Summary
holding that section 552.102 exempts public employee's birth dates, which are not core public information, from disclosure because disclosure results in an unwarranted invasion of personal privacy
Summary of this case from Abbott v. Dall. Area Rapid TransitOpinion
No. 08–0172.
2011-01-14
TEXAS COMPTROLLER OF PUBLIC ACCOUNTS, Petitioner, v. ATTORNEY GENERAL OF TEXAS and the Dallas Morning News, Ltd., Respondents.
Greg W. Abbott, Attorney General of Texas, Kent C. Sullivan, David S. Morales, Office of the Attorney General of Texas, Deputy First Assistant Attorney General, David C. Mattax, Chief Financial Litigation, John M. Hohengarten, Office of the Attorney General, Maureen Powers, Office of the Attorney General of Texas, Austin, TX, for Texas Comptroller of Public Accounts. Brenda Loudermilk, Office of the Attorney General of Texas, Clarence Andrew Weber, Kelly Hart & Hallman LLP, Barbara Bryant Deane, Assistant Attorney General, Austin, TX, Gregory W. Abbott, Attorney General of Texas, Kent C. Sullivan, for Respondent.
Greg W. Abbott, Attorney General of Texas, Kent C. Sullivan, David S. Morales, Office of the Attorney General of Texas, Deputy First Assistant Attorney General, David C. Mattax, Chief Financial Litigation, John M. Hohengarten, Office of the Attorney General, Maureen Powers, Office of the Attorney General of Texas, Austin, TX, for Texas Comptroller of Public Accounts. Brenda Loudermilk, Office of the Attorney General of Texas, Clarence Andrew Weber, Kelly Hart & Hallman LLP, Barbara Bryant Deane, Assistant Attorney General, Austin, TX, Gregory W. Abbott, Attorney General of Texas, Kent C. Sullivan, for Respondent. Paul C. Watler, Jackson Walker, L.L.P., Dionne Carney Rainey, Hunton & Williams LLP, Andrew D. Graham, Jackson Walker, L.L.P., Dallas, TX, for The Dallas Morning News, Ltd.S. Anthony Safi, Mounce Green Myers Safi Paxson & Galatzan, El Paso, TX, for Amicus Curiae Texas Association of School Boards Legal Assistance Fund.Joseph R. Larsen, Sedgwick, Detert, Moran & Arnold, LLP, Houston, TX, for Amicus Curiae Freedom of Information of Tx. and Reporters Comm. for Freedom of the Press.Chief Justice JEFFERSON delivered the opinion of the Court, joined by Justice MEDINA, Justice GREEN, Justice GUZMAN, and Justice LEHRMANN.
Invoking the Texas Public Information Act (PIA), the Dallas Morning News sought a copy of the Comptroller's payroll database for state employees. See Tex. Gov't Code ch. 552. The Comptroller responded with the full name, age, race, sex, salary, agency, job description, work address, date of initial employment, pay rate, and work hours for each employee. But the Comptroller withheld dates of birth as protected under Government Code section 552.101, which excepts from disclosure “information considered to be confidential by law, either constitutional, statutory, or by judicial decision.”
Id. § 552.101. She then sought the Attorney General's opinion on whether those dates must be disclosed. Id. § 552.301. In a comprehensive response, the Attorney General's letter ruling referenced not only section 552.101, but also section 552.102's personnel file exemption, which protects the privacy rights of government employees.
The Comptroller also asserted that the information was protected under section 552.108, which excepts from disclosure certain law enforcement, correction, and prosecutorial information. Tex. Gov't Code § 552.108. That exception is not at issue here.
Bills submitted in the 2009 legislative session that would prevent disclosure of birth dates of public employees failed to pass. Tex. S.B.1912, 81st Leg., R.S. (2009); Tex. H.B. 4207, 81st Leg., R.S. (2009). So there is still no express preclusion on the requested disclosure of birth dates. There are protections of birth dates in specific circumstances that are not before the Court in this case. See, e.g., Tex Gov't Code § 552.1176; Tex Elec.Code § 13.004(d)(4).
In addition to [section 552.101], the Act also provides specific protection for the privacy rights of government employees. See Gov't Code § 552.102(a). Section 552.102 of the Government Code excepts from disclosure “information in a personnel file, the disclosure of which would constitute a clearly unwarranted invasion of personal privacy.” Id. ... The limitation of a “clearly unwarranted invasion of personal privacy” requires a balance between the protection of an individual's right of privacy and the preservation of the public's right to government information. See Hubert v. Harte–Hanks Tex. Newspapers, Inc., 652 S.W.2d 546, 551 n. 8 (Tex.App.-Austin 1983, writ ref'd n.r.e.) (establishing test for privacy under exception; citing Dept. of the Air Force v. Rose, 425 U.S. 352, 378 n. 16, 96 S.Ct. 1592).Tex. Att'y Gen. OR2006–01938, at 2.
Like all Open Records Letter Rulings, this one was signed by an assistant attorney general in the Open Records Division. See Open Records Letter Rulings, Attorney General of Texas, https:// www. oag. state. tx. us/ open/ index_ orl. php.
Ryan McNeill, ID Theft v. Public Record: State May Hide Workers' Birthdates, but It Sells Same Info on All Drivers, [hereinafter “McNeill, ID Theft v. Public Record ”] Dallas Morning News, May 7, 2009, at A1, available at http:// www. dallas news. com/ shared content/ dws/ dn/ yahoo latest news/ stories/ 050709 dnpro date of birth. 3 fcf 743. html (reporting that “private companies spent nearly $50 million during the last fiscal year” buying Texas drivers' data, including birth dates).
3. See McNeill, ID Theft v. Public Record, at A1.
In the same opinion, the Attorney General discussed the growing problem of identity theft and described how birth dates, particularly when utilized with other data, facilitate that crime. He noted that “a majority of the fifty states protect date of birth information in government employee personnel files.” Id. at 3. Ultimately, however, the Attorney General concluded that there was no proof “that harmful financial consequences will result from the release of the date of birth information in response to this request.” Id. at 4. He left open the possibility that “based on a presentation of new facts and additional arguments, ... it is possible that Texas could join the growing number of states that protect from disclosure broad-based requests for date of birth information.” Id.
The trial court and the court of appeals sided with the Attorney General. 244 S.W.3d 629. The Comptroller has petitioned this Court, and we must now decide if the PIA requires redaction of birth dates. In the course of answering that question, we must also decide whether, to protect 144,000 state employees whose privacy interests would otherwise be compromised,
we may consider an argument that the Comptroller presented expressly in the trial court and the court of appeals, but only tangentially here. For reasons expressed by the Attorney General in an earlier phase of this litigation, we conclude that the Comptroller properly withheld birth dates. We hold that, under the unique circumstances presented here, the questions the Comptroller has presented fairly include an argument that the privacy interest of the state's employees must be protected under the personnel-file exception. We reverse in part and affirm in part the court of appeals' judgment.
According to the U.S. Census Bureau, as of March 2008, there were 257,830 full-time and 78,625 part-time employees of the State of Texas. 2008 Annual Survey of State and Local Government Employment and Payroll, U.S. Census Bureau, available at http:// www 2. census. gov/ govs/ apes/ 08 sttx. txt. (all Internet materials as visited December 1, 2010 and copy available in Clerk of Court's file). According to the Comptroller, around 144,000 employees working for state agencies in Texas would be affected by the Public Information Act request.
I. Procedural history
After the Attorney General issued his letter, the Comptroller, represented by the Attorney General, sued the Attorney General and sought a declaration that birth dates were excepted from disclosure. The Comptroller asserted that the Attorney General failed to apply the appropriate standards for employee privacy rights under both sections 552.101 and 552.102. The News intervened and moved for summary judgment, as did the Comptroller. The trial court granted the News' motion (although it denied the News' request for attorney's fees) and denied the Comptroller's. The court of appeals affirmed. 244 S.W.3d 629.
In the trial court and the court of appeals, the Comptroller argued that section 552.102's personnel file exemption applied. Citing Hubert v. Harte–Hanks Tex. Newspapers, Inc., 652 S.W.2d 546 (Tex.App.-Austin 1983, writ ref'd n.r.e.), however, the Comptroller contended that the test was the same under either section 552.101 or 552.102. The Attorney General agreed. The court of appeals, although noting the Comptroller's arguments under both sections 552.101 and 552.102, appears to have considered only section 552.101. 244 S.W.3d 629, 633, 635. We granted the petitions for review. 52 Tex.Sup.Ct.J. 377 (Feb. 27, 2009).
The Texas Association of School Boards Legal Assistance Fund submitted an amicus curiae brief in support of the Comptroller; the Freedom of Information Foundation of Texas and the Reporters Committee for Freedom of the Press submitted an amici curiae brief in support of the Attorney General and the News.
The Identity Theft Enforcement and Protection Act prohibits use of personal identifying information without the other person's consent to obtain anything of value in the other person's name. Tex. Bus. & Com.Code § 521.051. Personal identifying information includes name, social security number, date of birth or government-issued identification number. Id. § 521.002(a)(1). The penalties for violation may be civil or, in certain types of credit card theft, criminal. Id. §§ 521.151, 522.002.
II. The third party privacy interests persuade us to consider the section 552.102 exception that the Comptroller abridged from her argument in this Court.
Although his opinion letter cited a balancing test for determining whether birth date information falls within section 552.102's personnel file exception, neither the Attorney General nor the Comptroller (represented by the Attorney General) now contends that a balancing test is appropriate. Instead, before and since that letter, and based solely on the court of appeals' decision in Hubert, the Attorney General says that the test for information excepted from disclosure under section 552.102 is identical to that under section 552.101. See, e.g., Tex. Att'y Gen. OR2010–01791, at 3 (“In Hubert, the court ruled that the test to be applied to information claimed to be protected under section 552.102 is the same as the test formulated by the Texas Supreme Court in Industrial Foundation, for information claimed to be protected under the doctrine of common-law privacy as incorporated by section 552.101. Accordingly, we will consider your privacy claims under sections 552.101 and 552.102(a) together.”) (citations omitted); Tex. Att'y Gen. OR2005–11671, at 4 (same); Tex. Att'y Gen. OR2005–00721, at 3 (same); Attorney General of Texas, Public Information 2010 Handbook 81 (noting that “[t]he court in Hubert v. Harte–Hanks Texas Newspapers, Inc. ruled that the test to be applied under section 552.102 is the same as the test formulated by the Texas Supreme Court in Industrial Foundation for applying the doctrine of common law privacy as incorporated by section 552.101” and “[c]onsequently, in claiming that information is excepted from public disclosure under section 552.102, a governmental body should not rely upon decisions interpreting this provision that predate the Hubert decision”).
In this Court, the Comptroller no longer presses the section 552.102 argument, although her petition for review cites state and federal cases holding that disclosure of dates of birth would be a “clear invasion of personal privacy”—similar to the section 552.102 standard (“clearly unwarranted invasion of personal privacy”). The petition also notes that “[a] majority of the fifty states now exempt[s] date of birth from disclosure when an open records request is made for the personnel files of government employees”; that “[s]everal states protect the information under an ‘unwarranted invasion of personal privacy’ exemption”; and that “[o]ther states protect date of birth as part of an exception for employee personnel records.” The Comptroller cites an analogous case under the Freedom of Information Act's (FOIA) Exemption 6 (the federal personnel policy exemption), as well as a Delaware attorney general opinion determining that public release of the dates of birth of all state employees would constitute an invasion of personal privacy under that state's personnel file exception. See Del. Op. Att'y. Gen. No. 94–I019 (1994). We find it difficult to ignore these citations, even in light of the Comptroller's statement at argument that she was no longer pursuing a section 552.102 exemption.
Given the unique circumstances of this case and the third party interests at stake, we conclude that the Comptroller's petition “fairly include[s]” an argument that section 552.102 applies. Tex.R.App. P. 53.2(f); see also Pub. Utils. Comm'n v. Cofer, 754 S.W.2d 121, 124 (Tex.1988) (observing that, “in our adversary system, a court has not only the power but the duty to insure that judicial proceedings remain truly adversary in nature”). This comports with the steps taken by the Legislature to protect third party privacy interests in PIA matters. For example, although a governmental body waives any exception to disclosure it fails to raise before the attorney general, that rule is inapplicable when the exception “involv[es] the property or privacy interests of another person.” Tex. Gov't Code § 552.326. And before disclosure, a governmental body must “make a good faith attempt to notify” a person whose “proprietary information may be subject to exception under Section 552.101, 552.110, 552.113, or 552.131.”
Although the Comptroller asserted that dates of birth were exempt from disclosure under section 552.101, there is no indication that written notice was provided to the state employees whose data would be disclosed. The News states that no notice was given, and the Comptroller does not argue to the contrary.
6. See Tex. Gov't Code § 552.001(b); Dep't of Air Force v. Rose, 425 U.S. 352, 361, 96 S.Ct. 1592, 48 L.Ed.2d 11 (1976) (noting that “disclosure, not secrecy, is the dominant objective of [FOIA]”).
7. See, e.g., 5 U.S.C. § 552(b)(6); Tex. Gov't Code § 552.102.
8. See, e.g., Fighting Back Against Identity Theft, Federal Trade Commission, http:// www. ftc. gov/ bcp/ edu/ microsites/ idtheft/ consumers/ deter- detect- defend. html; Graeeme R. Newman & Megan M. McNally, Identity Theft Literature Review, National Inst. J. 210459 (Jan. 27–28, 2005), available at http:// www. ncjrs. gov/ pdffiles 1/ nij/ grants/ 210459. pdf; President's Task Force on Identity Theft, Combating Identity Theft: A Strategic Plan (2007), available at http:// www. idtheft. gov/ reports/ Strategic Plan. pdf; Preventing Identity Theft, Attorney General of Texas, available at https:// www. oag. state. tx. us/ consumer/ identity_ theft. shtml; Seven Main Points of Identification, Get ID Smart, available at http:// www. getidsmart. com/; Working to Resolve Identity Theft, Identity Theft Resource Center, available at http:// www. idtheftcenter. org/ artman 2/ publish/ c_ tips/ index. shtml.
Unless, of course, one is sensitive about one's age. But if that were the case, then the Comptroller's release of employees' ages would be just as offensive as birth dates.
Cases interpreting the federal Act support a similar construction. The Supreme Court has made it clear that FOIA Exemption 6 protects the privacy interest belonging to the individual. See DOJ v. Reporters Comm. for Freedom of the Press, 489 U.S. 749, 763, 109 S.Ct. 1468, 103 L.Ed.2d 774 (1989) (“[B]oth the common law and the literal understandings of privacy encompass the individual's control of information concerning his or her person.”); Sherman v. U.S. Dep't of the Army, 244 F.3d 357, 363 (5th Cir.2001) (“The Supreme Court has explained that the privacy interest at stake in FOIA exemption analysis belongs to the individual, not the agency holding the information.”). In August v. Federal Bureau of Investigation, 328 F.3d 697, 702 (D.C.Cir.2003), the court remanded for consideration of additional exemptions from disclosure because, although the government generally waives any FOIA exemption it fails to raise in initial proceedings, “the Government's failure ... resulted from human error, because wholesale disclosure would pose a significant risk to the safety and privacy of third parties, and because the Government has taken steps to ensure that it does not make the same mistake again, we see this case as inappropriate for the rigid ‘press it at the threshold, or lose it for all times' approach.” That court pointed out that third parties, who “bear no responsibility for the Government's litigation strategy,” should not “pay for the Government's [failure to raise the applicable exemptions].” August, 328 F.3d at 701; see also Joseph W. Diemert, Jr. & Assocs. Co. v. FAA, 218 Fed.Appx. 479, 482 (6th Cir.2007) (“[S]ome courts have concluded that where personal privacy interests are implicated, only the individual who owns such interest may validly waive it.”). In another case, the court observed that, although an agency generally waives any exemption it fails to raise at the initial proceedings, “in certain FOIA cases where the judgment will impinge on rights of third parties that are expressly protected by FOIA, such as privacy or safety, district courts not only have the discretion, but sometimes the obligation to consider newly presented facts and to grant” post-judgment relief. Piper v. DOJ, 374 F.Supp.2d 73, 78 (D.D.C.2005). Thus, “the importance of protecting third parties' interests makes judicial intervention proper,” even though the Comptroller no longer presses the argument. Id. at 81.
III. Determining whether the information sought is a “clearly unwarranted invasion of personal privacy” requires us to balance the individual's right to privacy against the public's right to government information.
The Texas Legislature modeled the PIA after the FOIA. See City of Garland v. Dallas Morning News, 22 S.W.3d 351, 355 (Tex.2000) (plurality op.). Both statutes favor disclosure,
“Personal identifying information,” different from “sensitive personal information,” includes date of birth. Tex. Bus. & Com.Code § 521.002(a)(1).
Section 552.102(a) exempts information from a “personnel file, the disclosure of which would constitute a clearly unwarranted invasion of personal privacy.” Tex. Gov't Code § 552.102(a). This language tracks its federal counterpart, which protects “personnel and medical files and similar files the disclosure of which would constitute a clearly unwarranted invasion of personal privacy.” 5 U.S.C. § 552(b)(6). The United States Supreme Court, in Department of the Air Force v. Rose, 425 U.S. 352, 372, 96 S.Ct. 1592, 48 L.Ed.2d 11 (1976), interpreted the personnel file exemption to “require a balancing of the individual's right of privacy against the preservation of the basic purpose of the Freedom of Information Act.” The Supreme Court later explained that, under this balancing test “[i]nformation such as place of birth, date of birth, date of marriage, employment history, and comparable data is not normally regarded as highly personal, and yet ... such information, if contained in a ‘personnel’ or ‘medical’ file, would be exempt from any disclosure that would constitute a clearly unwarranted invasion of personal privacy.” U.S. Dep't of State v. Wash. Post Co., 456 U.S. 595, 600, 102 S.Ct. 1957, 72 L.Ed.2d 358 (1982) (noting that “ ‘limitation of a “clearly unwarranted invasion of personal privacy” provides a proper balance between the protection of an individual's right of privacy and the preservation of the public's right to Government information by excluding those kinds of files the disclosure of which might harm the individual ’ ” (quoting H.R.Rep. No. 1497, 89th Cong., 2nd Sess., at 11 (1966), U.S.Code Cong. & Admin.News 1966, at 2418, 2428)).
Prior to 2001, the Transportation Code permitted agencies to distribute birth date information “for bulk distribution for surveys, marketing, or solicitations” provided that persons had the opportunity to opt-out and prohibit the uses. Tex. Transp. Code § 730.007, repealed by Acts 2001, 77th Leg., R.S., ch. 1032.
Although we have held that a balancing test is not required under section 552.101 (excepting from disclosure “information considered to be confidential by law, either constitutional, statutory, or by judicial decision”), we have not rejected its application to section 552.102. See Indus. Found. of South v. Tex. Indus. Accident Bd., 540 S.W.2d 668, 681 (Tex.1976). In Industrial Foundation, decided shortly after the U.S. Supreme Court issued Rose, we held only that Rose's balancing test was inapplicable to section 552.101 because the PIA “contain[ed] no exception comparable to” FOIA's exception for “files ‘ similar ’ to medical or personnel files.” Id. (emphasis added).
In Hubert v. Harte–Hanks Texas Newspapers, Inc., 652 S.W.2d at 550, the only decision to consider whether a balancing test applied under section 552.102, a divided court of appeals held that it did not:
Nothing in the language [of the PIA] indicates that ... the federal balancing test or the Industrial Foundation test should be employed in determining cases involving ‘information from personnel files.’ Nevertheless, this Court has determined, finally, that the Industrial Foundation test for information deemed confidential by law under [section 552.101] ... should apply also to [section 552.102]. The dissenting justice disagreed, arguing that “[t]he plain meaning of the term ‘clearly unwarranted’ implies in the strongest possible terms that the decision to disclose the information depends upon a balancing test.” Id. at 559 n. 4 (Powers, J., dissenting). He interpreted Industrial Foundation to endorse the use of a balancing test for claims under section 552.102:
With respect to the [PIA], however, the Supreme Court of Texas observed that the same construction, if applied to [section 552.101] of the Texas statute, would render superfluous [section 552.102] of that statute in matters of personnel-file privacy. The Court thus implied in the strongest terms that the balancing test to which it referred would be applicable under [section 552.102], but not applicable outside that subsection. Id. at 557–58 (Powers, J., dissenting).
We agree with Justice Powers. Because the PIA is modeled on the FOIA, federal precedent is persuasive, particularly where the statutory provisions mirror one another. See In re Weekley Homes, L.P., 295 S.W.3d 309, 316–17 (Tex.2009) (conceding that state discovery rules are not identical to federal rules, but “are not inconsistent,” and “therefore we look to the federal rules for guidance”); Farmers Group, Inc. v. Lubin, 222 S.W.3d 417, 425 (Tex.2007) (looking to cases interpreting federal rules where Texas rules incorporated the identical language); Hallco Tex., Inc. v. McMullen Cnty., 221 S.W.3d 50, 56 (Tex.2006); Compaq Computer Corp. v. Lapray, 135 S.W.3d 657, 664 (Tex.2004). In drafting the FOIA, the U.S. Senate explained that “ ‘[t]he phrase ‘clearly unwarranted invasion of personal privacy’ enunciates a policy that will involve a balancing of interests between the protection of an individual's private affairs from unnecessary public scrutiny, and the preservation of the public's right to governmental information.' ” Rose, 425 U.S. at 372, 96 S.Ct. 1592 (quoting S.Rep. No. 813, 89th Cong., 1st Sess., at 9 (1965)). When the Texas Legislature used the same “clearly unwarranted invasion of personal privacy” language, it is fair to presume it intended the same meaning as that articulated by its federal predecessor. Cf. Farmers Group, 222 S.W.3d at 425 (noting that Texas statute incorporating language from Federal Rule of Civil Procedure indicated that statute was intended to have similar application).
The Attorney General recognized the applicability of this balancing test in his initial response to the Comptroller's open letter request, noting that “[t]he limitation of a ‘clearly unwarranted invasion of personal privacy’ requires a balance between the protection of an individual's right of privacy and the preservation of the public's right to government information.” Tex. Att'y Gen. OR2006–01938, at 2 (citing Rose, 425 U.S. at 378 n. 16, 96 S.Ct. 1592). We agree: Rose's balancing test is the appropriate standard under section 552.102. Accordingly, we next weigh the third party privacy interest against the public's right to government information.
IV. Both the Attorney General and the Comptroller have identified significant privacy interests at stake, and the public interest in employee birth dates in this case is minimal.
The privacy interests protected by the PIA exemption involve the right of individuals “to determine for themselves when, how, and to what extent information about them is communicated to others.” Alan F. Westin, Privacy and Freedom 7 (1967), quoted in Reporters Comm., 489 U.S. at 764 n. 16, 109 S.Ct. 1468. The News responds that it has no interest in disclosing birth dates to the world, but rather would use the information to investigate inappropriate hires or other misadventures the state may commit. We do not doubt that the News would put the information to beneficial use. But if the requested information is disclosed to the News, it must be disclosed to any applicant, including those who would employ it for illegitimate purposes. “[O]nce there is disclosure, the information belongs to the general public.” Nat'l Archives & Records Admin. v. Favish, 541 U.S. 157, 174, 124 S.Ct. 1570, 158 L.Ed.2d 319 (2004).
Nor is it relevant that birth dates may be readily available from other sources. “An individual's interest in controlling the dissemination of information regarding personal matters does not dissolve simply because that information may be available to the public in some form.” U.S. Dep't of Defense v. Fed. Labor Relations Auth., 510 U.S. 487, 500, 114 S.Ct. 1006, 127 L.Ed.2d 325 (1994). The Supreme Court has held that government employees have a privacy interest in nondisclosure of their home addresses, even though “home addresses often are publicly available through sources such as telephone directories and voter registration lists.” Id. (holding that such addresses were exempt from disclosure under FOIA Exemption 6).
Instead, we must examine whether state employees have a privacy interest in their birth dates. The Attorney General, in his initial response to the Comptroller, highlighted many of the issues implicated by the News' request:
Identity theft, without question, is becoming one of the fastest growing criminal and consumer offenses in the twenty-first century. See Daly v. Metropolitan Life Ins. Co., 4 Misc.3d 887, 782 N.Y.S.2d 530, 535 (N.Y.Sup.2004) (denying defendant's motion for summary judgment in negligence action against insurer who disclosed consumers' names, social security numbers, and date of birth information). The Federal Trade Commission estimated 27.3 million reported cases of identity theft, causing billions of dollars in damages, in the five years preceding early 2003. Id. (citing Thomas Fedorek, Computers + Connectivity = New Opportunities for Criminals and Dilemmas for Investigators, 76–Feb. N.Y. St. B.J. 10, 15 (February, 2004)). A date of birth obtained in combination with other data about an individual can be used in at least two harmful ways: to obtain sensitive information about an individual and to commit identity theft. See Daly v. Metropolitan Life Ins. Co., 782 N.Y.S.2d at 535–36; Scottsdale Unified Sch. Dist. v. KPNX Broad. Co., 191 Ariz. 297, 955 P.2d 534, 539 (1998). Tex. Att'y Gen. OR2006–01938, at 3.
Nor can we ignore the reality of technology. As one court has noted:
“There is a difference between electronic compilation in searchable form and records that can only be found by a diligent search through scattered files. The former presents a far greater threat to privacy” (Kurtz, The Invisible Becomes Manifest: Information Privacy in a Digital Age, 38 Washburn LJ 151, 155–56 [1998] ). Moreover, on-line data brokers often collect information taken from public records and allow access in a searchable form, which potentially leads to abuse by identity thieves. Goyer v. N.Y. State Dep't of Envtl. Conservation, 12 Misc.3d 261, 813 N.Y.S.2d 628, 639 (N.Y.Sup.Ct.2005) (holding that personal information (including dates of birth) in hunting licenses were exempt from disclosure under state's “unwarranted invasion of personal privacy” standard). The Attorney General has observed that preventing identity theft “begins by reducing the number of places where your personal information can be found,” Preventing Identity Theft, Fighting Identity Theft, www. texas fight sid theft. gov/ preventing. shtml, and he concedes that “[c]ertain public information websites allow individuals to locate [highly sensitive personal] information in any state, including Texas, using only a name and date of birth,” Tex. Att'y Gen. OR2006–01938, at 3. One commentator has noted that “information deemed useful to be publicly available under the old transactions technology” is now “too available in a world of wired consumers.” Alessandro Acquisti & Ralph Gross, Predicting Social Security Numbers From Public Data, 106 Proc. Nat'l Acad. Sci. 10975, 10980 (2009), available at www. pnas. org/ content/ 106/ 27/ 10975. full. pdf (citation omitted); cf. Reporters Comm., 489 U.S. at 764, 109 S.Ct. 1468 (“[T]here is a vast difference between the public records that might be found after a diligent search of courthouse files, county archives, and local police stations throughout the country and a computerized summary located in a single clearinghouse of information.”). For this reason, almost every major consumer protection entity, whether governmental or non-governmental (including the Federal Trade Commission, the President's Task Force on Identity Theft, and the Texas Attorney General's website), advises citizens against publicizing their dates of birth or using their dates of birth as pin numbers and passwords.
Examples include the home address, home telephone number, or social security number of peace officers, county jailers, and current or former employees of the Texas Department of Criminal Justice, among others; any identifying information of a crime victim or claimant, including address and social security number; credit card, debit card, charge card, or access device number that is collected, assembled, or maintained by or for a governmental body; and the social security number of applicants for a marriage license. Tex. Gov't Code § 552.1175, .132, .136, .141.
Moreover, there is little question that one “can take personal information that's not sensitive, like birth date, and combine it with other publicly available data to come up with something very sensitive and confidential.”
Hadley Legget, Social Security Numbers Deduced From Public Data, Wired Sci. (July 6, 2009, 5:05 PM) http:// www. wired. com/ wired science/ 2009/ 07/ predictingssn/. As the Arizona Supreme Court has observed:
This apparently stems from the Social Security Administration's methods for assigning numbers, which is usually done shortly after a person's birth, and based in part on geography. Hadley Legget, Social Security Numbers Deduced From Public Data, Wired Sci. (July 6, 2009, 5:05 PM) http:// www. wired. com/ wiredscience/ 2009/ 07/ predictingssn/.
FN10. See Tex. Gov't Code 552.222; A & T Consultants v. Sharp, 904 S.W.2d 668, 676 (Tex.1995) (noting that FOIA also “bars the government from examining the motives or interests of the party requesting the release of public information”); see also Reporters Comm., 489 U.S. at 771, 109 S.Ct. 1468 (holding that “the identity of the requesting party has no bearing on the merits of his or her FOIA request”); U.S. Dep't of Air Force, Scott Air Force Base v. Fed. Labor Relations Auth., 838 F.2d 229, 232–34 (7th Cir.1988) (noting that requestor's use was irrelevant, as “[t]he special needs of one, or the lesser needs of another, do not matter,” because “[t]he first person to get the information may give it away; so if one person gets it, ‘any person’ may. ‘The Act clearly intended to give any member of the public as much right to disclosure as one with a special interest therein.’ ” (quoting N.L.R.B. v. Sears, Roebuck & Co., 421 U.S. 132, 149, 95 S.Ct. 1504, 44 L.Ed.2d 29 (1975))).
FN11. Dep't of Defense v. Fed. Labor Relations Auth., 510 U.S. 487, 497, 114 S.Ct. 1006, 127 L.Ed.2d 325 (1994) (quoting Reporters Comm., 489 U.S. at 773, 109 S.Ct. 1468).
An electronic search of Texas statutes returned 101 results in which certain information was “confidential” and “not subject to disclosure” under the PIA. Examples include certain records of teacher certification examinations (Tex. Educ.Code § 21.048(c–1)), student loan borrower records (Tex. Educ.Code § 57.11(d)), child welfare service reports, (Tex. Fam.Code § 264.613(a)), DNA records stored in the Department of Public Safety DNA database (Tex. Gov't Code § 411.153(a)), the responses to exit interviews provided by departing government workers (Tex. Gov't Code § 651.007(g)), certain nursing home records (Tex. Health & Safety Code § 242.134(a)), certain carrier contracts in the workers' compensation system, (Tex. Ins.Code § 1305.154(a)), social security numbers provided by applicants for professional licenses (Tex. Occ.Code § 59.001), pending proposals for comprehensive development agreements in transportation projects (Tex. Transp. Code § 370.307(a)), and certain information relating to mineral, oil, and gas leases (Tex. Nat. Res.Code §§ 52.190(d), 53.081(d)).
With both a name and birth date, one can obtain information about an individual's criminal record, arrest record ... driving record, state of origin, political party affiliation, social security number, current and past addresses, civil litigation record, liens, property owned, credit history, financial accounts, and, quite possibly, information concerning an individual's complete medical and military histories, and insurance and investment portfolio.Scottsdale Unified Sch. Dist. No. 48 v. KPNX Broad. Co., 191 Ariz. 297, 955 P.2d 534, 539 (1998); see also Data Tree, LLC v. Meek, 279 Kan. 445, 109 P.3d 1226, 1238 (2005) (“An individual's social security number, date of birth, and mother's maiden name are often used as identifiers for financial accounts or for obtaining access to electronic commerce.”); Hearst Corp. v. State, 24 Misc.3d 611, 882 N.Y.S.2d 862, 875 (N.Y.Sup.Ct.2009) (concluding that “a reasonable person would find the disclosure of their precise birth dates, taken together with their full name and other details of their State employment, to be offensive and objectionable”). In fact, “[a] key element from the privacy standpoint is the inclusion of residents' date of birth.” Ira Bloom, Freedom of Information Laws in the Digital Age: The Death Knell of Informational Privacy, 12 Rich. J.L. & Tech.. 9, at * 19 (2006).
Additionally, the Legislature has provided that state employees' social security numbers, home addresses, and personal family information are excepted from disclosure. Tex. Gov't Code § 552.117(a); see also id. § 552.147(a) (excepting from disclosure the social security numbers of all “living person[s]”). As the Attorney General has noted, “it is universally agreed that SSNs are at the heart of identity theft and fraud, and in today's Internet world where information—including public government information—can be instantly and anonymously obtained by anyone with access to the worldwide web, the danger is even greater.” Op. Tex. Att'y Gen. No. GA–519, at 6 (2007). These protections would be meaningless, however, if birth dates were disclosed, because those dates, when combined with name and place of birth, can reveal social security numbers. See Bob Moos, How Secure is Your Social Security Data?, Dallas Morning News, Aug. 9, 2009, at 1D. “[I]t is by now well established that the disclosure of an individual's full birth date, taken together with his or her full name and the details of employment, can be used to facilitate identity theft, thereby resulting [in] both economic and personal hardship to individuals.” Hearst Corp., 882 N.Y.S.2d at 875; see also Scottsdale, 955 P.2d at 536 (noting that “birth dates are in fact private” and “may be used to gather great amounts of private information about individuals”).
These concerns have led courts to conclude that birth dates implicate substantial privacy interests. See, e.g., Oliva v. United States, 756 F.Supp. 105, 107 (E.D.N.Y.1991) (holding that, under FOIA Exemption 6, “dates of birth[ ] are a private matter, particularly when coupled with ... other information” and disclosure “would constitute a clearly unwarranted invasion of personal privacy”); cf. Schiller v. INS, 205 F.Supp.2d 648, 663 (W.D.Tex.2002) (holding that, under FOIA Exemption 7(c) “the privacy interest of these individuals in their names and identifying information, i.e. birth date, outweighs the public interest in disclosure”); Creel v. U.S. Dep't of State, 1993 U.S. Dist. LEXIS 21187, at *19–*20 (E.D.Tex.1997) (noting that, under FOIA Exemption 7(c), private citizen had a “significant personal privacy interest in her home address, birth date, social security number, and telephone number”).
We conclude that the state employees have a “nontrivial privacy interest” in their dates of birth. Dep't of Defense, 510 U.S. at 501, 114 S.Ct. 1006. And while we may not inquire into the requesting party's intended use of the information,
we must nevertheless examine “the only relevant public interest in the ... balancing analysis—the extent to which disclosure of the information sought would ‘shed light on an agency's performance of its statutory duties' or otherwise let citizens know ‘what their government is up to.’ ”
The PIA may not criminalize all distribution of information designated “confidential” in some manner in the statute. The penal provision of the PIA makes distribution of information “considered confidential under the terms of this chapter” a misdemeanor punishable by fine, confinement in county jail, or both. Tex. Gov't Code § 552.352(a). Information “considered to be confidential by law” is “excepted” from the disclosure requirements of section 552.021. Id. § 552.101. We have not addressed whether the “confidential” information referred to in section 552.021 is treated the same as the “confidential” information in section 552.352(a).
Tex. Att'y Gen. OR2006–01938 (citing State Practices for Classification of Date of Birth in Public Records (on file with Open Records Division of the Office of the Attorney General)):
According to the survey, states with an “unwarranted invasion of personal privacy” exemption in their open records law protect date of birth information. See Haw.Rev.Stat. § 92F–13(1); 5 Ill. Comp. Stat.. 140/7(1)(b); Kan. Stat. Ann.. § 45–221(30); Ky.Rev.Stat. § 61.878(1)(a); Mass. Gen. Laws Ann. ch. 66, § 10; Mich. Comp. Laws Ann. § 15.243; N.H.Rev.Stat. Ann. § 91–A:5; N.J. Stat. Ann.. § 47:1A–10; N.Y. Pub. Off. § 89(2)(b)(iv); Utah Code Ann. § 63–2–302(2)(d). One state grants date of birth protection under a similar standard, “unreasonable invasion of personal privacy.” See S.C.Code Ann. § 30–4–40(a)(2). Several states protect date of birth information under an exception for employee “personnel” records. See Ariz. Admin. Code R2–5–105; Del.Code Ann. tit. 29 § 10002; Kan. Stat. Ann.. § 45–221(4); Iowa Code § 22.7; Md.Code Ann., State Gov't § 10–616(h)(2)(I); Miss.Code Ann. § 25–1–100; N.D. Cent.Code § 44–04–18.1; Or.Rev.Stat. § 192.502(3); R.I. Gen. Laws § 38–2–2; Va.Code Ann. § 2.2–3705.1(1); Wyo. Stat. Ann.. § 16–4–203. The state of Georgia protects employee date of birth information under a statute that specifically makes confidential date of birth information “if technically feasible at a reasonable cost.” See Ga.Code Ann. § 50–18–72(a) 11.3(A). Several states protect date of birth information by unofficial policy. Finally, the state of Washington protects date of birth information under a state plan to curtail identity theft.
Like the FOIA, the PIA is based on the notion that citizens are entitled “to complete information about the affairs of government and the official acts of public officials and employees.” Tex. Gov't Code § 552.001(a); Dep't of Interior v. Klamath Water Users Protective Ass'n, 532 U.S. 1, 8, 121 S.Ct. 1060, 149 L.Ed.2d 87 (2001) (observing “the basic policy that disclosure, not secrecy, is [FOIA's] dominant objective”). Thus, personal information about employees that does not shed light on their official actions would not further the purpose of the statute. Cf. Op. Tex. Att'y. Gen. GA–519, at 5 (noting that “[r]edacting SSNs from responsive records requested under the PIA will not detract from the PIA's purpose of making publicly available information about the affairs of government and the official acts of public officials and employees because the release of SSNs does not serve the purpose of openness in government in any foreseeably significant way”). In Reporters Committee, the U.S. Supreme Court clarified FOIA's statutory purpose as a means for citizens to know “what their government is up to”:
Official information that sheds light on an agency's performance of its statutory duties falls squarely within that statutory purpose. That purpose, however, is not fostered by disclosure of information about private citizens that is accumulated in various governmental files but that reveals little or nothing about an agency's own conduct. Reporters Committee, 489 U.S. at 773, 109 S.Ct. 1468.
Employee birth dates shed little light on government actions. The News points out that the public has an interest in monitoring the government, and birth dates could be used to determine whether governmental entities like school districts and hospitals have hired convicted felons or sex offenders. But when a protected privacy interest is at stake, the requestor must identify a sufficient reason for the disclosure; mere allegations of the possibility of wrongdoing are not enough. See Favish, 541 U.S. at 172, 124 S.Ct. 1570 (noting that, when protected privacy interests are at stake, the requestor must “establish a sufficient reason for the disclosure”).
A requestor must show that the public interest sought to be advanced is significant—an interest more specific than having the information for its own sake—and that the information sought is likely to advance that interest. Id. at 172, 124 S.Ct. 1570; cf. Indus. Found., 540 S.W.2d at 685 (requiring requestor to show that private information is of “legitimate public concern” before disclosure may be required under PIA section 552.101). This is distinct from identifying “the particular interest of the requestor, and the purpose for which he seeks the information,” considerations that are irrelevant to our analysis, except to the extent “the requestor's interest in the information is the same as that of the public at large.” Indus. Found., 540 S.W.2d at 685.
Although Favish was decided under FOIA Exemption 7(c), the relevant public interest is the same under Exemption 6. See Dep't of Defense v. Fed. Labor Relations Auth., 510 U.S. at 496 n. 6, 114 S.Ct. 1006 (noting that the identification of the relevant public interest is the same under Exemptions 6 and 7(c); the exceptions “differ in the magnitude of the public interest required to override the respective privacy interests”); see also Checkbook v. U.S. Dep't of Health and Human Servs., 554 F.3d 1046, 1055 n. 4 (D.C.Cir.2009).
An example of the scope of unintended consequences and potential harm of such a seemingly simple act of making birth date information confidential was shown recently when an attorney general opinion opined that social security numbers are confidential. Tex. Att'y Gen. Op. No. GA–0519 (2007). District and county court clerks around the state uniformly petitioned for relief because their provision of access to the social security numbers in the public records of the numerous courts they serve potentially subjected them to criminal penalties. The Attorney General's office abated its opinion and the Legislature swiftly and unanimously passed a statute expressly providing that Social Security numbers are not confidential. See Tex. Gov't Code 552.147(a).
FN13. See, e.g., Indus. Found., 540 S.W.2d at 688 (Daniel, J., concurring) (“It is my opinion that ... the Legislature did not intend [the Open Records Act] to be as broad as it was written.”); id. (Johnson, J., concurring) (“Since a majority of this court has concluded that Rule 9.040 of the Industrial Accident Board is invalid ... this writer joins Justice Doughty's opinion insofar as it requires that certain information in the Board's records be withheld to protect the common law right of privacy of compensation claimants.”); id. at 691–92 (Reavley, J., dissenting) (“I doubt that we are entitled to read this intent into the Legislature's use of ‘confidential.’ ... It was not the intention of the Legislature to turn over the administration of the Open Records Act to the judiciary. I would construe our question of legislative intent in favor of disclosure and then await legislative change if the result is objectionable. This area of confidentiality can best be mapped by statute.”).
But “[i]f a totally unsupported suggestion that the interest in finding out whether Government agents have been telling the truth justified disclosure of private materials, Government agencies would have no defense against requests for production of private information.” Dep't of State v. Ray, 502 U.S. 164, 179, 112 S.Ct. 541, 116 L.Ed.2d 526 (1991) (rejecting, under FOIA Exemption 6, asserted public interest in ascertaining veracity of government reports, as requestors had not produced “a scintilla of evidence ... that tend [ed] to impugn the integrity of the reports”); Consumers' Checkbook v. U.S. Dep't of Health and Human Servs., 554 F.3d 1046, 1054 n. 5 (D.C.Cir.2009) (holding that a “ ‘mere desire to review how an agency is doing its job, coupled with allegations that it is not, does not create a public interest sufficient to override the privacy interests' ” protected by FOIA Exemption 6) (quoting McCutchen v. U.S. Dep't of Health and Human Servs., 30 F.3d 183, 188 (D.C.Cir.1994)). The Supreme Court has criticized the idea that bare allegations would suffice to require disclosure. Favish, 541 U.S. at 174, 124 S.Ct. 1570 (holding that “the requester must establish more than a bare suspicion” and “must produce evidence that would warrant a belief by a reasonable person that the alleged Government impropriety might have occurred”). Because the News has produced no evidence supporting government wrongdoing, the public interest in disclosure here is negligible.
See Dep't of Defense, 510 U.S. at 498, 114 S.Ct. 1006 (noting that providing employees' home address would reveal little or nothing about employing agencies or their activities).
Of course, should the News obtain such evidence, it would be free to make another PIA request for the relevant birth dates.
Moreover, the Comptroller has relinquished the full name, age, race, sex, salary, agency, job description, work address, date of initial employment, pay rate, and work hours of every agency employee. The Comptroller also showed that, using only the information produced, each employee was distinguishable without resort to date of birth. See Horowitz v. Peace Corps, 428 F.3d 271, 278 (D.C.Cir.2005) (“The availability of information through other sources lessens the public interest in its release through FOIA.”).
We hold that the state employees' privacy interest substantially outweighs the negligible public interest in disclosure here. Consistent with the federal courts and those in other states, we conclude that disclosing employee birth dates constitutes a clearly unwarranted invasion of personal privacy, making them exempt from disclosure under section 552.102.
V. Attorney's fees
The trial court denied the News' request for attorney's fees, and the court of appeals affirmed. 244 S.W.3d at 641–42. The News petitioned this Court for review, arguing that attorney's fees were proper under Government Code section 552.323(b) and the Declaratory Judgment Act. See Tex. Gov't Code § 552.323(b); Tex. Civ. Prac. & Rem.Code § 37.009.
A. Government Code § 552.323(b)
Section 552.323(b) authorizes a court to award reasonable attorney's fees incurred by a party “who substantially prevails.” Tex. Gov't Code § 552.323(b). Before a trial court may award fees, the statute also requires that a number of other conditions be met: that the action be brought under section 552.324; that the trial court consider whether the public information officer who withheld that information had a reasonable basis in law for doing so; and that the trial court examine whether the litigation was brought in bad faith. See id. The parties dispute whether these requirements were satisfied here. We need not reach those issues, however, because the Comptroller has prevailed.
B. Declaratory Judgment Act
Under the Declaratory Judgment Act, a trial court may award reasonable and necessary attorney's fees “as are equitable and just.” Tex. Civ. Prac. & Rem.Code § 37.009. The News contends that it is entitled to fees because it is a prevailing party and because the Comptroller has no legal basis to support her position. Because, as outlined above, we disagree, we conclude that the trial court did not abuse its discretion in refusing to award the News attorney's fees, and we affirm the judgment denying the News' request for attorney's fees. See Bocquet v. Herring, 972 S.W.2d 19, 21 (Tex.1998).
VI. Conclusion
Identity theft cost Americans almost $50 billion in 2007 alone. Rachel Kim, Javelin Strategy & Research, 2007 Identity Fraud Survey Report 1 (2007), available at http:// graphics 8. nytimes. com/ images/ blogs/ freakonomics/ pdf/ Javelin %?20Report %?202007. pdf. In 2004, Texas ranked fourth among states for the number of identity-theft complaints reported to the Federal Trade Commission. Office Of Consumer Credit, Legislative Report Reviewing Identity Theft and Senate Bill 473 (2004), available at http:// www. occc. state. tx. us/ pages/ publications/ Identity Theft. pdf. The State of Texas employs over a quarter of a million people, 144,000 of whom represent the true parties involved in this controversy. When the privacy rights of a substantial class of innocent third parties are affected by one of our decisions, we have a duty to pay them heed. And because the state employees' privacy interest substantially outweighs the minimal public interest in the information, we hold that disclosure of state employee birth dates would constitute a clearly unwarranted invasion of personal privacy, and such dates are excepted from disclosure under section 552.102(a). See Tex. Gov't Code § 552.102. We reverse in part and affirm in part the court of appeals' judgment and render judgment declaring that the public employee birth dates at issue in OR2006–01938 are excepted from disclosure under section 552.102. See Tex.R.App. P. 60.2(a), (c).
Justice WAINWRIGHT delivered a dissenting and concurring opinion, joined by Justice JOHNSON.
Justice HECHT and Justice WILLETT did not participate in the decision.
Justice WAINWRIGHT, joined by Justice JOHNSON, dissenting in part and concurring in part.
The dates of birth of state government employees that the Dallas Morning News requested from the Comptroller in this case are defined as public information—information legitimately collected and maintained by the State of Texas. There is no dispute of that fact. Unlike social security numbers, the Legislature has not expressly excepted birth dates from disclosure.
1 And no one disagrees with the proposition that public information should be handled in ways that provide protections against identity theft. But we should not forget that the more public information is protected from disclosure to the people, the less information the public gets from the government that serves it. It is a fundamental policy of the State of Texas that its citizens are entitled “at all times to complete information about the affairs of government and the official acts of public officials and employees.” City of Dallas v. Abbott, 304 S.W.3d 380, 388 (Tex.2010) (Wainwright, J., dissenting) (citing Tex. Gov't Code § 552.001).
The public information at issue has proven quite useful not only to inform citizens of the actions of the government and to arm citizens to hold the public sector accountable but also to highlight problems in the public sector that should be addressed. For example, the information sought in this case, which had been released to the News in prior years, was used to determine that a number of Texas Youth Commission employees had some criminal background and that some employees of a local school district had criminal records.
2 Dates of birth were used to confirm the identities of public employees with criminal records and avoid confusing them with the wrong persons with similar or the same names. These are legitimate uses of public employees' birth dates, which the Court precludes by its opinion.
Obviously, whether to disclose or keep secret public information involves a balancing of policy objectives, including the public's right to transparency in governmental affairs and privacy concerns of public employees. In promulgating the Texas Public Information Act (PIA), the Legislature balanced disclosure and protection of different types of public information about public employees. The Legislature decided that dates of birth are public information, as the Court and the Comptroller concede. And the State of Texas for years has sold birth date information of Texas public employees to businesses, and the parties point to no problems with identity theft arising from those prior disclosures.
3 To address illicit use of personal information, the Legislature promulgated the Identity Theft Enforcement and Protection Act with criminal penalties for those parties who engage in identity theft.
4 Before today, no Texas court had held that dates of birth of public employees are confidential or otherwise precluded their disclosure.
This case is fundamentally about which institution decides that balance—the Legislature or the judiciary. Our task in this case is not to decide if we think these birth dates should be confidential. We are charged with deciding whether the Legislature excepted dates of birth of public employees from disclosure under section 552.101 of the PIA. I would hold that it did not. The Court reaches the contrary result, not under section 552.101, but under section 552.102, an issue the Comptroller did not raise in this Court and expressly disclaims as a basis for its position that the information should be protected. I respectfully dissent.
I. Factual and Procedural History
On November 18, 2005, an editor with the Dallas Morning News (News) submitted a PIA request to the Comptroller for an electronic copy of the Texas state employee payroll database. The News requested the full name, birth date, job description, agency, salary, race, sex, work address, date of initial employment, pay rate, and work hours of every state employee in the database. Contending that birth dates, certain salary deductions, and an employee's designation as a peace officer are protected from disclosure under sections 552.101 and 552.108 of the Act, the Comptroller submitted a timely request for an attorney general decision determining whether those portions of the public information should be withheld. See Tex. Gov't Code § 552.301 (mandating that a governmental body that wishes to withhold requested information from public disclosure that it considers to be excepted from disclosure under Subchapter C of the PIA must timely ask for a decision from the attorney general). In an open records letter ruling, the Attorney General concluded that public employees' dates of birth are public information that must be disclosed to the requestor. See Tex. Att'y Gen. OR2006–01938.
Arguing that the release of the birth dates could lead to identity theft, the Comptroller filed suit seeking declaratory relief from compliance with the Attorney General's letter ruling as provided by Subchapter H of the PIA. Tex. Gov't Code §§ 552.321–.327. The News intervened in the lawsuit and moved for partial summary judgment on the ground that birth dates are not protected from disclosure by the PIA. The Comptroller responded with a cross-motion for summary judgment, contending that the information is protected as a matter of law or, alternatively, that the issue is fact-intensive and not appropriate for summary judgment. The trial court granted the News's motion for partial summary judgment and denied the Comptroller's cross-motion for summary judgment. The Comptroller appealed arguing to withhold the information under 552.101 and 552.102.
The Comptroller argued that the trial court erred in granting the News's partial summary judgment because the release of a public employee's birth date, in conjunction with his name, is a violation of the employee's right of privacy. The court of appeals held that the disclosure of state employees' birth date information would not violate any privacy interests, and thus was not protected under section 552.101 of the PIA. Texas Comptroller of Public Accounts v. Attorney General of Texas, 244 S.W.3d 629, 635 (Tex.App.-Austin 2008, pet. granted). In this Court, however, the Comptroller narrowed her argument and only argues that the birth dates are “confidential” under section 552.101 of the PIA and thus excepted from the PIA's mandatory disclosure requirement. Section 552.101 provides that information is excepted from disclosure “if it is information considered to be confidential by law, either constitutional, statutory, or by judicial decision.” Tex. Gov't Code § 552.101. The Comptroller argues that birth date information is excepted as confidential “by judicial decision” because the Texas common law privacy tort of intrusion upon seclusion, described by this Court in Billings v. Atkinson, creates a protected privacy interest in this information, thus making it confidential. 489 S.W.2d 858, 859–60 (Tex.1973).
II. Preservation and Waiver: The Court Decides This Case on an Issue the Comptroller Expressly Disclaimed.
The Comptroller was asked at oral argument specifically if her position included arguments under PIA section 552.102 and employing a balancing test to determine whether to protect the birth dates from disclosure. Her counsel responded:
Answer: I would say that we are going solely under 552.101.... We are not advocating a balancing test ... we don't believe a balancing test is applicable under this particular state regulatory system.
* * *
Question: There's an argument that 552.102 is a stronger argument, but you're not making that argument. I want to be clear about that.
Answer: We are not making that argument.
* * *
Answer: [A] balancing test ... is simply not found in the PIA. The Comptroller's position on this issue could not be clearer. She unequivocally limited her argument for nondisclosure of birth dates of public employees “solely” to section 552.101 of the PIA and shunned the application of a balancing test. Nevertheless, the Court renders its decision not on section 552.101 of the PIA, but instead bases its decision on section 552.102 and creates a balancing test to determine that the information is excepted from disclosure. The Comptroller presents neither argument and disclaims both. She did not cite, much less discuss, section 552.102 in her petition for review or brief on the merits, and, at oral argument, specifically disclaimed any reliance on either section 552.102 or a balancing test.
On occasion, a case may present a court with a fine line between adjudication and advocacy. However, we should remain on the side of adjudicating only the issues presented, absent rare and extraordinary situations not presented here. See In re B.L.D., 113 S.W.3d 340, 351–55 (Tex.2003) (recognizing that courts may review fundamental error not assigned). The Legislature and the Attorney General have both decided as a matter of policy not to protect dates of birth from disclosure, yet the Court shuns its substantial precedents on waiver to reach the contrary policy. Moreover, the information the Court protects has already in large part been disclosed. In the summary judgment evidence, the News submitted an affidavit stating that it has received the state employees database, including the dates of birth of the employees, from the Comptroller's office in response to previous requests for the information.
Our rules of procedure require that a party present the issues to be decided by this Court in the party's petition and brief on the merits. See Tex.R.App. P. 33.1, 53.2(f), 53.4, 55.2(f). “[I]ssues not presented in the petition for review and brief on the merits are waived.” Guitar Holding Co., L.P. v. Hudspeth Cnty. Underground Water Conservation Dist. No. 1, 263 S.W.3d 910, 918 (Tex.2008) (citing TEX. R. APP. P. 53.2(f)); Ramos v. Richardson, 228 S.W.3d 671, 673 (Tex.2007) (per curiam) (refusing to address an argument raised in petitioners' merits brief because petitioners failed to advance it in their petition for review); City of Austin v. Travis Cnty. Landfill Co., L.L.C., 73 S.W.3d 234, 241 n. 2 (Tex.2002) (precluding consideration of an argument raised below because the respondent disclaimed the argument before the Supreme Court). “[W]e should not stretch for a reason to reverse that was not raised.” Del Lago Partners, Inc. v. Smith, 307 S.W.3d 762, 776 (Tex.2010). This is true even for constitutional issues. In re B.L.D., 113 S.W.3d at 350–51. We make rare exceptions to our waiver rules to review “fundamental error,” but only in situations related to preservation of jurisdictional error and in “quasi-criminal” juvenile delinquency cases. Id. The Comptroller does not allege fundamental error.
Waiver rules exist for good reasons. “[A]dhering to our preservation rules isn't a mere technical nicety; the interests at stake are too important to relax rules that serve a critical purpose.” In re L.M.I., 119 S.W.3d 707, 708 (Tex.2003). The rules, among other things, prevent unfair surprise of the other party and constrain us to perform our constitutional task to decide only existing cases or controversies. See B.L.D., 113 S.W.3d at 350; L.M.I., 119 S.W.3d at 710–11; see also Tex. Const. art. II, § 1; Brooks v. Northglen Ass'n, 141 S.W.3d 158, 164 (Tex.2004) (recognizing that the separation of powers clause in article II, section 1 of the Texas Constitution bars this Court from issuing advisory opinions). I dare say that the News will be surprised by the Court's deciding this case on a ground it was not given an opportunity to address.
This is not a typical waiver case in which a party argues that it did raise the issue or that it is fairly included in its petition and briefs. Not only did the Comptroller choose not to raise or analyze the exception from disclosure under section 552.102 in her petition or brief, her counsel affirmatively disclaimed the argument at least four times at oral argument. See supra at 351 (“[W]e are going solely under 552.101.... We are not making that argument.... We are not advocating a balancing test.... [A] balancing test ... is simply not found in the PIA.”).
The Court holds that the Comptroller properly withheld birth dates under section 552.102. The Court's reasoning for reaching the section 552.102 issue is: “Given the unique circumstances of this case and the third party interests at stake, we conclude that the Comptroller's petition ‘fairly include [s]’ an argument that section 552.102 applies. Tex.R.App. P. 53.2(f).” 354 S.W.3d 336 (further citation omitted). That's an odd conclusion when the beneficiary of the ruling expressly disclaims that very argument. In essence, the Court holds that the Comptroller's section 552.101 argument fairly includes the section 552.102 argument, and it will consider arguments the Comptroller did not make.
The Court indicates it acts on behalf of public employees who do not have a voice in this dispute. But, the PIA provides a mechanism for the public employees affected to submit their arguments to the Attorney General when considering a governmental body's decision not to disclose public information. The governmental entity shall make a good faith attempt to notify such persons in writing of the request for the attorney general decision and may then submit a brief with reasons why the information should be withheld. Tex. Gov't Code § 552.305. Although the record indicates that the mechanism was not utilized, the Court's holding makes the provision irrelevant in this case.
I disagree that the Court should disregard our rules on waiver to decide an issue specifically and repeatedly disclaimed by the Comptroller, without any allegation of fundamental error. Because the Court decides this case under section 552.102, I note some concerns with that analysis. I also analyze this dispute under the statutory framework raised and argued by the parties—whether section 552.101 excepts state employees' dates of birth from disclosure.
III. Risk of Identity Theft
Applying Section 552.102 and adopting a new balancing test articulated by the U.S. Supreme Court in Department of the Air Force v. Rose, 425 U.S. 352, 372, 96 S.Ct. 1592, 48 L.Ed.2d 11 (1976), the Court holds that the state employees' privacy interests substantially outweigh the public interest in disclosure. 354 S.W.3d 336.
A. The Sky Is Not Falling: The Court's Characterization of the Privacy Interest at Stake Is Overstated.
Section 552.102 excepts from disclosure information in a personnel file “the disclosure of which would constitute a clearly unwarranted invasion of personal privacy.” Tex. Gov't Code § 552.102. The Rose test, adopted today by this Court, balances an individual's privacy claims against the public interest in disclosure. Rose, 425 U.S. at 372, 96 S.Ct. 1592. Because Congress only excepted from disclosure information that constitutes a “clearly unwarranted” invasion of privacy, federal courts have noted that the balance of disclosure interests should be tilted in favor of disclosure and creates a “heavy burden” for an agency invoking the exception. E.g., Morley v. Cent. Intelligence Agency, 508 F.3d 1108, 1128 (D.C.Cir.2007) (noting that the CIA had the burden to show withholding is necessary under the federal Freedom of Information Act (FOIA) Exemption 6 for records pertaining to a deceased CIA officer, and no privacy interest was articulated); Wash. Post Co. v. U.S. Dep't of Health & Hum. Servs., 690 F.2d 252, 275 (D.C.Cir.1982). The Court jumps on the bandwagon of a number of other states, or federal trial courts, that have held that birth date information may constitute a clearly unwarranted invasion of personal privacy. While I am sensitive to the privacy rights of public employees and understand the concern of the Court, I believe the Court's reasoning is misguided for three fundamental reasons.
First, the Legislature has not protected dates of birth of public employees from disclosure. Birth dates by themselves are not private or damaging.
5 The Court and the parties have recognized as much. And the Restatement of Torts recognizes as much. Restatement (Second) of Torts § 652D cmt. b (“Thus there is no liability for giving publicity to facts about the plaintiff's life that are matters of public record, such as the date of his birth....”). And even the U.S. Supreme Court has recognized as much, reasoning that information that is “not intimate” such as “place of birth, date of birth, date of marriage, employment history, and comparable data” may be restricted only in the disclosure of a “personnel” or “medical” file that itself would be a clearly unwarranted invasion of personal privacy. U.S. Dep't of State v. Wash. Post Co., 456 U.S. 595, 600, 102 S.Ct. 1957, 72 L.Ed.2d 358 (1982). “ ‘[C]ongress also made clear that nonconfidential matter was not to be insulated from disclosure merely because it was stored by an agency in its “personnel” files.’ ” Id. at 601, 102 S.Ct. 1957 (quoting Rose, 425 U.S. at 372, 96 S.Ct. 1592).
The Court points to no evidence that disclosure of birth dates would be offensive to a reasonable person, would cause harm, or would lead to personal harm. Instead, the Court holds, much more tenuously, that disclosure is harmful because birth date information, “taken together” with other information, may “be used to facilitate identity theft,” or may be used to locate a Social Security number, which may be used to facilitate identity theft. 354 S.W.3d 336 (quoting Hearst Corp. v. State, 24 Misc.3d 611, 882 N.Y.S.2d 862, 875 (N.Y.Sup.Ct.2009)). In other words, the harm is not in the disclosure of the birth date, but in the possibility that some evildoer may use a birth date to gain other information (such as a social security number) which he or she then may use to commit identity theft. Never before has the Court held that information is not subject to disclosure under the PIA because the information may lead to other information that may be used to cause harm. By that logic, much information of a personal nature would be immune from disclosure—names of public employees, dates of employment, home addresses. This sort of information, taken together with other information, might lead to the employee's social security number and possibly to identity theft. While the state has outlawed identity theft, and individuals may sue when others misappropriate their private data, the Court should not allow subversion of the open-government policies of the PIA under the risk that some of the public information may later be misused.
As written, FOIA Exemption 6 (substantially identical to section 552.102) likely only protects the information itself, not its derivative uses or problems down the line.
Perhaps FOIA would be a more sensible law if the Exemption applied whenever disclosure would “cause,” “produce,” or “lead to” a clearly unwarranted invasion of personal privacy—though the practical problems in implementing such a provision would be considerable. That is not, however, the statute Congress enacted. Since the question under 5 U.S.C. § 552(b)(6) is whether “disclosure” would “constitute a clearly unwarranted invasion of personal privacy”; and since we have repeatedly held that FOIA's exemptions “ ‘must be narrowly construed,’ ” it is unavoidable that the focus, in assessing a claim under Exemption 6, must be solely upon what the requested information reveals, not upon what it might lead to. That result is in accord with the general policy of FOIA, which we referred to in United States Dept. of Justice v. Reporters Committee for Freedom of Press, 489 U.S. 749, 771, 109 S.Ct. 1468, 103 L.Ed.2d 774 (1989) that the particular purposes for which a request is made are irrelevant. U.S. Dep't of State v. Ray, 502 U.S. 164, 180–81, 112 S.Ct. 541, 116 L.Ed.2d 526 (1991) (Scalia, J., concurring) (emphasis added) (citations and quotations omitted). Birth date information is not highly intimate or embarrassing; birth dates are not generally included in “the type of information that a person would ordinarily not wish to make known about himself or herself.” Assoc. Press v. U.S. Dep't of Def., 554 F.3d 274, 292 (2d Cir.2009). If it had been raised, the text of section 552.102 does not require consideration of derivative harm.
Interestingly, the Texas Identity Theft Enforcement and Protection Act requires businesses to take reasonable steps to protect “sensitive personal information” collected or maintained by the business in the regular course. Tex. Bus. & Com.Code § 521.052. Sensitive personal information is generally an individual's name combined with any one or more of the following: social security number, driver's license number or government-issued identification number, or account, credit card or debit card number. Id. § 521.002(a)(2). The Legislature has not extended this obligation to dates of birth. Id.
6 Notifications to others required by the Identity Theft Act for breaches of computer security apply only when sensitive personal information is reasonably believed to have been acquired by an unauthorized person. Id. § 521.053. Again, the Legislature did not include dates of birth in the same risk category with sensitive personal information.
Second, the support relied on by the Court is far from conclusive. The Court repeats general statements about birth date information but cites to and provides no real data supporting the proposition that birth date information truly leads to identity theft, or that the disclosure of someone's birth date, in and of itself, has caused any person to be the victim of identity theft. The Court points to a study from Carnegie–Mellon University in which researchers were able, with 60% accuracy, to determine the first six digits of a person's Social Security number when given the person's date and location of birth, for persons born after 1989. 354 S.W.3d 336 (citing Alessandro Acquisti & Ralph Gross, Predicting Social Security Numbers From Public Data, 106 Proc. Nat'l Acad. Sci. 10975 (2009)). Other scholarly and media reports and court cases cited by the Court repeat the findings of the Acquisti and Gross study, or make general statements that compilation of data can be more helpful to identity thieves than data spread out through multiple sources, or that simply assert that birth dates may lead to more private data. Neither the Court nor the Comptroller cite any study positively demonstrating that release of birth date information with a person's name, without a social security number, makes it significantly more likely that the person will be the victim of identity theft. And neither cites any study evidencing an identity theft that began through birth date information being disclosed in a public database.
Credible studies indicate that dates of birth are not the sin qua non of identity theft. The most common form of identity theft arises from credit card theft or check fraud, and the least common form arises from stolen social security numbers or other personal information. Herb Weisbaum, Identity Theft Problem: The Facts Behind the Fear, MSNBC (Oct. 21, 2010, 7:42 AM) http:// www. msnbc. msn. com/ id/ 39763386/ ns/ business- consumer_ news/ (last visited Dec. 1, 2010) (recognizing a recent report that the “most common form of identity theft is ... ‘old-fashioned credit card theft or check fraud,’ ” with nearly all respondents to the survey recognizing that their identity theft was due to stolen or misused credit or debit cards, and that a hijacking of an identity using a “Social Security number and other basic information” is the “least common form of identity fraud”). A recent study published by the United States Federal Trade Commission reports that a thief's use of a social security number with a new name and false date of birth currently accounts for 80–85 percent of all identity fraud. Lanny Britnell, Identity Theft America, The Changing Face of Identity Theft, at 1, available at http:// www. ftc. gov/ os/ comments/ credit report freezes/ 534030– 00033. pdf; see also Synovate, Federal Trade Commission—2006 Identity Theft Survey Report 30 (Nov.2007), available at http:// www. ftc. gov/ os/ 2007/ 11/ Synovate Final Report ID Theft 2006. pdf (recognizing that 56 percent of victims did not know how their information was stolen, and of the 43 percent of victims who did, many knew the thief personally, had their identities stolen through a purchase or other transaction, from a wallet, from a company that had the information, from hacking, “phishing,” the mail, or some other way). The Attorney General's office indicated its strong desire to eliminate identity theft, but candidly acknowledged at argument that there is “no firm evidence” that disclosure of birth dates facilitates identity theft and confirmed that the PIA is not intended to prohibit illegal use of data.
The information here is public information, and the connection between the information being disclosed and the actual harm sought to be prevented is too tenuous to support the judicial restrictions on disclosure of the public's information proffered by the Court when that same public information has been shown to have positive benefits.
Finally, the privacy interest at stake here is lower than the Court makes it out to be because much if not most of the information at issue has been distributed by the state for years—in some instances for a fee. Texas sells personal information under the Motor Vehicle Records Disclosure Act, including names, addresses, dates of birth and driver's license numbers, to businesses, insurance companies, private investigatory agencies and other third parties, for a number of specified purposes. See Tex. Transp. CodeE §§ 730.007, .011 (permitting agencies to disclose the personal information and to charge “reasonable fees for such disclosure”); Ryan McNeill, ID Theft v. Public Record at A1 (reporting that “private companies spent nearly $50 million during the last fiscal year” buying Texas drivers' data). To the extent that Texas government employees have driver's licenses, it is likely that their dates of birth have either already been released by a Texas governmental agency or sold to private entities, or both. Even though the Transportation Code section has been in place for nearly 13 years, there is no evidence submitted indicating that information disclosed through that mechanism has been a hotbed of identity theft. The State has sold similar information on Texans with driver's licenses for years, suggesting that arguments that the same information about a subset of Texans will greatly increase the possibility of identity theft ring hollow. This Act regulates the use of motor vehicle information and allows disclosure of birth dates of all Texas drivers, whether public or private employees, to many private parties capable of disguising their true identities. And an authorized recipient of this personal information is authorized to resell or redisclose that information for permitted purposes. Tex. Transp. Code § 730.013(b).
7 It is ironic that the Court cuts off free access by the public under the PIA to the same public information that is being sold under the Transportation Code.
B. The News Has Established a “Sufficient Reason” for the Disclosure.
When personal privacy interests are at stake, the second part of the Rose balancing test is whether the requestor has established a “sufficient reason for the disclosure.” See Nat'l Archives & Records Admin. v. Favish, 541 U.S. 157, 172, 124 S.Ct. 1570, 158 L.Ed.2d 319 (2004). The requesting party must establish “that the public interest sought to be advanced is a significant one, an interest more specific than having the information for its own sake. Second, the citizen must show the information is likely to advance the interest. Otherwise, the invasion of privacy is unwarranted.” Id.
The Court holds that the News loses under the balancing test because it “has produced no evidence supporting government wrongdoing [and therefore] the public interest in disclosure is negligible.” 354 S.W.3d 336 (citation omitted). I disagree; the public interest in the information is demonstrated. The News argues that it wishes to use the date of birth information to determine whether particular governmental employees who work in or near children are convicted felons or sex offenders. The News asserts a two-fold need for birth dates: first, to determine whether governmental entities are employing sex offenders or felons in jobs that may put children or the public at large at risk, and second, to confirm the identity of a particular governmental employee who may have a criminal record. The News advises that some 2,000 employees of the State of Texas have the same first and last name. It is reasonable and desirable that the media check the identities of these employees before publishing unflattering facts about them. The News further advises that, through its research, it was able to disclose in an article that over 250 employees of the Texas Youth Commission were convicted felons. See McNeill, ID Theft v. Public Record, at A1. These are legitimate and productive uses of dates of birth.
No one doubts that citizens of this state have a right to know the names of those who work for them in government. Neither party, nor the Court, disputes that the News has the right to such names, and the names are easily available, in electronic form, on various governmental websites and other databases. See, e.g., Capitol Complex Telephone System (CCTS) Directory, http:// www. dir. state. tx. us/ ccts/ directory/ index. html (last visited Dec. 1, 2010) (listing the names, titles, and telephone numbers of employees working in or near the Capitol). On the other hand, no one argues that state employees give up all of their privacy rights simply by working as an unelected public servant. But the disclosure of the birth dates in this case may actually help preserve government workers' privacy, by ensuring that any organization—media, political, watchdog, financial, governmental, or otherwise—does not falsely accuse those governmental employees of being persons they are not. This is different from the data that the government collects about nongovernmental employees. Cf. U.S. Dep't of Justice v. Reporters Comm. for Freedom of the Press, 489 U.S. 749, 773, 109 S.Ct. 1468, 103 L.Ed.2d 774 (1989) (concerning a FOIA request for criminal records of an individual investigated by the FBI). The information at issue may actually prevent mistaken identities and will help keep the government accountable for those they hire.
But fundamentally, under the summary judgment procedures, the Court errs by requiring evidence in the record that the News had no reason to provide in the first place. At the trial court in her summary judgment motion, the Comptroller argued that section 552.101 excepted birth dates from disclosure under Industrial Foundation and the Texas common law. Although the Comptroller mentioned that other courts had applied a balancing test, she did not request that one be applied to the facts here. Likewise, at the court of appeals, the Comptroller once again argued that section 552.101 excepts public employees' birth dates from disclosure under common law and constitutional concepts. Rose, and the balancing test now adopted by the Court, was not cited as a basis for the Comptroller's position before the court of appeals issued its opinion. The Comptroller cited section 552.102 only in her reply brief at the court of appeal to support the position that sections 552.101 and 552.102 “protect the same privacy interests.” There was no need for the News to submit any evidence for the trial court summary judgment proceedings showing a “significant” public interest that the information is “likely to advance.” 354 S.W.3d 336 (citing Favish, 541 U.S. at 172, 124 S.Ct. 1570). We cannot expect a party to present evidence for a standard unknown, unargued, and unapplied below—another reason we enforce our waiver rules. E.g., Pirtle v. Gregory, 629 S.W.2d 919, 920 (Tex.1982) (per curiam) (noting that a party should not “surprise his opponent on appeal by stating his complaint for the first time”). At a minimum, this Court should remand the case to the trial court for the parties to develop the record and argue the balancing test under the new standard. Tex.R.App. P. 60.2(f), 60.3 (providing that this Court may remand for further proceedings in light of changes in the law or in the interest of justice); Boyles v. Kerr, 855 S.W.2d 593, 603 (Tex.1993) (“We have broad discretion to remand for a new trial in the interest of justice where it appears a party may have proceeded under the wrong legal theory. Remand is particularly appropriate where the losing party may have presented his or her case in reliance on controlling precedent that was subsequently overruled.” (citations omitted)). Here, the successful party at trial relied on a standard that the Court has now abandoned. Certainly the News should have an opportunity to make its case under the new formula.
For these reasons, I would not decide this case under section 552.102 and the Court's balancing test. As discussed below, under the issue asserted by the Comptroller, birth dates are not confidential under section 552.101.
IV. Disclosure of Birth Date Information
The Comptroller argues that public employees' dates of birth are “confidential” under section 552.101 of the PIA. It is useful to understand the PIA's structure.
A. The Legislature's Comprehensive Statutory Scheme for Government Transparency
The stated policy of the PIA is to promote open government. “[I]t is the policy of this state that each person is entitled, unless otherwise expressly provided by law, at all times to complete information about the affairs of government and the official acts of public officials and employees.” Tex. Gov't Code § 552.001(a). “Public information” includes information that is “collected, assembled, or maintained ... in connection with the transaction of official business” by a governmental body. Id. § 552.002(a). In general, the PIA is to be liberally construed in favor of granting requests for information. Id. § 552.001(b). Relative to other freedom of information laws, such as FOIA, the Texas PIA more strongly favors transparency and open government. See, e.g., City of Garland v. Dallas Morning News, 22 S.W.3d 351, 364 (Tex.2000) (“Unlike the FOIA, our Act contains a strong statement of public policy favoring public access to governmental information and a statutory mandate to construe the Act to implement that policy and to construe it in favor of granting a request for information.”).
While the PIA provides an ardent statutory edict for openness in state affairs, the Legislature has protected specified information from disclosure in Subchapter C of the PIA. Tex. Gov't Code §§ 552.101–.151. A governmental agency is not required to disclose information excepted under Subchapter C of the PIA, but it may disclose such information if it chooses, “unless the disclosure is expressly prohibited by law or the information is confidential under law.” Id. § 552.007. Some examples of information that the PIA excepts from disclosure include information that would give advantage to a competitor or bidder, information in a student record at an educational institution funded wholly or partly by state revenue, and the social security number of a living person. Id. §§ 552.104, .114(a), .147(a).
In addition to these exceptions, the Legislature created a special category of information in the PIA—“confidential” information. Information that is considered “confidential” is a subset of the information excepted from disclosure. See id. § 552.101. But, unlike information that is merely excepted from disclosure, the PIA prohibits the disclosure of confidential information and makes its disclosure a crime punishable by: “(1) a fine of not more than $1,000; (2) confinement in the county jail for not more than six months; or (3) both the fine and confinement.” Id. § 552.352. The Legislature specifically identifies in the PIA some information that is considered confidential.
8 Outside of the PIA, no fewer than 100 Texas statutes classify information as confidential for purposes of the PIA.
9 Other statutes specifically limit the scope of “confidential” information. For example, while section 552.147 generally excepts social security numbers of living persons from disclosure, it also explicitly states that it “does not make the social security number of a living person confidential under another provision of this chapter or other law.” Tex. Gov't Code § 552.147. Other statutes, however, do make social security numbers contained in specified records “confidential” and subject to criminal penalties, such as on voter registration applications and in law enforcement personnel records. See Tex. Elec.Code § 13.004(c); Tex. Gov't Code § 552.1175.
The text of the PIA indicates that the Legislature intended the word “confidential” to have a specific meaning in the PIA, separating highly sensitive information that is prohibited from disclosure (such as the home address of a peace officer) from sensitive information that is merely excepted from disclosure (such as information in a student record). The PIA thus creates three distinct categories of public information—information required to be disclosed, information excepted from mandatory (but not voluntary) disclosure, and confidential information that is prohibited from disclosure and subject to criminal penalties.
10 It is within this statutory framework that I consider whether birth dates of public employees are considered to be part of this third category of “confidential information.”
As a policy matter, it is admittedly undesirable to release information about public employees that could lead to identity theft. States typically have overwhelmingly addressed this issue by legislation. The Attorney General noted that a number of other states have excepted birth date information in personnel files from open records request disclosures in statutes.
The Texas Legislature has balanced the competing interests of open government and individual privacy in deciding which types of public information are excepted from disclosure in the PIA. This Court previously acknowledged that this is the Legislature's role. “Although we recognize that there is often much potential for abuse of information in government records, the task of balancing the public's right of access to government records against potential abuses of the right has been made by the Legislature; the court's task is to enforce the public's right of access given by the Act.” Indus. Found. of the S. v. Tex. Indus. Accident Bd., 540 S.W.2d 668, 675 (Tex.1976). The Legislature excepted information for privacy reasons if it has been “considered to be confidential by law, either constitutional, statutory, or by judicial decision.” Tex. Gov't Code § 552.101. We are constrained therefore not to apply a different, or more expansive meaning of “confidential” for purposes of section 552.101 because it might be good policy to prevent the disclosure of certain information. Our task is to enforce the public's right to access given by the PIA and adhere to the language of section 552.101 and the statutory scheme set up by the PIA, “not to second-guess the policy choices” that inform these statutes. See McIntyre v. Ramirez, 109 S.W.3d 741, 748 (Tex.2003).
Nowhere in the PIA has the Legislature specifically excepted general birth date information, birth date information combined with other identifying information, or information the disclosure of which is feared may lead to identity theft. The Legislature has enacted specific statutes to protect against identity theft. See Tex. Bus. & Com.Code §§ 72.004, 521.001–523.053. My inquiry, then, is whether birth date information is “confidential” pursuant to section 552.101.
B. Exception to Mandatory Disclosure of Public Information Under Section 552.101 of the PIA
Section 552.101 of the PIA states that public information is excepted from the broad disclosure “requirements of Section 552.021 if it is information considered to be confidential ... by judicial decision.” Relying on the opinion in Industrial Foundation, the Comptroller argues that the release of birth date information would violate the tort of intrusion upon seclusion. Therefore, she argues, such information has been considered to be confidential by the judicial decision in Billings v. Atkinson and is excepted from disclosure by section 552.101.
This Court's only interpretation of section 552.101 was the subject of a fractured opinion (a three justice plurality, two separate concurrences, and a four justice dissent) in Industrial Foundation of the South v. Texas Industrial Accident Board, 540 S.W.2d 668, 675 (Tex.1976). Despite the various views of the Industrial Foundation Court, there was unanimity on the proposition that the PIA does not give courts the discretion to secret certain information from the public by creating new categories of confidential information not protected by the terms of the PIA. In Industrial Foundation, the petitioners argued that the Legislature intended section 552.101 “to delegate to the courts a duty to determine what information should be excepted from disclosure as confidential by balancing in each case the interest in privacy against the interest in disclosure, thus creating a common-law privacy doctrine which would except the information involved ‘by judicial decision.’ ” Indus. Found., 540 S.W.2d at 681. The Court rejected that argument:
We do not believe that a court is free to balance the public's interest in disclosure against the harm resulting to an individual by reason of such disclosure. This policy determination was made by the Legislature when it enacted the statute. “All information collected, assembled, or maintained by governmental bodies” is subject to disclosure unless specifically excepted. We decline to adopt an interpretation which would allow the court in its discretion to deny disclosure even though there is no specific exception provided. Id. at 681–82; see also id. at 691–92 (Reavley, J., dissenting, joined by Steakley, Pope, and Denton, JJ.) (“I agree with everything in the opinion of the majority except what is written to support the holding that information on the nature of the injury ... may be ‘deemed confidential’.... It was not the intention of the Legislature to turn over the administration of the Open Records Act to the judiciary.”). In other words, courts do not have the discretion to classify information as confidential on an ad hoc basis; confidentiality of public information is to be determined by the terms of the Act. To sanction the creation by courts of new types of protected information not identified in the PIA would open the way for judicial amendment of the PIA. Accordingly, I would interpret section 552.101 to deem confidential information that was held by judicial decision to be confidential at or before the time of the provision.
This approach would leave policy-making to the Legislature. It would also provide certainty in the definition of confidential information so that governmental entities and public officials may act accordingly. If courts decided which public information is considered to be confidential on an ad hoc basis, according to what individual jurists believe to be good policy, a court could decide to make birth date information confidential under the PIA in order to further the policy goal of preventing identity theft. An immediate consequence of this might be the attachment of criminal penalties for the disclosure, apparently even if unintended, of birth date information. See note 10. Government officials may be forced to redact all birth date information disclosed to the public or face criminal penalties, even in records that are decades old and currently made available to the public in, for example, all the state courthouses in the two hundred fifty-four counties around the state.
12 By limiting these determinations to information that has already been considered confidential, such as information the disclosure of which would violate the public disclosure tort, legislators can enact policy in a careful, deliberate manner, often preventing the substantial practical problems that may accompany judicial overstepping.
A majority of the court in Industrial Foundation looked to the Court's decision in Billings v. Atkinson, which recognized the tort of public disclosure of private facts, in order to determine whether the information at issue had been considered to be “confidential.” “We recognized in Billings ... that an individual has the right to be free from ‘the publicizing of one's private affairs with which the public has no legitimate concern....’ ” Indus. Found., 540 S.W.2d at 682. The Court interpreted “confidential” according to its common dictionary definition—“ ‘known only to a limited few: not publicly disseminated: PRIVATE, SECRET.’ ” Id. at 683. The majority reasoned that the characteristics of the dictionary definition of confidential are “precisely the characteristics which information protected by this branch of the tort invasion of privacy must have. And, we believe that it is this type of information which the Legislature intended to exempt from mandatory disclosure....” Id. Billings explained that certain information is protected by the tort of public disclosure. The majority opinion in Industrial Foundation held that the Legislature intended to protect this same information from disclosure under the PIA by excepting it as confidential (or private) by the judicial decision in Billings. Thus, “if a governmental unit's action in making its records available to the general public would be an invasion of an individual's freedom from the publicizing of his private affairs, then the information in those records should be deemed confidential by judicial decision.” Id.
Reasonable minds may differ today as to the meaning of the phrase “information considered to be confidential ... by judicial decision.”
13 But the Legislature has not amended this section of the PIA in the thirty-seven years since that decision, and Industrial Foundation is still our sole authority on the meaning of section 552.101. Tex. Gov't Code § 552.101; see Acts June 14, 1973, 63rd Leg., R.S., ch. 424, § 3, 1973 Tex. Gen. Laws 1112, 1113. Respecting the Legislature's prerogative and the precedential value of the opinion in Industrial Foundation, I would not extend it to create unintended exceptions under the PIA.
C. The Comptroller's Argument for Analysis under the Intrusion upon Seclusion Tort
The Comptroller asks this Court to expand Industrial Foundation by holding that if the disclosure of information would lead to a violation of the privacy tort of intrusion upon seclusion, such information should be considered to be confidential under section 552.101. The Comptroller acknowledges that no judicial decision has ever held that information is confidential because disclosure of such would violate the tort of intrusion upon seclusion, and no Texas court has ever held that the intrusion upon seclusion tort can be violated by a disclosure of information. Cf. Valenzuela v. Aquino, 853 S.W.2d 512, 513 (Tex.1993); Cornhill Ins. PLC v. Valsamis, Inc., 106 F.3d 80, 85 (5th Cir.1997) (applying Texas law); Clayton v. Wisener, 190 S.W.3d 685, 696–97 (Tex.App.-Tyler 2005, no writ); Wilhite v. H.E. Butt Co., 812 S.W.2d 1, 6 (Tex.App.-Corpus Christi 1991, no writ).
The elements of the torts of public disclosure of private facts (as applied in Industrial Foundation ) and intrusion upon seclusion contain important differences. The public disclosure tort has two elements: “information [is] deemed confidential by law if (1) the information contains highly intimate or embarrassing facts the publication of which would be highly objectionable to a reasonable person, and (2) the information is not of legitimate concern to the public.” Indus. Found., 540 S.W.2d at 685. On the other hand, the intrusion tort's elements are: “(1) an intentional intrusion, physically or otherwise, upon another's solitude, seclusion, or private affairs or concerns, which (2) would be highly offensive to a reasonable person.” Valenzuela, 853 S.W.2d at 513.
The Comptroller attempts to expand section 552.101 to include as confidential by judicial decision information that would be protected by the intrusion upon seclusion tort. For this argument to succeed, the Court would have to redefine the intrusion tort to include the disclosure of birth date information that may lead to an intrusion (i.e. by an identity thief). This connection is difficult to make. For instance, if a burglar enters your house, reads through your private files and papers, and steals your credit cards and identification, is the publisher of the phone book from which the burglar obtained your address liable for the intrusion? The answer is, of course, no. The tort of intrusion upon seclusion can only be committed by “[o]ne who intentionally intrudes, physically or otherwise, upon the solitude or seclusion of another or his private affairs or concerns.” Id. The tort is not committed by one who unintentionally facilitates the possible intrusion. Moreover, no Texas court has ever found a violation of the intrusion tort absent a physical intrusion or surveillance upon the seclusion of another, and the Comptroller does not cite any judicial decision that has ever made such a determination. Cf. Clayton, 190 S.W.3d at 696–97; Wilhite, 812 S.W.2d at 6; Valsamis, 106 F.3d at 85.
Industrial Foundation is very clear that the question is whether the disclosure itself, not the requestor's use of the information, would violate an individual's right to privacy. “[I]f a governmental unit's action in making its records available to the general public would be an invasion of an individual's freedom from the publicizing of his or her private affairs, then the information in those records should be deemed confidential by judicial decision under ... the Act.” Indus. Found., 540 S.W.2d at 683 (emphasis added). Justice Reavley, in dissent, also agreed that the Legislature is “concerned with confidentiality entirely apart from the manner of use of the information.” Id. at 692 (Reavley, J., dissenting). The analysis should focus on whether the government's disclosure would violate the individual's privacy. For PIA tenets to apply based on the use rather than nature of the information would require government entities to obtain the reasons why the information is requested. This would contradict the clear prohibition in the PIA against government inquiries into the purpose for the requested information. Tex. Gov't Code § 552.222; A & T Consultants, Inc. v. Sharp, 904 S.W.2d 668, 676 (Tex.1995) (holding that courts may neither consider purpose of the request nor inquire into how the requestor intends to use the information).
The Comptroller's argument for extending Industrial Foundation to include an alternative analysis of section 552.101 using the intrusion upon seclusion tort is not supported by the provisions of the PIA.
D. Application of the Industrial Foundation Test
The Industrial Foundation test holds that information “is excepted from mandatory disclosure ... as information deemed confidential by law if (1) the information contains highly intimate or embarrassing facts the publication of which would be highly objectionable to a reasonable person, and (2) the information is not of legitimate concern to the public.” Indus. Found., 540 S.W.2d at 685. I first analyze whether birth date information is highly intimate or embarrassing information, the publication of which would be highly objectionable to a reasonable person.
The Court in Industrial Foundation analyzed information contained in workers' compensation files to determine whether it satisfied this element of the tort. The Court reasoned that some information would satisfy the “highly intimate” standard, including:
a claim for injuries arising from a sexual assault of a female clerk following an armed robbery; a claim on behalf of illegitimate children for benefits following their father's death; a teacher's claim for expenses of a pregnancy resulting from the failure of a contraceptive device; claims for psychiatric treatment of mental disorders following work related injuries; claims for injuries to sexual organs, and for injuries stemming from an attempted suicide; and claims of disability caused by physical or mental abuse by co-employees or supervisors. Id. at 683. This is the deeply personal, highly intimate type of information the tort is meant to protect from publicity.
The Second Restatement of Torts also gives examples of information that rises to the level of highly intimate or embarrassing. “Sexual relations, for example, are normally entirely private matters, as are family quarrels, many unpleasant or disgraceful or humiliating illnesses, most intimate personal letters, most details of a man's life in his home, and some of his past history that he would rather forget.” Restatement (Second) of Torts § 652D cmt. b (1977). Contrasting this private information, the Restatement notes, “there is no liability for giving publicity to facts about the plaintiff's life that are matters of public record, such as the date of his birth, the fact of his marriage, [or] his military record....” Id. (emphasis added). The U.S. Court of Appeals for the Fifth Circuit, interpreting Texas law, came to the same conclusion:
However, none of these items of information—middle initial, age, street address, job title—can be characterized under Texas law as “private” and “highly intimate or embarrassing facts about a person's private affairs, such that its publication would be highly objectionable to a person of ordinary sensibilities.” Texas invasion of privacy law in this respect has been guided by Prosser, Law of Torts § 117 (4th ed.1971) and Restatement (Second) of Torts § 652D. Prosser, supra, states “ ‘[t]he plaintiff cannot complain when ... publicity is given to matters such as the date of his birth.’ ” Id. § 117 at 858.... The Restatement (Second) of Torts ... is to the same effect ... “[t]here is no liability for giving publicity to facts about the plaintiff's life ... such as the date of his birth ....” Johnson v. Sawyer, 47 F.3d 716, 732–33 (5th Cir.1995) (citing Indus. Found., 540 S.W.2d at 682–84) (further citations omitted) (emphasis added). If disclosure of birth dates is held to violate the public disclosure of private facts tort, the consequence to tort law would be to potentially allow recovery for damages whenever someone publicizes information as “highly intimate” as a birth date. The public disclosure tort was not meant to protect such information from publicity. See Johnson, 47 F.3d at 732; Restatement (Second) of Torts § 652D cmt. b (1977).
The Comptroller argues that the combination of birth date information and other identifying information, such as a name, rises to the level of “highly intimate” justifying exclusion from disclosure. She argues that because birth date information, in conjunction with this other information, can be used to access sensitive information, such as a social security number, birth date information itself is sensitive information. The argument casts too broad a net and misses the essence of the inquiry. How otherwise public information is used after disclosure does not guide the analysis of whether it is confidential and excepted from disclosure under section 552.101. See Indus. Found., 540 S.W.2d at 692 (Reavley, J., dissenting) (“I read the Legislature to be concerned with confidentiality entirely apart from the manner of use of the information.”). If that analysis were determinative, much of the defined public information would be withheld because of a possibility or likelihood of it being used itself or in conjunction with other public information for inappropriate or illegal purposes. For example, that a person's business address, race, and gender could be used by a stalker to identify and commit an assault at the person's workplace, does not convert the work address into confidential information. In addition, the public disclosure tort focuses on the character of the information itself. Is it “highly intimate” such that its mere publication would be objectionable to a reasonable person? See Indus. Found., 540 S.W.2d at 683. How the information is used once it is made public, while of obvious concern to policy-makers who balance the risks in writing statutes, does not drive the analysis in interpreting section 552.101. Accordingly, public employees' birth dates do not constitute highly intimate or embarrassing facts the publication of which would be highly objectionable to a reasonable person.
This information is also of legitimate public concern. The News contends that birth date information ensures accuracy in identifying subjects of newspaper articles, and the information has also been used to determine that criminal offenders have been employed by some public school systems. The Comptroller has offered no response to this contention. In any event, birth date information does not satisfy the first requirement of the public disclosure analysis, that the information contain highly intimate or embarrassing facts the publication of which would be highly objectionable to a reasonable person. I would conclude that the disclosure of birth date information does not violate the public disclosure tort, and birth date information is not confidential under section 552.101 of the PIA.
E. The Balancing Test
The Court applies a balancing test following the U.S. Supreme Court's decision in Department of the Air Force v. Rose, 425 U.S. 352, 96 S.Ct. 1592, 48 L.Ed.2d 11 (1976), to hold that birth date information is confidential under our PIA. In that case, the Supreme Court interpreted Exemption 6 of FOIA, which excepts from disclosure “personnel and medical files and similar files the disclosure of which would constitute a clearly unwarranted invasion of personal privacy.” Id. at 370, 96 S.Ct. 1592 (quoting 5 U.S.C. § 552(b)(6)). The Court held that the language “clearly unwarranted invasion of personal privacy” in the statute was a Congressional mandate for courts to balance “the individual's right of privacy against the preservation of the basic purpose of the Freedom of Information Act ‘to open agency action to the light of public scrutiny.’ ” Id. at 372, 96 S.Ct. 1592.
As noted above, the pivotal language in FOIA Exemption 6 is not contained in section 552.101 of the Texas PIA. The Court should not create a balancing test for the section 552.101 analysis when the language from which the test arises (“clearly unwarranted invasion of personal privacy”) is not contained in the relevant provision. See Indus. Found., 540 S.W.2d at 681–82 (“Absent [a provision with the “clearly unwarranted” language], we do not believe that a court is free to balance the public's interest in disclosure against the harm resulting [from] disclosure.”). Therefore, the Court's balancing test is inappropriate here, and we should leave for another day whether a balancing test is appropriate for any determination under section 552.102, or, as the Austin Court of Appeals held in Hubert v. Harte–Hanks Texas Newspapers, Inc. twenty-seven years ago, that the test is the same under both sections. 652 S.W.2d 546, 550 (Tex.App.-Austin 1983, writ ref'd n.r.e.).
V. Fee Shifting
The News also challenges the trial court's refusal to award attorney's fees under the PIA and the Uniform Declaratory Judgment Act as an abuse of discretion, based upon language in two sections of the PIA that were in effect at the time of this suit but have subsequently been amended. Tex Gov't Code §§ 552.323(b), .324.
The Court did not address the issue at length because the Comptroller prevailed. 354 S.W.3d 336. In my view, the News should prevail, but I would hold that the trial court was correct in exercising its discretion in deciding whether to assess attorney's fees against the Comptroller. Because the Comptroller had a legitimate concern over privacy issues relating to the disclosure of birth date information under the PIA, she had a reasonable basis in law to refuse disclosure of the information and the litigation was brought in good faith. Accordingly, I concur in the judgment of the Court on the attorney's fees issue.
Each of these sections has since been amended, clarifying the attorney's fees issue. The Legislature moved the cause of action from Texas Government Code section 552.353(b)(3) to 552.324. The amended section 552.324 now reads:
(a) The only suit a governmental body may file seeking to withhold information from a requestor is a suit that:
(1) is filed in a Travis County district court against the attorney general in accordance with Section 552.325; and
(2) seeks declaratory relief from compliance with a decision by the attorney general issued under Subchapter G.
(b) The governmental body must bring the suit not later than the 30th calendar day after the date the governmental body receives the decision of the attorney general determining that the requested information must be disclosed to the requestor. If the governmental body does not bring suit within that period, the governmental body shall comply with the decision of the attorney general. If a governmental body wishes to preserve an affirmative defense for its officer for public information as provided in Section 552.353(b)(3), suit must be filed within the deadline provided in Section 552.353(b)(3).
Tex. Gov't Code § 552.324. Section 552.353(b)(3) now reads:
(b) It is an affirmative defense to prosecution under Subsection (a) that the officer for public information reasonably believed that public access to the requested information was not required and that:
(3) not later than the 10th calendar day after the date of receipt of a decision by the attorney general that the information is public, the officer or the governmental body for whom the defendant is the officer for public information filed a petition for a declaratory judgment against the attorney general in a Travis County district court seeking relief from compliance with the decision of the attorney general, as provided by Section 552.324, and the cause is pending.
Id. § 552.353(b)(3). And section 552.323(b) now explicitly allows the trial court to shift fees in an action under section 552.324:
(b) In an action brought under Section 552.324, the court may assess costs of litigation and reasonable attorney's fees incurred by a plaintiff or defendant who substantially prevails....
Id. § 552.323(b). This new statutory scheme should prevent the confusion found here from occurring in future cases.
VI. Conclusion
The Legislature's comprehensive statutory scheme that guarantees public access to government information through the PIA, with selected exceptions, does not make birth dates confidential under section 552.101. Because the Court reaches a different result based on an issue the Comptroller waived, I respectfully dissent. I concur in the judgment on the attorney's fees issue.