California Prisons Are Deleting Records of Social Media Censorship
Facebook Rightfully Questions Claims That California Inmates Are Banned from Having a Social Media Presence
Up until last spring, Facebook had maintained a semi-secret channel for corrections facilities to file "Inmate Takedown" requests. A prison official could fill out a simple online form, hit submit, and Facebook would begin the account suspension process without ever creating a public record. Since Facebook wouldn’t publish the number of inmate takedown requests it received (and still hasn’t), the entire censorship regime was essentially invisible.
To be clear: we believe that Facebook is right to take action against inmate accounts in response to abusive behavior or activity that creates a legitimate safety concern. However, we opposed Facebook’s previous policy of automatically suspending inmate accounts on request, without seeking more information.
After negotiations with EFF, Facebook agreed to a series of reforms, including a key transparency element: the company agreed to start generating receipt emails when an inmate account report was submitted by a prison official. That way, we could file a public records request with the agency to find out how many times prison officials sought to censor inmates.
We praised this as a positive step, but unfortunately there was one flaw in our assumptions. We took it for granted that government agencies would not destroy records.
This month we filed a request under the California Public Records Act (CPRA) with the California Department of Corrections and Rehabilitation (CDCR) for communications between the agency and Facebook. CDCR initially responded that it had none, which we knew to be false. Through other channels, we had seen a copy of a letter that CDCR’s lawyers had sent to Facebook. So we knew that at least that record existed. We let CDCR know that, as well as the fact that Facebook was generating the receipt emails.
CDCR agreed to double check. The second time around, they were able to find communications between CDCR lawyers and Facebook. But as far as the Facebook receipt emails go, no luck: those were being destroyed. As CDCR explained:
You had asked about the letters that Facebook sends when a user’s page gets deleted. I asked about those letters, and discovered that they are more like notes than letters, and that CDCR does not retain them.
This is unacceptable.
According to the California Office of State Publishing’s "Records Management Handbook" [.pdf], agencies can treat "letters of transmittal and acknowledgements of receipt" as "non-records," but only if the letters "do not add any information to the material transmitted." But since CDCR isn’t keeping records of what it sends to Facebook to begin with because CDCR staff uses Facebook’s online form, these letters are the only record of the government’s action.
And as the California Public Records Act asserts: "access to information concerning the conduct of the people’s business is a fundamental and necessary right of every person in this state." The law further states that notes may only be withheld "if the public interest in withholding those records clearly outweighs the public interest in disclosure."
Issues EFF has raised about prison censorship of inmate Facebook accounts have become a matter of great public interest. Dozens of national and international news organizations have covered the issue, including New York Times Magazine, Daily Beast, and The Source. CDCR itself even published a blog post on its site when it first announced a partnership with Facebook back in 2011. Organizations such as the Prison Policy Initiative and the ACLU have taken up the cause, and more than 28,000 people signed a Care2 petition asking Facebook to protect the free speech rights of inmates.
There is no justification at all for destroying these records to keep them from public scrutiny. CDCR must start retaining these letters and disclosing them immediately. And so long as Facebook facilitates this secrecy through its online reporting form, Facebook should also disclose how many inmate-related requests it has received in its transparency reports.
There is some good news: Facebook is standing up to CDCR.
Last year, Facebook agreed to change its policies so that it would no longer automatically suspend Facebook profiles simply because they belonged to inmates. Instead, the company would consider at least two factors first. Either a prison had to prove that it had the legal authority to request a takedown (e.g. an actual law that says inmates can’t have social media pages) or the prison had to demonstrate that specific content posed a security threat (e.g. an inmate’s post included a threat or involved planning a crime).
California does not have a law banning inmates from social media, and the prison’s regulations don’t address it either. However, this still meant that CDCR could ask for inmate pages to be removed when they were engaged in bad behavior, such as intimidating victims.
This should’ve been enough for CDCR. Instead, CDCR’s legal team began sending letters and emails to Facebook, trying to twist the law to make it seem like it had legal authority to ask for inmate takedowns. CDCR made two specific arguments.
First, CDCR said its rules prohibit inmates from accessing Internet-connected devices or computers. So, if an inmate used a contraband device to go on Facebook, that means the prison can get that content taken down.
By that logic, if an inmate gets a tattoo with a contraband tattoo needle, the prison would believe it had the authority to have the tattoo removed. Or, if an inmate had a letter smuggled out to a newspaper, the prison could ask the newspaper to delete a story citing the letter. Take the CDCR’s argument to an even further extreme: if a non-incarcerated person steals a computer, writes a novel on it, gets the novel published, law enforcement could ask bookstores to pull it from their shelves.
To reiterate—the CDCR is not claiming that inmates’ speech isn’t First Amendment-protected activity. But amazingly, CDCR is claiming the right to censor protected speech because of the manner in which it was transmitted. While possessing a contraband phone should be a punishable offense, we believe that must be separate from any speech created with that device.
CDCR’s other claim relates to how an inmate may have a family or friend post to Facebook on their behalf. CDCR claims that this amounts to illegal computer hacking, because an inmate is causing computer services to be used without authorization.
It is unclear from the letter what unauthorized access CDCR is referring to. CDCR could be saying that by using a third party to access Facebook—which is a violation of Facebook’s terms of service—the offender is committing a criminal offense. If that’s CDCR’s argument, it’s plainly wrong: in United States v. Nosal, the United States Court of Appeals for the Ninth Circuit ruled that violating terms of service is not unauthorized access.
It’s even worse if CDCR is arguing that an inmate is breaking prison regulations or engaging in illegal hacking by having someone access the Internet on their behalf. Under that scenario, any inmate who asks a family member to do Internet legal research would be criminally liable.
According to records obtained under CPRA, Facebook isn’t buying it. Facebook responded:
Your letter provides helpful background on California legal authority banning inmate access to cell phones and the Internet. However, none of the authorities you cite specifically references inmate access to social media, such as Facebook.
Facebook then asked CDCR to provide any kind of evidence that inmates are banned from social media.
Those do not exist. We searched the regulations for them and came up empty-handed. We filed a CPRA request seeking policies about inmate use of social media, and CDCR responded it had none.
When a government agency seeks to have speech removed from the Internet, that is the definition of censorship, regardless of whether the agency is a prison system and the speech is that of an inmate. While there may be limited circumstances when removal would be justified—say, the communication is being used to harass victims, arrange drug deals, or plan an escape—it is impossible to evaluate what’s appropriate and what’s not, if no formal policies are in place and the entire process is shrouded in secrecy.
People in the outside world have every right to amplify the voices of inmates, and Facebook has every right to decide whether to keep that content on its site. But if CDCR is going to engage in a censorship regime, then the public has every right to know about it.
Recent DeepLinks Posts
Feb 24, 2017
Feb 24, 2017
Feb 24, 2017
Feb 24, 2017
Feb 24, 2017
- Fair Use and Intellectual Property: Defending the Balance
- Free Speech
- UK Investigatory Powers Bill
- Know Your Rights
- Trade Agreements and Digital Rights
- State-Sponsored Malware
- Abortion Reporting
- Analog Hole
- Anti-Counterfeiting Trade Agreement
- Artificial Intelligence & Machine Learning
- Bloggers' Rights
- Border Searches
- Broadcast Flag
- Broadcasting Treaty
- Cell Tracking
- Coders' Rights Project
- Computer Fraud And Abuse Act Reform
- Content Blocking
- Copyright Trolls
- Council of Europe
- Cyber Security Legislation
- Defend Your Right to Repair!
- Development Agenda
- Digital Books
- Digital Radio
- Digital Video
- DMCA Rulemaking
- Do Not Track
- E-Voting Rights
- EFF Europe
- Electronic Frontier Alliance
- Encrypting the Web
- Export Controls
- Eyes, Ears & Nodes Podcast
- FAQs for Lodsys Targets
- File Sharing
- Fixing Copyright? The 2013-2016 Copyright Review Process
- Genetic Information Privacy
- Government Hacking and Subversion of Digital Security
- Hollywood v. DVD
- How Patents Hinder Innovation (Graphic)
- International Privacy Standards
- Internet Governance Forum
- Law Enforcement Access
- Legislative Solutions for Patent Reform
- Locational Privacy
- Mandatory Data Retention
- Mandatory National IDs and Biometric Databases
- Mass Surveillance Technologies
- Medical Privacy
- Mobile devices
- National Security and Medical Information
- National Security Letters
- Net Neutrality
- No Downtime for Free Speech
- NSA Spying
- Offline : Imprisoned Bloggers and Technologists
- Online Behavioral Tracking
- Open Access
- Open Wireless
- Patent Busting Project
- Patent Trolls
- PATRIOT Act
- Pen Trap
- Policy Analysis
- Public Health Reporting and Hospital Discharge Data
- Reading Accessibility
- Real ID
- Reclaim Invention
- Search Engines
- Search Incident to Arrest
- Section 230 of the Communications Decency Act
- Shadow Regulation
- Social Networks
- SOPA/PIPA: Internet Blacklist Legislation
- Student Privacy
- Stupid Patent of the Month
- Surveillance and Human Rights
- Surveillance Drones
- Terms Of (Ab)Use
- Test Your ISP
- The "Six Strikes" Copyright Surveillance Machine
- The Global Network Initiative
- The Law and Medical Privacy
- TPP's Copyright Trap
- Trans-Pacific Partnership Agreement
- Travel Screening
- Trusted Computing
- Video Games