So! The Office of the Inspector General released its report on Hillary Clinton’s emails today. Perhaps you’d heard about it.
The report itself is here (Warning: major TL;DR alert). It reads like a litany of “everything that can go wrong with a digital records management program”–poor communication, lack of executive buy-in, technology not up to the job of meeting requirements– and my plan is to break down the whole thing at some point to take a closer look at what happened from a purely records management standpoint. But in light of Eira’s excellent post on institutional silences and the digital dark ages, I wanted to quickly hit one paragraph that jumped out at me:
Two staff in S/ES-IRM reported to OIG that, in late 2010, they each discussed their concerns about Secretary Clinton’s use of a personal email account in separate meetings with the then-Director of S/ES-IRM. In one meeting, one staff member raised concerns that information sent and received on Secretary Clinton’s account could contain Federal records that needed to be preserved in order to satisfy Federal recordkeeping requirements. According to the staff member, the Director stated that the Secretary’s personal system had been reviewed and approved by Department legal staff and that the matter was not to be discussed any further. As previously noted, OIG found no evidence that staff in the Office of the Legal Adviser reviewed or approved Secretary Clinton’s personal system. According to the other S/ES-IRM staff member who raised concerns about the server, the Director stated that the mission of S/ES-IRM is to support the Secretary and instructed the staff never to speak of the Secretary’s personal email system again.
Holy moly. I am simultaneously astonished and not at all surprised that this conversation happened. Without attempting to divine the source of this supposed gag order or the motivation behind it, there is at minimum a failure to communicate happening here, and in all likelihood a deeply ingrained culture of subordination. Two employees, rightly concerned that use of a personal email account posed a recordkeeping and security risk, were specifically told that they were there “to support the Secretary”, and as a result questioning her use of personal email was anathema. That is really an incredible directive, if substantiated. I would argue that pointing out vulnerabilities in information security and governance IS supporting the Secretary (by, say, helping her avoid a prolonged investigation into her email management practices during an election year), but that’s just me.
And yet… what do you even DO in this case as a records manager? In a lot of institutions records managers are so far down the totem pole that there’s not a lot of pushing back to be done if a C-level staffer doesn’t want to follow records management directives to the letter. It’s easier to stand up to your negligent or reluctant official if you’re based out of the Legal department (and even easier if you are yourself a lawyer), but for a records manager based out of an administrative department, or the library? How do you make the case for good records practices when you have been explicitly told not to pursue it? How far do you stick your neck out for the sake of the historical record and transparency, vs. the short-term interests of your institution? Particularly if, as in so many cases, the records law which you are following has no real penalty for non-compliance other than the hypothetical/tangential “you might get sued”?
I don’t have an answer to any of the above questions. I’ve struggled with the right level of aggressiveness in pursuing records of high-level officials at my own institution, and have almost certainly lost some key electronic records being kept on a personal hard drive or in an email account because of it. (Elsewhere in the report records staff reports “not feeling comfortable” directing the Secretary to use the internal records system and looking for an automatic system to capture the records; I feel this anxiety acutely.) In this *particular* case Secretary Clinton released (most of) the emails after the fact, so the damage to transparency and the historical record is perhaps not as great as it could have been. In other cases? Who knows what’s being lost because the records manager is not as much in control as he/she would like to be.
These are the kinds of questions that keep me up at night, because I am an enormous nerd and am kept awake by records management questions. (Well, that and a one-year-old baby.)