FOI Advisory Council Opinion AO-03-07


March 14, 2007

Dennis Fusaro
Front Royal, Virginia

The staff of the Freedom of Information Advisory Council is authorized to issue advisory opinions. The ensuing staff advisory opinion is based solely upon the information presented in your electronic mail of February 4, 16, and 20, 2007.

Dear Mr. Fusaro:

You have asked whether a public body may withhold the portion of an electronic mail message showing the time when the message was received by the public body (the header). You indicated that you sent a records request under the Virginia Freedom of Information Act (FOIA) to the County of Prince William (the County) by electronic mail that should have arrived on December 15, 2006. You later requested that the County provide you with a copy of your December 15, 2006, electronic mail that includes the header showing when it was received by the County. The County denied this request, asserting that the header is protected from release pursuant to subdivision 3 of § 2.2-3705.2. That subdivision provides an exemption from disclosure for [d]ocumentation or other information that describes the design, function, operation or access control features of any security system, whether manual or automated, which is used to control access to or use of any automated data processing or telecommunications system. You indicated that you do not believe that any of the information contained in a header is of the type that would be protected under subdivision 3 of § 2.2-3705.2. You also asked the County why it does not redact information from the header that might compromise security but provide the rest of the header information. You indicated you have received no further reply from the County.

In presenting this question you included electronic mail correspondence between you and the County. One of the included messages shows the header information for a different electronic mail message sent to you by the County. This header appears to include various routing information and internet protocol (IP) addresses, information about the type of content (i.e., coding format) of the electronic mail, along with the time received, date, and other information. It was not redacted or otherwise hidden. Furthermore, it is my understanding that such header information is generally included as a part of every electronic mail message.

While recognizing that computer security matters are beyond the expertise and authority of this office, it appears that the information contained in the header as described above is not information that describes the design, function, operation or access control features of any security system. Especially considering that these headers are included as part of every electronic mail message, it would make no sense for them to contain sensitive security data. As an additional consideration, you indicated that you are particularly interested in the time and date when the email was received by the public body as evidenced by the header. The time and date when a message is received does not describe[] the design, function, operation or access control features of any security system. Following the narrow construction rule of FOIA,1 the exemption cannot be stretched to cover situations that do not clearly fall within its terms as written. Therefore, under the facts you have presented, the electronic mail header you requested should not have been withheld pursuant to subdivision 3 of § 2.2-3705.2.

Thank you for contacting this office. I hope that I have been of assistance.


Maria J.K. Everett
Executive Director

1 Section 2.2-3700 mandates that [a]ny exemption from public access to records or meetings shall be narrowly construed and no record shall be withheld or meeting closed to the public unless specifically made exempt pursuant to this chapter or other specific provision of law.