Washington, D.C. – Cause of Action Institute (“CoA Institute”) wrote yesterday to the Environmental Protection Agency (“EPA”) Office of Inspector General (“OIG”) to request an investigation into the unauthorized use of electronic messaging and web-based email applications on agency-furnished and taxpayer-funded mobile devices, including iPhones and iPads. CoA Institute’s request follows the recent release under the Freedom of Information Act (“FOIA”) of a contractor-generated report that proves EPA employees installed at least sixteen different messaging applications, including Facebook Messenger and Google Hangouts, in contravention of official agency policy. EPA employees also installed personal email programs, such as AOL and Yahoo Mail, on their government phones. The OIG previously examined the use of two other encrypted messaging applications, “Signal” and “WhatsApp,” after CoA Institute opened its own investigation into allegations concerning the possible avoidance of records management laws.
Cause of Action Institute Counsel Ryan Mulvey: “The newest details concerning the range of applications that EPA employees installed on their taxpayer-funded phones and tablets raise serious concerns. Beyond the fact that many of these applications should never have been found on a government phone because of their personal nature, the presence of sixteen different electronic messaging applications raises doubts about the EPA’s compliance with record preservation rules. All work-related communications created or received on a personal email account, or an electronic messaging program like Facebook Messenger, should have been preserved for disclosure to the public. The EPA Inspector General must examine this matter and consider what steps the agency should take to rectify any deficiencies in meeting its record preservation obligations.”
Shortly after President Trump took office, Politico reported that a small group of EPA employees were using an encrypted messaging application, called “Signal,” to discuss ways to prevent incoming political appointees from implementing the new Administration’s policy agenda. CoA Institute opened an investigation and, over the past year, has slowly pieced together details about the Signal scandal.
In response to its first FOIA lawsuit, the EPA acknowledged that there was an “open law enforcement” investigation. Then, records released to CoA Institute revealed how an EPA contractor “scanned” most agency-furnished devices for the different applications that had been installed by employees. That scan, which was requested “orally” by the OIG, was conducted with a software tool known as “Mobile Device Management,” or “MDM.” As part CoA Institute’s second FOIA lawsuit, the EPA disclosed the contractor-generated report, as well as other documents. A summary of the report, which consists of a list running ninety-six pages long, identifies all of the applications installed on most agency-furnished devices.
In addition to Signal and WhatsApp, at least another sixteen applications with electronic messaging capabilities were used by EPA employees, along with three email programs. To the extent the OIG was unaware of these other messaging applications, further inquiries are necessary, as the use of these applications raise issues relating to federal records management. Moreover, although the OIG has reported that the EPA disabled the ability of many iPhone and iPad users to download the “Apple Store app,” and thus to install unauthorized applications, it is unknown whether all unapproved messaging applications have been deleted or, alternatively, whether adequate procedures have been put in place so that the EPA can meet its recordkeeping obligations.
CoA Institute’s April 11, 2018 letter to the EPA Inspector General is available HERE.
For information regarding this press release, please contact Nichole Wilson: Nichole.wilson@causeofaction.org
