First published in 1967, the Freedom of Information Act (FOIA) was originally designed to provide public access to information contained in papers, photos, maps, and archival formats like microfiche and microfilm. Now, however, FOIA covers the full range of modern communications, including emails, text messages, social media posts, and everything else. Requests are getting more expansive in scope, presenting a challenge for agencies. Read on to learn more about “any and all” public records requests—and how your agency can respond to them.
Increases in FOIA Requests to Government Agencies
Every year, agencies are dealing with increases in public records requests for two reasons:
- The population of the US continues to grow. In general, more people living in a state = more potential requesters.
- Trust in government is low. Citizens want transparency and accountability.
To rebuild trust, most states have enacted “sunshine laws” that aim to provide public insight into government activities and easily request access to information. By being more open, governments have essentially invited the public to make more requests.
Plus, over the past few years, school district policies, law enforcement training and disciplinary records, and most recently, board of elections data have become the focus of advocacy groups and media outlets. These are today’s “hot button” topics. You can bet there will be more.
What are "Any and All" Requests?
One particularly difficult—and increasingly common—type of records request is the “any and all” request. These are worded vaguely (often intentionally) and require an agency to find all paper and electronic files related to the subject matter. RFPs/RFQs, bidders, contracts and contractors, employee training and certifications, disciplinary actions, regulations, internal policies, vendor relationships, expenses and accounts payable, marketing and public relations … you name it, it likely is subject to FOIA.
Are Emails and Text Messages FOIA Eligible?
Communications such as emails and text messages about government business can be particularly tricky to navigate. When are they subject to “any and all” FOIA requests? Some details vary based on jurisdiction. Emails and text messages are usually FOIA eligible if they were created, received, or maintained by a government agency or official in the course of official business. This is true even if it was sent from a personal account or device. For example, if an elected official is seeking re-election and sets up a special email account for their campaign, those emails may be subject to FOIA requests. If two government officials text each other about work from their personal phones, those texts are subject to FOIA requests—but non-work related texts sent from personal devices are not.
Further complicating matters, emails don’t have separate retention policies. The content of the email determines how long they should be kept. So an email regarding financial statements or contracts generally must be kept 7-10 years, but emails about personnel might be kept for up to 25 years. This makes it particularly challenging to know whether an older email should be considered part of an “any and all” request.
The best practice is to have a centralized system for managing and storing emails, in addition to other electronic records. It’s also important to have a protocol in place who oversees collecting emails in case of an “any and all” request. This might be your IT department, or it might be necessary to speak with any departments affected by the request individually.
Are ChatGPT Chats FOIA Eligible?
Questions that government officials ask ChatGPT or anything they create with generative AI may also be subject to FOIA requests. In July of 2023, the City of San Jose, California, sent a memo telling employees that information they enter into a generative AI platform is subject to the California Public Records Act. We may have to watch this play out in court before knowing exactly what can and can’t be released in different jurisdictions. But in the meantime, the safest bet is not to put anything into ChatGPT that you wouldn’t want released to the public.
What About Redaction?
All FOIA laws permit redactions to protect personal information (date of birth, SSN, contact information) and other content which, if made public, could irreparably harm the mission of the agency and/or put individuals in jeopardy.
But how do you go about removing information from paper-based records? Of course, the original must be kept intact. So, the first step is—after locating the document—scanning it in, identifying all sensitive information and redacting it, creating metadata or other annotations that identify and classify the document, and finally storing it in the redacted file. The process of copying, redacting, and managing these files can take longer than the scavenger hunt for the folder in the file cabinet.
The same holds true for electronic records. The original email, PDF, Word doc, image, map, etc. must be retained as-is, and redactions are made to a copy of the file.
This is a ton of work for your employees, even for a simple public records request. But…
We Have the Solution!
JustFOIA’s records request solution is powered by workflow automation and includes tools for automatic redaction of sensitive data, PST extraction and email document management, powerful cybersecurity, and much more. JustFOIA integrated with Laserfiche creates the perfect power pack for simplified requests and enterprise content services.