triplet towers of paper Last week, we took a look at the freedom of information process from a requestor’s point of view, and I thought it might be nice to turn the tables. This time, we”re looking at why some agencies insist on responding to requests for digital documents with piles of dead tree.

It’s  a running joke among journalists: The pages and pages of e-mails, to take one example, that had been fought for through the “proper” Freedom of Information channels, and then finally won, only to have the government e-mails turned over not in nice electronic format, but rather as reams pieces of paper, delivered via the United States Postal service. If you’re the requester, this means request costs can add up quickly: That’s 50 cents a printed page in Massachusetts, plus the cost of the employee’s time.

Surely, this is how the government sticks it to some nosy beat reporter, right? It’s the same story told again and again: Perfectly good electronic documents are, instead of being delivered digitally, are printed out, occasionally rescanned, and only then handed over when they’ve lost their perfect text transcription, their searchability … and nearly every aspect that makes them convenient in fast-paced newsrooms and to the general public. It’s no surprise that the common wisdom is this process was developed by some loathsome public servants determined to nip transparency in the bud. The truth is, however, a little more complicated.

The practice does lead to some rather opaque side effects, such as news organizations only minimally quoting primary documents, even after taking weeks or longer to obtain them. There is another side of the story, though, which I learned about after receiving our own pile of printed e-mails, in response to a request for internal e-mails on Massachusetts’s proposed healthcare hikes.

After receiving the 254 pages of printed e-mails, I gave Diane Lawton, general counsel for Massachusetts’ Office of Consumer Affairs and Business Regulation, a quick call. The agency had been very forthcoming: The e-mails were provided quickly and possible fees well in excess of a hundred dollars were waived. So why make the e-mails so difficult to go through? Diane explained the the IT department did a keyword search for relevant terms, and then passed those along as attachment to her office. Then, in order to go through all the e-mails to sort out the relevant ones from ones that just happened to trip the IT’s department’s filter, and to remove e-mails that should legally be withheld for other reasons, the legal team prints them out, occasionally blacking out sensitive, non-disclosable materials.
It’s far from the ideal situation, particularly since such auditing tools exist, but the process isn’t unreasonable from the agency’s perspective. The Office of Consumer Affairs is also hardly alone on this issue. Another agency officer shared his perspectives recently on a FOI-related mailing list:

From reading posts on this list and dealing with local media reps, I know that the requester perspective is that responses to requests for email should be quick, cheap, easy and electronic … because, after all, it’s all electronic to begin with. Perverse as it seems, the reality is often – usually – otherwise. There are already tools to manage email and facilitate EDD (electronic document discover), but they are costly and complex. Let me walk through a typical demand for emails that we may receive and how we respond.

  • First of all, for email we use Microsoft Exchange Server (I forget which version, but not the newest – I think we are one step back, for both economy and letting others work out the bugs) with MS Outlook as desktop clients. Employees are not restricted in creating PST files on local hard drives or network shares. We do not have any specialized email management or EDD applications installed – that is, we must use the functionality built into Exchange Server to identify relevant emails.
  • We receive a demand for all emails on a certain topic, to/from a certain group of employees and/or to/from certain outside parties. The request may be under KORA (Kansas Open Records Act) or EDD.
  • Nearly always the request is overbroad: “All emails to/from all County employees regarding topic X.” Search must be inbox by inbox – there are 3,000 employees and more functional inboxes (e.g., kora-fio@[redacted].gov is not my personal inbox, but goes to a “public folder” so it can be covered by multiple staffers). There is no hard topic defined: we can search for keywords, using logical Boolean operators, to the extent MSES allows.
  • The requester narrows (nearly always) scope to a few, most relevant employees and other parties, and may advise as to keywords.
  • IT staffers responsible for MSES temporarily freeze current inboxes and search on keywords (and possible all three last daily backups), copy emails that appear to be relevant to PST files (stand alone email store files that Outlook can work with), and provide to Legal counsel for review. For EDD requests affected employees may, without notice, have their PCs removed, HDs duped for EDD (PST and other files) and network shares temporarily frozen/duped.
  • Legal counsel uses Outlook to view emails contained in PST files, to determine what is responsive to the demand.
  • If no redaction is needed, then it would be possible to delete non-relevant emails, let relevant stay in PST file, “compact” the PST to remove deleted data from the PST file and provide the PST file to the requester.
  • Even if the topic at issue has no confidentiality concerns itself, it is normal for emails to cover multiple topics, mixing open with closed. Review/redaction usually gets done faster and cheaper by printing out, running a Sharpie through portions to redact and making copies or scans.

If we charge the “actual” costs (for this, mostly direct labor plus benefits) KORA allows the tab adds up fast. IT staffers involved are senior IT support staff, vetted to work with confidential info and for quality control, backup and security reasons don’t work alone. Usually, multiple Legal counsel must be involved (i.e., counsel to multiple departments, distinct areas of expertise) to accomplish redaction.

Please note that due to the imperfect nature of searching by keywords, identifying potentially relevant emails is far from certain. There are synonyms (contract and agreement), acronyms (MOU = memorandum of understanding), abbreviations and slang. You simply can’t search for all permutations. It would help if we could train and force employees to use consistent subject lines, stay on one topic per email and use consistent terminology … but these are mostly lost causes.

Automated redaction tools exist that recognize patterns of SS#s and the like, but they are most appropriate for things such as medical forms or mortgage filings, where you know what limited types of redaction are needed. Emails, word processing documents, spreadsheets and the like are too free form to apply redaction tools effectively. We trust our email encryption solution to catch and encrypt emails that contain patient numbers, diagnoses codes, SS#s, account numbers and the like before sending outside the safety of our firewall, but I know Legal would not be comfortable trusting a piece of software to redact for KORA or EDD responses.

Earlier this week we had to cancel an RFP process to acquire an “Email Archiving System,” which would have facilitated response to KORA and EDD requests, among other functions. We did not have funds available to begin and budget was unlikely to follow through

About these ads