Requester’s Voice: Justin Elliott

“These more savvy operators are going to use whatever they can find in the text of the particular laws to mess with you…”

Written by Beryl Lipton
Edited by Shawn Musgrave

Justin Elliott is a reporter for ProPublica. After receiving an email from the personal account of Howard Glaser, Director of Operation for Governor Andrew Cuomo, Elliott requested all professional emails that had been sent from the account; his request was denied. His most recent piece discussed the use of private email accounts by Governor Cuomo’s Office. This week, Elliott spoke with MuckRock about the practical and political murkiness of private communications, email retention, and requests.

I’m looking at the New York State Archives definition of what a record is, and the idea that in the modern age email communications would not qualify is sort of absurd. Can you explain the rationale behind the initial denial of your request to Governor Cuomo’s staff?

It’s not really clear. While I was writing this story and went to them for comment, I was told, “This particular email that you’re talking about”—the one that I personally had possession of—“is not a record. It is something more informal than that.”

Frankly, I don’t think that’s a serious response. I’ve talked to a lot of expert-types and other people in the field and there is no category of “informal.”

If you look at the actual FOI law, it defines what a record is. I can read it. The word “record” means “any information kept, held, filed, produced, or reproduced by, with, or for an agency or the State Legislature, in any physical form whatsoever,” and then it has a big list of the different forms it can take. It’s basically anything. It’s anything you produce in your capacity as a state employee.

There’s a state policy by the New York State Office of Information Technology Services that officials are not supposed to use personal accounts for state business unless they have explicit authorization. And I asked the Cuomo people whether any of their people had been given explicit authorization, and they just wouldn’t comment on that.

There have been lawsuits about this private email account thing before, and the clear rule in New York is that it doesn’t really matter if a record is held in a private email account. The test to determine if it is releasable under FOIL is supposed to be purely a content test. I mean, if it’s a record from a private email account that would be exempt for some other reason, then it’s still exempt, but if it’s not and it was sent or received in an official capacity, then it’s supposed to be releasable, at least in theory.

It seems a lot of the issues are practical ones.

Even when you’re not talking about former employees (like in Elliott Spitzer’s case against AIG), I think that the logistical questions are totally relevant. In New York State, each agency is supposed to have a Records Access Officer who is in charge of processing the request. And it’s not totally clear—for example, in the case of emails—how it always works in terms of whether the Records Access Officer is themselves searching the state’s servers or email servers that the state has access to, or whether they’re going to the individual who is the target of the request and asking them to conduct a search themselves.

Obviously, if you’re using a private email account to do official business, as the Cuomo people are, then the Records Access Officer doesn’t even have the option of searching the state email server, because they don’t have access to Google email servers or any other private company.

And now New York is working to have emails be deleted after 90 days?

Apart from the particular email retention practices of the governor’s office, which seem particularly secretive, some news broke last year that the state is consolidating its various email systems into one system, Microsoft Office 365. The state is in the process of shifting everyone to that. The details of that are murky.

There was apparently a memo announcing this big shift. I went to the Office of Technology Services, and I asked them for it, and after a week or two, they got back to me and said, “Yeah, you’re going to have to file a formal FOIL request to get that,” which is super annoying, but which I’ve done. So assuming they give it to me, I’ll get it and publish it.

Based on what we do know, apparently there’s going to be a 90-day default retention, meaning emails will be deleted after 90 days unless you opt in to have them saved and there’s a whole retention schedule for what types of things are supposed to be saved.

It’s not at all clear to me exactly how those rules work and if the people who the rules are supposed to apply to even know about them.

You have to mark an email for retention. If you don’t, it’s going to disappear after 90 days.

Again, a lot of questions: Is it really going to be deleted forever? Is it 100% not recoverable after 90 days? How does this whole marking system work? Is there going to be any oversight of that? Is anyone even going to mark anything, even in these narrow categories, that is supposed to be retained?

So much business is done over email now, that if this goes into effect or is already in effect, you’re going to be losing vast amounts of material that might be of interest to the public at some point down the road, and not even necessarily that far down the road.

Did the State’s Technology Office set that period?

Yes, according to this Times Union brief. That office is part of the Cuomo administration, so it’s the policy of his administration, although it also appears that they reserve the right to delete them even sooner, at least in the Governor’s Office context, if they’re not in a handful of formal categories of veto messages or press releases.

They claim that they can be deleted immediately, and they set that policy themselves. There’s nothing in the law that appears to say what they can and can’t do, so that appears to be their policy, which, even if it’s technically legal, for an administration and a governor that came in promising unprecedented transparency and, in particular, unprecedented transparency by using technology, this is the complete polar opposite.

I will add that the particular email I got, and then requested, I requested well under 90 days and they still said it had been deleted. So whatever their practices are, it’s less than 90 days.

Have you run into other examples of these strange record email issues?

It does seem they use this email to get around having to disclose certain communications.

In the New York context, the Daily News reported a couple years ago that Cuomo himself doesn’t use email — he just uses this Blackberry pin-to-pin messaging system. It’s some kind of peer-to-peer encrypted messaging that supposedly does not get held on any servers. So, at least supposedly, once you and the other person delete a message, it is gone forever. And the Daily News had reported that Cuomo does this with his aides. (But, of course, they can’t do it with people outside the government, because no one else has a Blackberry.)

There was also this thing called the Moreland Commission that Cuomo had appointed that was investigating public corruption, and then he abruptly shut it down. Now there’s a federal prosecutor looking into the circumstances around it getting shut down prematurely. The Times reported a couple days ago that the staffers on this Commission investigating public corruption, which Cuomo was reportedly meddling with, were actually issued Blackberrys so they could use this even more secretive peer-to-peer form of messaging.

I think that they’re obviously extremely conscious of their communication security, which is kind of disturbing given that they’re supposed to be public officials. The last person I read about using a Blackberry was El Chapo, the Mexican drug lord. So I think that is somewhat telling.

If they’re finding other avenues to record these conversations, or not record them, that even more strongly suggests that they are communications relevant to government business, right?

Exactly. It’s so at odds with any conception of open government and accountability and democracy.

My sense is that these more savvy operators, like these two Governor’s offices, are going to use whatever they can find in the text of the particular laws to mess with you and to seemingly politicize what’s supposed to be a standardized process, in terms of what gets released and what doesn’t get released.

There was a story in the Daily News a week or two ago in which they had filed a FOIL involving communications between the New York Mayor Bill de Blasio’s office and the Governor’s Office about some snow removal issue. The Daily News had FOILed the Governor’s Office and gotten back emails from Howard Glaser’s official account that had been sent to the account by officials in de Blasio’s office in the city.

These emails sort of made the mayor’s office look bad, and they were released by the Governor’s office. It makes you wonder when one of the cases where they happen to find emails that are substantive is one where those emails make one of their political rivals look bad. I mean, who knows? The whole process of the processing of these requests is kind of a black box that you can only speculate about.

But you start to see these patterns, and it really starts to raise questions about how politicized the whole process is.


Image via ProPublica.org