State agencies stonewall, stall on deleted emails of key bureaucrat

  • Print Friendly

Two years worth of emails for IRS agent Lois Lerner have vanished, and even CNN reporters couldn’t hide their incredulity.

“I’m going to be flippant here and I don’t mean to — well, maybe I do mean to be,” CNN anchor John King began. “Do you believe in the Easter Bunny? Do you believe in Santa Claus? Do you believe that Lois Lerner’s e-mails just suddenly went ‘poof?’”

Do you believe Lois Lerner’s emails suddenly went poof?

Because let me tell you this: Jo Donlin’s emails suddenly went ‘poof’ and the state has been stonewalling, stalling, and obfuscating for 5 months now – anything to keep this investigative reporter from digging deeper into an already big story.

Jo Donlin was the bureaucrat in the state’s Division of Insurance, who had the misfortune of speaking honestly in her dealings with Senator Mark Udall’s office over ObamaCare.

After the state had released a tally of 249,000 insurance cancellations in 2013, most of them from ObamaCare, Senator Udall’s office wanted a different spin on the story.

“Sen. Udall says our numbers were wrong. They are not wrong,” Donlin said in an email to her colleagues. “Cancellation notices affected 249,199 people. They want to trash our numbers. I’m holding strong while we get more details.”

That’s the background info, now stay with me please as I walk you through a timeline of how I’ve been working on this story.

On January 9, published the original story about Donlin’s emails. January 10, the Denver Post followed up with a headline story above the fold.

On January 13, the Department of Regulatory Agencies (the “parent agency” for the Division of Insurance)(DORA) allegedly assembled a “neutral and objective panel” to conduct an inquiry into whether Donlin had possibly been bullied by Udall’s office, although not one document exists regarding the inquiry.

Stick with me here because we’re going to get into a lot of dates, but it matters.

On January 28, I filed a Colorado Open Records Act (CORA) request asking for all of the emails for the panelists – and for Donlin – for the dates of January 10-14. These dates would have encompassed the dates where the story was breaking to a larger audience, as well as the date of the “inquiry” by the panel.

When I got the results of this CORA request, there were dozens of emails provided for the panelists. There were none for Donlin.*

My first instinct was to gather some other documents, which I did, but that took an additional 2-3 weeks.

Finally, on March 20, I asked DORA-DOI why there were no emails for Donlin. DORA-DOI basically said the emails were deleted, tough luck. DORA spokeswoman Sue Cobb said, “If any emails existed that were responsive to your request, they were deleted before I sent the response cited to you below [in the email thread], and they cannot be recovered or restored.” Further questions about data rebuilding were not answered.

My sallies with the state’s Office of Information Technology (OIT) were even more disappointing.

When I asked OIT spokeswoman Tauna Lockhart how far back you could go to rebuild deleted emails, Ms. Lockhart said, “Regarding your questions of April 3, we have and will continue to respond to your CORA requests as required by law. But we are unable to accommodate your request for more information about what may or may not be available. The law and our CORA policy dictate what records are public.”

When I pressed harder (and, I’m chagrined to admit, perhaps impolitely) for an answer to the question, Ms. Lockhart said, “Please refer to my previous response.”

There are three significant problems here, not even considering that state government workers with the title “Public Information Officer” purposefully evaded their foremost task of providing information to the public.

First, I have successfully in the past had a Colorado state government agency rebuild deleted emails that, at the time, were over a year old. It was expensive, yes, but doable.

Second, all state agencies (with just a small handful of exceptions) are now using Google for Government for their mail client and for their email server space. A snippet of the contract with Google also indicates that the state bought archiving capabilities of up to 10 years.

Third, when the original CORA was made on January 28, all Google for Government instructional pages indicate that even after a user has deleted an item from their email wastebasket, the item is still likely recoverable in under 30 days, regardless of any “archiving period” the state may or may not have purchased.

There’s more commentary ready for harvesting because of this episode. But for right now, let me say these few things:

    • I can’t help but feel that DORA-DOI acted in bad faith by not attempting to access deleted emails on my original records request.
    • There’s still time for DORA-DOI and OIT to do the right thing and answer the question: How far back can you go to rebuild email data? If those agencies won’t answer me, then the Colorado Freedom of Information Coalition should press for answers.
    • I now have a records request in with DORA-DOI to determine who runs the “archive.” Given that I’ve been “wordsmithed” on other inquiries about “Google for Government” (i.e. OIT said they did not know if the state contracted directly with Google – true, they use a third-party contractor as a middle man), it would be refreshing and a show of good faith for DORA-DOI to produce a broadly interpreted response as soon as possible.**
    • I would welcome with open arms and complete confidentiality, any whistleblower who has firsthand knowledge of the state’s email services with Google, how long deleted emails are kept in the archive, or any other knowledge of what happened in DORA-DOI when the “panel” took place.

*There was one email provided from Donlin, but that email was from January 17, oddly enough. So there were no emails provided for the requested dates of January 10-14.

**An advance copy of this op-ed was provided to both DORA-DOI and OIT, with an offer to submit comments that would be added as postscripts.  We did not receive comments from either.  However, the CORA request mentioned in the corresponding bullet point was answered late Wednesday afternoon.  The documents provided showed that in late 2012, DORA opted not to purchase “Google Vault,” and made the same decision again in late 2013.  This is a start, but still does not answer the core question — How far back can you go to rebuild emails? — even with Google operating the server.  Other questions emerge from the document provided as well, we’ll be following up.  But given that we provided an advance copy to DORA notifying them specifically of a planned publication on Thursday morning, we’re leaving the full text of the op-ed as-is, and adding this footnote to update.

Send us tips at

free hit counter

Print Friendly



Comments are closed.