Open government is the super buzz word these days and it means so many different things. On one hand we want to know what is really going on down there in area 57 and on the other no one cares about the email reminding that the frig needs cleaning on the 13th floor. So how do we get a grip on what the public wants?
Certain things are going to need to be classified do to process, for example when we are litigating a case or doing an investigation information made publicly available about the specifics may cause a criminal to walk free and that is not in the public’s interest. So what about all this other stuff like the thousands of emails in my archive or the presentation sides from the last event. Does anyone even want this stuff? Well they might, problem is if you don’t know what is there how would you know to ask and see it? There is also just a bunch of junk like, “subject: You in your office?” and that sort of thing.
Right now we don’t have a good way to classify email in relation to the state retention policy they fall into. Therefore, we just save everything and that also is not really what the public wants. I know, be honest, you want all the juicy stuff without the fodder.
How can we provide what the public wants without creating a digital mountain of crap? No we can’t employ teams of reviewers to sort all the messages and technology can’t figure it out either because the policy requires a great deal of human interpretation. It is going to take an effort on a personal level.
We will continue to save everything on the back end so don’t worry about what I am suggesting next, you can always file an official request. What if there were three buckets, Confidential, Public, and Trash? Pretty much anything that has a retention policy of 30 days or less is likely Junk and the rest goes to the other buckets.
How do we make it public? My position is that if it’s a public record then it should be available in the public space not upon request only. I have made some headway in making this a reality in our Public Records Project but what if I told you I wanted to extend this to all records public? GASP!!!!!!
Yes I do intend to completely do away with the need for inspection of public records (aka Sunshine) laws. Sure you can keep the law but if all public records are public what is the point?
The big question is relevance and how the public wants to consume the information. I think that this is impossible to guess at and changes all the time so a static file list is not going to cut it. I say let the public decide. As we make more data available it might become useful in a certain App and to be ready for this our Direct Data Access allows anyone to build out using the our data.
Ohhh, it sounds soo good. Two views needing definition – what is public? What do people want known ?
Kinda like social media. You want you friends to know about how drunk one can get at a kick ass concert but not ones future employer or boss.
In two different cities the IT department got prasied and cursed for posting real estate information on the web. Its all public record. Some folks do not want their name, address and home infromation posted for all to see. Same for graffittie reports.
Some officers did not want their home address and cars they drove posted. DMV is public.
Just because we can do a thing does not mean we should do that thing.
I think you are really on to something. We have a similar experience with agencies that are now using electronic documents, through the public access module, those document types are now just available to the public via website. So, the same software that helped reduce costs and staff time associated with paper files also enhanced (or in some cases created) significant public access to documents that they have a right to see or review.
Allen makes a good point and I agree. I am interested in ways that we can remove the burden of gathering and providing the information and hopefully, these ways would ensure that appropriate documents are available and that access to the documents on which government decisions are made become more available.
In principal I totally agree with this idea but as you point out there’s just SO much info out there. Making it all ,and yes we would have to make it all, available at the click of a button would make government customer service look a lot better but it would also cost a ton of money. It’s all about weighing the risk reward of those two things
I’d agree that posting public records online automatically would be a welcome approach. But I think Allen is right. There might need to be a fourth category of data – what is “public” but isn’t automatically posted. There are some types of data that should be public for various reasons, but need a higher barrier to access to lower the risk of misuse. These would be things like like property tax appraisal rolls (which are online for many jurisdictions, and that is a little scary),DMV records, etc. They are public record, but having a process in place that requires someone to request them and receive approval would actually lower the chance of ID theft, etc.
I was just reminiscing over an IPRA request we had not long ago that included all email for a large task force. Around 6000 messages, good times. As you know each message had to be reviewed to ensure there was no confidential info. That took weeks of several attorneys’ time so I think there is savings to be had in doing it up front instead of waiting for the pile to build. There is certainly a technology gap here and not any really good ways to fix it.
I am aware of some ways to do it and we do have some agencies doing it but the key is the up-front work.
Good blog, James! This discussion is quite timely and helpful.
In my municipality we archive and retain for two years all email sent or received on the City network, as it is considered to be routine correspondence. A message with long-term enduring value must be identified by the sending/receiving employee who then drags it into a City Records Archive folder with an indefinite or lengthier retention period. Seems like a reasonable approach to me. We’ve been archiving city-wide since October, 2009 and in the first 15 months archived more than 5.5 million messages.
The issue we are now grappling with is how to accurately estimate the amount of hours it will take to collect, review, and print emails responsive to an Open Records Request. Since we don’t have a lot of experience doing these jobs, our estimates have been off-the-mark and unfortunately caused great consternation to requesters and media alike. We are now exploring whether to ask employees to delete messages they consider trash and thereby prevent the message from being archived or kept longer than 60 days. The concern is that an important (incriminating?) message could be lost; the benefit would be far fewer messages to search and cull for a records request, audit, whatever. Should be interesting to see how this adjustment plays out.
Regarding public records that may or do contain confidential, proprietary, sensitive, or personally identifiable information which should or may NOT be disclosed: It’s difficult to precisely determine up-front which public records will be requested and thereby justify the time it takes to redact or otherwise prepare them for public consumption. Certainly some volatile/controversial topics are good prospects for advance preparation. But otherwise, I’m not sure there is a good way to balance this. Spending weeks responding to a specific need or request seems preferable to spending uncounted hours “just in case.”
<</body>
I have identified what might be a security issue. We have laws against someone making an overly burdensome request, however, what if a bunch as in a few thousand people got together and made reasonable and seemingly unrelated requests at the same time. Sort of like a DDoS attack. This may be a serious problem as we fill our SANs with more and more data.
@Terri I think you are right about up-front work but how to implement…
This is definitely an interesting scenario. As far as implementation, using document management, I have 2 document versions, one redacted, one not. The redacted version is set up to allow public access of some type (we have a public access module that lets people self-serve and search via website) and a non-redacted version is stored with different security that ensures that it isn’t exposed to public access and it isn’t available by website. This allows for some ability to manage it because you are redacting when the document is being used rather than trying to figure out what needs redacting after we have archived the document and are less familiar with any sensitivity in a specific document. Currently there are auto-redaction tools that can automate things like removal of SSNs, etc.
Your scenario reminds me of experiences I have had but without the use of computer technology!