Earlier today several local reporters and editors, including myself, sent a letter to the City Auditor requesting that his office investigate the widespread use of private email accounts by city officials. This evening, the City Auditor responded.
Here is the full text of his response:
Kevin et al: thanks for your email about City officials’ use of private email for government purposes. City officials and employees should follow the State of Washington’s Public Records Act requirements. However, there are significant audit independence issues if we were to do work that focused on the City Council. Given that we are housed in the same branch of government as the Council, it would compromise the independence of the audit if our office were to audit the Council. Because of this, it’s been our long-standing policy and practice to not audit the Council because of the real or perceived conflict of interest.
To be precise, section 3.14g of the Government Auditing Standards (GAS), which we adhere to, would characterize our placement in City government as raising a structural independence issue. In other words, because we are housed in the same branch of government as the Seattle City Council (i.e., legislative), and perform our work under the direction of the Council, per Seattle Municipal Code 3.40.020, there would be inherent limitations on our ability to perform an independent audit of the Council.
A more appropriate entity to perform the comprehensive project you outlined would be the Washington State Auditor’s Office because, unlike our office, it is completely independent of Seattle City government.
Let me know if you have any questions about the above.
While I understand the issue he raises, it’s certainly disappointing that our city government is structured so that the City Auditor is unable to investigate anything inside an entire branch of the government, and has no provision for engaging an outside independent auditor to do so.
I’m guessing we will probably take this up with the State Auditor. Stay tuned.
It would be interesting to see the way King County is structured.
Charter provision:
ARTICLE VIII Financial and Clerical
Sec. 2. CITY AUDITOR
There shall be a City Auditor who shall examine and verify the accuracy of the accounts and records of the City; inspect the receipt, safekeeping, and disbursement of public funds; and perform such other duties as are prescribed by law. The City Auditor shall have a term of four years and shall be appointed by a majority of the City Council and may be removed for cause by a majority of the City Council. (As amended at November 5, 1991 election, and November 7, 2006 election.)
I agree with the auditor; that office serves at the will of the Council: you need to bring in the state auditor.
Also: why isn’t the Seattle Times included? Were they asked?
The city recently changed the hiring/firing terms for the Director of the Office of Civil Rights to protect her/him from political retaliation. They are contemplating doing the same thing for the director of the new Office of the Employee Ombud. This is a solvable problem. The auditor could also make a reciprocal deal with the King County Auditor to cover for each other when there is a conflict. But to just say “I can’t go anywhere near that” and leave an entire branch of government unaudited is unacceptable.
I asked the Seattle Times more than once. They didn’t respond. I asked other local media outlets too; some of them declined. I can understand the desire to avoid “being the news” rather than “reporting the news.”
“to protect her/him from political retaliation”
What mechanism did they use to do this?
legislating that the director can’t be fired at will by the Mayor, it must for cause. And I believe it requires the consent of a majority of the Council as well.
The director position is a fixed-term appointment, so the Mayor could choose not to reappoint someone, but can’t fire them at short notice to interfere with an action about to be taken or immediately following an unpopular but otherwise justified action.
Jalair: King County is the same; the auditor is a creature of the legislative body—
Section 250 County Auditor.
The county auditor shall be appointed by a majority of the county council and shall be responsible to the council for conducting, or causing to be conducted, independent post audits of county agencies for the purpose of reporting to the council regarding the integrity of the function of the financial management system, the quality and efficiency of agency management, and the effectiveness of programs. In carrying out this purpose, the auditor shall perform the following audits within guidelines established by the county council by ordinance: financial and compliance audits to supplement those performed by the state pursuant to general law, economy and efficiency audits, and program result audits. In addition, the auditor shall perform such special studies as may be requested by the council. The auditor shall report the results of each agency audit to the county council. Annual audits shall continue to be performed by the state in accordance with general law.
The organization and administration of the auditor’s office shall be sufficiently independent to assure no interference or influence external to the organization shall adversely affect an independent and objective judgment by the auditor and the auditor shall be provided a discrete budget and staff allocation. (Ord. 8649 §1, 1988).
If you are looking for a different model, check out the City of Portland. They have an independent elected auditor. Of course, their city governance structure is different also.
BTW: I did see the the explanation from CM Sawant’s office re: use of Gmail. assertion that ‘private’ accounts were only used for document sharing via Google drive, etc. definitely seems plausible… (and I do hope that’s the case).
However, if EXCLUSIVE purpose for side accounts was for file share etc, CMs + Leg. should be happily willing to share contents of those shared e-mail accounts and drives with journalists, right?
After all – the e-mail inboxes should basically be empty anyway – and the file storage would be Municipal assets.
No reason that CMs should be saving HIPAA type content on their City drives – so an argument for ‘privacy’ concerns seems to fall short and public disclosure should give us access to all drive content and e-mail exchanges.