Last summer, in Competitive Enterprise Institute v. Office of Science & Technology Policy, 827 F.3d 145 (D.C. Cir. 2016) (“CEI v. OSTP”), the D.C. Circuit reached an important decision concerning an agency’s obligation to search private email accounts maintained by government officials for records responsive to a Freedom of Information Act (“FOIA”) request. The court determined that if an official “possesses what would otherwise be agency records [e.g., work-related email], the records do not lose their agency character just because the official . . . takes them out the door [e.g., to a private account][.]” Id. at 149. Thus, if a personal email account may contain agency records, the agency cannot categorically refuse to conduct a search of that private account.
This past week, however, the district court on remand appeared to dampen the impact of the D.C. Circuit’s ruling. Judge Gladys Kessler determined that OSTP had met its burden under the FOIA and did not have to conduct a search of former Director John Holdren’s personal email account, the contents of which had been saved on a thumb drive last December under court order. OSTP successfully argued that any agency records on Holdren’s non-governmental account would be duplicative of records already on OSTP servers. The agency pointed to a policy that required Holdren to forward work-related email to his official account or to copy that account on work-related correspondence. OSTP also attested that Holdren obeyed this policy on “approximately 4,500 occasions” and was otherwise entitled to a presumption of compliance “absent evidence to the contrary.” CEI could not rebut the presumption.
The district court’s decision, particularly on the heels of Sunshine Week, is disappointing. First, although a requester admittedly cannot rely on speculation to prove wrongdoing, once a requester has proven that a non-governmental system contains agency records, the agency should not be allowed to forego a search of that system simply because it claims to possess “duplicative” records elsewhere. It is difficult enough to demonstrate that an agency official is violating the spirit, if not the law, of transparent government by using personal email for work-related purposes. The existence and usage of a parallel personal account should be enough, in most cases, to rebut any presumption of compliance with preservation rules. Of course, OSTP may have given sufficient evidence of Holdren’s compliance in this case—an affidavit indicated that he forwarded or copied his official email account approximately 4,500 times—but courts should remain skeptical that all agency records have been forwarded when atypical means of conducting government business are at issue. One need only consider the ongoing saga of former Secretary of State Hillary Clinton’s private email accounts, where additional State Department records were uncovered even after she had averred that all such records had been turned over, to understand why this should be the case.
Second, assuming OSTP had copies of all agency records from Holdren’s personal account, it is not clear that these copies would actually be “duplicative.” For example, CEI argued that it sought Holdren’s email in “electronic format” along with any “metadata.” On this theory, copied or forwarded email records on OSTP’s servers may not, in fact, be “duplicative” because they may not include all original metadata. Judge Kessler found this line of argument unpersuasive and held that the metadata in Holdren’s personal email would “not in itself make each email unique as compared to the forwarded reproduction[.]” This conclusion is wrong and sets a dangerous precedent.
Metadata includes various types of information about an electronic document that are not usually visible, but reflect important characteristics concerning the document’s origin, alteration, or usage. It includes “substantive metadata,” such as tracked changes in Microsoft Word; “system metadata,” which is created by a computer system, such as the information contained in a file’s properties; and “embedded metadata,” such as hyperlink details or Excel formulae. See Aguilar v. Immigration & Customs Enf’t, 255 F.R.D. 350, 354–55 (S.D.N.Y. 2008) (discussing different types of metadata).
Numerous state courts have ruled that metadata forms an integral part of an electronic record and is subject to disclosure under state-based Freedom of Information regimes. No federal court has settled the question for the FOIA, but it seems appropriate to adopt a similar default presumption that metadata must be disclosed so long as it forms an integral part of an electronic record and is readily reproducible. A requester should not even need to specifically request integral metadata.
There may not be a one-size-fits-all approach to distinguishing different types of metadata and which form an integral part of a record. The best approach would take into account an agency’s storage practices and the type of electronic records at issue—Does the agency store email in a hard-copy format or electronically? Are electronic copies kept in native or near-native format? What sort of metadata is preserved in those formats? It would also consider an agency’s ability to readily reproduce metadata—Are email records readily releasable as PDF or MSG files? Finally, it would look to whether a requester has specified that he wants an agency to produce (rather than merely search for) records in a form that includes metadata. See, e.g., Citizens for Responsibility & Ethics in Washington v. Department of Education, 905 F. Supp. 2d 161, 171–72 (D.D.C. 2012) (“CREW did not request that DoEd produce its records in electronic format . . . DoEd thus had no obligation to produce the documents in any particular format.”) (internal citation omitted).
This proposed approach under the FOIA is supported by the treatment of metadata in other legal contexts. Under implementing regulations for the Federal Records Act, for example, “electronic record” is defined as “both record content and associated metadata that the agency determines is required to meet agency business needs.” 36 C.F.R. § 1220.18. “Metadata,” in turn, “consists of preserved contextual information describing the history, tracking, and/or management of an electronic document.” Id. When it comes to email records, some metadata can form an integral part of the electronic record. See id. § 1236.22(a). In the civil discovery context, when metadata exists as part of a document’s native format, it should be produced to an opponent. If a party seeks discovery of additional metadata, a court will typically grant it so long as the metadata is reasonably accessible and potentially relevant to the dispute at hand.
From the outset of its case, CEI argued that it sought agency records that were stored on Holdren’s personal email account in an electronic format. Metadata integral to those records (viz., sender, recipient, and “BCC” recipient information, etc.) might not have carried over in toto to the copies on OSTP’s servers. Such information could be instructive, as any litigator or investigative journalist would attest, and might even explain why Holdren was using a personal email account for official government business in the first place. The district court considered OSTP’s “duplicative” email records “functionally equivalent” to the originals on Holdren’s private account. That much is true when considering the visible content of the email. But that’s only half of the story. Metadata lurks beneath, and without the original integral metadata, any copies of Holdren’s email on OSTP’s servers are incomplete and not duplicative.
Ryan Mulvey is counsel at Cause of Action Institute.