IN THE COMMONWEALTH COURT OF PENNSYLVANIA
Terry Mutchler and Obermayer : Rebmann Maxwell & Hippel, : Petitioners : v. : : Pennsylvania Office of Administration : (Office of Open Records), : No. 628 C.D. 2023 Respondent : Argued: December 11, 2024
BEFORE: HONORABLE RENÉE COHN JUBELIRER, President Judge HONORABLE PATRICIA A. McCULLOUGH, Judge HONORABLE MICHAEL H. WOJCIK, Judge HONORABLE CHRISTINE FIZZANO CANNON, Judge HONORABLE LORI A. DUMAS, Judge HONORABLE STACY WALLACE, Judge HONORABLE MATTHEW S. WOLF, Judge
OPINION BY JUDGE FIZZANO CANNON FILED: March 18, 2025
Terry Mutchler and Obermayer Rebmann Maxwell & Hippel (Requesters) petition for review of a final determination of the Office of Open Records (OOR) under the Right-to-Know Law (RTKL).1 Upon review, we affirm.
I. Background The Pennsylvania Justice Network (JNET) exists under the auspices of the Pennsylvania Office of Administration (OA), Public Safety Delivery Center. JNET is a web-based portal through which authorized users in the Commonwealth can access public safety and criminal justice information maintained by separate
1 Act of February 14, 2008, P.L. 6, 65 P.S. §§ 67.101-67.3104. third-party data providers. See https://www.pa.gov/agencies/jnet.html (last visited March 17, 2025). The data available through JNET comes from various contributing municipal, county, state, and federal agencies and is used by law enforcement and public safety officials at the federal, state, and local levels in Pennsylvania. Users include, inter alia, employees of state and municipal police. Id. Requesters believe that a police officer from the Camp Hill Police Department (CHPD) conducted an unauthorized search in JNET. Requesters describe alleged text messages between the police officer and his girlfriend in which he allegedly agreed to conduct an unauthorized search “so she could monitor the activities of her boss and co-worker.” Requesters’ Br. at 14. Testing that belief, Requesters submitted an information request to Camp Hill Borough (Borough) in 2022, seeking “all documentation and/or computer records of any non-investigatory (i.e., not associated with any criminal investigation) [JNET] searches performed by [the specified CHPD police officer] between January 1, 2020 and the present.” Mutchler and Obermayer Rebmann Maxwell & Hippel, LLP v. Camp Hill Borough (OOR Dkt. No. AP 2022-2494, decided Dec. 19, 2022) (Mutchler I), slip op. at 1. The Borough denied the request, and Requesters appealed to OOR, which denied the appeal in a final determination in December 2022. In denying Requesters’ appeal, OOR determined that Requesters failed to identify a discrete group of documents that were responsive, explaining: [The request] does not merely seek logs of searches or the searches themselves; instead, it asks the Borough to survey the searches/logs and only provide information that is “non-investigatory.” This leads to a situation where a [CHPD] employee would be left to guess what information is “non-investigatory,” and that defect makes the request insufficiently specific.
2 Mutchler I, slip op. at 8 (footnote omitted). “In other words, judgments would need to be made based upon context and information that may not be available to the individual conducting the search.” Id., slip op. at 8 n.6. Requesters did not seek judicial review of OOR’s final determination. Instead, they initiated the January 2023 request to OA at issue here. Of the 13 items of information Requesters sought from OA, 6 remain unresolved: 6. A copy of records that reflect the suspension of access issued by JNET or its Steering Committee to [CHPD] and/or any [CHPD] police officers or employees between January 1, 2020 and the date of this request. 7. A copy of records that reflect administrative sanctions, other than suspension of access, by JNET or its Steering Committee to [CHPD] and/or any [CHPD] police officers or employees between January 1, 2020 and the date of this request. 8. A list of the names of JNET users employed by [CHPD] who have been investigated for and/or disciplined for violating any policies pertaining to JNET usage between January 1, 2020 and the date of this request. 9. A copy of records of all audits of JNET usage by [CHPD] or any of its officers or employees, performed by JNET or the JNET steering committee between January 1, 2020 and the date of this request. 10. A copy of records associated with the termination, suspension or other disciplinary action by JNET or the JNET steering committee against [CHPD] or any of its officers and employees between January 1, 2020 and the date of this request. . . .
11. . . . A copy of reports of incidents, received by JNET from [CHPD] or any of its personnel, involving confirmed or suspected unauthorized or accidental modification, destruction, disclosure, loss, damage, misuse, or access to JNET information technology resources such as systems, files, services, and data
3 bases, between January 1, 2020 and the date of this request. May 16, 2023 OOR Final Determination at 1-2. OA invoked a 30-day extension in which to consider the request pursuant to Section 902(b)(2) of the RTKL, 65 P.S. § 67.902(b)(2).2 When OA failed to meet that deadline, the request was deemed denied on March 8, 2023. Id. Nonetheless, OA issued a partial denial of the request on March 9, 2023. Regarding Items 6-11, OA asserted that no records responsive to those items exist within OA’s possession, custody, or control. Requesters challenged OA’s partial denial before OOR and requested a hearing. Both parties submitted position statements. OA reiterated its grounds for its denial and submitted two attestations, one from its open records officer Wha Lee Strohecker (Strohecker Attestation) and the second from its information technology employee Joseph Centurione (Centurione Attestation). Requesters renewed their request for a hearing, and OA objected to the hearing request. In the OOR appeal, OA submitted additional information, including a document titled “JNET Policies and Procedures Misuse Investigation Procedures
2 Section 902(b)(2) of the RTKL provides:
(2) The notice [that a record request has been received] shall include a statement notifying the requester that the request for access is being reviewed, the reason for the review, a reasonable date that a response is expected to be provided and an estimate of applicable fees owed when the record becomes available. If the date that a response is expected to be provided is in excess of 30 days, following the five business days allowed for in [S]ection 901, [65 P.S. § 67.901,] the request for access shall be deemed denied unless the requester has agreed in writing to an extension to the date specified in the notice.
65 P.S. § 67.902(b)(2).
4 dated March 10, 2019, version 2.7” and copies of four separate agreements that OA uses with local agencies and their individual users who access JNET. May 16, 2023 OOR Final Determination at 4 n.3 & 5 n.4. In its final determination, OOR denied Requesters’ request for a hearing, dismissed the appeal as moot in part because OA had provided additional records, and denied the remainder of the appeal, determining that OA met its burden of proving there were no records responsive to Items 6-11 in its possession, custody, or control and that OA was not required to seek such records from CHPD. Specifically, OOR concluded it was “unable to direct access to a third party’s records simply because there is an agreement between the agency and the third party.” Id. at 10 n.7. OOR determined there was no indication of a “contractual relationship between [OA] and any local government users of JNET to perform any of [OA’s] governmental functions, which would require [OA] to contact [CHPD] as part of a good faith search of records responsive to the [r]equest.” Id. at 9. Requesters’ petition for review in this Court followed.
II. Issues On review before this Court,3 Requesters assert error by OOR in determining that OA conducted a good faith search for records responsive to Items 6-11. Further, Requesters argue that OA contracted with CHPD to perform a governmental function on behalf of OA, such that OA was required to contact CHPD for any responsive records under the RTKL. In addition, Requesters maintain that OOR improperly failed to consider additional evidence that Requesters proffered in
3 This Court reviews independently the OOR’s orders regarding Commonwealth agencies; we are not limited by the OOR’s reasoning in the written decision subject to review. State Emps. Ret. Sys. v. Off. of Open Recs., 10 A.3d 358, 361 n.4 (Pa. Cmwlth. 2010) (citing 65 P.S. § 67.1301(a); Bowling v. Off. of Open Recs., 990 A.2d 813 (Pa. Cmwlth. 2010); Prison Legal News v. Off. of Open Recs., 992 A.2d 942, 947 (Pa. Cmwlth. 2010)).
5 a supplemental submission to OOR and that alleged text messages between the police officer and his girlfriend referenced in CHPD Chief Margeson’s Attestation, as well as the police officer’s alleged promotion either while under investigation or at the completion of CHPD’s investigation, demonstrate the police officer’s misuse of JNET and CHPD’s initiation of an investigation into such misuse. We reject all of these arguments, as discussed below.
III. Discussion A. Sufficiency of Records Search In pertinent part, Section 901 of the RTKL provides: Upon receipt of a written request for access to a record, an agency shall make a good faith effort to determine if the record requested is a public record . . . and whether the agency has possession, custody or control of the identified record, and to respond as promptly as possible under the circumstances existing at the time of the request. 65 P.S. § 67.901. The agency bears the burden of proving that it does not have a requested record. Hodges v. Pa. Dep’t of Health, 29 A.3d 1190, 1192 (Pa. Cmwlth. 2011). To meet its burden, an agency may provide either an unsworn attestation by the person who searched for the record or a sworn affidavit of nonexistence of the record. Id. at 1192. A sworn affidavit made under the penalty of perjury may serve as sufficient evidentiary support under the RTKL. See Sherry v. Radnor Twp. Sch. Dist., 20 A.3d 515, 520-21 (Pa. Cmwlth. 2011). In the absence of competent evidence of bad faith, the averments in an attestation or an affidavit should be accepted as true. McGowan v. Pa. Dep’t of Env’t Prot., 103 A.3d 374, 382-83 (Pa. Cmwlth. 2014).
6 Here, OA presented the Strohecker Attestation made by its open records officer. Strohecker averred that he conducted a thorough examination of OA’s files for any records responsive to the request, inquired of relevant office personnel whether they had any requested records in their possession, identified all responsive records within OA’s possession, custody, or control, and did not withhold any responsive records identified by records custodians. May 16, 2023 OOR Final Determination at 8-9. In addition, he stated: “[I]n consulting with the relevant persons within JNET, who would have the requested records, if any existed, I confirmed that OA did not have responsive records to [Items 6-11] of the [r]equest.” Id. at 9 (quoting Strohecker Attestation, ¶18) (additional quotation marks omitted). OOR accepted as true the averments in the Strohecker Attestation. Moreover, at oral argument before this Court, Requesters stated they were not challenging OOR’s determination that OA met its burden of establishing that its in- house search yielded no responsive records for the outstanding items. Accordingly, we affirm OOR’s determination of that issue.
B. OA’s Obligation to Seek Records from CHPD Requesters insist that OA is required to seek responsive records from CHPD, a separate agency. We disagree and conclude that Requesters must seek that information directly from CHPD. The operative statutory language in Section 506(d)(1) of the RTKL provides: A public record that is not in the possession of an agency but is in the possession of a party with whom the agency has contracted to perform a governmental function on behalf of the agency, and which directly relates to the governmental function and is not exempt under this act,
7 shall be considered a public record of the agency for purposes of this act. 65 P.S. § 67.506(d)(1) (emphasis added). Thus, under the plain language of Section 506(d)(1), a requester cannot seek information in the possession of a contracting party unless (1) the information is not in the possession of an agency and (2) the contracting non-agency party is performing a governmental function on behalf of the agency that is the target of an RTKL request. Neither requirement is present in this case.
1. Records in the Possession of an Agency A municipal police department is an agency. See Section 102 of the RTKL, 65 P.S. § 67.102 (defining an “agency” as including a local agency and a “local agency” as including any local or municipal agency); Zimmerman v. Johnstown, 365 A.2d 696, 698 (Pa. Cmwlth. 1976) (holding that a municipal police department is a “local agency”).4 There is no dispute on this issue. Here, therefore, the requested information is in the possession of an agency, i.e., CHPD. Accordingly, the RTKL provision regarding “[a] public record that is not in the possession of an agency,” 65 P.S. § 67.506(d)(1), facially does not apply. Additionally, this Court’s decisions to date reflect a clear assumption that the “third party” referenced in Section 506(d)(1) is a private party, not another government agency. See, e.g., Real Alternatives v. Dep’t of Hum. Servs., 279 A.3d
4 This Court decided Zimmerman v. Johnstown, 365 A.2d 696 (Pa. Cmwlth. 1976), under Section 2 of the former Local Agency Law, Act of December 2, 1968, P.L. 1133, as amended, formerly 53 P.S. § 11302(2), repealed by the Act of April 28, 1978, P.L. 202, which defined a “local agency” as “any . . . office or other agency of a political subdivision. . . .” That definition of a “local agency” is comparable to the definition of a “local agency” under 2 Pa.C.S. § 101 as a “government agency other than a Commonwealth agency,” which applies to all of Title 2 of the Pennsylvania Consolidated Statutes, including the current Local Agency Law, 2 Pa.C.S. §§ 551- 555, 751-754.
8 96, 106 (Pa. Cmwlth. 2022) (quoting Allegheny Cnty. Dep’t of Admin. Servs. v. Parsons, 61 A.3d 336, 346 (Pa. Cmwlth. 2013) (clarifying that “Section 506(d)(1) does not reach all records in possession of a private contractor that relate to the governmental function; rather, the records reached are only those that relate to performance of that function”)) (additional quotation marks and additional citations omitted); Parsons, 61 A.3d at 343 (observing that Section 506(d)(1) is “the RTKL provision through which records of private third-party contractors may become accessible to the public”); SWB Yankees LLC v. Wintermantel, 999 A.2d 672, 675 (Pa. Cmwlth. 2010), aff’d, 45 A.3d 1029 (Pa. 2012) (stating that “Section 506(d)(1) of the RTKL clearly puts a third party in the same position as an agency for purposes of the RTKL”). This assumption makes sense in light of the purpose served by Section 506(d)(1). This Court has explained: Generally, the local agency bears the burden of proving a record is exempt from disclosure. Kaplin [v. Lower Merion Twp., 19 A.3d 1209 (Pa. Cmwlth. 2011)]. Third- party contractors in possession of requested records are placed in the shoes of a local agency for purposes of the burden of proof when the contractor performs a governmental function on behalf of the agency, and those records directly relate to the contractor’s performance of that function. SWB Yankees . . . , 45 A.3d 1029 . . . (noting third-party contractor is recast as an agency for purpose of interpreting Section 506(d) and RTKL definitions); [Allegheny Cnty. Dep’t of Admin. Servs. v. A Second Chance, Inc., 13 A.3d 1025 (Pa. Cmwlth. 2011) (en banc)] (recognizing participating third party shares burden of proving exemptions). Parsons, 61 A.3d at 342. However, a contracting party that is another agency is already subject to the burden of establishing an exemption from disclosure and does not need to be recast as an agency for that purpose.
9 Accordingly, we cannot conclude that Section 506(d)(1) of the RTKL allows a requester to require one agency to obtain from another agency information that the requester could get from that other agency directly. Section 506(d)(1) serves the salutary purpose of preserving “some level of public access to information about governmental functions . . . where an agency chooses to contract out the performance of that function to a third[ ]party.” Real Alternatives, 279 A.3d at 106 (quoting UnitedHealthcare of Pa., Inc. v. Baron, 171 A.3d 943, 963 (Pa. Cmwlth. 2017)) (additional quotation marks omitted). Where the third party is another agency, public access is already assured. There is no need or purpose for involvement of an agency that does not possess the records sought, where another agency does possess those records and, indeed, is their originator.5 Here, Requesters initially sought information from the Borough, but that request was unsuccessful. The request was insufficiently specific because the Borough was not in a position to determine whether any of the requested information
5 This is not to say that Requesters acted improperly here in their initial request for records from OA. If the records had been in OA’s possession and not subject to an exemption, they would have been subject to disclosure by OA. The issue here is whether the RTKL contemplates forcing an agency to involve itself and incur expenses relating to a request for information that exists, if at all, solely with another agency.
We also note that forcing OA to obtain records from CHPD in order to pass them on to Requesters creates an unnecessary layer of governmental expense that must be borne by taxpayers. Notably, under Section 1307(g) of the RTKL, while an agency may charge reasonable copying costs for duplicating records, it may not recoup the labor costs it incurs in searching for responsive documents and analyzing whether such documents exist and whether they are subject to disclosure. See 65 P.S. § 67.1307(g) (providing, in pertinent part, that “[n]o fee may be imposed for an agency’s review of a record to determine whether the record is a public record, legislative record or financial record subject to access in accordance with [the RTKL]”). Requesters’ reading of Section 506(d)(1) of the RTKL would result in unnecessary duplication of expenses by forcing two separate agencies to expend time and effort and incur the related labor costs, where only one should do so. Requesters’ inquiry to OA should have ended at the point where OA satisfactorily certified that it did not possess responsive records, and the information request should then have been directed to CHPD.
10 was subject to an investigative exception under the RTKL, the knowledge necessary to make that determination resting exclusively with CHPD, which is a separate agency. As OOR observed, the Borough could not be expected to respond to the information request because “judgments would need to be made based upon context and information that may not be available to the individual conducting the search.” Mutchler I, slip op. at 8. The same is true here. Like the Borough, OA is not in a position to know what exemptions from disclosure CHPD might be entitled to assert regarding the requested information. Only CHPD knows, for example, whether it has an investigation underway that would shield the requested information from disclosure in response to a request under the RTKL. Although CHPD could assert the applicable exemptions in response to a request for information from OA, doing so would require that OA inform CHPD that the request was related to the RTKL and not merely to enforcement of the user monitoring provisions of the parties’ contractual agreements. The more direct course, and the surer way to preserve exemptions from disclosure to which CHPD may be entitled, would be to avoid making OA a middleman between Requesters and CHPD, the agency in possession of the information. Requesters could have appealed from OOR’s final determination that the Borough did not have to provide the requested information. Alternatively, and preferably, Requesters could have sought (and could still seek) the information directly from CHPD.6 Instead, Requesters are attempting an end run around OOR’s determination after having failed to appeal.
6 Although the concurrence posits that Section 502(b)(1) of the RTKL, 65 P.S. § 67.502(b)(1), should be applied to require OA to pass on the information request to CHPD, that section does not require OA to take any action to obtain documents from CHPD, and Requesters do not assert that OA has any direct duty to them arising under Section 502(b)(1). Moreover,
11 For the reasons discussed above, we conclude that CHPD’s status as an agency precludes application of Section 506(d) of the RTKL.
2. Performance of a Governmental Function on OA’s Behalf Requesters maintain that OA should have contacted CHPD because there was a contractual relationship between the two governmental entities relating to JNET access that triggered Section 506(d) of the RTKL. As for the governmental function requirement, Requesters argue that OA effectively delegated JNET oversight to each entity with which it contracted, including CHPD. We disagree. CHPD, in monitoring its own employees’ access to JNET, is not performing a governmental function on behalf of OA. As set forth above, Section 506(d)(1) of the RTKL provides for disclosure of “[a] public record that is . . . in the possession of a party with whom the agency has contracted to perform a governmental function on behalf of the agency, and which directly relates to the governmental function and is not exempt . . . .” 65 P.S. § 67.506(d)(1); see also Second Chance, 13 A.3d at 1039 (explaining that records defined in Section 506(d)(1) of the RTKL are presumptively public records subject to public access, “so long as the record (a) directly relates to the governmental function and (b) is not exempt under the RTKL”). To meet the “directly relates” requirement, the requested records must relate to the performance of a governmental function. Dental Benefit Providers, Inc. v. Eiseman, 86 A.3d 932, 940 (Pa. Cmwlth. 2014), aff’d, 124 A.3d 1214 (Pa. 2015). Our Supreme Court has clarified that a contract to perform a government function constitutes the “delegation of some substantial facet of the agency’s roles and responsibilities, as opposed to
Requesters clearly know the information they want, if it exists at all, is with CHPD, as they have already tried – without success – to obtain the documents from CHPD through the Borough.
12 entry into routine service agreements with independent contractors.” SWB Yankees, 45 A.3d at 1043. According to OA, its primary governmental function is “to support the work and well-being of all Commonwealth employees by providing human resources and technology services to improve outcomes, reduce costs, and enhance customer service for all state agencies.” https://www.oa.pa.gov/About%20OA/Pages/default.aspx (last visited March 17, 2025). OA provides information technology and human resources support to Commonwealth agencies in the executive branch. Id. OA manages, controls, and sets policies for JNET. Management Directive, No. 245.16, amended March 18, 2014, https://www.pa.gov/content/dam/copapwp- pagov/en/oa/documents/policies/md/200/245_16.pdf (last visited March 17, 2025) (hereinafter, Management Directive). OA controls and may limit or suspend user access to the JNET platform and creates mandatory policies governing JNET use with which each user must comply or risk losing its privileges. However, OA necessarily relies upon JNET users policing themselves and reporting alleged misuse to OA. The Management Directive created by OA “defines policy, responsibilities, and procedures for the . . . []JNET[] Governance Structure as established by Executive Order 2014-02 . . . .” Management Directive, Preface at 1. The Management Directive’s purpose is “[t]o establish policy, responsibilities, procedures, and operating guidelines for JNET Governance Structure in order to facilitate the development, implementation and ongoing operation of a cost- effective, integrated justice information system.” Id., § 1 at 1. The Management Directive “applies to all departments, boards, commissions, and councils (hereinafter referred to as “agencies”) which participate in the JNET initiative.” Id., § 2 at 1. As
13 for responsibilities, the Management Directive provides, in relevant part, that the JNET Executive Council as a body shall “[e]nsure that agencies identify and monitor the activities of agency level JNET users.” Id., § 6(b)(5) at 3. In addition, it mandates that the JNET Steering Committee “[d]irect the development and implementation of an integrated justice information system known as JNET” and “[e]nsure that agency systems adhere to policies established by the JNET Executive Council.” Id., § 6(c)(1) and (2). The document created by OA titled “JNET Policies and Procedures: Misuse Investigation Procedures” sets forth JNET’s misuse investigation procedures and the policies and procedures that are to be used by agencies/counties to investigate and report JNET misuse by their employees and to understand the misuse sanctioning process. JNET Policies and Procedures: Misuse Investigation Procedures (Oct. 19, 2020 Version 2.8); Reproduced Record (R.R.) at 110a-36a. Agencies contracting for JNET access are “responsible for reporting violations of JNET policies and procedures to their Registrar, [JNET Terminal Agency Coordinator (JTAC)], JNET Sponsor, or directly to the JNET Security Administrator.” Id., § 2.5 at 3; R.R. at 116a. However, “[t]he JNET Office will act as the administrative branch and receive and process the misuse forms . . . .” Id., § 2.6 at 4; R.R. at 117a. In addition, “[t]he JNET Security Administrator can initiate a misuse investigation if he or she has credible evidence of potential misuse, or if he or she receives a request from the Agency Sponsor, Registrar, JTAC or any JNET data provider.” Id., § 2.7 at 4; R.R. at 117a. The JNET Security Administrator is also “responsible for overseeing all misuse investigations that involve suspension and access revocations.” Id. Thus, JNET clearly retains responsibility for and authority over investigations of JNET misuse by users in contracting agencies.
14 There are three standard agreements between OA and each entity that contracts for access to JNET. The first two are the JNET Sponsor Agreement (R.R. at 150a-58a) and the JNET Registrar Agreement (R.R. at 159a-66a). These agreements set forth, respectively, the obligations of the JNET Sponsor and the JNET Registrar as the representatives of their respective agency, department, county, or other entity gaining access to JNET. The third is the JNET JTAC Agreement (R.R. at 165a-72a). Each agency or county accessing criminal history information through JNET must have a JTAC, who is the point of contact concerning all criminal history information accessed by JNET criminal history users. The JNET JTAC Agreement sets forth the obligations for a JNET JTAC as a representative of the JTAC’s agency, department, county, or other entity gaining access to JNET. All three mandatory agreements set forth the obligations of agencies contracting for JNET access to oversee their individual JNET users, report any suspected misuse, cooperate in any misuse investigations, and assist misuse investigators. The first agreement specifies the JNET Sponsor’s responsibilities to comply with and enforce user compliance with user agreements and policies, manage the new JNET user registration process, verify user identities, authorize use of personal devices to access JNET, oversee approval of user role requests, monitor employment status of JNET users, ensure suspension or deactivation of unneeded user accounts, report suspected misuse, and cooperate with and assist in misuse investigations. JNET Sponsor Agreement at 1-2; R.R. at 150a-51a. The second agreement likewise requires the JNET Registrar to ensure that all unneeded JNET user profiles are deactivated or suspended and that personally owned devices are preauthorized to access JNET, report suspected misuse, and cooperate with and assist in all misuse investigations. JNET Registrar Agreement at 1-2; R.R. at 161a-62a.
15 The third agreement similarly requires the JNET JTAC to verify that criminal history applicants belong to a criminal justice agency and have been trained and certified, ensure that unneeded user accounts are deactivated or suspended, report suspected misuse, and cooperate with and assist in all misuse investigations. JNET JTAC Agreement at 1-2; R.R. at 165a-66a. Consistent with these agreements, the JNET User Agreement mandates that agencies contracting for JNET access must report unauthorized access to or use of JNET content to OA’s security administrator. JNET User Agreement, ¶11; R.R. at 174a. Although the provisions of these documents require individual user monitoring by agencies contracting for access to JNET, as well as cooperation in any investigation by JNET concerning potential misuse of such access, this Court concludes that CHPD, as an agency, is performing its own governmental function when it monitors its employees’ activities. This Court is not persuaded by Requesters’ argument that OA delegated to CHPD and other contracting agencies OA’s purported responsibility to assure user compliance with the JNET access guidelines. This contractual responsibility is properly characterized as a limitation on the services provided by OA or, at most, as a requirement of cooperation in support of OA’s performance of its security function of safeguarding the information stored in JNET, rather than as a delegation of a governmental function otherwise assigned to OA. The contractual provisions that make CHPD responsible to monitor its employee users’ access to JNET merely reflect the practical reality that CHPD is in a better position to perform such monitoring of its own employees than is OA. OA, in agreeing to provide information access services through JNET, requires agencies contracting for JNET access, which agencies necessarily control their employees, to do their part by assuring that employees make proper use of JNET
16 access. A contractual provision that allocates the parties’ responsibilities in recognition of that reality does not, by doing so, delegate a governmental function of OA to CHPD. JNET, overseen by OA, serves as an information access clearinghouse for other agencies. Thus, JNET, not the individual user or contracting agency, is the service provider. Through its various agreements with agencies for JNET access, OA sensibly imposes on each agency, which is in the best position to monitor its employee users’ activities, the responsibility to do so. That does not mean either the accessing agencies or the individual users of the information system are performing a government service for OA. Exactly the opposite is true. Indeed, providing information access services to other agencies is JNET’s purpose. For this reason, we reject Requesters’ argument that OA has contracted for CHPD to perform services on OA’s behalf. It is CHPD, the agency obtaining access, which has procured services from OA/JNET, not the other way around. Therefore, Section 506(d) of the RTKL is facially inapplicable to this case for this additional reason.
C. Requesters’ Supplemental Submission Finally, OOR did not err by failing to consider the additional evidence that Requesters proffered in their supplemental submission to OOR, nor will we accept Requesters’ suggestion that we take note of either the alleged text messages between the police officer and his girlfriend referenced in CHPD Chief Margeson’s Attestation or the police officer’s promotion either while under investigation or at the completion of CHPD’s investigation. Requesters maintain that this purported evidence should be considered because it indicates that the police officer’s JNET misuse triggered the creation of public records responsive to their RTKL request.
17 However, Requesters’ supplemental submission has nothing to do with the issues to be reviewed by this Court, i.e., whether OA satisfied its burden of searching for responsive records and whether OA delegated a governmental function to CHPD. While the supplemental submission may suggest that misuse occurred or that CHPD initiated an investigation, Requesters’ motive for attempting to uncover it is irrelevant to their RTKL request and whether OA delegated one of its governmental functions to CHPD.
IV. Conclusion Based on the foregoing discussion, the final determination of the OOR is affirmed.
__________________________________ CHRISTINE FIZZANO CANNON, Judge
18 IN THE COMMONWEALTH COURT OF PENNSYLVANIA
Terry Mutchler and Obermayer : Rebmann Maxwell & Hippel, : Petitioners : v. : : Pennsylvania Office of Administration : (Office of Open Records), : No. 628 C.D. 2023 Respondent :
ORDER
AND NOW, this 18th day of March, 2025, the final determination of the Office of Open Records dated May 16, 2023 is AFFIRMED.
__________________________________ CHRISTINE FIZZANO CANNON, Judge IN THE COMMONWEALTH COURT OF PENNSYLVANIA
Terry Mutchler and Obermayer : Rebmann Maxwell & Hippel, : Petitioners : : v. : No. 628 C.D. 2023 : Argued: December 11, 2024 Pennsylvania Office of : Administration (Office of Open : Records), : Respondent :
BEFORE: HONORABLE RENÉE COHN JUBELIRER, President Judge HONORABLE PATRICIA A. McCULLOUGH, Judge HONORABLE MICHAEL H. WOJCIK, Judge HONORABLE CHRISTINE FIZZANO CANNON, Judge HONORABLE LORI A. DUMAS, Judge HONORABLE STACY WALLACE, Judge HONORABLE MATTHEW S. WOLF, Judge
CONCURRING/DISSENTING OPINION BY PRESIDENT JUDGE COHN JUBELIRER FILED: March 18, 2025
Respectfully, I part ways with the conclusion of the thoughtful majority opinion that the Pennsylvania Office of Administration (OA) had no obligation under Section 506(d)(1) of the Right-to-Know Law (RTKL), 65 P.S. § 67.506(d)(1),1 to seek public records responsive to Terry Mutchler’s and Obermayer Rebmann Maxwell & Hippel’s (Requesters) RTKL request from the Camp Hill Borough Police Department (CHBP). Mutchler v. Pa. Off. of Admin. (Off. of Open Recs.), __ A.3d __, __ (Pa. Cmwlth., No. 628 C.D. 2023, filed March 18, 2025), slip op. at 7-17. Based on that section’s plain language and the contracts between OA and CHBP, I would conclude that OA had such an obligation, and the
1 Act of February 14, 2008, P.L. 6, 65 P.S. § 67.506(d)(1). Office of Open Records (OOR) erred in holding otherwise. Therefore, I must dissent from the majority’s affirmance of OOR’s decision in that regard. Section 506(d)(1) of the RTKL, addressing public records in the possession of third parties, provides:
A public record that is not in the possession of an agency but is in the possession of a party with whom the agency has contracted to perform a governmental function on behalf of the agency, and which directly relates to the governmental function and is not exempt under this act, shall be considered a public record of the agency for purposes of this act. 65 P.S. § 67.506(d)(1). Consequently, the records defined in Section 506(d)(1) of the RTKL are presumptively public records subject to public access, “so long as the record (a) directly relates to the governmental function and (b) is not exempt under the RTKL.” Allegheny Cnty. Dep’t of Admin. Servs. v. A Second Chance, Inc., 13 A.3d 1025, 1039 (Pa. Cmwlth. 2011). To meet the “directly relates” requirement, the records must relate to the performance of a governmental function. Dental Benefit Providers, Inc. v. Eiseman, 86 A.3d 932, 940 (Pa. Cmwlth. 2014), aff’d, 124 A.3d 1214 (Pa. 2015). This encompasses the “delegation of some substantial facet of the agency’s role and responsibilities, as opposed to entry into routine service agreements with independent contractors.” SWB Yankees LLC v. Wintermantel, 45 A.3d 1029, 1043 (Pa. 2012). The majority reasons that Section 506(d)(1) is inapplicable, and so OA did not have an obligation to seek responsive records from CHBP, because (1) CHBP is a government agency that is separately subject to the RTKL, and (2) the contracts between OA and CHBP related to the Pennsylvania Justice Network (JNET) do not reflect the delegation of a governmental function of OA to CHBP. Mutchler, __ A.3d at __, slip op. at 10, 16-17. I disagree with both propositions because they are
RCJ - 2 not supported by the unambiguous language used by the General Assembly and the agreements between the parties. First, as a matter of statutory construction, the General Assembly in Section 506(d)(1) did not specify that the broad description of a “party with whom the agency has contracted to perform a governmental function on behalf of the agency” only includes private contractors. 65 P.S. § 67.506(d)(1). Absent language restricting the applicability of that broad provision, the Court cannot ignore the plain language of the RTKL. “Where the words of a statute are clear and free from ambiguity the legislative intent is to be gleaned from those very words.” Pa. Fin. Resp. Assigned Claims Plan v. English, 664 A.2d 84, 87 (Pa. 1995). While the Court’s precedent to this point has involved private contractors, that is a function of the facts of those cases, not a limitation found in the statutory language. Consequently, as long as the elements of Section 506(d) are satisfied, a public record that is not in OA’s possession but is in the possession of a party such as CHBP with whom OA contracted to perform a governmental function on OA’s behalf, and which directly relates to that function and is not exempt under the RTKL, is considered to be a public record of OA for purposes of the RTKL. Second, the majority’s interpretation of the Management Directive and other agreements between OA and CHBP discounts the mandatory nature of those agreements and the provisions therein reflecting that OA’s oversight of JNET primarily relies upon JNET users policing themselves and reporting alleged misuse to OA. The JNET Management Directive “defines policy, responsibilities, and procedures for the . . . []JNET[] Governance Structure as established by Executive Order 2014-02 . . . .” (March 18, 2014 Management Directive, No. 245.16, amended, https://www.oa.pa.gov/Policies/md/Documents/245_16.pdf (last
RCJ - 3 accessed March 17, 2025), Preface at 1.) The Management Directive manifests OA’s broad authority over JNET, including the power to revoke a user’s credentials and ability to use the system. When agencies on OA’s behalf identify and monitor the activities of their respective users, those agencies are exercising the oversight that OA delegated to them. That delegation can be gleaned from the responsibilities enumerated in several agreements. For example, the agreement entitled “JNET Policies and Procedures: Misuse Investigation Procedures” sets forth JNET’s misuse investigation procedures and the policies and procedures that are to be used by agencies/counties to investigate and report JNET misuse and to understand the misuse sanctioning process. (JNET Policies and Procedures: Misuse Investigation Procedures (Oct. 19, 2020 Version 2.8), Reproduced Record (R.R.) at 110a-36a.) Pursuant thereto, JNET users are “responsible for reporting violations of JNET policies and procedures to their Registrar, [JNET Terminal Agency Coordinator (JTAC)], JNET Sponsor, or directly to the JNET Security Administrator.” (Id., § 2.5 at 3, R.R. at 116a (emphasis added).) The JNET Office receives and processes those reports, (id., § 2.6 at 4, R.R. at 117a), and “[t]he JNET Security Administrator can initiate a misuse investigation if he or she has credible evidence of potential misuse; or if he or she receives a request from the Agency Sponsor, Registrar, JTAC or any JNET data provider,” (id., § 2.7 at 4, R.R. at 117a) (emphasis added). The other three mandatory agreements further reflect the delegation OA makes to the local agencies, and the agencies’ individual users, that utilize JNET. The JNET Sponsor and JNET Registrar Agreements set forth, respectively, the obligations of those individuals as the representatives of their respective agency, department, county, or other entity gaining access to JNET. The third agreement is
RCJ - 4 the JNET JTAC Agreement, which sets forth the obligations for a JNET JTAC as a representative of the JTAC’s agency, department, county, or other entity gaining access to JNET. (R.R. at 165a-72a.) Each agency or county accessing criminal history information through JNET must have a JTAC, who is the point of contact concerning all criminal history information accessed by JNET criminal history users. All three mandatory agreements impose obligations to oversee the JNET users, report any suspected misuse, cooperate in any misuse investigations, and assist misuse investigators. The first agreement requires the JNET Sponsor, inter alia, to “[c]omply with and enforce user and Agency compliance with all User Agreements, and Policies[; r]eport each suspected misuse event to the JNET Security Administrator[; and c]ooperate with and assist in all misuse investigators [sic] from any entity with appropriate jurisdiction . . . .” (JNET Sponsor Agreement at 1-2, R.R. at 150a-51a.) The second agreement requires the JNET Registrar, inter alia, to “[e]nsure that all JNET user profiles that no longer need access to JNET has had their profile deactivated or have been suspended immediately[; e]nsure that personally owned devices are pre[]authorized and are not being used to access any JNET application that displays [Commonwealth Law Enforcement Assistance Network (CLEAN)], [Criminal Justice Information Services (CJIS)] or [Department of Transportation (DOT)] Information[; r]eport each suspected misuse event to the JNET Security Administrator[; and c]ooperate with and assist in all misuse investigators [sic] from any entity within its appropriate jurisdiction[.]” (JNET Registrar Agreement at 1-2, R.R. at 161a-62a.) The third agreement requires the JNET JTAC, inter alia, to “[v]erify that each criminal history applicant belongs to a criminal justice agency . . . [; n]ot provide criminal history access to a user unless they belong to a criminal justice agency and have been trained and certified . . . [;
RCJ - 5 e]nsure that all users who no longer need access to JNET have had their account deactivated or suspended immediately by the assigned agency JNET Registrar[; r]eport each suspected misuse to the JNET Security Administrator . . .[; and c]ooperate with and assist in all misuse investigators [sic] from any entity with appropriate jurisdiction . . . .” (JNET JTAC Agreement at 1-2, R.R. at 165a-66a.) In addition, there is a JNET User Agreement, (R.R. at 150a-78a), which sets forth the obligations of the JNET user and does not refer to the user as also serving as a representative of his or her respective agency, department, county, or other entity. Pursuant to this agreement, OA mandates that users must “[i]mmediately report unauthorized access or use of JNET or Data Provider content to the JNET Security Administrator[,]” controlled by OA. (JNET User Agreement, ¶ 11, R.R. at 174a (emphasis added).) The aforementioned agreements are more than run of the mill user agreements setting forth the appropriate terms of JNET access. Nor do they, as the majority concludes, reflect the local agencies performing only their own governmental function to monitor their own employees’ actions. Mutchler, __ A.3d at __, slip op. at 16. Rather, under these agreements, the contracting agencies and their users are required to notify the JNET Office of suspected misuse and assist the JNET Office in a misuse investigation. Hence, they are not analogous to the routine service agreements with independent contractors that the Supreme Court concluded did not encompass the “delegation of some substantial facet of the agency’s role and responsibilities” in SWB Yankees LLC, 45 A.3d at 1043. Through these agreements, OA delegated a substantial portion of its oversight responsibilities to the users, thereby affecting JNET access and accountability. In doing this, OA delegated a substantial facet of its governmental authority to its users. Accordingly, this modus
RCJ - 6 operandi triggered OA’s statutory obligation under Section 506(d)(1) of the RTKL to contact CHBP for any responsive records. Because I would conclude that all of the elements of Section 506(d)(1) are met here—Requesters have requested a public record that is not in OA’s possession but is in the possession of CHBP with whom OA contracted to perform a governmental function on OA’s behalf, and which directly relates to that function— I would reverse OOR’s determination that OA was not obligated to contact CHBP for public records responsive to Requesters’ RTKL request and direct OA to do so and issue a response to Requesters. I concur with the majority in affirming OOR to the extent that OA met its burden of proving its internal search for responsive records in this matter was sufficient and that there was no error in OOR not considering the additional evidence Requesters sought to introduce to supplement the record.
__________________________________________ RENÉE COHN JUBELIRER, President Judge
RCJ - 7 IN THE COMMONWEALTH COURT OF PENNSYLVANIA
Terry Mutchler and Obermayer : Rebmann Maxwell & Hippel, : Petitioners : : v. : No. 628 C.D. 2023 : Pennsylvania Office of Administration : Argued: December 11, 2024 (Office of Open Records), : Respondent :
BEFORE: HONORABLE RENÉE COHN JUBELIRER, President Judge HONORABLE PATRICIA A. McCULLOUGH, Judge HONORABLE MICHAEL H. WOJCIK, Judge HONORABLE CHRISTINE FIZZANO CANNON, Judge HONORABLE LORI A. DUMAS, Judge HONORABLE STACY WALLACE, Judge HONORABLE MATTHEW S. WOLF, Judge
CONCURRING OPINION BY JUDGE McCULLOUGH FILED: March 18, 2025 While I agree with the result reached by Majority, I write separately to clarify the Pennsylvania Office of Administration’s (OA) obligation to direct Terry Mutchler and Obermayer Rebmann Maxwell & Hippel’s (Requesters) inquiry to the Camp Hill Police Department (CHPD) under Section 502(b)(1) of the Right-to- Know Law (RTKL)1 and why Section 506 of the RTKL should not apply in this instance at all. As noted by the Majority, this Court has recognized a “clear assumption that the ‘third party’ referenced in Section 506(d)(1) is a private party, not another government agency. See, e.g., Real Alternatives v. Dep’t of Hum. Servs., 279 A.3d
1 Act of February 14, 2008, P.L. 6, 65 P.S. § 67.502(b)(1). 96, 106 (Pa. Cmwlth. 2022) (quoting Allegheny Cnty. Dep’t of Admin. Servs. v. Parsons, 61 A.3d 336, 346 (Pa. Cmwlth. 2013)) (clarifying that ‘Section 506(d)(1) does not reach all records in possession of a private contractor that relate to the governmental function; rather, the records reached are only those that relate to performance of that function’)) (additional quotation marks and additional citations omitted); Parsons, 61 A.3d at 343 (observing that Section 506(d)(1) is ‘the RTKL provision through which records of private third-party contractors may become accessible to the public’); SWB Yankees LLC v. Wintermantel, 999 A.2d 672, 675 (Pa. Cmwlth. 2010), aff’d, 45 A.3d 1029 (Pa. 2012) (stating that ‘Section 506(d)(1) of the RTKL clearly puts a third party in the same position as an agency for purposes of the RTKL’).” (Majority Op. at 8-9.) I believe the question before us is answered in this statement, because another government agency simply cannot be included within the ambit of Section 506. Instead, the operative statutory language is set forth in Section 502(b)(1), which requires an open records officer to direct requests, where appropriate, to persons in another agency. It provides in pertinent part as follows: § 67.502. Open-records officer ....
(b) Functions.- -
(1) The open-records officer shall receive requests submitted to the agency under this act, direct requests to other appropriate persons within the agency or to appropriate persons in another agency, track the agency’s progress in responding to requests and issue interim and final responses under this act. 65 P.S. § 67.502(b)(1) (emphasis added).
PAM - 2 Thus, an open records officer who receives a request must first make a good faith effort to determine whether the agency has responsive records in its possession. If the agency does not, the officer must then direct the request to the appropriate agency. Applying these principles to the instant case, under Section 502(b)(1), OA was required to direct Requesters’ inquiry to CHPD as a separate agency and to notify Requesters of this referral as a part of its duty to respond to Requesters. This referral requirement is particularly important given that most requesters may not be aware of which agency, if any, could have custody of the relevant public documents. Our interpretation of the RTKL should not inadvertently convey that we view the information seeking process as a cat and mouse game. Despite the fact that the legislature has expressly provided for the scenario before us in Section 502, the Majority fails to acknowledge the applicability of this provision at all. While I agree with its conclusion that CHPD’s status as an agency precludes application of Section 506(d) of the RTKL, (Majority Op. at 11), I would find that this is primarily because the RTKL already contains a provision which does apply, Section 502. Further, the Majority states that, “Where the third party is another agency, public access is already assured. There is no need or purpose for involvement of an agency that does not possess the records sought, where another agency does possess those records, and indeed, is their originator.” (Majority Op. at 10.) While appropriate access should be assured if an agency is involved, we do not need to look at it as a possible third party contractor. Moreover, there is a need for the involvement of an agency that does not possess the records sought, if the request
PAM - 3 was served on it. In that scenario, such agency must direct the request to the appropriate agency and maintain and file the reports noted in Section 502. In light of the above, I believe the Majority’s analysis must be taken a step further to emphasize OA’s obligation to direct Requester’s inquiry to CHPD under Section 502(b)(1) and that Section 506 of the RTKL has no direct implication in this matter. Accordingly, I respectfully concur in the result.
________________________________ PATRICIA A. McCULLOUGH, Judge
PAM - 4