal email system.
Example 1--Fiduciary access to an employee e-mail account. D dies, employed by Company Y. Company Y has an internal e-mail communication system, available only to Y's employees, and used by them in the ordinary course of Y's business. D's personal representative, R, believes that D used Company Y's e-mail system to effectuate some financial transactions that R cannot find through other means. R requests access from Company Y to the e-mails.
Company Y is not a custodian subject to the act. Under Section 1502(8), a custodian must carry, maintain or store a user's digital assets. A user, under Section 1502(26) must have an account, and an account, in turn, is defined under Section 1502(1) as a contractual arrangement subject to a terms-of-service agreement. Company Y, like most employers, did not enter into a terms-of-service agreement with D, so Y is not a custodian.
Example 2--Employee of electronic-communication service provider. D dies, employed by Company Y. Company Y is an electronic-communication service provider. Company Y has an internal e-mail communication system, available only to Y's employees and used by them in the ordinary course of Y's business. D used the internal Company Y system. When not at work, D also used an electronic-communication service system that Company Y provides to the public. D's personal representative, R, believes that D used Company Y's internal e-mail system as well as Company Y's electronic- communication system available to the public to effectuate some financial transactions. R seeks access to both communication systems.
As is true in Example 1, Company Y is not a custodian subject to the act for purposes of the internal email system. The situation is different with respect to R's access to Company Y's system that is available to the public. Assuming that Company Y can disclose the communications under federal law and R meets the other requirements of this act, Company Y must disclose them to R.