I generally shy away from posting anything on my blog related to politics or my job, but this post relates to both. Below is a reblog from The Schedule: A Blog for the Society of American Archivists’ Records Management Roundtable regarding the recent report on Hillary Clinton’s use of a personal email server during her time as Secretary of State.
Now, I work in Records and Information Management (RIM) and Archives, so it gives me a bit of perspective on the controversy that I don’t hear in the general public. Basically, it boils down to the fact that governments, businesses, and organizations have laws, regulations, and rules for the management of records. These exist for many reasons but primarily because good recordkeeping allows organizations to be efficient (find the information needed when it’s needed), accountable (be able to demonstrate correct practices when called upon), secure (not allow sensitive information to be seen by the wrong people) and cost-effective (a lot of money is wasted on storing records – both physical and digital – that don’t need to be retained).
Ultimately, when the general public thinks of RIM, if they think of it at all, is that they’re a bunch of laws, regulations, and rules that are no BFD.
Clearly the staff in Secretary Clinton’s office thought RIM was no BFD.
And the response to the controversy has shown that a lot of people think RIM is no BFD.
The point here is not to “get Clinton!” This issue shows poor judgment and a lack of honesty on her part, but it just one item in a list of things that demonstrate those failings. The point here is that everyone – from cabinet members to journalists to ordinary working people – need to learn the value and importance of RIM.
So! The Office of the Inspector General released its report on Hillary Clinton’s emails today. Perhaps you’d heard about it.
The report itself is here (Warning: major TL;DR alert). It reads like a litany of “everything that can go wrong with a digital records management program”–poor communication, lack of executive buy-in, technology not up to the job of meeting requirements– and my plan is to break down the whole thing at some point to take a closer look at what happened from a purely records management standpoint. But in light of Eira’s excellent post on institutional silences and the digital dark ages, I wanted to quickly hit one paragraph that jumped out at me:
Two staff in S/ES-IRM reported to OIG that, in late 2010, they each discussed their concerns about Secretary Clinton’s use of a personal email account in separate meetings with the then-Director of S/ES-IRM. In one meeting, one staff member raised concerns that information sent and received on Secretary Clinton’s account could contain Federal records that needed to be preserved in order to satisfy Federal recordkeeping requirements. According to the staff member, the Director stated that the Secretary’s personal system had been reviewed and approved by Department legal staff and that the matter was not to be discussed any further. As previously noted, OIG found no evidence that staff in the Office of the Legal Adviser reviewed or approved Secretary Clinton’s personal system. According to the other S/ES-IRM staff member who raised concerns about the server, the Director stated that the mission of S/ES-IRM is to support the Secretary and instructed the staff never to speak of the Secretary’s personal email system again.
Holy moly. I am simultaneously astonished and not at all surprised that this conversation happened. Without attempting to divine the source of this supposed gag order or the motivation behind it, there is at minimum a failure to communicate happening here, and in all likelihood a deeply ingrained culture of subordination. Two employees, rightly concerned that use of a personal email account posed a recordkeeping and security risk, were specifically told that they were there “to support the Secretary”, and as a result questioning her use of personal email was anathema. That is really an incredible directive, if substantiated. I would argue that pointing out vulnerabilities in information security and governance IS supporting the Secretary (by, say, helping her avoid a prolonged investigation into her email management practices during an election year), but that’s just me.
And yet… what do you even DO in this case as a records manager? In a lot of institutions records managers are so far down the totem pole that there’s not a lot of pushing back to be done if a C-level staffer doesn’t want to follow records management directives to the letter. It’s easier to stand up to your negligent or reluctant official if you’re based out of the Legal department (and even easier if you are yourself a lawyer), but for a records manager based out of an administrative department, or the library? How do you make the case for good records practices when you have been explicitly told not to pursue it? How far do you stick your neck out for the sake of the historical record and transparency, vs. the short-term interests of your institution? Particularly if, as in so many cases, the records law which you are following has no real penalty for non-compliance other than the hypothetical/tangential “you might get sued”?
I don’t have an answer to any of the above questions. I’ve struggled with the right level of aggressiveness in pursuing records of high-level officials at my own institution, and have almost certainly lost some key electronic records being kept on a personal hard drive or in an email account because of it. (Elsewhere in the report records staff reports “not feeling comfortable” directing the Secretary to use the internal records system and looking for an automatic system to capture the records; I feel this anxiety acutely.) In this *particular* case Secretary Clinton released (most of) the emails after the fact, so the damage to transparency and the historical record is perhaps not as great as it could have been. In other cases? Who knows what’s being lost because the records manager is not as much in control as he/she would like to be.
These are the kinds of questions that keep me up at night, because I am an enormous nerd and am kept awake by records management questions. (Well, that and a one-year-old baby.)
Source: Records Managers: Not Making This Stuff Up, Part the Billionth