May 14, 2002
The staff of the Committee on Open Government is authorized to issue advisory opinions. The ensuing staff advisory opinion is based solely upon the information presented in your correspondence.
I have received your letter in which you sought an advisory opinion concerning a denial of access by the New York City Housing Authority to fax numbers and email addresses of its employees. The denial of your request is based on a contention that the items sought "do not constitute 'the documents and statistics leading to determinations.'"
From my perspective, whether the items in question consist of documents or statistics is irrelevant; the only question involves the extent to which they may be withheld in accordance with the grounds for denial of access appearing in the Freedom of Information Law.
As you may be aware, as a general matter, that statute is based upon a presumption of access. Stated differently, all records of an agency are available, except to the extent that records or portions thereof fall within one or more grounds for denial appearing in §87(2)(a) through (i) of the Law.
In some circumstances, fax lines may be dedicated to certain uses. If those lines were to become tied up by an outsider and could not be used as intended, an agency could be precluded from carrying out its duties in a manner in which the public would be adequately served or protected. For example, if a telephone or fax number is used by a municipality to engage in law enforcement functions or emergency communications, and if the municipality cannot transmit or receive information due to incoming faxed transmissions that tie up the line, I believe that §87(2)(f) would likely serve as a basis for a denial of a request. That provision authorizes an agency to withhold records when disclosure "would endanger the life or safety of any person."
I note that an agency has the burden of defending secrecy and demonstrating that records that have been withheld fall within the scope of one or more of the grounds for denial [see §89(4)(b)]. However, in cases involving the assertion of §87(2)(f), the standard developed by the courts is somewhat less stringent, for it has been found that:
"This provision of the statute permits nondisclosure of information if it would pose a danger to the life or safety of any person. We reject petitioner's assertion that respondents are required to prove that a danger to a person's life or safety will occur if the information is made public (see, Matter of Nalo v. Sullivan, 125 AD2d 311, 312, lv denied 69 NY2d 612). Rather, there need only be a possibility that such information would endanger the lives or safety of individuals...."[Stronza v. Hoke, 148 AD2d 900,901 (1989)].
It is noted that the principle enunciated in Stronza has appeared in several other decisions [see Ruberti, Girvin & Ferlazzo v. NYS Division of the State Police, 641 NYS 2d 411, 218 AD2d 494 (1996), Connolly v. New York Guard, 572 NYS 2d 443, 175 AD 2d 372 (1991) and McDermott v. Lippman, Supreme Court, New York County, NYLJ, January 4, 1994]. In sum, insofar as there is a possibility that disclosure of phone or fax numbers could endanger life or safety, based on judicial decisions, I believe that §87(2)(f) could properly be asserted.
A similar contention might be made with regard to the disclosure of e-mail addresses. While I am not an expert in computer technology, it has become widely known due to events that became international in their effects that e-mail and the use of an e-mail address can transmit viruses that can cripple an electronic information or communication system or obliterate information stored electronically. A virus attached to a single e-mail address can be transmitted to every other e-mail address that has been contacted. That being so, again, it might be contended that a wholesale disclosure of e-mail addresses, which in turn could result in an inability to carry out critical governmental functions, could jeopardize the lives and safety of members of the public, as well as government employees.
Moreover, a new provision amending §87(2) that is especially pertinent to the matter became effective in October. Specifically, paragraph (i) states that an agency may withhold records or portions thereof which "if disclosed would jeopardize an agency's capacity to guarantee the security of its information technology assets, such assets encompassing both electronic information systems and infrastructures." Via disclosure of email addresses, viruses could be transmitted or other incursions might occur that could result in the harm sought to be avoided by the new provision cited above.
I hope that I have been of assistance.
Robert J. Freeman
cc: LeeAnne Tuller