Download Processing Digital Records - Society of American Archivists

Document related concepts
no text concepts found
Transcript
Privacy and Confidentiality
Issues for Digital Archives
Peter Hirtle, MA, MLS, FSAA
Berkman Klein Center for Internet & Society
[email protected]
©2016 Society of American Archivists
1
Digital Archives Specialist (DAS)
Curriculum and Certification Program
offered by SAA:
Foundational Courses—must pass 4
Tactical and Strategic Courses—must pass 3
Tools and Services Courses—must pass 1
Transformational Courses—must pass 1
Course examinations are administered
online.
2
Welcome to our course…..
3
Privacy and Confidentiality for
Digital Archives — Outline
 Core values and ethical standards
 Access Issues
What is access?
Archives, privacy, and technology
 Legal Framework
Confidentiality, including HIPAA and FERPA
Privacy and defamation
Sensitive information topics
 Managing Risk
 Addressing sensitivities: Processing digital records
 Legal Framework: Public records
4
5
“When archivists talk about privacy and
confidentiality issues, it collectively brings
out our most conservative streak. Surely,
in our vast and varied holdings, there are
place to start that would allow us to build
professional consensus and celebrate
broad, unfettered access to the treasures
buried therein?”
Bill Landis, 2009
6
Privacy and Confidentiality
Privacy
Freedom from intrusion into one’s personal
matters, including personal information
A personal right rooted in common law
Confidentiality applies to information
How information (personal, corporate,
organizational) is protected from
inappropriate disclosure
An ethical duty
In some cases, an extension of privacy
7
CORE VALUES and
ETHICAL STANDARDS
8
Core Values
 Access and Use
 The widest possible accessibility of materials
 Consistent with any mandatory access restrictions
 Public statute, donor contract, business/institutional
privacy, or personal privacy
 Accountability
 “Access to the records of public officials and
agencies provides a means of holding them
accountable both to public citizens and to the
judgment of future generations.”
Core Values of Archivists http://www2.archivists.org/statements/saa-corevalues-statement-and-code-of-ethics, approved May 2011
9
Code of Ethics — Access and Use
 Actively promote open and equitable access
 Minimize restrictions
 In the context of their institutions’ missions and
their intended user groups
 Any restrictions are appropriate, welldocumented, and equitably enforced
 Seek practical solutions that balance
competing principles and interests
Code of Ethics for Archivists, revised January 2012
http://www2.archivists.org/statements/saa-core-values-statement-and-code-of10
ethics
Code of Ethics — Privacy
 Establish procedures and policies to protect the
interests of the donors, individuals, groups, and
institutions whose public and private lives and
activities are recorded in their holdings.
 Archivists place access restrictions on
collections, where appropriate
Code of Ethics for Archivists, revised January 2012
http://www2.archivists.org/statements/saa-core-values-statement-and-code-ofethics
11
Useless to minimize the problem of
third party privacy
“It is disingenuous to write ethical
guidelines saying that archivists should
protect the privacy rights of data subjects.
Violation of privacy is part of the process.
The real question is how it can be
meliorated.”
Elena Danielson, The Ethical Archivist
12
ACCESS – WHAT DOES IT MEAN?
13
Access
1.
2.
3.
(Intellectual access) The ability to locate
relevant information through the use of
catalogs, indexes, finding aids, or other tools.
(Physical access) The permission to locate
and retrieve information for use (consultation or
reference) within legally established restrictions
of privacy, confidentiality, and security
clearance.
(Technological access) Computing — The
physical processes of retrieving information
from storage media.”
Richard Pearce-Moses, A Glossary of Archival and Records Terminology
14
How do archivists influence access?
Choosing whether to acquire the collection
Negotiating restrictions with the donor
Identifying, separating or redacting
sensitive information during processing
Closing or restricting materials for a period
of time
15
How do archivists influence access? II
 Choosing a method
of access
Sara S. [Sue] Hodson, “Archives
on the Web: Unlocking
Collections While Safeguarding
Privacy,” First Monday PeerReviewed Journal on the Internet,
11/8, August 7, 2006
It is one thing to make
available possibly
sensitive letters [in a]
reading room but quite
another to post them on
the Internet, where they
can be read potentially
by millions of people.
16
How do archivists influence access? III
Specificity and searchability of descriptive
material
Requiring identification and promises from
patrons
Terms of use
Letters of recommendation
Permission to make copies / publish
17
ACCESS, PRIVACY and
TECHNOLOGY
18
Born Digital vs. Digitized
Born digital: Information created in an
electronic format
Digitized: The process of converting
analog material into binary electronic
(digital) form, especially for storage or use
in a computer
Richard Pearce-Moses, A Glossary of Archival and Records Terminology,
http://www.archivists.org/glossary/term_details.asp
19
A few advantages of born-digital . . .
Donor may be available for consultation
More meaningful metadata
Easier searchability
20
But more challenges . . .
Bulk
Lack of organization
Greater mixture of personal and business
More recent vintage = more sensitive
Desire to provide access in native format
or to emulate digital desktop
 No history of collection use / feedback
21
Access, Privacy, and Technology
 “…[W]e keep talking about digitizing collections as
though there isn’t an enormous train of born-digital
content barreling down on us. … [W]e shouldn’t be
making decisions about access to digitized content as
though somehow the issues are different from access to
natively digital content.
Remarks of Bill Landis, “Panel: Reconciling Modern Archival Practices and Ethics
with Large-Scale Digitization,” Extending the Reach of Southern Sources:
Proceeding to Large-Scale Digitization of Manuscript Collections, Southern
Historical Collection, University of North Carolina at Chapel Hill, February 12, 2009
(http://www.lib.unc.edu/mss/archivalmassdigitization/download/landis.pdf )
22
Patron Privacy and Security
 Security: How is this data protected in online
access tools? Need to check with IT staff or
service provider
 Data retention: Is there a written data
retention and destruction policy?
 Transparency: If you use web analytics,
does your website include a privacy notice?
23
LEGAL FRAMEWORK:
CONFIDENTIALITY
24
Legal Duty of Confidentiality
Fiduciary or agency relationship
 Attorney-client, doctor-patient, guardian-ward,
corporate directors-shareholders
Court order
Contract
 Non-disclosure agreement
 Legal settlements
 Donor agreements
Laws: HIPAA, FERPA, etc.
25
Lawyers’ Papers
Client confidentiality —the lawyer’s duty
 Protects
lawyer/client communications
 Can be waived by the client
 Most bar associations prohibit donation of files (but
some lawyers do so anyway, at their own risk.)
 May be perpetual in duration (no one knows)
Attorney–client privilege
 Prevents
certain evidence from being admitted at trial
 Breached if information is disclosed to anyone outside
the relationship
Client owns the file, not the attorney
26
What if the donor breached a duty?
https://www.library.ucsf.edu/tobacco
Brown & Williamson v. Regents of the University of California
27
Key Points
 If the donor breaches a confidentiality duty,
liability is the donor’s first
 Archives are not automatically liable, particularly
if the archivist had no knowledge of the
confidential material
 There is very little case law in this space which
may mean
 Archivists are careful to prune confidential material
 Collections are not accessible intellectually
 Out-of-court settlements
28
Donor Agreements
 Many reasons for donor restrictions
 Disclosure of personal or family information, harm to
reputation
 May seek restrictions, censor or sanitize their
own files, destroy files, or just decline to donate
 Should all donors just expect that their materials
may be digitized and put online?
 Donor responsibilities to third parties?
29
Breach of Donor Agreements
 Who’s suing the archives?
 The donor? You lose
 Third party? Not clear



Must show that they were an intentional “third
party beneficiary” of the donor agreement
He or she knew of the contract at the time it was
made
Relied upon it to his or her detriment
30
Medical Records Confidentiality HIPAA
https://s-media-cacheak0.pinimg.com/originals/cf/ea/9f/cfea9f797a368d4f199d65113b0f2b41.jpg
31
Medical Records Confidentiality HIPAA
Health Insurance Portability and
Accountability Act of 1996
 First comprehensive federal law to protect
the privacy of health information
 Can regulate historical records in archives
 Two rules are relevant
 Privacy rule
 Security rule
32
HIPAA Privacy Rule: The What
(2000, effective 2003-2004, amended 2013)
 All uses of “Protected Health Information” (PHI),
regardless of when or by whom the records were
created, or whether the subject is alive or deceased
 Applies to all records held and yet to be acquired that
 Contain individually identifiable health information and
identify the individual
 Concern past, present, or future health
 Are maintained electronically or in any other form, including
paper, speech, or memory
 Are created, maintained or received by “covered entity”
 Newest amendment limits the period of protection to 50
years after death after which it is not PHI
33
HIPAA Privacy Rule: The How
 Facilitates sharing of health information for treatment
and payment, or at patient’s request but
 All other uses of PHI, including scholarly and historical
research, can occur only via individual written
authorization, an informed consent waiver, or by
 Safe harbors: PHI may be used without authorization
only for research on decedents, for review preparatory to
research, for certain types of specified research, or
pursuant to IRB determination
 Only the minimum amount of PHI necessary for the
intended purpose can be disclosed
34
HIPAA Privacy Rule: The Who
Covered Entities
 Applies to PHI maintained by a covered entity
 Health care providers, plans, or clearing houses
 Individuals or organizations that are, are part of,
are located within, or associated with a covered
entity, . . . or are under common ownership or
shared control
 Archives subject to the rule
 Must record and be able to account for disclosures
to each researcher and
 Provide individuals with access to their PHI in the
archives
35
HIPAA Privacy Rule: The who
Hybrid Entities
 Covered entities that are a single legal entity
with both covered and non-covered functions (a
university with a hospital, hospital with an
archives) can elect to be a hybrid entity
 Must designate the health care components
 Only designated health care parts of hybrid
entities must comply
 May segregate non-covered functions and erect
firewalls to prevent unauthorized disclosures of
PHI
36
HIPAA Privacy Rule – The who
Business Associates
 Perform services for covered entities using PHI
(admin., billing, IT, legal, records management,
etc.)
 Archives that use or disclose records containing
PHI must comply and enter into a business
associate agreement governing use of PHI
 Under the HITECH Act (2010), the privacy and
security requirements covering “covered entities”
now apply directly to “business associates”
 If your archives is operating under an existing BA
agreement, should amend it to comply with HITECH
37
HITECH: Health Information
Technology for Economic and
Clinical Health
Effective February 2010
 Requires HIPAA-covered entities and BAs to
notify patients about PHI breaches (e.g., a
hacker); may also need to notify the media
 If ePHI is encrypted for storage/transmission,
need not notify
 Health providers encouraged to encrypt
systems, files, and emails containing ePHI
38
HIPAA Security Rule
 PHI must be protected from unintended disclosure
 “Reasonably anticipated” threats or hazards
 Inappropriate uses of electronic PHI
 Triggered ONLY when PHI is transmitted or stored
electronically
 Applies to covered entities and BAs which must
use safeguards for integrity, confidentiality,
availability of ePHI
 Must do risk analysis to evaluate practices and
systems
 Allows scalability related to size and complexity of
practice
39
FERPA: Student Records
http://www.andertoons.com/internet/cartoon/6410/
40
FERPA: Student Records
Family Educational Rights and Privacy Act 1974
 Applies to institutions funded by US Dept of
Education
 Applies only to “education records”
 Any record that identifies a student and
 Is maintained by an institution or educational
agency or party acting for the institution or agency
 No disclosure to 3rd parties without consent
 No private action; the only remedy is
terminating federal funding
41
FERPA: Student Records
 Does NOT regulate:
 Directory / public information - unless the student has
blocked that release (“opt out”)
 Sole possession records prepared by a single
employee; health records; law enforcement records;
records collected after a person is no longer a
student
 FERPA’s 10 exemptions allow release of
records without consent, including to school
officials and organizations conducting studies
 Duration of FERPA’s restrictions is unclear
42
Group Activity #1 — Access policies
What is it? (what document type?)
From the perspective of privacy and
confidentiality, consider:
 Its strengths: What do you like?
 Its weaknesses: What would you change?
 In what ways (if at all) is the archives
controlling access, and is it appropriate?
43
LEGAL FRAMEWORK:
PRIVACY AND DEFAMATION
44
Warren and Brandeis
1890 Harvard Law Review article “The
Right to Privacy”
Posited “right to be left alone”
Drew on precedents from the law of
defamation, literary property and
eavesdropping
45
Constitution
 Source of US privacy law although privacy is
NOT specifically mentioned
 US Supreme Court has found that the
Constitution implicitly grants a right to privacy
against government intrusion
 Limits government’s power to interfere with
individual liberty – “right to be left alone”
 The basis of rights to avoid compulsory public
education (1925), to contraception (1965), to
abortion (1972), to gay relationships (2003).
46
Bill of Rights and 14th Amendment
 First Amendment: Congress shall make no law …
abridging the freedom of speech, or of the press
 Fourth Amendment: The right of the people to be
secure in their persons, houses, papers, and effects,
against unreasonable searches and seizures,….”
 Fifth Amendment: privilege against being “...compelled
in any criminal case to be a witness against himself,….”
 Ninth Amendment: Justifies broad reading of the Bill of
Rights to protect privacy in ways not specifically provided
in the first eight amendments.
 Fourteenth Amendment: “[N]or shall any State deprive
any person of life, liberty, or property, without due
process of law, nor deny to any person . . . equal
protection of the laws.”
47
Prosser & Restatement (2d) of Torts
 Intrusion upon seclusion or solitude
 Appropriation of name or likeness
 Requires misuse for profit – using a picture in an ad
 Distinguish from right of publicity which allows
celebrities to control commercial use of their names &
images, a property right which can survive death
 Publicity that places a person in a false light in
the public eye
Publication of private facts
48
Cause of Action for Invasion of
Privacy
Hard to sue archives for invasion of
privacy or disclosure of private information
for paper records
Practical obscurity
Limited distribution
Paper archives are clearly not publishers
Others (journalists, scholars) do the tale
telling and are more obvious targets
49
What’s different about digital?
 Agency of the archives
 Uncertainty about standards of care to prevent
disclosure
 Wider distribution and access
 More findable
 Can do more damage to reputation
 Potential status of the archives as publisher
 Publication of private facts
 Defamation
50
Publication of Private Facts
 True information
 about a person’s private life
 that would be highly offensive to a reasonable
person, and
 not of legitimate public concern
 Sexual activity
 Health – including mental health, addiction
 Economic status
 But criminal acts are of legit public concern
51
Publication of Private Facts (cont.)
 Community standards
 Law does not protect the overly sensitive
 Community standards have changed
 Pre-marital sex
 “Out-of-wedlock” births
 Race of parents
 Sexual orientation
 Means that the case law is not always relevant
 A personal right (no corporations) that ends at
death
52
Defamation
 Communication (to others) that damages a
person's reputation.
 Slander – spoken words or perhaps instant
messaging
 Libel – written words
 Published: online counts
 Subject identified: including corporations
 Harm: seriously shames, ridicules, disgraces or
injures reputation. Not just embarrassing
 Fault: What would a reasonable archivist have
done?
53
Limits on Libel
 Generally short statute of limitations: e.g., 1
year (depends on the state)
 Only living people (and corporations)
 Only UNTRUE information
 Facts, not opinions
 That which cannot be proven untrue
 Only non-consenters
 If public figure, publication must have been
malicious
 Hard to win – only 13%
 Damages reduced if there was a retraction
54
Defamation
(Reputation)
Invasion of privacy
(Dignity)
Harms reputation
Harms peace of mind, causes
mental stress/emotional harm
False statement
True statement
Can occur by publicity
to only one
Requires publicity to many
Truth is a legal defense to defamation, but not
to invasion of privacy
55
Right of Publicity
 Protected by state law
 Prevents the unauthorized commercial use of an
individual’s name, likeness, or other
recognizable aspects of one’s public image
 Commercial use does not include news
reporting
 Creates a brand or trademark out of celebrity’s
persona
 Unlike privacy rights, in some jurisdictions,
publicity rights survive death and can be
inherited as property by heirs
56
SENSITIVE INFORMATION
TOPICS
57
Corporations and Organizations
 Privacy concerns affect their records no matter
where stored
 Need to protect proprietary and confidential
information, trade secrets, financial and
personnel data, decision making and strategic
planning, new marketing and product initiatives,
and reputations
 Religious, denominational, and organizational
archives also may want to limit access to
sensitive personal data
58
Special Interests
 Community mores, standards, expectations
 Viewpoints of tribal, ethnic, religious, advocacy
groups
 Culturally sensitive issues
 Repository’s reputation
59
Litigation Discovery and Digital
Records
 If you get a subpoena or notice of discovery, call
legal counsel immediately or notify leadership
that it might need to hire counsel
 Your job will probably be to help identify
potentially relevant records. The lawyer will
likely screen them before giving them up
 3/4 of discovery requests seek e-mail
 80-90% of discoverable information is in the
form of e-mail
60
Litigation Discovery and Digital
Records II
 Everything in electronic format that is “reasonably
accessible” is discoverable
 Active data, metadata, system data, off-line archival or
backup data, e-mail, voice mails, damaged data; multiple
drafts
 Office, home & 3rd party computers, office & offsite
servers, shared folders, removable storage, fax
machines, printers, smart phones, optical disks etc.
 The greater amount of private, privileged, or sensitive
data produced, more chances for errors, higher costs
 Creates incentives for identification and special
management of sensitive information
61
Litigation Discovery and Digital
Records III




Act now to be prepared later
Involve and train employees
Understand your records
Install, update, confirm management and retention
policies; implement and enforce
 Consider technology to help manage e-mail and ESI
 Discard and delete unneeded records, according to
approved records retention schedules
 Consider technology as part of the solution for
responding to request
62
MANAGING RISK
63
Strategies for Protecting Sensitive
Data
 Shift the responsibility to the donor or researcher
(although some disagree)
 Screen collections
 Institutional review board
 Allow open access and respond to complaints
case by case
 Develop a take down policy that addresses privacy to
allow for quick response to complaints yet provide
time for investigation
64
Continuum of Access
 None – refuse the collection, deaccession or
separate the sensitive parts because mediating
access is too costly
 Access only after the passage of time
 Access only with IRB approval or under other
conditions
 Access in reading room only if researcher
accepts responsibility to protect private
information
65
Continuum of Access II
 Reading room access with limitation on
duplication
 Open reading room access
 Online access with authentication/click through
agreement
 Online access with limited searchability (what
metadata is exposed to search engines?)
 Free and open online access
66
Select Access Thoughtfully
 Create good donor documentation
 Interview donor about confidential materials using a
checklist
 Penn State Deed of Gift addendum for collections
with e-records
 Balance public value vs. risk
 Older material less problematic
 The dead have no privacy (usually)
 Information (say, salary) becomes less sensitive
 Make the case that you have undertaken a
thoughtful analysis. What would a reasonable
archivist do? Document your analysis
67
Salmon Rushdie Papers
 Locked down
computers with
emulated
environment
 Pre-screened content
 No access outside of
reading room
68
Virtual Reading Room for E-Records
69
Create Policies
 Develop access policies in advance
 Special cases will come up, keep track of
decisions made so you build up precedent
 Decide who decides and whom should be
consulted
 At accession / creation of donor agreement
 Processing guidelines for identification of sensitive
data
 Digital reformatting of legacy collections
 Open or close unprocessed collections?
70
Create Policies II
 Strike a balance between competing interests
Researchers’ need for access
Donors’ wishes
Legal and ethical requirements
Institutional tolerance for risk
Practical considerations (resources, goals for
responding to requests)
 Different policies are appropriate at different
types of repositories
e.g., public or corporate
71
Create Policies III
 Does the archives have a policy mandating open
and equitable access for use of records?
 Is the staff trained in the following?
 Appropriate reference help for all
 Keeping records requests and circulation requests
confidential
 A protocol for notification about parallel research
 Coordination with other archives where appropriate
 No sequestration of records for private research
Elena Danielson’s “Questions for Evaluating Access Policies”
72
Create a Complaint / Takedown Policy
 Plan what you will do if someone objects
 Be respectful and treat complainers politely
 Consider removing item from public access until
it can receive thorough review
 Will buy time
 To consider how important the documents are
 To consider the concerns of the third party
 Keep track of complaints and share your data!
We all want to know!
73
Consent
 Consider asking for consent if there is a large
amount of material in the collection related to
a few individuals
 Risk mitigation can involve pursuing
permission from some parties but not others
74
Help Develop Best Practices
 Manage the risk, don’t avoid it entirely
 Well intentioned practice for putting digitized
collections of unpublished materials online,
OCLC Research (May, 2010)
 http://www.oclc.org/content/dam/research/acti
vities/rights/practice.pdf?urlm=161703
75
Group Activity #2 – Case Studies
76
ADDRESSING SENSITIVITIES:
PROCESSING DIGITAL
RECORDS
77
Processing Digital Records: Ingest
 Sensitivity of materials – intellectual property,
confidentiality, privacy, personally identifiable
information (or PII)
 Developing policies, processes, and tools for
access and discovery of born-digital
 Greater security needed for unscreened born-digital
records, especially if stored on networked servers
 Authenticated repository where researcher has to
agree to terms of use
 Future options – authenticated access to truly virtual
reading room with copy protected access to all
collections
78
Processing Digital Records
 Establish workflows and systems for managing
digital objects once initially transferred.
 Address:
 Maintaining privacy and providing adequate security
 Privacy - need for privacy/security policies specific to
digital that address donor concerns and ensure
compliance with organizational policies and federal
and state laws
 Secure storage and networking
 Tightly controlled access to files that contain
personally identifiable information
79
Security Threat Analysis
 Ensure that information is safe and secure:
authenticity, integrity, availability, relevance,
confidentiality
 Threats occur during creation, storage, access,
and transport
 Information architecture – who is doing what?
 Identify & understand access and privacy in regard
to third party service providers, e.g. cloud storage
 Sedona Conference Commentary on Privacy and
Information Security: Principles and Guidelines for
Lawyers, Law Firms, and Other Legal Service Providers
80
Processing Digital Records: Workflow
 Accession & Store
 Survey materials (number of discs, types, known or
estimated volume)
 Create disk images
 Virus scan
 Search for PII
 Arrange/Describe
 Consider: Series, depth of description (group, media, top
level folders).
 Extent: volume (MB), file count, folder count
 Describe materials (survey contents of files, sampling)
 Access restrictions: special software, local use only,
sensitive content
81
Processing Digital Records:
Workflow II
 Access
 Researcher use agreement
 Copy requested material to a reading room computer
 Provide disk image
 OR Export data
 OR Create Virtual Machine
82
Example of a Forensics Tool
(FTK Imager (http://accessdata-ftk-imager.software.informer.com/3.1/)
83
Processing Digital Records: Personally
Identifiable Information
 Potential liability for donor and repository
 What’s in hidden and deleted files?
 Language in most gift agreements does not
acknowledge born-digital
 ARL study recommends securing donor’s permission to
use forensic tools to recover and review deleted files
 Split between respondents with policies for
retaining/restricting or destroying files with PII, and
whether materials are provided for use before screened
for PII
 Penn State University Deed of Gift Addenda for
Collections with Electronic Records (workbook)
84
Processing Digital Records:
Automate Discovery of PII
85
Digital Records Processing: What should
a reasonable archivist do?
 The cautious advocate examining papers for
privacy violations and imposing restrictions
 Could this work for digital records?
 Risk of affirmative censorship
 Difficult to do
 Create a new affirmative legal duty and professional
obligation
 Failure to comply with this new duty or mistakes in
operation could be negligence
 Does not succeed if copies are available elsewhere
86
LEGAL FRAMEWORK: PUBLIC
RECORDS
87
Federal Laws — FOIA
Freedom of Information Act, 1966
 Requires federal agencies to make information
available to anyone on request
 Presumption that federal agency records are
accessible to the people
 Applies to executive branch (agencies) only
 Replacing the “need to know” standard with
“right to know”
 Each state has its own versions of this law
88
Federal Laws — FOIA
 9 exemptions, i.e., reasons to deny access to
federal government records:

 Trade secrets and confidential commercial and
business info
 Law enforcement
 Personal privacy exemption for personnel, medical,
and similar files
 If a “clearly unwarranted” invasion of personal
privacy
Electronic Freedom of Information Act (EFOIA) of
1986 applies FOIA to federal computer databases and
information systems
89
Federal Privacy Act of 1974
 Citizens’ access to federal records about
themselves: What information is kept and how is it
used?
 Opportunity to correct and amend information
 Restricts disclosure to others without permission
 Information must be within “a system of records”
 Data collected for one purpose may not be used for
other purposes without consent
 Reliability of identifiable personal data; data should
be relevant, up to date, accurate, and protected
against unauthorized loss, alteration, or disclosure
90
Privacy Act Limitations
Limited to federal govt records only
With no central index of federal records
about individuals, agencies must be
contacted individually
Difficult to amend inaccurate records;
redress for violations nearly impossible to
obtain
91
Intersection between FOIA & PA
 FOIA allows anyone to access federal records
 PA allows individuals (only) to access their own
information, but protects that information from being
released to others (without the subject’s permission)
 PA includes exemptions that prohibit disclosure of
personal information even to the individuals concerned,
e.g., law enforcement, prohibited by FOIA
 When the terms of the two laws conflict, FOIA
controls to open the records and the PA does not
limit access, i.e., the PA never prohibits a disclosure
that is required under FOIA
 Much more information is subject to disclosure than
non-disclosure
92
Intersection between FOIA & PA
(cont.)
If an individual requests info about herself,
 If no PA exemptions apply - record is released.
 If PA exemptions apply, look to FOIA to
determine if the record is also exempt under
FOIA.
 If a PA exemption AND a FOIA exemption
applies, the agency must withhold the record.
 If no PA exemption and no FOIA exemption
applies, the agency must release the record.
93
Electronic Communications Privacy Act
of 1986 (ECPA) Act of 1986 (EPCA)
 Extended federal privacy protections to email,
cellphones, pagers (theoretically . . .)
 Intended to cover all materials transferred
and/or stored via the Internet, court
application varies
 Written long before the advent of cloud
computing
94
USA PATRIOT Act
(2001, renewed 2006, 2011)
 Amend most privacy laws to permit easier government
and law enforcement access to personal information
 Easier for authorities to compel disclosures of
information
 Amended both ECPA to access electronic
communications and Foreign Intelligence Surveillance
Act (FISA), which created a separate court system and
easy ability for government to access conversations.
95
Public Records Online
 Commitment to open government
 Information relating to the conduct of the
people’s business prepared, owned, used or
retained by a state or local agency
 Varies from state to state; access and
exemptions depend on the laws of the state
 Personal information, both accurate and
inaccurate may end up disclosed
 IRMT Open Government Guide
http://www.opengovguide.com/topics/recordsmanagement/
96
Responding to Public Records
Requests
 State Archives (and agencies) may be required
to produce records as part of federal or state
FOIA requests or state and local laws
 Are all the records sought subject to the
request?
 Know your state’s public records law
97
Issues Specific to Digital Records
 Confusion between personal and public communications
(especially e-mail)
 (Too) easy to include non-public records in the digital
record set to be delivered (personal records, defamatory,
restricted, etc.)
 In what form should records be exported? Some laws
specify electronic response or format
 Confidentiality may be more easily lost or compromised
98
Responding to Public Records
Requests
 For frequently-requested
public records, it may be
a good idea to maintain a
website where users can
access them directly
http://www.ca.gov/onlineservices/
os_government_records.html
99
WRAP UP
Thank you for your
attention & participation!
100