The newsletter of the ISBA’s Standing Committee on Government Lawyers
To delete or not to delete: State Records Act implications for integrated justice systems
Criminal justice agencies’ reliance on electronic records management systems has drastically reduced the amount of paper-based data maintained by the justice system. Because agencies are being encouraged to enhance the electronic collection, analysis, and storage of justice information, and because there is a great deal of public accountability in the administration of justice, it is important to assess how Illinois’ State Records Act2 and Local Records Act3(“Records Acts”) may impact the development and operation of these new information systems throughout the state. The purpose of this article is to raise awareness of these issues, which have not yet been subject to significant enforcement efforts or legal review. The following discussion is focused on how the Records Acts might apply to data that is in a state administered data warehouse. To address these concerns, this article concludes that: (1) participating agencies should enter into memoranda of understanding with system administrators; and (2) State and Local Records Commissions as well as the General Assembly should examine these issues in light of advancing information technologies.
The Records Acts establish a comprehensive scheme for agency internal records retention. One element of this scheme is an administrative process for regulating and enforcing records disposal standards. Specifically, the Acts require an agency to obtain the approval of the appropriate records commission before it may dispose of a record. A “record” is broadly defined in the State Records Act as “all books, papers, digitized electronic material, maps, photographs, databases, or other official documentary materials, regardless of physical form or characteristics, made, produced, executed or received by any agency in the State in pursuance of state law or in connection with the transaction of public business and preserved or appropriate for preservation by that agency or its successor as evidence of the organization, function, policies, decisions, procedures, operations, or other activities of the State or of the State Government, or because of the informational data contained therein * * *.”4 The definition of “record ” in the Local Records Act5 parallels that found in the State Records Act. The following discussion is focused on how the Records Acts might apply to local data that is submitted to a state administered data warehouse.
Although there are several different types of integrated justice information systems, a common approach being pursued on both the federal and state levels is the development of a centralized data warehouse. These systems enhance the sharing of information by aggregating local agency information and making it accessible across jurisdictions. In the criminal justice context, integrated information systems frequently contain data from the records management systems of local participating agencies. Because timely, accurate, and current information is necessary for the effective investigation of all types of crimes, it is necessary to ensure that data contained in a centralized data warehouse is up to date. To do this, some data warehouses take periodic “snapshots” of local agency data systems. These snapshots include any new information gathered by the local agency since the last update, but will also reflect any changes or deletions. Data warehouses are designed to reflect whatever data is contained in the source systems and historical data will be overwritten with each subsequent snapshot. A threshold issue that system administrators and their legal counsel must confront is whether the overwritten data is a record under the Records Acts.
Resolving this issue is significant to ensuring that the data warehouse is administered in compliance with the State Records Act. It also may become necessary or desirable to re-create, at a later date, the results of a previous inquiry to the data warehouse. This can be important when determining whether investigative leads have been exhausted. For example, a search result for information concerning Winston Smith on December 1, 2006, may contain different information than a subsequent inquiry about Winston Smith on January 1, 2008. In the interim, Smith could have had a record expunged or conversely could have committed additional criminal acts that might lead investigators to consider him a suspect. This issue of whether it is sound policy to retain historic snapshots is outside the scope of this article. The focus of this discussion is whether the snapshot is a record under the Records Acts that can only be overwritten with approval from the State Records Commission.
A cursory examination of the Records Acts suggests to some that the snapshot constitutes digitized electronic material and arguably falls under the definition of a record. If this is the case, then each individual snapshot could not lawfully be destroyed without proper authorization from the appropriate records commission.
A more in-depth review of the statutes, however, reveals that if the data is either: (1) not appropriate for preservation by that agency; or (2) merely an extra copy created for convenience of reference, it is considered “non-record material” and may be destroyed at the agency’s discretion. The first category of non-record material, the appropriateness of preservation, requires a review of the snapshot’s characteristics and how the preservation furthers or hinders the purposes of the centralized data warehouse.
The data warehouse’s purpose is to make more convenient the sharing of local and state police incident information and to identify cross-jurisdictional crime trends and series. This role requires that a centralized data warehouse contain current data rather than outdated copies of data in order to effectively investigate crimes. Redundantly preserving the vast amount of data contained in obsolete snapshots may undermine the goals of a centralized data warehouse by slowing down system operations; returning outdated information in response to a query; and utilizing storage space that could otherwise be used to house more valuable information. The comprehensive administrative scheme created by the Records Acts suggests that this determination is a decision for the Records Commissions rather than the administering agency.
The second category of non-record material, extra copies created for convenience of reference, may be the most appropriate classification of a snapshot. The source systems, which send copies of data to the centralized data warehouse, will preserve the original data in accordance with retention policies that are established to comply with the Records Acts. The centralized data warehouse is a data-sharing tool that assists investigators by providing ready access to police reports from across the state. It functions through the storage and use of copied source information. This interaction between the data warehouse and the source systems supports the proposition that the snapshots are merely extra copies maintained for convenience of reference and may be destroyed at the administering agency’s discretion.
As this area has not yet been subject to significant enforcement efforts or legal review, there is little precedent upon which to rely in making decisions and formulating policy and procedure. There is no court case or administrative hearing in which a party has challenged whether a snapshot of a source system meets the Records Acts’ definitions of a record. Further, the addition of “digitized electronic material” and “databases” to the definition of a state record is a recent one.6 The time is ripe for either the General Assembly or the Records Commissions to more directly address the retention and preservation of electronic information. Specifically: (1) the Records Commissions could publish the guidance they utilize when determining to preserve electronic materials; (2) the General Assembly might consider narrowing the scope of the terms “database” or “digitized electronic information”; or (3) both entities might clarify those types of electronic data that are considered to be copies maintained for convenience of reference.
We will next discuss the interplay that occurs between state and local agencies and their joint control of electronic information. The State Records Act currently addresses the issue of destruction where a local record becomes a state record; i.e., it cannot be destroyed without the permission of the State Records Commission. More uncertainty is involved where the state may deny a local agency’s request to destroy non-record material. For example, a local law enforcement agency has participated in the state centralized data warehouse for five years. Due to budget constraints or a change in leadership, the local agency has decided to withdraw its participation and requests that all data that it had previously submitted to the centralized data warehouse be deleted from the warehouse’s records management system. Must the warehouse administrator comply, or have the local records become state records, thereby requiring approval from the State Records Commission prior to destruction?
Losing control over its information may be a powerful disincentive to local agencies considering whether to participate in a state system designed to share police incident report information. Some steps can be taken to reduce the uncertainty surrounding the retention and destruction of justice information. Until such time as the Records Acts are amended to address these advancing information technologies, agencies should enter into memoranda of understanding that address these issues. The memoranda should set forth the basic principles and guidelines that agencies will abide by when working together to achieve a common goal. Such memoranda typically address, among other issues, costs associated with participation and how agencies will resolve unanticipated disputes. In order to ensure that the parties’ control over the information in an integrated justice system is clearly expressed, the memoranda should also include a provision that copies of local records submitted to a centralized data warehouse are considered non-record material under the control of the system administrator.