FAACT database audit/use logs

To Whom It May Concern:

Pursuant to the Virginia Freedom of Information Act, I hereby request the following records:

1) Audit/use logs, since Jan. 1, 2020, documenting each time someone has accessed, queried, uploaded, downloaded, or otherwise used the Virginia Framework for Addiction Analysis and Community Transformation (FAACT) database(s), including, where available, the person's position, the department/organization they work for, the purpose for which the database(s) was used, the date, and any associated criminal case numbers.

Participants in the FAACT program and the Commonwealth Data Trust are required to maintain audit/use logs for transparency and auditing purposes in order to participate in the programs. The Virginia Department of Criminal Justice Services has informed me that ODGA, rather than individual participating agencies, maintains these audit logs.

I ask that all fees be waived as intend to use the requested records to further public understanding of public agencies and not for any commercial purpose. In the event you choose to impose fees, I request a detailed breakdown of the fees, including the hourly wage of each employee involved and an explanation justifying the employee hours required to fulfill the request.

Should you choose to reject this request or redact portions of responsive documents, I ask that you provide a detailed breakdown of the statutory exemptions and associated case law underlying your decision to withhold each/any portions from public review.

The requested documents will be made available to the general public, and this request is not being made for commercial purposes.

In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM if not.

Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 5 business days, as the statute requires.

This request is filed by Tom Nash, a citizen of Virginia, in coordination with Todd Feathers.

Hello,

Thank you very much for your response, but I'd like to ask for a little clarification. Could you please cite the specific exemption to the Virginia Freedom of Information Act you are relying on to withhold these records? Under the law, records cannot be withheld unless they meet one of the enumerated statutory exemptions. Here is the text of the law: https://law.lis.virginia.gov/vacodepopularnames/virginia-freedom-of-information-act/

I'm not sure what you mean by "sensitive or unauthorized data," but there's certainly no statutory exemption that uses that language.

I'd be happy to discuss this request over the phone, if you'd like to set up a time.

Todd

Hello,

You state that you are taking into consideration the Virginia Freedom of Information Act but you have not cited a single exemption to the Virginia FOIA that would preclude your agency from providing the responsive login information/audit logs. There is no legal exemption for "sensitive profile information" in the law—that's a made-up phrase. Furthermore, the vast majority of government officials' email addresses are already publicly posted on agencies' websites so there's really no argument to be made at all that email addresses are exempt information.

If you intend to continue denying this request, please provide the statutorily required rejection letter containing citations for the exemptions you are claiming.

Todd Feathers