Great news for open data advocates in California: Attorney General Kamala Harris' office has reversed a recent policy decision that would have locked down data collected by California Department of Justice (CADOJ).
Back in May, we wrote about how the CADOJ had denied our request for machine-readable, alternative versions of the California Electronic Interceptions Report, an enormous dataset detailing the costs and effectiveness of wiretaps across the state. The version exclusively available online was an unwieldy PDF that made it difficult to breakdown and analyze. But a CADOJ lawyer explained that, under new security protocols, the office would only provide copies in a "locked PDF" format in order to preserve the "integrity of the data." With this new policy, the office was essentially slapping digital rights management (DRM) on public records.
One journalist who read our post pointed out that it would be relatively easy to bypass the lock through software freely available on the Internet. While that is certainly true, we were a little concerned about the potential legal ramifications. The attorney general's website, where the California Electronic Interceptions Report is published each year, contains this language in its conditions of use:
Unauthorized attempts to modify any information stored on this system, to defeat or circumvent security features, or to utilize this system for other than its intended purposes are prohibited and may result in criminal prosecution.
While we believe there might not be much legal basis to support such a prosecution (after all, when you download the document, it is no longer stored on their system), we know all too well that overzealous prosecutors have often stretched the interpretation of hacking laws.
A few days after our post went live, we were happy to receive an email from the attorney general's office containing an unlocked version of the report [DOC] with a letter explaining that it was all an internal "misunderstanding." Although we've sought further explanations for a month now, CADOJ representatives have provided only vague answers. However, since the unlocked document is titled "ADA compliant," we can only assume that upon further review the office realized that locking down PDFs could have serious ramifications not only under the California Public Records Act (CPRA), but the federal Americans with Disabilities Act and related California laws.
This is a small but important victory, since the attorney general currently writes CPRA guidelines for the rest of the state. That could change soon: we're closely watching state-level legislation such as S.B. 573 that would create statewide rules for open data, including the creation of a formal Chief Data Officer position that would write formal open data guidelines in consultation with the attorney general.
If we've learned anything from this debacle, it's that the California Attorney General shouldn't be the state's sole authority on transparency.