Former Secretary of State and presidential hopeful Hillary Clinton is currently under fire from Republican opponents and transparency advocates for her (alleged) circumvention of Federal recordkeeping laws. While this particular scandal (or pseudo-scandal) may soon pass, as have numerous other such scandals, the anticorruption community should take this opportunity to voice its support for a badly-needed reform to recordkeeping laws, to ensure that official emails sent by people in a position of public trust should be immutably preserved.
It seems almost too obvious, but “lost” and “misplaced” emails are often a major impediment in corruption investigations. At least three ongoing corruption investigations are touched by email deletions, to say nothing of past investigations:
- New York Governor Andrew Cuomo instructed his government to begin purging un-archived emails after 90 days, even as controversy and a Federal investigation swirls around his dismantling of the Moreland Commission. (He has now altered his policy somewhat)
- A Federal investigation into hundreds of millions of procurement dollars spent by the Delaware River Port Authority (DRPA) has been dragging on for years, crippled in part by missing emails that were “compromised” before the DRPA could turn them over to the U.S. Attorney. The DRPA (partly overseen by New Jersey Governor Chris Christie whose own history with deleted communications is muddled) lost 18 months worth of emails received by a single key official during a key period of time, due to a “software malfunction” with their in-house email system. DRPA’s Inspector General has since resigned in frustration.
- In a glimmer of hope, although recently-resigned Oregon Governor John Kitzhaber instructed members of his government to delete emails ahead of an FBI and IRS corruption probe, they refused to do so.
This is an absurd state of affairs, and entirely unnecessary. There is absolutely no compelling reason to not automatically preserve every email sent and received by civil servants. This is 2015: it is literally more expensive to take the time to actively delete emails than it is to simply keep them. Either governments haven’t realized this yet, or their claim that emails should be deleted for the sake of “efficiency” is in fact a red herring. I suggest the latter. The continued absence of appropriate email preservation rules for public servants, which would be incredibly easy to implement, will continue to frustrate anticorruption efforts.
Today, government record-keeping laws as applied to email are utterly senseless. They were drafted at a time when it actually cost a significant amount of money to preserve and retain communications. Back then there was indeed a good reason to let government agencies destroy their memos other correspondence after a certain period of time had passed. There was even a good reason to let government employees make their own determination as to which documents needed to be preserved and which could be thrown away or destroyed. The more time the agencies had to hold on to these mountains of paper, and the more paper they had to hold on to, the more it would cost them in time and money. This rationale didn’t change significantly with the advent of electronic records because government agencies still needed to spend considerable money maintaining their own IT systems.
But times have changed. The cost of storing documents like emails has plummeted, to the point where cloud service providers like Microsoft and Amazon barely even compete on storage offerings — storage is basically given away for free. Nevertheless, government officials routinely justify deleting emails on the grounds of saving money. What these officials aren’t telling you is that if the rules were reformed to say “all emails will be preserved by default and copied over to the archives,” there would be no extra cost at all.
Take, for example, Governor Cuomo’s policy of deleting un-archived emails after 90 days. Maggie Miller, Mr. Cuomo’s deputy in charge of implementing this policy, has justified it on the grounds that the government is saving $3 million dollars a year on IT licensing fees by switching to a unified, Microsoft Office 365 system. While she is surely right that switching to a single cloud service provider will save money, it is disingenuous to imply that deleting emails after 90 days has something to do with cost. As explained by the watchdog group Reinvent Albany, New York’s service contract already includes 50 GB of data storage for each employee, which is enough for about 40 years worth of emails per employee.
To be sure, there are real costs in keeping government records; it’s just that they’re all caused by the current legal regime. Two major costs stand out:
- The first is the enormous cost imposed on the time and patience of government employees who are forced by the current rules to decide whether or not something is a “record,” and often exactly what type of record it is. Better let them do their real jobs and leave such tasks for others, and only when there is an actual need to distinguish between relevant and irrelevant documents. A specialized type of civil servant, like an archivist with the National Archives and Records Administration or an attorney in an agency’s internal FOIA office, would be best.
- The second cost is imposed on corruption investigators, including journalists and prosecutors. In the current regime, individual government actors have too much latitude to decide what happens to their own emails. Ordinary government employees are often told to determine for themselves what constitutes a “public record” and what the public has no interest in seeing. And powerful government actors (like the U.S. Secretary of State or the Governor of New York) have the power to alter email-retention policies and even, apparently, to use their own personal email server. The responsibility to determine what emails are in the public interest, and how to preserve them, should not fall to someone who has such a strong conflict of interest. Indeed, if only Governor Kitzhaber had the foresight of Secretary Clinton and maintained his own server, he would have had no problem deleting his emails to obstruct the federal corruption investigation that is still unfolding. Other governors aren’t so careless with their emails: Mitt Romney made sure to take personal possession over his emails after his tenure as Massachusetts Governor, and Jeb Bush maintains his own personal server as well.
By law, all government communications should be handled by a centralized system that is set to keep permanent records and is maintained by a disinterested set of professionals. Since cloud-based email services function by maintaining innumerable redundant sets of data and must be specifically programmed to delete data if that is the user’s wish, it would be trivial to implement a law that requires permanent retention of emails. There are, of course, obvious complications with respect to a government official’s “personal” communications versus those undertaken on behalf of the government. If some emails shouldn’t be shared with the archives, fine: at least they still can’t be deleted from the government’s own system, and won’t be “lost” when a FOIA request or subpoena comes around. But if government officials continue to have the power to set their own email retention policies and use personal servers, they will continue to abuse it at the expense of corruption investigations.
GAB | The Global Anticorruption Blog 
I dare anybody to disagree with me.
Sorry to disappoint but I largely agree with you, Chris. That said, the costs of data storage are not all imposed by the current legal regime and won’t simply disappear if the law changes. A prohibition on e-mail deletion just kicks the can down the road. At some point, someone – archivist or investigator – is going to have to wade through the content and designate public records. This will take time and money. It would probably be more efficient to have someone closer to the material (in time and familiarity) make that determination. I am playing devil’s advocate because I think you make a great point about the importance of disinterested determinations. And I assume there are doc review systems to expedite the process.
Yeah thanks for that point — that’s exactly right I think, that eventually someone would have to process mountains of information, and it is definitely going to make that job harder if they have no idea what documents are important and which aren’t. That being said, a search service (basically just an internal Google) would save a ton of labor. Hillary Clinton herself relied on keyword searches to determine what documents were important or not, so it’s gotta be reliable, right!? (*cough*)
Unfortunately, I mostly agree with you too Chris. Also to Liz’s point, I think yes, email retention does kick the can down the road, but we have many many doc review programs like Concordance (which is one I personally used) that probably can get the job done faster and probably aren’t that much less accurate than a timely, personal review. Furthermore, it’s an area in software that’s growing because so many types of business increasingly need that kind of program.
My other concern though is about the cost of space. You are right Chris that currently cloud space costs almost nothing. But if its mandated that all government officials, state and federal, have to retain all emails, that could change things. Take cell phone usage: today most companies cannot retain the content of text messages beyond a certain amount of days (usually 90) simply because they just don’t have the space for trillions of text messages. You would imagine that hundreds, or thousands if you include state officials, of government officials send and receive tons of emails a day, it could add up to a lot. I don’t know anything about this, but do you think we have the infrastructure to store all this?
Thanks for the comment! I totally agree about modern document management systems like the one you mentioned. I am also confident that the cost of storage wouldn’t be an issue here, particularly for simple, mostly text-based documents like emails and text messages. (Not sure about why the text messages you mentioned are not being retained, but I would bet it has nothing to do with storage). Cloud storage is basically behaving like a commodity right now, and prices are falling very quickly. Enterprise-grade cloud solutions (like the Microsoft Office 365 system used by New York State) are far more efficient on a cost and efficiency basis than internally-maintained IT systems, and the savings from switching over would more than pay for extra storage. Note that New York could technically be keeping its employees emails for about 40 years on its current 50 GB-per employee plan. You are right that the process of sorting through documents to determine which are “records” and which are not is not the *only* cost associated with email retention, but it is by far the biggest in terms of wasted human time and energy.
Challenge accepted:
I think there is a consideration that gets short-shrift in your discussion: the personal privacy interests of the government employees. Plenty of emails of a purely or primarily personal nature are sent via official accounts, whether it is because officials’ access to private email systems is restricted during working hours, because it is simply more efficient to use only one platform during the working day, or because work-related emails often contain personal elements (e.g., when you email your boss to request medical leave). It would be naive to think that public officials should never use their official accounts to convey non-official messages, and it would be too disrespectful of personal privacy and the demands of modern-office life to say that officials’ lose any right to privacy whatsoever when those messages are conveyed via an official account. So there is, of course, a very serious privacy problem raised by an automatic retention system. Even if limits are imposed on the back-end prior to disclosure to the public or some investigative body, there is still a harm associated with long-term storage of personal messages and the resulting need to have either a third party neutral or the official later screen out such content. It doesn’t mean that automatic retention is not still the best option available, but I think it’s worth pointing out that “anticorruption” efforts and cost-efficiency concerns aren’t the only interests at play. Any policy regarding retention of government communications should consider the privacy interests it intrudes upon.
To that end, I would point out that retention of official memoranda/reports/meeting schedules may be substantially different than retention of email messages. Email messages are more likely to contain personal information not relevant to official government operations; they are, after all, often a replacement for the intraoffice personal or telephonic conversations of yesteryear. And wouldn’t government officials be justifiably upset if we, as a matter of policy, recorded and permanently held every in-person or telephonic conversation they had in the office during working hours? The point is not that recording all of a government employee’s conversations at work is the same as retaining all emails on an official account; rather I mean only to stress by extreme example that there seems to be a legitimate claim that government employees be given some breathing space, even at work, in which to be human. They don’t shed their humanity or their privacy at the office door.
Of course, whether you think this is a problem worth considering probably turns on whether you think limits on the back-end review, use, and dissemination of the retained communications would be sufficient. As I mentioned, I’m not so sure — there is some independent chilling effect on speech / conduct that comes from big brother simply writing down everything you’re saying and keeping it indefinitely. In other words, there is some harm that even back-end review cannot fix.
But then wouldn’t email retention simply incentivize people not to send personal information via personal accounts? Which is arguably a good thing? And if there is “personal” information that has something to do with the work, maybe it should be retained? I have a hard time seeing why retaining an email that talks about you requesting medical or personal leave has a privacy problem at the outset because, again, I think retention is just the first step. Most employees already know that their office emails are going through the company server or that there is some sort of oversights, so I don’t see how this is any different except that it is storing the information for a longer period of time. More privacy issues are implicated if it goes under review, and is subsequently used for an investigation or litigation later on. Even so, arguably it would have to be relevant somehow.
Another issue though, particularly for lawmakers, is the Constitution’s speech or debate clause. Currently, NJ Senator Bob Menendez is under investigation for corruption, and federal charges are apparently imminent. Sen. Menendez is blocking testimony from his aides, who were subpoenaed pursuant to the investigation, claiming that they are protected by the Constitution’s speech or debate clause, which is aimed at protecting lawmakers from arrest and questioning by the Executive for voting a certain way or taking actions against the Executive’s interest. Many state constitutions offer similar protections to state legislators. I guess we’ll have to see how this plays out with Sen. Menendez’s investigation, but if lawmakers are emailing about content or voting for legislature that is being debated, its possible that these communications are protected as essential to the deliberations. But possibly that kicks in down the road if it is ever reviewed and not with the retention at the outset? Or maybe it only applies to arrest and testimony as the clause says, and not to email communications?
While I agree that the biggest privacy problem arises from the back-end review, use, and disclosure of private communications contained in officials emails retained under the automatic policy, that isn’t the only privacy concerns raised by an automatic retention policy. In playing devil’s advocate, I suggested that there is a broader problem that begins with simply retaining all of the communications in the first place. I don’t agree that it is either desirable or realistic to tell government workers that they should never communicate any private communication via official email. Government workers, whether they are communicating in person, via telephone, or via email, both deserve and frankly require a certain degree of latitude to engage in private communications. To survive the workday, we have to be able to talk about things other than strictly official work; we simply aren’t robots. And as Chris suggested in his comment below, part of what I’m suggesting is that we need to afford employees a degree of intellectual or communicative freedom to get their jobs done without worrying that big brother is recording everything they say forever. After all, it wouldn’t seem proper to record every telephone conversation that occurs in an office and hold it indefinitely. Yet, I have a hard time distinguishing that from an automatic retention policy targeting emails; both policies would substantially dampen the intellectual or communicative freedom of government employees who know that anything they ever say (either via email or over the phone) would be recorded indefinitely for future review.
So my point in responding to Chris is that I think there are significant privacy interests that need to be accounted for in the initial retention decision, not simply at the back-end review stage.
Jordan and Anusha — thanks for your comments! I love that privacy has come up in this discussion. I think you’re right Jordan, that privacy concerns are definitely a countervailing interest against the automatic retention of government communications. Anusha your point that government employees already understand that their job doesn’t afford certain kinds of privacy is well put. A related argument that Jordan could have raised is that government officials need room to do their jobs, and that includes intellectual headspace. The chilling effect Jordan mentioned could have profound implications on the ability of government officials to creatively solve problems, build relationships with their coworkers, or build trust with their superiors.
Nevertheless, I stand by my argument. As we discussed somewhat in the context of Melanie’s recent post about a completely public registry of property ownership, I do believe (strongly) in the privacy of private citizens. You and I have every right to personally choose which messages should be kept and which should be destroyed, and indeed we can selectively choose what should be remembered forever and what should be forgotten. Twitter versus Snapchat.
That same discretion in the hands of government officials, or indeed in the hands of any agent, basically just invites abuse. Government officials should have the discretion to use varied forms of communication, some more open and some more secretive, in the course of their jobs — but they should not have ultimate discretion as to the deletion of even the most secretive of messages. The notion of government officials themselves being wary of Big Brother is disquieting — if even our own government officials have reason to distrust the government, then what possible justification can there be for its sprawling surveillance apparatus?
But of course the balance of privacy and government accountability/anticorruption interests is profoundly complicated. What we should be focusing our energies on instead is the development of a balancing, back-end review process, as both Jordan and Anusha point out. We should consider failures and successes. I consider the FISA courts to be something of a failure; the most cynical would say they are a sham of an adversarial process, but there is also a valid argument I think that national security interests almost always outweigh privacy interests. Nevertheless I would like to see something different than a secretive adversarial court system. Perhaps, although now I’m just thinking out loud, the best back-end reviewers would be a disinterested and specialized class of civil servants whose job is to balance free speech and anticorruption interests, among others, as established by Congress. Maybe they would be archivists or librarians who receive special legal and philosophical training for the job.
Whatever form it takes, the establishing the operation of an automatic government data retention program would at least force us as a nation to have a legitimate debate about privacy and government accountability. Then perhaps we’d stop hearing government officials go on about how deleting emails is all about cost and efficiency…
Here’s a different spin on the efficiency argument.
If government officials know that everything they send in email will be retained, they may go out of their way to make more sensitive messages in person or over the phone rather than via email. This could be a significant efficiency loss (especially for someone like the Secretary of State, who is constantly traveling). While this would sometimes be because officials wanted to get away with corrupt communication, it could also be because some things (certainly including diplomacy) are sensitive.
Similarly to Jordan’s point on creative head space, I think colleagues want to develop relationships that sometimes joke or have fun in ways that, while not inappropriate, are also not 100% professional. If they know that everything will be recorded and retained indefinitely, emails might become more strictly professional, which could prevent colleagues from bonding. After all, who wants to go down in history as the one who sends around cat GIFs at work?
I just want to echo Sarah’s point here. I think that an important consideration in addition to the privacy issues discussed above is the possibility that the knowledge that your emails are being stored/recorded will impact the candor with which people feel they are able to respond to proposals or even the kind of advice that people are willing to convey over email. There are any number of ways that an email that is neither inappropriate nor related to aiding/abetting corruption can nonetheless be extremely damaging in the midst of an investigation or litigation. The fact that government employees might have these kinds of considerations in the back of their mind might not only decrease inter-office bonding, as Sarah notes, but also could impact people’s overall effectiveness when trying to convey important or potentially sensitive ideas to their colleagues.
Chris, I want to push back just a bit on your argument that it’s troubling that government officials have expressed concern regarding the fact that ‘Big Brother’ is watching their actions (though it may certainly be somewhat hypocritical). I don’t think there are many people that are particularly comfortable with the notion that the government might have access to their emails. The question is instead whether or not we believe that this concern/discomfort is trumped by the justifications for this surveillance. Here it would seem that the two are somewhat different (though an argument could be made that they’re related): corruption and national security.
I also wonder what exactly the net gain of this system might actually be. I agree that it may be reductionist, or perhaps even disingenuous, for politicians to continue to justify a failure to retain relevant emails in terms of cost and efficiency. However, as Liz and others have noted, they’re not actually wrong that there will be some additional costs – the need to hire additional personnel to review these emails, the time required by government officials to classify which emails should be preserved, the diminished privacy for government employees, etc. – and not inconsiderable ones incurred if this system is put in place. In exchange for these costs, we’ll have created a system where government officials are explicitly made aware of the fact that their emails will be monitored and retained. As such, the instances in which emails that are captured will provide proof that corruption has occurred will presumably be limited to situations in which the officials were unaware their actions were corrupt or elected to conduct these activities in spite of the fact that they knew their emails would be preserved. I’m certainly in favor of a system that might help to weed out politicians that are both incompetent and corrupt but I’m not necessarily sure that the costs outweigh the benefits here.