As public agency officials and employees have increasingly turned to text messages and email to facilitate communication anytime and anywhere, they lost touch with a basic truth: Electronic communications are writings. As such, they may fall within the reach of the California Public Records Act (CPRA). Now that the California Supreme Court has opened the door to disclosure of public agency-related communications made or stored on private devices and in private accounts, California’s local agencies will need to develop policies and procedures to address these practices.
In City of San Jose v. Superior Court
, the California Supreme Court held that the CPRA grants the public a right to access texts, emails and other records relating to the business of public agencies even if they were created, received by or stored in a private device or account. “If public officials could evade the law simply by clicking into a different email account, or communicating through a personal device,” the Court wrote, “sensitive information could routinely evade public scrutiny.”
This case had its origins in a 2009 lawsuit against the City of San Jose, its redevelopment agency and several city officials. The plaintiff claimed that the city’s failure to provide voicemails, emails and text messages that were sent and received by city officials on personal devices using personal accounts violated the CPRA. The Supreme Court’s March 2, 2017 ruling finally (and for the first time in California) put the issue of whether such communications can constitute a public record to rest: An email or text sent to or from a private device or account can indeed be a public record.
While providing certainty on this issue, however, the case also raises many new questions. Public officials will need to tighten their seat belts: The road ahead is likely to be bumpy.
The Supreme Court did give helpful guidance on what is now considered a public record, concluding that only records that “relate in some substantive
way to the conduct of the public’s business” will be public record. The Court narrowed the scope of records subject to disclosure, specifying that communications that are primarily personal, containing only incidental mentions of agency business, generally will not be considered public records. The Court thus pulled back from prior cases holding that the mere mention of public business in a communication could make that communication subject to the CPRA.
The Court also recognized the practical challenges of retrieving records from personal accounts while respecting the privacy of account holders and their correspondents. Although the Court did not establish a specific process, it did point to procedures adopted by federal courts applying the Freedom of Information Act and by the Washington Supreme Court that applied that state’s public records law. The Court favorably noted that individuals can be allowed to search their own devices and accounts for responsive records when a request is received, and to submit an affidavit regarding potentially responsive documents that the individual withheld. To have such a practice, the Court noted that training the individuals who are undertaking such searches is appropriate. The Court also discussed the adoption of policies that would prohibit the use of personal accounts for public business, unless messages are copied and forwarded to an official government account. While these methods were offered as examples, the Court did not endorse any specific approach, leaving it to each public agency to develop its own practices.
While the Court gave some clues as to how public agencies can attempt to comply with its ruling, it left open a host of other issues. Public agencies will have to determine how to address evolving technologies, including apps that do not preserve messages; how to deal with public officials and employees who refuse to produce records from their personal accounts; and how to distinguish gossip from the substantive conduct of public business.
The ruling may also create collective bargaining issues. For instance, if an agency wishes to compel its employees to make their personal accounts available or prohibit employees from using personal devices or accounts to conduct agency business, negotiation with bargaining units could be required.
In addition to queries for advice on implementing new procedures in light of City of San Jose
, we have received three repeated questions:
- Does the ruling apply retroactively? Yes. Nothing in the case limits its holding to how documents are created and retained after the ruling, meaning that a CPRA request for electronic records can reach back to an indefinite time period.
- What types of communications are governed by the ruling? Again, there is no limit to the breadth of the holding. It applies to all forms of electronic communication relating to public business. In fact, there is nothing that limits the decision to electronic communications: It would appear that personal correspondence in letters, longhand written notes, and other forms of writing may now be subject to the CPRA if they discuss agency business, even if they are possessed and maintained only by individual officials outside of the agency’s offices.
- The third question has been the most frequent one, reflecting a state of disbelief: Does this decision really mean that an individual’s private email accounts could be opened to disclosure under the CPRA? The answer is yes.
Moving forward, City of San Jose
supports the notion that local agencies should be developing and adopting policies and practices to address the disclosability of electronic communications and the use of personal accounts for public business. Records retention policies will also be relevant, as agencies will need to consider how email records, now including those on personal accounts, will be retained by the agency or its public officials.
Developing such policies is not a job for lawyers alone. Various stakeholders should be involved in determining what process the agency will use to address communications on personal accounts, potentially including IT staff, elected officials, legal counsel, student service staff in school districts, city managers and superintendents, business officials, and possibly employee union representatives. Once policies are developed, training will be critical for bringing local agency officials and employees up to speed on the policies that were adopted and the procedures that will be followed when CPRA requests are received.
Lozano Smith was the first law firm in California to develop and broadly distribute email retention policies for use in school districts. We have now developed model school district policy language to address the City of San Jose
decision. The most recent version of this model policy language is available by contacting the author of this article or firstname.lastname@example.org
. We are available to assist all types of local agencies with developing their own policies and best practices, including development of agency-specific affidavits for public officials and employees who may possess agency-related business communications in their personal accounts.
It is a brave new world for public officials. Until policies can be developed and put in place to address how a public agency will implement City of San Jose
, public officials may wish to limit the use of their personal devices and accounts for substantive communications regarding their agency. In the meantime, remember the old adage: Don’t put it in writing unless you want it on the front page of the newspaper!