Last year I noted that former Attorney General Alberto Gonzalez’s use of RNC mail servers to conduct business related to the attorney firings scandal posed a serious threat to our democratic government’s requirement of transparency and access. The problem of using private email accounts to conduct public business reemerged with the discovery that Gov. Sarah Palin was using Yahoo webmail accounts, at a minimum to communicate with one of her appointees to the Governor’s Advisory Board on Alcoholism and Drug Abuse. The compromised accounts are now, apparently, deleted.
Whether or not Gonzalez and Palin violated the law in their use of webmail to conduct business is one question. But there’s also a question of whether the actions of “anonymous” might be seen as vigilante FOIA enforcers. And then there’s the very serious business question of whether Yahoo!, Google, et.al. should and will be on the hook to abide by government and corporate retention laws whenever relevant personnel (whether governors, CIOs, or desk clerks) conduct corporate or government business on those channels. I doubt, for example, that the bits constituting the inbox of gov.palin at yahoo.com are forever gone.
If we are to dampen the use of private communication channels for publicly-relevant business, it seems the best bet is to enlist the help of webmail hosts, who are probably not all that enthusiastic about being legally required to retain messages for years or even decades.
{ 2 } Comments
I myself have run into issues in my job where employees are using personal accounts to transmit company information. As an IT consultant, I manage email servers for several companies. I’ve had CEO’s request email communciations between 2 people, only to find that they were not using company email….they were using Gmail or Yahoo. Some of these emails contain sensitive or confidential data, and utilizing a third-party like Gmail compromises security and integrity. These companies should be required to retain emails just as any other company should.
In most cases its a data storage issue. I agree with the above comment that on the corporate level its more formidable to expect records collection and storage on a certain level, but on a scalable level you run in to not only expensize storage but greater data security compromise. The gov couldn’t obligate that kind of risk to these firms.