By Heidi Hiatt
In 2006, King County, Washington Councilmember Reagan Dunn was roundly panned for drawing attention to an issue with county records that were accessible to anyone via the Internet. His constituents’ social security numbers and signatures were displayed on many documents that were considered public record.
Obviously such information could be misused for identity theft or forgery purposes, so he was right to point this out. But he was criticized for increasing the risk of such crimes by doing so. This article may be similarly criticized, but this is about what your government is doing with your personal information, and to fix it, the public needs to be fully aware of what’s happening.
For more than eight years, I worked in the Records Division of a suburban police department. Records Specialists must master a wide range of time-sensitive duties, and some of us find our niche among those. I found that I was able to indulge my passion for the law by handling public records requests. It was challenging and required a lot of networking, research, and public relations skills. I took great pride in responding to these requests efficiently and by the book. I loved talking to and assisting crime victims, making sure that their personal information stayed safe.
In time, however, I realized that there was a tremendous disconnect between what the law said and what was actually happening statewide. I knew a lot of people at other departments with similar frustrations, and created an informal email network so that we could help each other do our jobs right. About 130 people from 70 agencies were on that list when I left in 2007, including a few administrators and a police chief. Some of those people remain close friends and confidantes, and to date it seems that many of the frustrations we addressed then remain unresolved.
Many of these people experienced what I had. We were trained to do a job one way, by veterans with formidable legal know-how and experienced peers. But we wound up being required to deviate from our state’s Public Records Act and case law to satisfy those who threatened our agencies with lawsuits. People like me also learned that attorneys and the media could be given access to just about anything by management regardless of what the public records laws said. We Records personnel were doing things by the book while watching department policies and state laws become meaningless as some parties received preferential treatment.
The most glaring example of the trampling of public records law happened after a Washington State case went to the U.S. Supreme Court in 2003. This had to do with a request for all traffic accident reports at a certain intersection, presumably to ascertain the safety of that location. Until this point, traffic accident reports were considered confidential under state law and only released to involved parties, mainly drivers, vehicle owners, attorneys, and insurance companies.
When this case reached the Supreme Court, they ruled that the requestor could obtain these reports through discovery. But our state Attorney General’s Office issued an opinion that was interpreted to mean that traffic accident reports were now open to the public via the Public Records Act, which is different than discovery. Armed with this information, an enterprising attorney representing himself as a publishing company (media) began to submit blanket requests to police departments for all traffic accident reports within a certain time period.
Three times I told him no, which is what I was trained to do and what the law said. The front page of traffic accident reports contains names, addresses, phone numbers, medical information, information on children, birthdates, vehicle information, insurance policy information, and driver’s license numbers.
Supposedly driver and vehicle registrations are confidential and not disclosable under federal and state law, law that has been clearly upheld in the courts. You don’t just run names and plates for private citizens, but right now they’re getting the same things from police reports and Dispatch call notes.
When I’ve questioned why this information hasn’t been redacted from traffic accident reports, I’ve been told that the person getting the report isn’t obtaining the information from the Department of Licensing, but from the report. That’s like saying my Cuban cigars come from New Jersey because they go through a warehouse in Hoboken on their way to Seattle. But what do I know. I don’t even smoke.
Working in law enforcement, I was well aware of how that information could be misused and sold, and my agency had trained me not to disclose such information except to people with a legitimate interest. Legal counsel at many agencies across the state decided to allow this attorney to get what he wanted based on the Attorney General’s opinion. While once we were all on the same page, everybody started doing something different to satisfy the bully tactics, an unfortunate manifestation of the Harry Truman quote, “if you can’t convince them, confuse them.”
Having to fulfill such blanket requests, which were ongoing and designed to gain access to all traffic accident report records all of the time, forced us Records personnel to put off regular records requests and make citizens stand in line. Records personnel at many departments, myself included, were not only having to spend hours and hours satisfying these requests, but the requestor obtained the reports for free, unlike regular people. If we failed to respond within the time period allotted by state law, these requestors could sue and make $5 to $100 a day we “delayed,” just like inmates who bombard agencies with requests designed to make money do.
Traditionally my agency had charged a flat fee per statute for these reports; others charged a per page fee. But this attorney sent his employees into our agencies’ lobbies with scanning equipment so they could scan in the front page of these traffic accident reports—using publicly funded facilities and utilities. We also had to deal with relentless angry phone calls from this attorney, who constantly threatened to sue if he didn’t get what he wanted.
Along with others, I pointed out that this issue was a question of law, and if this guy challenged us in court, I believed he’d lose. He was also selling the information he was obtaining from these reports for profit, a reality emphasized when one of our own employees received a mailed solicitation from a chiropractor after being involved in a traffic accident a block from work.
It should be noted that this attorney/”publisher” had been stopped from doing this in several other states, including by direct order of the governor in one. I took this concern to our state capitol and testified before a legislative committee to tell them of the problems and dangers this was creating. I was grateful for the legislators who took me seriously, but it wasn’t enough. By that time “open government” had come to mean that citizens’ information contained within those records was transparent along with the conduct of government. The original intent of our state’s public records law had been lost.
In the past ten years, the open government/open records movement has gained momentum and has helped open the actions of government up to we the people. Some of the people leading the charge are friends, and I respect what they’re trying to do. I’ve spent nearly a dozen years in government and at times have been floored by what I’ve seen managers get away with—theft, domestic violence, and worse. One of my least favorite aspects of public service is seeing taxpayer dollars go towards the accommodation of managers’ mistresses. (For those who work in public service and have tried to right these wrongs, you’re all too familiar with the phrase “it can’t be proven.”)
So I see the need for transparency and to prevent administrators from hiding behind their agencies’ honors and credentials. But this should not be done at the expense of people’s personal information. This is what I feel that lawmakers and open government proponents do not understand—they are operating in the realm of theory. Police records operate in the realm of reality. Tightening or loosening the rules on public records may have little effect on what actually happens. Creating new policies or conducting training across the state will not change the practices of the attorneys and police administrators who do whatever they want.
If readers gain one takeaway from this lengthy article, I hope it is that what the manual says and what the workers do, in this area, can be two radically different things. From my worker bee perspective, augmented by a formal education in criminal justice and forensic psychology, I see four levels of police records reality, not one. I want our state’s Sunshine Committee to be aware of this as well as the taxpayers who are paying for these services.
At the bottom we have the hard-working Records Specialists who may or may not be trained in public records law. They do what they’re trained to do and have great empathy for the people they serve, crime victims in particular. It can be very frustrating for them to have to adjust to the whims of administration and politics when that contradicts their training or the law or seems unethical. If you want to keep your job though, you generally go with the flow.
Unions, civil service commissions, and whistleblower policies don’t do much, if anything, to help you when your job’s been threatened for not being flexible. People can bully you in ways that don’t meet the legal definition of harassment and make it look like you’re being difficult or insubordinate. I’ve been there. My standing up to the unbridled disclosure of crime victims’ information was blamed on me pushing my own agenda because of my domestic violence experiences. No, it’s what the law said, it’s what they had me trained to do, and I did my job that way long before I had to fight my own battles. In my case there were other circumstances at play as well, but it’s an example of how hard it is to effect change.
Above the Records Specialists we have supervisors who may or may not be trained in public records law. Supervisors may be hired without any police records training or a law enforcement background. This can work against the integrity of sound records policies because decisions can become discretionary rather than fact-based or law-based. A supervisor without proper training also leaves no line of defense between administration and the Records Specialists to explain why they adhere to traditional procedures. A lack of expertise on the subject works against any positive change.
Law enforcement administrators may be proactive and brilliant with public records law or they may know almost nothing about it. I’ve known administrators, including police chiefs, who stay involved with and up to date on the latest developments in records practices and case law. In an effort to help my agency’s officers have a functional knowledge of records laws, I taught in-service classes to familiarize them with current statutes and practices. I don’t know if administrators have such a thing, but it would be helpful if the International Association of Chiefs of Police or FBI Academy took a greater interest in this issue.
The fourth level of public records reality involves the attorneys of various state and local agencies. I have learned a lot from this sector and admire those who can maintain the balance between the public’s right to know and people’s private information. Like the other levels I’ve mentioned, this can be a thankless job with long hours that is constantly dealing with upset or angry people. This can also be the level of police records reality with the most power. It is per this level’s advice that the Tower of Babel effect took hold in regard to traffic accident reports, with agencies issuing a wide range of responses to blanket, for-profit requests instead of staying on the same page. On that note, I believe this level may also have the most power to influence a remedy.
I’d like to delve into some specifics of public records law that desperately need to be addressed by lawmakers, agencies’ attorneys, and administrators. We need to unify instead of jeopardizing our agencies’ credibility and integrity—as well as our public’s safety and security—by continuing to allow the disclosure of police records to be discretionary. What readers know as redactions have become largely a myth. I have often heard proponents of open government/open records say, “there’s no danger to people by releasing police reports. You just redact any sensitive information.”
Wrong. For decades, police departments did redact information that could be considered private or sensitive. Some still do. But what has happened in the wake of the blanket traffic accident report requests is that things that may used to have been considered private—a sexual assault victim’s name, a domestic violence victim’s current address, a driver’s license number, nonconviction arrest records, and so on—are now considered public.
One rationale I have heard for this is, “it’s all available on the Internet anyway.” When this was said to me once, I replied, “fine, let them go to the Internet then.” Additionally, how does such information find its way to the Internet? How have stalkers been able to find everything they’d ever want to know about their targets by Googling them and instantly finding a number of sites with detailed profiles? Government records. Our open records laws sustain multibillion dollar private companies who glean information from public records and sell it. Is this really the purpose of open government? Should taxpayer funded public agencies be used to make money for private entities? Do we just accept that this is how it is, or do we do something about it?
Supposedly victims, complainants, and witnesses can request “nondisclosure.” I used to think that this meant their statements and personal information wouldn’t be disclosed. At minimum, it would seem that their names, addresses, dates of birth, and medical information wouldn’t be released. But the statute that allows for the vague concept of “nondisclosure” has become another perhaps unintended consequence of threats to sue and the open government movement. Even agencies that do respect the right to request nondisclosure may not have a way to guarantee it. Some check a box on the officer’s report, but will the data entry personnel or employee in charge of disclosure see that? The handling of nondisclosure varies whether or not a guarantee exists at all.
Do not assume that your personal information is treated as private. The current definition of “private” in this state, that something has to be “highly offensive to a reasonable individual” and “not of legitimate public interest,” is largely meaningless. Just how offended does a person have to get? Whose measuring stick are we using? In some cases, the only way a regular citizen has to protect their personal information is to take action in court—on their own dime—to block the release of records. That’s if they are notified of a pending release at all. Does this not seem utterly backwards to put the legal and financial burden on the victim, witness, or complainant?
The modern way in which victims, witnesses, and complainants are treated blurs the distinction between them and the suspects. It can allow them to be victimized a second time. The suspect in a case may be able to walk into a police department, make a public records request, and a few days later have your address, the names of your children, and copies of anything you said. So can the media. So can your neighbor. So can your ex-wife. Is the victim notified of this disclosure? Rarely. Some victim advocates stay on top of this, but they don’t work in records either.
There’s nothing in the law that says victims have to be notified. I acknowledge that suspects and their attorneys may obtain copies of everything through discovery with the prosecutor’s office, and court records are very open. But our public records practices have reached a new level of irrationality when anyone has access to anything through the Public Records Act. It was supposed to function differently than the other two ways of obtaining records.
When I wrote an article on records disclosure for my municipality’s magazine ten years ago, there were 40 categories of records exempt from disclosure in the Public Records Act. Nowadays, I don’t know what’s considered private or is actually protected. That can vary from agency to agency since there is no higher power ensuring compliance to a meaningful level. This goes back to my premise that information may be protected in theory when it’s released in fact.
There is one exemption in Washington State’s Public Records Act that is wisely crafted and often implemented. I went to Olympia to testify in favor of it and was happy to see it become law. The addresses, phone numbers, birthdates, and other personal information of public employees is exempt from disclosure. This happened after a vengeful convicted criminal was abusing police officers’ personal information to the point that he was harassing and endangering their family members, even their small children.
Making such information exempt was the right decision. I had been married to a cop and was a civilian law enforcement employee myself. I had heard horror stories from other police employees that underscored the need for this information to be protected (regardless of what is found on the Internet—the government should care even if the Internet doesn’t). But it’s always bothered me that we chose to protect public employees’ information while not extending the same protections to private citizens, especially crime victims. I was told that because the law does not say “address,” “phone number,” et cetera in regard to regular citizens like it does for public employees, that information was subject to disclosure.
Records storage is another area that needs to be addressed by policymakers. Some agencies do a good job of letting just a few authorized personnel have access to police records. Other places, it can be a fre-for-all. Technology has done a lot of inadvertent damage in this area and our laws have yet to catch up to it. For example, police reports used to be handwritten or typed, then put in a case file and filed away in a locked room. Now most reports are typed directly into computers (their narratives, at least), and anyone with access to a department computer, employee, volunteer, or otherwise, may be able to modify or print the report. Security has gone out the window.
The same is true of digital photos. When agencies transitioned from logging developed photos and negatives into their property/evidence division to taking digital photos, there may not have been protocols established for their storage. In some cases, photos were downloaded onto a common drive and left there. As with computerized reports, this meant that anyone with access to a department computer could view and print them. Most people have the integrity not to abuse that information, but not everyone does. Nude photos of a deceased governor were circulated at a party not that long ago.
The issues surrounding digital photos became disturbingly clear to me one day when I went onto a computer to fulfill a public records request. I saw a number of photos of a domestic violence victim who had sustained multiple injuries. In some of the photos, she had to reveal her buttocks to show the trauma. I felt like puking. What if that were me? I wouldn’t want revealing photos of my body placed on a computer drive where hundreds of different people could look at them. I’d want them treated as evidence, as something sensitive and personal.
This also struck me when I saw pictures of an unclothed dead man (and heard “dead people have no privacy rights”—how about his family?) I know that the officers downloading this information meant no harm; administration just hadn’t ensured a better way of doing things at that point. These photos weren’t treated like evidence anymore.
Here’s the most disturbing part. If we no longer consider personal information as private, cave in to lawsuit threats, and store information in a way that too many people have access to it, pray tell what is preventing photos like these from public disclosure? What statute or piece of case law are we standing on if we deny a request for a victim’s address or photos of their sexual assault? I don’t know. I don’t know what sliver of law is left that will protect the very people the criminal justice system exists to defend.
When Washington State’s Public Disclosure Act (now Public Records Act) was created in 1972, it recognized that you can have transparency and accountability in government without misusing people’s personal information or jeopardizing crime victims’ safety. Its language made that distinction. Public records laws were created to focus on the conduct of government, not the conduct of individuals and intimate details of their lives.
We must maintain that distinction. It has gotten lost in the whirlwind of the open government/open records movement and unchecked police administrative powers. So many people assume that individuals are protected when they are not. Personal information is being sold and whatever right to privacy individuals have has been largely abandoned. If we can spell out what of public employees’ information should be exempt from public disclosure, then we can do it for everyone else.
Ultimately, we have to ask the same question the Romans did—qui bono? Who benefits? Do the Records personnel who try to juggle the various philosophies on the subject? No. There can be a high cost for standing up to your bosses when you’re trying to do things by the book or standing up for the victims. Do the citizens? No. There are only risks and dangers associated with the reckless dissemination of identifying and sensitive information.
The people who can benefit from the questionable practices that have overtaken police records are those who can use such information to gain cooperation and mutual aid from entities like the media, or private companies who make money off of the taxpayers. Let’s not forget that terrorists can benefit from identity theft.
Critics of my stance may ask when the last time identity theft was committed straight out of government records, but it may not occur until another stage of its disclosure. It is disheartening to know that this is one of these issues on which policymakers might not act until someone is hurt or killed as a direct result of the government’s actions.
Finally, I’d like to add a word of caution. Many government employees are hard-working people who assist frustrated citizens all day long. It is a minority who make policy decisions and exercise discretion in this realm. Please do not go to your local records division and treat them as if they’re responsible for any problems. Identify and write to the policymakers instead, in a civil and respectful manner.
In my experience, the women and men who work in police records are a compassionate and intelligent group of people who have tried their best to rectify any problems. While this article was written to protect the personal information of citizens first and foremost, a category we all fall into, I also want to acknowledge the contributions and sacrifices records people have made to this area.
Epictetus said that to live a life of virtue, you have to become consistent, even when it isn’t convenient, comfortable, or easy. God knows that trying to protect our fellow citizens in this way hasn’t been convenient, comfortable, or easy. For some, there has been a heavy cost, but we can use those injustices to prevent costs to others as well.
This work isn’t done. It’s just beginning. And we need to involve everyone, from Records Specialists to governors to stop the runaway train that police records law (or lack thereof) has become.
No comments:
Post a Comment
Thank you for your comment. It will be added shortly.