E-mail 'metadata' is public in Washington; recordkeeping rules apply to social media for federal agencies
Technological innovations in communication continue to create questions about what constitutes a "public record" for the purposes of state and federal open records laws. In the fall of 2010, one state supreme court ruled on the "metadata" included in e-mails, and the national archivist urged federal agencies to preserve records of their use of social media.
Washington State Supreme Court Rules 'Metadata' is Public
On Oct. 7, 2010, the Washington State Supreme Court ruled that "metadata," which is information related to the history, tracking, or management of an electronic document, is a public record subject to disclosure under the state's Public Records Act (PRA). O'Neill v. City Of Shoreline 2010 Wash. LEXIS 870 (Wash. Oct. 7, 2010)
The case arose from a public records request Shoreline, Wash. resident Beth O'Neill filed with the city after Shoreline Deputy Mayor Maggie Fimia claimed in a 2006 public meeting that she had received an e-mail, authored by O'Neill, that accused the city council of improper conduct. O'Neill denied sending the e-mail, and made a series of unfulfilled requests for the original e-mail with all of its metadata, including information about the date, time, sender, and recipient of the original message. Failing to locate the original message, Fimia eventually claimed she must have accidentally destroyed it. O'Neill filed suit against the city under the PRA, Wash. Rev. Code § 42.56.
A trial court dismissed O'Neill's suit but a state appeals court reversed, ruling that the city had failed to fulfill the request because although it provided O'Neill with a copy of the same message that the original sender sent to another city council member, the metadata on the version sent to Fimia could be different, so the city was required to provide it.
The Washington Supreme Court affirmed the appeals court in a 5 to 4 ruling, remanding the case back to a trial court "to give the City the chance to search for the requested metadata, and to determine whether the City has violated the PRA." Writing for the majority, Justice Susan Owens said that although the metadata on a message sent or received by a public official pertaining to government business is not usually visible to the senders and recipients, it qualifies as a "public record" under the PRA because it "may contain information that relates to the conduct of government and is important for the public to know." Specifically, Owens wrote that metadata "could conceivably include information about whether a document was altered, what time a document was created, or who sent a document to whom. Our broad PRA exists to ensure that the public maintains control over their government, and we will not deny our citizenry access to a whole class of possibly important government information."
Calling the case an "issue of first impression," the Washington Supreme Court relied on a 2009 decision by the Arizona Supreme Court that ruled that, for the purposes of Arizona's open records law, "metadata in an electronic document is part of the underlying document [and] does not stand on its own." Lake v. City of Phoenix, 218 P.3d 1004 (Ariz. 2009)
The Washington Supreme Court also ruled that pursuant to its attempts to fulfill O'Neill's request, the city should "inspect Fimia's home computer's hard drive for the requested metadata," adding that "this inspection is appropriate only because Fimia used her personal computer for city business. If government employees could circumvent the PRA by using their home computers for government business, the PRA could be drastically undermined."
In a footnote, however, the Court said it "address[ed] only whether the City may inspect Fimia's home computer if she gives consent to the inspection. We do not address whether the City may inspect Fimia's home computer absent her consent."
The Court instructed the trial court to find that if the city refuses to inspect Fimia's home computer, they have "indisputably" violated the PRA, whereas if the city inspects Fimia's home computer and the search turns up no metadata or the same metadata already released to O'Neill, "the trial court must determine, consistent with this court's opinion, whether the City's deletion of the metadata violated the PRA."
Although the ruling favors the free flow of information, it raised a thorny issue of privacy that concerned the court's four dissenters. Justice Gerry L. Alexander wrote in his dissent that "I do not believe that what is contained on the hard drive of a public employee's personal home computer, whether it is deemed 'metadata' or something else, is a public record." Alexander said the contents of the home computer could not be considered a public record since it "is not a writing that is 'retained by any state or local agency'" as defined by the PRA.
"More significantly," Alexander wrote, "the majority provides no authority of law for the proposition that a city employee's home computer is subject to such a search or inspection by the employing city."
O'Neill's attorney, Michele Earl-Hubbard, told The Associated Press that although she was disappointed that the Court remanded the case for another proceeding without finding an outright violation of the Public Records Act, "Our Supreme Court here says yes, there are electronic parts of records that may have value, and an agency may not destroy them. That's a big part of the accountability picture."
The Washington Supreme Court is not the first to broach the question of whether e-mails related to state business should be subject to a state open records law request. In February 2010, the state of Alaska released thousands of government-related e-mails sent by Alaska Governor and former Republican vice presidential candidate Sarah Palin, her husband Todd, and her staff using non-government e-mail accounts on services like Yahoo. In October 2008, a state judge ruled that the e-mails had to be retained and preserved subject to records requests, but Palin had argued that they were protected by executive privilege. For more on the Palin e-mails, see "Roundup: Government E-mails as Public Records" in the Fall 2008 issue of the Silha Bulletin.
National Archives Encourages Agencies to Preserve Social Media Posts
The Archivist of the United States sent a bulletin to heads of federal agencies on Oct. 20, 2010 titled "Guidance on Managing Records in Web 2.0/Social Media Platforms." In the bulletin, U.S. Archivist David S. Ferriero observed that federal agencies "are using social media and web 2.0 platforms to connect people to government and to share information" and explained that many of the uses of these media create "federal records" as defined by the Federal Records Act (FRA), 44 U.S.C. § 33 et seq.
Under the FRA, "records" are defined as "all books, papers, maps, photographs, machine readable materials, or other documentary materials, regardless of physical form or characteristics, made or received by an agency of the United States Government under Federal law or in connection with the transaction of public business." Federal agencies must preserve records if they provide "evidence of the organization, functions, policies, decisions, procedures, operations, or other activities of the government" or otherwise have "informational value." The U.S. Archivist and the National Archives and Records Administration (NARA) are empowered by the law to promulgate procedures and standards for how records are compiled, catalogued, reproduced, and disposed of. The FRA is distinct from the Federal Freedom of Information Act (FOIA), 5 U.S.C. § 552 et seq. in that it covers the retention and preservation of records rather than their disclosure.
In the October 20 bulletin, listed as NARA Bulletin 2011-02 and available online at http://www.archives.gov/records-mgmt/bulletins/2011/2011-02.html, Ferriero sought to provide agencies with broad "fundamental guidance" rather than "model schedules or step-by-step guidance," and charged agencies to "determine the most appropriate ways to incorporate recordkeeping requirements into their business processes and identify the specific means by which their agencies will fulfill their responsibilities under the Federal Records Act."
Ferriero identified three categories of "social media platforms" which agencies might use: "web publishing," including blogs or microblogs such as Twitter; "social networking," including tools like Facebook and "virtual worlds" like Second Life; and "file sharing/storage," including video and image sites like YouTube and Flickr as well as online document storage tools like Google Docs. Ferriero observed that "the principles for analyzing, scheduling, and managing records are based on content and are independent of the medium." He proposed that agencies consider whether the information in question is available elsewhere; contains "evidence of an agency's policies, business, mission, etc.;" whether the Web 2.0/social media platform "is being used in relation to the agency's work" and is authorized by the agency; and whether there is "a business need for the information." Ferriero said that the list of considerations was "non-exhaustive," but "if the answers to any of the ... questions are yes, then the content is likely to be a Federal record."
The bulletin said that agencies must consider the "noteworthy records management challenges associated with the use of web 2.0/social media," which it said includes "public expectations that all web content is both permanently valuable and accessible, [that] ownership and control of data [can] reside with a third party," and the fact that content management on web 2.0 and social media services and tools is interactive.
To address these challenges, the bulletin said that agencies "must ensure records management guidance is included in social media policies and procedures" by identifying federal records in those platforms and preserving them, "defining ownership of content and responsibility for managing the records," and sharing policies with employees and the public.
The bulletin acknowledged that in some cases, such as with Flickr or YouTube, privately owned websites might host content that qualifies as records. "Each agency is responsible for managing its records, whether they reside on a third-party social media platform or are housed within the agency," the bulletin said, adding that "a concern with web 2.0/social media platforms is that a service provider could stop providing their service or delete information from an agency's account." A stop in service or deletion of content would not relieve an agency of "its records management obligations," the bulletin said.
In a November 2 blog post on the NARA website at http://blogs.archives.gov/aotus/, Ferriero wrote that "the informal tone" of many of today's social media "should not be confused with insignificance." He observed that "agencies are still neglecting their recordkeeping responsibilities for email." According to Ferriero, a 2009 NARA report "found that most Federal agencies do not manage their email records in an electronic recordkeeping system, and therefore cannot ensure that these emails are preserved in any recordkeeping system on a regular basis." Moreover, Ferriero said that "archaic 'print and file' practices still exist in many agencies, resulting in the inadequate preservation of messages that meet the criteria for Federal records."
- PATRICK FILE
SILHA FELLOW AND BULLETIN EDITOR