Databases Under the Public Records Law

Public agencies increasingly use databases to organize, store, and access public information. A database sometimes includes information that comes from records of multiple separate agencies, and these agencies may have access only to their own information, or to the entire database. If a member of the public seeks access to all or some of the information in the database, which agency is responsible for providing access as the custodian of the record?  The Court of Appeals opinion in LexisNexis Risk Data Management, Inc. v NC Administrative Office of the Courts provides a partial answer to this question, and establishes some key principles regarding the status of databases under the North Carolina public records law. This blog post summarizes the holding, and discusses some of its implications for public entities that create and have access to databases containing public information. LexisNexis made a public records request to the North Carolina Administrative Office of the Courts (AOC) and the Wake County Clerk of Court for the entire Automated Criminal/Infraction System (ACIS) database. As described in the opinion, the ACIS is administered, supported, and maintained by the AOC for the elected clerks of superior court for use as the electronic storage index of their criminal records. The database is a compilation of criminal records. Clerks across the state enter information from records in their offices on a daily basis, so the database is constantly changing. Clerks have direct access to the information from their county, but not to the entire database. Both the AOC and individual clerks can make information from the database available to the public. The AOC denied access to the database, asserting that it is “a mainframe application which serves as a record-keeping tool for clerks of court statewide, but the individual clerks are the custodians of the actual records.”  Slip op. at 5. The Wake County Clerk of Court responded that she does not have the ability to access the entire database - only the records from her county - therefore she had no records responsive to the request. The trial court dismissed the case without a trial, granting judgment on the pleadings in favor of the AOC and the clerk. The Court of Appeals reversed as to the AOC, but upheld the ruling as to the clerk of court. They key holdings are: 1)    The entire ACIS database is a public record and the AOC is the custodian of the record. The public has a right of access to the database under the public records law. 2)   The duty to provide access to records is that of the custodian of the records. The clerk of court is not the custodian of the database, even though her office has a part in creating it, and it contains information from records housed in her office. The individual criminal records in the clerks of court offices are public records and the clerks of court are the custodians of those records. 3)    When information from one record is entered into a database, the information becomes part of a new and separate record. The custodian of a database may be different from the custodian of the original record. 4)    The fact that information from an existing record also exists in an electronic database does not eliminate the original custodian’s duty to provide access to the existing record. This case provides the first treatment of databases under the North Carolina public records law, and it resolves some uncertainties regarding who has the legal duty to produce documents and information maintained in an electronic format. The law clearly allows access to electronic records, including databases (see G.S. 132-6.2(c)). When we store information in electronic records, we can cut and paste and move information around, and information in records may exist in more than one place. The LexisNexis case is a reminder that in each of these locations we have created distinct records, and that the same information can exist in records that have multiple custodians. The court provides examples of this principle in action, such as, a city report of crime statistics drawn from police records, which is then used by a state agency to create a chart comparing crime rates in different cities. The police records, the report, and the chart are each separate records with different custodians, even though they contain some of the same information. Slip op. at 11. Since LexisNexis requested the entire database, the court did not address the question of whether the Clerk of Court would have to provide access to the Wake County information in the database, to which she has direct access. Both the AOC and the clerks of court provide information from the database to the public. Does the holding that the AOC is the custodian of the database mean that a clerk could deny access to Wake County data because she is not the custodian of the database? Probably not. It seems hard to imagine that a clerk could deny access to information she has actually obtained from the database. In that case, she would likely be the custodian of the record containing that information. It’s harder to discern whether she would have an obligation to obtain data from the database in response to a public records request. This situation could arise in other contexts in which local and state government entities are required to provide information that is stored in a state agency database. An example is the information the Department of Motor Vehicles collects from counties in the Vehicle Tax System (VTS)  database under the new “Tax and Tag Together” program. Based on the LexisNexis holding, the local agency may argue that it is not the custodian of the database records, even though it has access to them. As with the ACIS database, counties contribute information to the VTS database on an ongoing basis but have access only to their own information. I’m not suggesting that local or state agencies should refuse to provide information from a database to which they have access. Indeed, members of the public may reasonably expect that an agency should provide to the public any information to which the agency has access to in the transaction of its business. On the other hand, a public agency that contributes to and can access an entire database (not just the information from that jurisdiction) could be overwhelmed by requests for information from the database beyond its own. The LexisNexis case may suggest that if an agency is not the custodian of the entire database, it may not have an obligation to provide access to records in the database unless the agency has actually downloaded or printed them, or otherwise has them in physical custody. Since the request in LexisNexis was for the entire database, the opinion does not address the question of whether the custodian of a database has an obligation under the public records law to query the database for particular information. For a discussion of this issue, see Kara Millonzi's excellent blog post here.