September 2006Volume 8Number 1PDF icon PDF version (for best printing)

The impact of FOIA on an integrated justice information system

The trend in criminal justice is to improve the sharing of information among law enforcement entities. The paper-based collection and storage of information have become a computer-based system. Because electronic information is easier to share, and because there is a great deal of public accountability in the administration of justice, it is important to assess how the State’s Freedom of Information Act (FOIA)2 may impact the development and operation of these new information systems throughout Illinois. 

The following discussion reveals that, although the Illinois FOIA serves a vital role in the oversight of government, it might reduce agencies’ willingness to electronically share information across jurisdictions. To address these concerns, this article suggests that agencies should enter into memoranda of understanding and that the General Assembly should examine these FOIA issues in light of advancing information technologies. 

Before we discuss FOIA’s impact on these systems, it is important to understand the concept of an integrated justice information system. Integrated justice information systems come in several forms and achieve different goals. One type of integrated justice system enhances the sharing of information by aggregating local agency information and making it more widely available across jurisdictions. These systems electronically connect police agencies with other police agencies and Illinois circuit clerks’ offices with court clerks’ offices from other jurisdictions; they are based on the premise that enhancing the amount of information available to justice practitioners promotes sound decision-making. Sharing information across jurisdictions is very different from simply improving the workflow of information within a single jurisdiction, and is made easier with the advent of improved computer technologies. Although the FOIA issues discussed could apply to similarly integrated information systems throughout government, this article will focus on integrated justice information systems.

Systems that improve the sharing of police incident information across jurisdictions typically combine data from the records management systems of participating law enforcement agencies and allow officers to “query” these reports to identify crime trends, connect suspects to multiple crimes, and gain insights into an individual’s criminal past that may not be available from the State’s official criminal history repository. Sharing police incident information can also generate investigative leads by revealing associations that may not otherwise be apparent. For instance, if the same vehicle is seen near warehouse fires that took place in three different cities, officers might reasonably suspect the car’s owner of arson and take steps to interview him. 

Police agencies, however, may be reluctant to participate in integrated justice information systems of this nature because any department that receives or uses its electronic incident report data may be required to provide that information to the public under FOIA.3 Unless a police incident report falls under an enumerated exemption, the Illinois FOIA requires that it be opened for inspection and copying.4 The fact that a report falls under an exemption, however, is not solely determinative of whether the information will eventually be released.

First, an agency may exercise its discretion and release information even though it falls under an exemption.5 Second, one agency may decide that none of the FOIA exemptions apply (and that disclosure is therefore mandatory) but the submitting department may contend that it would withhold the information under an exemption. Under Illinois law, one agency cannot rely on the FOIA exemptions of another agency. This lack of control over the potential public disclosure of police incident report data may dissuade agencies from sharing their information in the timely, efficient, and useful manner made possible by systems integration technologies. Fortunately, some of these concerns can be addressed through technological and policy measures. 

From a technological perspective, FOIA will impact integrated justice information systems differently depending upon how they are structured. An incident data sharing system of this type can be designed as a distributed system or a centralized repository. In a distributed system, data is retained by the local agencies themselves and made available for querying by outside agencies through a middleware server application. This means that the majority of the information never leaves a local agency’s records management system and remains under that agency’s control for FOIA purposes.6 On the other hand, a centralized data warehouse maintains a copy of these local agency records and must be updated periodically to ensure that the data is current. One way to update a system is to take periodic snapshots of the local agency’s record management system (RMS) that overwrites the previous data. Regardless of how the centralized data warehouse is updated, these information technologies pose FOIA challenges for local agencies that want to retain substantial control over their records. 

Because the national trend in these types of systems is to develop a data warehouse application, this article will focus on centralized data warehouse systems.7 Specifically, we will discuss the interplay that occurs when the administrator of a centralized data warehouse receives a FOIA request for data contributed by local participating agencies. It is imperative that all agencies involved in an integrated justice information system understand how FOIA will affect the amount of control they have over the information contained in the data warehouse. The following hypothetical should contribute to this understanding.

Hypothetical: Amity County operates an integrated justice information system entitled AARDVARC.8 Bedrock City is a local participating agency in this system. Bedrock City Police Officer Jones arrests John Doe on May 16, 1999, for burglary of Jane Roe’s house. This data, along with all other Bedrock City incident data, is entered into the data warehouse when the next snapshot of its RMS is taken. Bedrock City, adhering to the Local Records Act, has a seven-year retention policy for its burglary incident data.

In January 2006, Amity County Sheriff’s Deputy Smith investigated Jane Roe for insurance fraud. The May 16, 1999, report regarding the burglary of her home was among the responses to Deputy Smith’s data warehouse inquiry. On May 16, 2006, the original burglary report is deleted from Bedrock City’s RMS, consistent with its seven-year retention policy. On the following day, a snapshot is taken of the Bedrock City RMS, which no longer contains Roe’s burglary report. The updated snapshot information overwrites the previous day’s snapshot information and the burglary report is essentially deleted from the data warehouse. Amity County receives a FOIA request from a journalist for information concerning any home burglaries occurring in Illinois within the last ten years. Three scenarios can arise in the context of an integrated justice information system:

Scenario A. The FOIA request is received on May 15, 2006, before the data was removed from AARDVARC. Amity County denies the request although AARDVARC has the data in its warehouse. Amity County refers the journalist to Bedrock City. 

Amity County’s referral to Bedrock City is essentially a denial of the FOIA request. Once a FOIA request has been made to an agency, that agency’s referral to a different agency regarding disclosure does not divest the original agency of responsibility to respond to the FOIA request.9In referring this request to Bedrock City, Amity County may be subject to liability under FOIA.10

Scenario B. The FOIA request is received on May 17, 2006, after the data has been removed from AARDVARC. Amity County denies this request with respect to the 1999 burglary of Roe’s house as it no longer has the data—it was erased from the Bedrock City RMS, and subsequently AARDVARC, the previous day.

Amity County may properly deny this FOIA request. FOIA only applies to records in the possession or control of an agency at the time of the request.11 An agency does not have to create a record that doesn’t exist in order to respond to FOIA requests.12 In this scenario, Amity County’s denial of the FOIA request would not be a violation of FOIA.13

Scenario C. The journalist sends the FOIA request to both Bedrock City and Amity County. Amity County possesses the data and consents to disclosure, although the data falls under a FOIA exemption.14 Bedrock City raises an exemption and refuses to disclose the data. Bedrock City also instructs Amity County not to disclose the data as it has a substantial interest in keeping this information confidential.

The authority of an agency to disclose third-party documents in its possession that might be subject to an exemption under FOIA is called a “reverse FOIA action.” There is limited case law on this specific issue because criminal justice agencies traditionally raise an exemption where one exists.

The only case that closely resembles this scenario is Twin-Cities Broadcasting Corp v. Reynard,15 where the court allowed the submitting agency to exercise control over disclosure of its data despite a FOIA request to a third party. In that case, the state’s attorney obtained minutes and transcripts of a university board’s closed meeting during the course of a criminal investigation. Upon receipt of the FOIA request, the state’s attorney made no claim that any statutory exemption to disclosure pertained to them. The board, however, contended that it had an interest in keeping the documents confidential under the personal privacy exemption. The court found that, because the board had a substantial interest in the subject matter of the request, it was entitled to assert an exemption if one exists, despite the state’s attorney’s refusal to do so.16 The court concluded that mere possession of the documents, standing alone, is not determinative of an agency’s ability to release documents pursuant to the FOIA where another governmental entity has a substantial interest in asserting an exemption.17 

The court’s ruling in Twin-Cities Broadcasting, however, is not dispositive of this issue in the integrated justice context. In that case, the court indicated in dicta that it might have considered the case differently had the university voluntarily turned over its documents. Although the university board was compelled to turn over its minutes and transcripts to the state’s attorney, local agencies are voluntary participants and submit their records to an integrated justice information system willingly. Furthermore, in Twin-Cities Broadcasting, the state’s attorney merely possessed the board’s data, whereas an integrated system will analyze, link, and share the data. A court may consider that this extensive use of the data raises the need for increased public oversight. Thus, requiring the system administrator to disclose data requested under FOIA. In addition to personal privacy issues, a court considering a reverse-FOIA action involving an integrated justice information system may also give weight to the voluntary submission of the data and its intended uses. In the context of a data warehouse, these latter factors may weigh in favor of disclosing information requested pursuant to FOIA.

Losing control over whether and when information will be disseminated may be a powerful disincentive to agencies considering whether to participate in a system designed to share police incident report information. Some steps can be taken to reduce the uncertainty surrounding what integrated information may be disclosed under FOIA and by whom. Although the FOIA statute does not expressly provide for consultation between agencies, such consultation might be appropriate and even recommended in the context of integrated justice systems.18 Until such time as the FOIA is amended to address these advancing information technologies, local agencies may wish to consider the execution of memoranda of understanding (MOU) that address these FOIA issues prior to participating in an integrated justice information system. 

MOU set forth the basic principles and guidelines that agencies will abide by when working together to achieve a common goal. Such MOU typically address, among other issues, costs associated with participation and how agencies will resolve unanticipated disputes. Participating agencies should ensure that the MOU address whether the administrating agency, in response to a FOIA request for local data in the system, will: (1) raise an exemption if one exists; (2) consult with the local agency when an exemption does not exist;19 and (3) release the information where a disagreement exists between the agencies.
__________

1. Wil Nagel is an Integration Analyst with the Illinois Criminal Justice Information Authority and an attorney. Kathleen deGrasse is a Master Sergeant and an attorney with the Illinois State Police. The opinions expressed herein are those of the authors and do not reflect the position of the Illinois Criminal Justice Information Authority or the Illinois State Police.
2. 5 ILCS 140/1 et seq. (West 2004).
3. 5 ILCS 140/2(c) (defining a public record as any “records, reports, forms, writings. . . papers, maps, photographs, microfilms, cards, tapes, recordings, electronic data processing records, recorded information and all other documentary materials, regardless of physical form or characteristics, having been prepared, or having been or being used, received, possessed or under the control of any public body”).
4. FOIA’s exemptions can be found at 5 ILCS 140/7.
5. See Roehrborn v. Lambert, 277 Ill. App. 3d 181, 186 (1st Dist. 1995) (holding that the exemptions contained in the Illinois Freedom of Information Act do not prohibit the dissemination of this information; rather they merely authorize agencies to withhold that information if they so desire).
6. Records actually provided in response to a query and used by another agency may be public records under FOIA. However, the issue with these records may be their appropriateness for retention under the State Records Act (5 ILCS 160/1 et seq.), which is outside the scope of this article.
7. The Federal Bureau of Investigation is developing the National Data Exchange (N-DEx) system, a centralized repository that will provide a nationwide capability to exchange data derived from incident and event reports.
8. Amity Advanced Repository of Data Valuable for Analyzing and Reporting Crimes (pronounced “Aardvark”).
9. In re Wade, 969 F.2d 241, 246 (7th Cir. 1992).
10. 5 ILCS 140/11 (granting the circuit court the jurisdiction to enjoin the public body from withholding public records, to order the production of any public records improperly withheld from the person seeking access, and to award reasonable attorneys’ fees and costs).
11. Chicago Tribune Co. v. U.S. Dept. of Health and Human Services, 1997 WL 1137641, at 16-17 (N.D. Ill. 1997).
12. See NLRB v. Sears, Roebuck & Co., 421 U.S. 132 (1975).
13. This may, however, be a violation of the State Records Act (5 ILCS 160/1 et seq.) and a Class 4 felony (720 ILCS 5/32-8).
14. An agency’s decision to release exempted data normally will be grounded in its belief that release is justified in the exercise of its discretion. CNA Financial Corp. v. Donovan, 830 F.2d 1132 (D.C. 1987).
15. Twin-Cities Broadcasting Corp. v. Reynard, 277 Ill. App. 3d 777 (4th Dist. 1996).
16. Id. at 783.
17. Id.
18. See 5 ILCS 140/3(d)(vii).
19. 5 ILCS 140/3(d)(vii).

Login to post comments