California Supreme Court Rules Text Messages Sent on Private Lines are Subject to Open Records Requests

With the unanimous Supreme Court ruling, California joins other states, including Washington and Florida, and the Federal government in issuing a clear statement that all records regarding government business, even private email or text message accounts, are subject to open records laws.

The ruling may have monetary implications for the City of San Jose; the City may be required to pay the plaintiff’s costs and attorneys’ fees. Also, some states have statutes that include personal fines or criminal penalties for egregious violations of public records laws.

In the City of San Jose v. Superior Court of Santa Clara County, the City of San Jose argued that the City should not be required to disclose communications on the personal phones lines or email accounts of government employees or officials. The City also argued that privacy law protected their employees’ personal text messages and email messages from public disclosure.

Consistent with other states rulings, the California Supreme Court ruled that emails and text message communications are not excluded from disclosure under the California Public Records Act when they are on a personal account or device. Rather, the court ruled that it is the content, not the location of a communication, that determines whether an email or text message is a public record. Like San Jose, many other state and local agencies also assume that privacy law protects communications on employee personal phones or accounts. However, the California Supreme Court specifically held that individual privacy rights are not subservient to public records disclosure.

The rule is clear: all agency communications are subject to open records requests (with limited statutory exceptions) regardless of the channel of communication. The ruling is also consistent with California’s very strong public policy favoring the public’s fundamental right of access to information regarding public matters, as set forth in the CPRA.

3 Tips for Compliant Records Requests Programs after The City of San Jose

Without prescribing a specific policy or procedural framework, the Supreme Court in The City of San Jose discussed how agencies may implement policies to ensure all public records can be produced. So, what policies and procedures should an agency use?

  1. Make Sure Your Record Request Policy is Clear.

Many states, along with California, have held that a record is a public record if it is about public business, no matter where it’s located. Agencies need to review and update the definition of ‘public record’ in their policies and procedure documents. The definition should be stated clearly so government employees and officials understand the agency’s disclosure obligations.

In addition, policy and procedure documents need to make it clear that when there is a request for records which may be located within an employee’s or government official’s private account, the individual must perform a good faith search of their accounts or devices for all public records and sign an affidavit attesting to such search. Here’s sample text for California:

Records Subject to Disclosure. Every record made or received by the Department is presumed to be a public record that members of the public may inspect or obtain a copy upon request.

Records made by Department officials or personnel about Department business, whether within the possession of the Department or not, are presumed to be public records.
Only records that are exempt from public disclosure under federal, state and/or local law may be withheld. Examples of records the Department is prohibited from disclosing or may decline to disclose include: [Department to list statutory exemptions].

  1. Train, Communicate, Repeat.

The League of California Cities provides a resource on the CPRA that public entities may use to train employees and officials. To ensure employees and officials understand the CPRA, it is essential that public entities provide initial, in person training for each employee or official and continue to provide training on an annual basis thereafter. Further, cities, states, and agencies must ensure training includes information about which channels of communication are approved for agency business and which are prohibited. Employees and officials must understand that if they choose to use unapproved channels, such as personal text messages or email accounts, then those accounts may become searchable. In the extreme scenario, personal information may be subject to judicial review to determine whether a record is a public or personal record.

A good training program must be supported by an ongoing communication plan. Agencies must build awareness through repeated intra-agency communications. Agencies may send email updates, newsletter articles, create awareness campaigns, or find other venues to make announcements. Repeated reminders will help build a culture of compliance.

Using the records request process is another way to generate awareness and educate employees and officials. With each record request received by the public entity there is an opportunity to educate employees and officials on the CPRA and an individual’s obligations with respect to the CPRA. Agencies should consider including educational statements with records requests notices. Such statements might say:

The purpose of the California Public Records Act is to ensure transparency in government activities. Records under the California Public Records Act include any record about the business of the [Department]. As a public entity, we are required to produce all records which are responsive to the request and which are not excluded under [applicable statute].

This includes records that may be sent through personal accounts or devices. Government personnel are required to perform a good faith search of their personal accounts or devices for communication related to public business.

  1. Require a Good Faith Search + Employee Affidavit.

The California Supreme Court made it clear that the onus is on the city, state, or agency to ensure production of all responsive records. California is not alone. Many other courts have concluded the same. Cities, states, and agencies need to either ensure their employees are not using unapproved communication channels for public business or they need to update their policies to require a good faith search by employees where appropriate. An employee’s good-faith search for public records on his or her personal device can satisfy an agency’s disclosure obligations under the statute in some states (See Nissen v. Pierce County).

After an employee performs a good faith search, the agency should require the employee to submit an affidavit stating they performed a good faith search of all communication channels and provided all records related to public business. It’s important to note the employee should not determine which records are or are not responsive to the public records request. The employee should produce all records that involve the public entity’s business.

Smarsh Can Help

Public records requests can require a great deal of effort on the part of a public agency, especially if the agency doesn’t have technology in place to help dramatically streamline the process. Agencies are usually required to locate, search, redact, and produce responsive records with limited personnel and budget devoted to handling requests.

The Archiving Platform from Smarsh gives government agencies a centralized platform to manage record requests across the entire range of digital communications, including emailsocial mediawebsitesinstant messaging and mobile messaging. Agencies can easily search across all communication channels for responsive content and export the content at the click of a button – making the process faster and more efficient for the agency and ultimately the tax payer.

For more information on text message risks and policies, visit:

Public Sector Guide to Text Message Policy and Retention: 2017 Edition

5 Actions to Take for an Airtight Mobile Use Strategy in Government

3 Ways Text Messaging Exposes Government Organizations to Massive Risk

Share this post!

Get a Quote

Tell us about yourself, and we’ll be in touch right away.

Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing privacy@smarsh.com.

Contact Us

Tell us about yourself, and we’ll be in touch right away.