Last year the legislature passed and Gavin Newsom signed into law a bill amending the California Public Records Act to allow requesters to copy records at inspection time using their own equipment. The precise language added to the law at §6253(d) is:
(d)(1) A requester who inspects a disclosable record on the premises of the agency has the right to use the requester’s equipment on those premises, without being charged any fees or costs, to photograph or otherwise copy or reproduce the record in a manner that does not require the equipment to make physical contact with the record, unless the means of copy or reproduction would result in either of the following:
(A) Damage to the record.
(B) Unauthorized access to the agency’s computer systems or secured networks by using software, equipment, or any other technology capable of accessing, altering, or compromising the agency’s electronic records.
(2) The agency may impose any reasonable limits on the use of the requester’s equipment that are necessary to protect the safety of the records or to prevent the copying of records from being an unreasonable burden to the orderly function of the agency and its employees. In addition, the agency may impose any limit that is necessary to maintain the integrity of, or ensure the long-term preservation of, historic or high-value records.
And this new requirement took effect on January 1, 2020. Agencies have been all over the place on allowing requesters to photograph paper records at inspection time, but mostly the new language is clear enough that they’re just complying. Even the extraordinarily psychopathically obstructionist Department of Alcoholic Beverage Control conceded with respect to paper records.
But agencies have generally been very reluctant to allow requesters to copy electronic records electronically at inspection time. Which of course shouldn’t matter because in a sane world they’d transfer electronic records via Dropbox or the equivalent and there’d be no need to argue about copying. But a lot of them, just to cause delay and friction, have adopted a theory that the law doesn’t require them to transfer electronic files by any particular method, so they insist, e.g., on burning them to CD and mailing the CDs via postal mail.
When dealing with these folks the question of copying files during an inspection is very important. And when a new law takes effect its meaning isn’t always completely clear. Often some adversarial back-and-forth is required to clarify things. Which of course I was really looking forward to after Newsom signed the law!
I had a pending request with the Downtown Center Business Improvement District, one of the local BIDs whose file-transfer policy involves, along with plenty of other trivial obstructionist tactics, the aforementioned optical disk via US Mail requirement. The responsive records, which you can look at here on Archive.Org if you’d like, included a 2GB video file, which is also available here on YouTube.1 Perfect for a test case!
Steph Bernstein, the DCBID’s Supreme Commander For Some Kind Of Nonsense That I Can’t Be Bothered To Sort Out, emailed me to say that the records were ready and that they were just waiting my permission to burn them to disk and mail them out.2 But instead of agreeing, this time, I emailed back and explained the new rules:
Dear Ms. Bernstein,
Happy new year! And aside from the customary good wishes and stuff, let me remind you all that as of January 1 the CPRA requires local agencies such as your BID to all requesters to make copies of records at inspection time using their own equipment. That’s how I’m going to get copies of this stuff!
Please take until January 17 to discuss (if necessary) the procedure for doing this so that we don’t have to talk about it when I come in to make copies, which will be at a mutually agreeable time during the week of January 20.
Looking forward to the new era!
So she did eventually get back to me, emailing on the 17th of January in her characteristically bland but nevertheless completely crackpot manner with a really loony interpretation of what the new law meant. That I would be allowed to photograph the electronic records on a computer screen rather than make copies:
You are more than welcome to come in and make your own copies of the responsive records, subject to disclosure, at a mutually agreed upon time the week of January 20th. We will provide you with access to a computer with which you may use to inspect the responsive records. You may use your own equipment, such as a mobile phone or camera, to photograph and/or video record the given records.
But, you know, I tracked the legislative history of the bill closely. Without tracing through the details, although it’s interesting to trace through them and you can read all about it here, it’s very clear that this is not what the legislature had in mind. If they only intended to allow requesters to make phone video of a video file or take pictures of a computer screen, they surely could have said that. Instead they provided a detailed description of circumstances under which it was OK to prohibit requesters from copying electronic files. So I explained this all to Bernstein:
Hi Ms. Bernstein,
The law requires your organization to allow me to make copies of records using any means that doesn’t make contact with the records. The computer itself is not, obviously, the records it contains as, the proverb tells us, the map is not the geography. There is no such thing as a means of copying records that makes contact with the records. Therefore the law clearly requires you to allow me to copy the records onto a USB drive or, alternatively, to a remote location via the internet. Please confirm that this is your understanding as well.
Now, not that I think you all are predictable or anything, but I have a feeling you might be planning to respond to this claim by invoking section 6253(d)(1)(B). Such a response will fail. You will note that that exception to the general rule stated in 6253(d)(1) applies only when the means “would result” in the dire consequences listed there. It’s just false to claim that copying records onto a USB drive or over the internet would result in those things. Also note that the legislative history of the bill that added this language to the section makes it very clear that this is the legislature’s intent.
And a few days later3 Bernstein got back to me with yet another typically nonsensical theory:
We have been advised that the use of unknown USB devices and/or unrestricted access to the internet via our computers, leaves our systems open to compromise by computer virus and malware. However, you are more than welcome to use a brand new, sealed, writable disc to copy responsive records. If you prefer, we can supply you with one of the discs you previously provided to us since we know they are unused and free of harmful material. Let us know if any of the times we previously offered work for you to come into the office or if you would like us to propose some additional times.
Now, it’s true I suppose that computer viruses are spread via USB drives and maybe via CDs as well. But nevertheless, the law is clear that agencies can forbid requesters from copying files under very specific circumstances, and idle speculation about what might happen doesn’t cut it, as I explained to Bernstein in response:
Hi Ms. Bernstein,
I have no doubt that you’ve been advised of all kinds of things, but the law requires you to allow me to use my own equipment to copy records unless the means of copying WOULD result in damage to records or unauthorized access to computer systems.
Note that “would” doesn’t mean “might according to some random advice”. “Would” doesn’t mean “conceivably” or “in some possible world.” Also, given that every time I’ve inspected electronic records in person at your BID you’ve given me a computer that’s completely isolated from all other computers, it’s not possible for any means of copying to allow any kind of access to your computer systems. And given that you’ve loaded copies of the records on this isolated computer rather than the original records it’s not possible for any means of copying to damage records.
And furthermore, if your advisor is telling you the whole story you’ll have been advised that giving anyone physical access to a computer is much riskier than allowing people to insert a USB drive into it, and yet you agree that the law requires that much. The fact that you allow more risky activity which doesn’t facilitate copying and forbid less risky behavior that does facilitate copying supports the obvious conclusion that your goal is to make copying difficult rather than to protect the integrity of the BID’s computer systems. This is against the law as well.
So please reconsider your stance on this. It’s clear that the new law requires the BID to allow copying by USB drive if the BID allows inspectors physical access to a computer. Alternatively I believe it would suffice for you to put the records on a USB drive and allow me to inspect them using my own computer, which I am perfectly happy to do. As I said, the legislative history of the new law makes it clear that the legislature did not intend to restrict copying of electronic records to photography.
Perhaps it will take litigation to establish this beyond the capability of even the most obstructionist agency to deny it, but that’s often the way with new laws. And if that’s what it takes, I suppose that’s what it will take. Please let me know your final decision by Wednesday, January 29.
And what do you know? They caved!
If you prefer to inspect and copy the records using your own computer we will happily provide the records to you on a USB drive that you may use during your mutually agreed upon visit.
If you would like to inspect the records using a DCBID computer, you may use a brand new sealed writable disc or one that you have previously provided to us to make a copy of the records during your mutually agreed upon visit.
And that is how I found myself Downtown at good old 600 Wilshire this morning, making copies from the BID’s USB drive and also watching a video of a deeply disgruntled former BID employee being deposed by the BID’s shady lawyers as part of a lawsuit he’d brought against them! The story of that visit is here on Twitter if you’re interested.
And the moral, I guess, is multi-part. First, pushing back sometimes works. Second, it probably only works after having successfully sued many, many agencies. It’s tragic that it takes a record of litigation to convince agencies to comply with one’s requests but that’s the state of the law right now. And that, friends, is my story!
- This material is independently interesting, and I will write about its actual content in the reasonably near future.
- Note that we had to negotiate this bit about them waiting for me to tell them to burn and mail since otherwise they’d happily waste all my disks and stamped envelopes mailing me 35K files one at a time. Yes, it’s true, they will not attach anything to an email if it’s in response to a CPRA request!
- And probably another few hundred dollars to some lawyer or another, for, sadly, these people would rather blow tens of thousands of dollars paying lawyers to come up with plausible ways for them to violate the CPRA than to just comply with the law in the first place and thereby not waste the public money that funds their operations.