mitchell hamline school of law

Minnesota Administrative Procedure

Chapter 13. The Minnesota Government Data Practices Act and Contested Case Hearings

Original Author: Robert Nardi

Revised in 2014 by LauraSue Schlatter and Stacie Christensen

Revised in 2022-23 by Stacie Christensen

Download a PDF of Chapter 13

13.1 Introduction

The Minnesota Government Data Practices Act[1] (Data Practices Act) is a legislative attempt to balance competing interests with respect to various types of information held by the government.[2] In Minnesota Medical Association v. State,[3] the Minnesota Supreme Court stated that the purpose of the Data Practices Act was to “control the state’s collection, security, and dissemination of information in order to protect the privacy of individuals while meeting the legitimate needs of government and society for information.”[4]

In concept, at least, the Data Practices Act is analogous to the federal Freedom of Information Act[5] and the federal Privacy Act.[6] The federal Freedom of Information Act deals with how the general public can obtain access to information in the possession of the federal government, while the federal Privacy Act provides certain rights for persons who are the subject of information held by federal agencies. The Data Practices Act combines access rights, privacy rights, and due process rights into one act. It is also important to understand that the Data Practices Act is not a records retention act and, thus, does not require the retention of data.[7] It simply provides how data must be treated when it is collected and stored by the government.

In summary, the Data Practices Act sets up a classification system that determines what data is public and what is not public and who has access to data that is not public.[8] It also provides certain rights to individuals who are asked to provide data concerning themselves[9] or who are the subject of stored data.[10] Specific duties are imposed on those government entities that collect and store data,[11] and penalties are imposed for violations of the provisions of the Data Practices Act.[12]

13.2 Who Is Covered by the Data Practices Act

The Data Practices Act has broad application to government in the state of Minnesota. All state agencies, political subdivisions, and statewide systems are subject to the Data Practices Act under the definition of “government entity.”[13] “State agency” is defined as “the state, the University of Minnesota, and any office, officer, department, division, bureau, board, commission, authority, district or agency of the state.”[14] A “political subdivision” is defined to include:

[A]ny county, statutory or home rule charter city, school district, special district, any town . . . in the metropolitan area, . . . and any board, commission, district or authority created pursuant to law, local ordinance or charter provision. It includes any nonprofit corporation which is a community action agency organized pursuant to the economic opportunity act of 1964 (P.L. 88– 452) as amended, to qualify for public funds, or any nonprofit social service agency which performs services under contract to a government entity, to the extent that the nonprofit social service agency or nonprofit corporation collects, stores, disseminates, and uses data on individuals because of a contractual relationship with a government entity.[15]

A “statewide system” is defined to include “any record-keeping system in which government data is collected, stored, disseminated and used by means of a system common to one or more state agencies or more than one of its political subdivisions or any combination of state agencies and political subdivisions.”[16]

In addition to its application to government entities, some or all of its provisions may be applicable to non-government entities under contract with government entities.[17] A government entity entering into a contract with a private party to perform any of its functions must include a notice that the data collected by the private person is subject to the Data Practices Act. Failure to include the notice in the contract does not invalidate the application of the statute.[18]

The statute specifically exempts the judiciary in Minnesota from the provisions of the Data Practices Act.[19] The court system is governed by the Rules of Public Access to Records of the Judicial Branch adopted by the Minnesota Supreme Court.[20]

13.3 What Data is Covered by the Data Practices Act

The Data Practices Act uses the word data throughout its provisions but never defines that term. It does, however, define the phrase “government data” as “[all data collected, created, received, maintained or disseminated by any government entity regardless of its physical form, storage media or conditions of use.”[21] Under this extremely broad definition, government data includes such forms of data as notes, drafts of documents or reports, email, tape recordings, phone messages, pictures, and computer USB flash drives. However, by not specifically defining what data is, the legislature left open the question of whether government data includes information contained within the minds of government employees in those cases where such information has never been reduced to some physical form.

This question was considered by the Minnesota Court of Appeals in Keezer v. Spickard,[22] a case in which a sheriff and a county caseworker had made oral comments about the plaintiff’s mental status. The Court noted that, read literally, “government data” could include knowledge that exists only in the mind of a government employee. It decided that this would lead to absurd results and observed that it was nearly impossible to regulate any function related to data until a record is created somewhere outside the human brain.[23] The court held that in order to show a violation of the Act, a plaintiff must show that the data was recorded in some physical form. But where private recorded data is disclosed orally, the Act is violated.[24]

Data need not be in the physical possession of the agency to be government data. It has been held that tape recordings and field notes retained by a private investigator were public data where a state university contracted with the investigator to do a background check on an applicant for the position of director of security.[25]

13.4 Classification System

The classification system used in the Data Practices Act is the key for determining what access is available and by whom. Presently, there are four types of government data: data on individuals, (2) data not on individuals, (3) data on decedents, and (4) summary data. Data on individuals is defined as:

[A]ll government data in which any individual is or can be identified as the subject of that data, unless the appearance of the name or other identifying data can be clearly demonstrated to be only incidental to the data and the data are not accessed by the name or other identifying data of any individual.[26]

Data not on individuals is simply defined as “all government data that are not data on individuals.”[27]

For purposes of accessibility, data on individuals is classified as public, private, or confidential, and data not on individuals is classified as public, nonpublic, or protected nonpublic.[28] Both private data on individuals and nonpublic data consist of data that by state statute, temporary classification, or federal law are (1) not public, (2) accessible to the subjects of the data and, (3) accessible to entities and individuals within whose entities whose work assignment reasonably requires access.[29] Confidential data on individuals and protected nonpublic data consist of data that by state statute, temporary classification, or federal law are (1) not accessible to the general public, (2) not accessible to the subject of the data, and (3) accessible to entities and individuals within those entities whose work assignment reasonably requires access.[30] Data on individuals is public, unless classified as private or confidential. Likewise, data not on individuals is also public if not classified as nonpublic or protected nonpublic.[31]

The category of data on decedents is designed to solve the problem of how to treat data on an individual that was created, collected, or maintained prior to the death of the individual. Data on decedents are classified as either private data on decedents or confidential data on decedents.[32] These classifications cover data that, before the death of the data subject, were classified by state statute or federal law as private data on individuals or confidential data on individuals respectively.[33] Private data on decedents and confidential data on decedents will become public when two conditions are met: ten years must elapse from the date of the actual or presumed death and thirty years must elapse from the date of creation of the data.[34] Rights under this classification are to be exercised by the representative of the decedent.[35] Data on decedents may be released earlier if ordered bythe district court.[36] For the purposes of the Act, data created or collected about individuals after their death is treated as data not on individuals.[37]

The final category, summary data, is simply data that has been derived or summarized from data on individuals and from which all data elements that could link the data to a specific individual have been removed.[38] Examples of summary data include statistical data, case studies, or reports of incidents that do not identify data subjects. Summary data is available to the general public unless otherwise classified by state statute or federal law.[39]

When government data is classified as private, confidential, nonpublic, or protected nonpublic, it is referred to as “not public data.”[40] Not public data can only be so classified by state statute, temporary classification, or federal law.[41]

State statutes that classify data as “not public” can be found not only in the Data Practices Act but in other statutory provisions as well.[42] Thus, specific provisions of the Data Practices Act as well as other statutory provisions relevant to the subject matter of the data must be checked in order to determine whether the particular piece of data is classified as “not public.” The related statutory provisions are no longer at the end of the act, but are inserted in the relevant section of the Data Practices Act. For example, if welfare data is involved, then both welfare data provisions of the Data Practices Act and statutes dealing with public assistance or welfare must be examined. However, there is no need to check state rules covering a particular area because only statutes can classify data.[43]

Since data can also be classified as not public by federal law, it is important to be familiar with any federal case law, federal statutes, or federal regulations that may cover the subject matter of the data. Generally, the federal law must make the data not public in the hands of a state agency for the Data Practices Act to prohibit its dissemination.[44]

Temporary classifications can also affect the classifications of government data. These classifications are established through a temporary classification procedure in the Data Practices Act.[45] Entities covered by the Act can apply to the state commissioner of administration for a not public classification of government data. Each year the commissioner of administration is required to submit all temporary classifications in effect to the legislature for its consideration concerning whether the temporary classification should become permanent. The temporary classification then expires on August 1st of the year following the year it is submitted to the legislature.[46]

13.5 Access to Public Government Data

On a request made to the responsible authority[47] or his or her designee, a person shall be permitted to inspect and copy public government data at reasonable times and places.[48] The responsible authority may not charge a fee for the inspection of the data; however, if copies are requested, it may require the requesting person to pay the actual costs of searching for and retrieving the data and for making, certifying, or electronically transmitting copies of the data.[49] The agency may not charge for separating public from not public data. However, if 100 or fewer pages of black and white, letter or legal size paper copies are requested, actual costs shall not be used, and instead, the responsible authority may charge no more than 25 cents for each page copied.[50] If copies cannot be provided at the time of the request, they must be provided as soon thereafter as possible.[51] If the responsible authority or designee determines that the requested data is classified in a manner that precludes access, he or she must inform the person requesting access, either orally at the time of the request or in writing as soon thereafter as possible.[52] Access may not be denied because a document has both public and not public data unless the public and not public data are so inextricably intertwined that segregation of the material would impose a significant financial burden and leave the document with little informational value.[53] In informing the person requesting access that access is denied, the responsible authority or designee must cite the specific state statute, temporary classification, or federal law that establishes the classification prohibiting public access.[54] On request, the responsible authority or designee must certify in writing that access is being denied and the specific state statute, temporary classification, or federal law that prohibits access.[55]

Additionally, The Data Practices Act requires that responsible authorities “keep records containing government data in such an arrangement and condition as to make them easily accessible for convenient use.”[56]

13.6 Rights of Individual Subjects of Data

An individual asked to supply private or confidential data concerning him or her must be informed of the following:

  1. the purpose and intended use of the requested data within the collecting government entity;
  2. whether he or she may refuse or is legally required to supply the requested data;
  3. any known consequence arising from his or her supplying or refusing to supply private or confidential data; and
  4. the identity of other persons or entities authorized by state or federal law to receive the data.[57]

The above notice is referred to as the “Tennessen Warning.”[58] Its purpose is to inform individuals of the request for the data and of their rights, so that they can better decide whether to provide the requested data to the government entity. When the entity fails to give the warning, it cannot use or disseminate that data for any purpose.[59] But where a public employer gathers information from an employee in the course of an investigation, it is not collecting private or confidential data about the employee and no Tennessen warning is required.[60] This warning is not required to be given when an individual is asked to supply criminal investigative data to a law enforcement officer.[61]

In addition to the above notice or warning, an individual has the right to discover whether he or she is the subject of stored data on individuals and whether it is classified as public, private, or confidential.[62] If such data exists, the individual has the right to see public data or private data of which he or she is the subject at no charge.[63] Also, if requested, the individual must be informed of the content and meaning of the data and may obtain copies of the data.[64] The responsible authority may require the requesting person to pay the actual cost of making and certifying the copies.[65] After an individual has been shown the public or private data and informed of its meaning, the data need not be disclosed to the individual for six months thereafter unless (1) the individual challenges the accuracy or completeness of the data, or (2) additional data on the individual has been collected or created.[66]

Finally, an individual may contest the accuracy or completeness of public or private data concerning himself or herself.[67] Accurate data is that which is reasonably correct and free from error.[68] Complete data is that which reasonably reflects the history of an individual’s transactions with the agency. Omissions that place the individual in a false light are not permitted.[69] The review by the commissioner extends not only to facts maintained by an agency but also to conclusions recorded by the agency.[70] The appeal process is begun by notifying the responsible authority for the entity holding the data in writing of the nature of the disagreement with respect to the accuracy or completeness of the data.[71] Within thirty days after receiving the notification, the responsible authority must either (a) correct the data found to be inaccurate or incomplete and attempt to notify past recipients of the inaccurate or incomplete data; or (b) notify the individual subject of the data that the data is considered to be accurate and complete.[72] Data in dispute can only be disclosed if the disclosure includes the individual’s statement of disagreement.[73]

The determination of a responsible authority with respect to the accuracy and completeness of the data may be appealed to the state commissioner of administration and is treated as a contested case under the APA.[74] An appeal must be submitted to the commissioner within 180 days of an adverse determination by the responsible authority. But if the agency has informed the individual of the right to appeal, in writing, the appeal must be submitted within 60 days.[75] The contents of the appeal notice are set out in rule.[76] Before initiation of a contested case the commissioner must try to resolve the dispute through education, conference, conciliation, persuasion, or, if the parties agree, mediation.[77] If a settlement is not reached, the commissioner initiates a contested case hearing under the APA by issuing a notice of and order for hearing. Upon initiation of the contested case hearing, the case is referred to an administrative law judge from the Office of Administrative Hearings for a hearing and recommended decision. The case is then returned to the commissioner of administration for a final decision. The review by the commissioner is de novo.[78]

13.7 Duties of Responsible Authority

The responsible authority in a government entity is the individual designated as being responsible for the collection, use, and dissemination of any government data.[79] Specific duties are imposed on the responsible authority by the Data Practices Act, including the duty to:

Keep records containing government data in an arrangement and condition that will make them easily accessible for convenient use;[80]

  1. Establish procedures to insure that requests for government data are received and complied with in an appropriate and prompt manner;[81]
  2. Appoint one or more designees, if desirable;[82]
  3. Appoint or designate an employee of the government entity to act as the entity’s data practices compliance official;[83]
  4. Prepare a data inventory containing the responsible authority’s name, title, and address and a description of each category of record, file, or process relating to private or confidential data on individuals maintained by the government entity;[84]
  5. Assure that the collection and storage of all data on individuals and the use and dissemination of private and confidential data on individuals is limited to that necessary for the administration and management of programs specifically authorized by the legislature or the local governing body or mandated by the federal government;[85]
  6. Assure that private or confidential data on an individual is not collected, stored, used, or disseminated for any purposes other than those stated to the individual at the time of collection in accordance with Minnesota Statutes, section 13.04;[86]
  7. Establish procedures to assure that all data on individuals is accurate, complete, and current for the purposes for which the data was collected;[87]
  8. Establish appropriate security safeguards for all records containing data on individuals, including procedures for ensuring that data that are not public are only accessible to persons whose work assignment reasonably requires access to the data, and is only being accessed by those persons for purposes described in the procedure and develop a policy incorporating these procedures, which may include a model policy governing access to the data if sharing of the data with other government entities is authorized by law;[88]
  9. Prepare a written data access policy and update it no later than August 1 of each year, and at any other time as necessary to reflect changes in personnel, procedures, or other circumstances that impact the public’s ability to access data; and[89]
  10. Prepare a public document setting forth the rights of data subjects and the specific procedures in effect for access by data subjects to public or private data on individuals.[90]

These specific duties of the responsible authority are consistent with the overall purpose of the Data Practices Act — to control the collection, security, and dissemination of information in order to protect the privacy of individuals while meeting the legitimate needs of government and society for information.[91] To assist the responsible authority in each government entity, the data practices compliance official answers questions about access to data for the entity.[92] Failure of the responsible authority to fulfill these duties may result in a cause of action against the responsible authority as discussed in the next section.

Any entity subject to the Data Practices Act or responsible authority that violates the Data Practices Act can be sued by any individual or representative of a decedent for damages sustained as a result of the violation plus costs and reasonable attorneys’ fees.[93] The statute of limitations on such actions is six years.[94] In cases of willful violation, the government entity may be liable for exemplary damages of not less than $1,000 and not more than $15,000, for each violation.[95] Injunctive relief is available to stop violations or proposed violations.[96] In addition, an aggrieved person may bring an action in district court to compel compliance with the Data Practices Act. In such an action, the court may award the person costs and disbursements, including reasonable attorneys’ fees.[97] However, any action brought that is frivolous and without merit or basis in fact may subject the person bringing the action to reasonable costs and attorneys’ fees.[98] Finally, any person who willfully violates the provisions of the Data Practices Act or any of its rules is guilty of a misdemeanor, and with respect to a public employee, a willful violation constitutes just cause for suspension without pay or dismissal.[99]

A member of the public requesting data whose request is denied by a government entity may request that the commissioner of administration issue an opinion concerning the data.[100] A government entity may also request an opinion from the commissioner.[101] Opinions may address the rights of data subjects, public access to data and the classification of data. Although the opinions are not binding on the entity, courts must give deference to them.[102] Entities relying on an opinion of the commissioner are freed of liability for damages, attorney fees or costs.[103] The attorney general may issue an opinion that takes precedence over that of the commissioner.[104]

13.9 Application of the Data Practices Act to Contested Cases

The impact of the Data Practices Act on the contested case proceedings under the APA can be significant. In many contested cases proceedings, there will be a need for one or more of the parties to have access to “not public” data for the preparation and presentation of their case. Thus, questions of the accessibility of not public data to a party not otherwise entitled to access, and the treatment of that data in the hearing record, will arise. Of course, a party can gain access to private or nonpublic data with the informed consent and express written permission of the subject of that data.[105]

13.9.1 Discoverability of “Not Public” Data

The rules of the Office of Administrative Hearings (OAH) provide for discovery from both a party and a nonparty to a contested case:

Any means of discovery available pursuant to the Rules of Civil Procedure for the District Court of Minnesota is allowed. If the party from whom discovery is sought objects to the discovery, the party seeking discovery may bring a motion before the judge to obtain an order compelling discovery. In the motion proceeding, the party seeking discovery shall have the burden of showing that the discovery is needed for the proper presentation of the party’s case, is not for purposes of delay, and that the issues or amounts in controversy are significant enough to warrant the discovery. In ruling on a discovery motion, the judge shall recognize all privileges recognized at law.[106]

In addition, in regard to non-parties, the OAH rules provide that:

Requests for subpoenas for the attendance of witnesses or the production of documents, either at a hearing or for the purposes of discovery, shall be in writing to the judge, shall contain a brief statement demonstrating the potential relevance of the testimony or evidence sought, shall identify any documents sought with specificity, shall include the full name and home address of all persons to be subpoenaed and, if known, the date, time, and place for responding to the subpoena.[107]

Thus, under normal circumstances, the administrative law judge (ALJ) could order discovery of information from either a party or authorize a subpoena to a nonparty to a contested case. However, questions may arise when the information sought by a party involves data that is classified as not public under the Data Practices Act.

The Data Practices Act includes a section on the discoverability of not public data that provides:


If a state agency, political subdivision, or statewide system opposes discovery of government data or release of data pursuant to court order on the grounds that the data are classified as not public, the party that seeks access to the data may bring before the appropriate presiding judicial officer, arbitrator, or administrative law judge an action to compel discovery or an action in the nature of an action to compel discovery.

The presiding officer shall first decide whether the data are discoverable or releasable pursuant to the rules of evidence and of criminal, civil or administrative procedure appropriate to the action.

If the data are discoverable the presiding officer shall decide whether the benefit to the party seeking access to the data outweighs any harm to the confidentiality interests of the agency maintaining the data, or of any person who has provided the data or who is the subject of the data, or to the privacy interest of an individual identified in the data. In making the decision, the presiding officer shall consider whether notice to the subject of the data is warranted and, if warranted, what type of notice must be given. The presiding officer may fashion and issue any protective orders necessary to assure proper handling of the data by the parties. If the data are a videotape of a child victim or alleged victim alleging, explaining, denying, or describing an act of physical or sexual abuse, the presiding officer shall consider the provisions of section 611A.90 subdivision 2, paragraph (b).[108]

Under this language, the ALJ has the clear authority to order the discovery of not public data under the appropriate circumstances. The order can be obtained by filing a motion under the OAH rules.[109] Or, the issue can be raised through a motion to quash a subpoena.[110] The inspection of the materials sought is accomplished under the procedure set out in Erickson v. MacArthur.[111] In Erickson, the Minnesota Supreme Court required an in camera review of the requested material prior to the issuance of an order compelling disclosure, so that the requirements of section 13.03, subdivision 6 could be meaningfully applied.[112] The statutory two-part analysis is mandatory rather than optional.[113]

The agency in possession of the not public data is protected under a provision in the Data Practices Act that provides that “[a] government entity or person that releases not public data pursuant to an order under section 13.03 subdivision 6 is immune from civil and criminal liability.”[114] For this reason an agency is usually reluctant to release not public data without an order directing it to do so.[115]

13.9.2 The Data Practices Act as a Discovery Tool

One of the purposes of the Data Practices Act is to ensure that public data maintained by agencies is readily available. Data is presumed to be public unless there is a law to the contrary.[116] Upon request, a person must be permitted to inspect public government data without charge except for the costs of retrieving and copying the data.[117] The data must be provided as soon as reasonably possible, and, in the case of data on an individual, the data must be provided immediately or within 10 business days if requested by the subject of the data.[118]

Litigants seeking public data in the hands of the government may find the Data Practices Act to be a useful companion to, but not a substitute for, civil or administrative discovery. A litigant would be entitled to not only public data, but also to private or nonpublic data about itself.[119] There is nothing in the Act, which restricts the availability of data on the basis of need, or the requestors intended use of the data.[120] Government entities may not require persons to identify themselves, or to state a reason for requesting public data or to justify a request for public data.[121] Legitimate entity concerns about requests from litigants include the possibility of duplicative searches for and production of documents and the possibility of requests for data that is not relevant to the litigation. It has been argued, however, that public access is the paramount objective under the Act and since a party has a clear right to access data before litigation, denying access to a litigant would not make sense and would only encourage the filing of requests prior to litigation. It has been suggested that pre-litigation requests would be more numerous and more oppressive to the entity if litigation requests are denied.[122]

The Act itself limits the availability of data collected as part of an active investigation for the purpose of a pending civil legal action or in anticipation of a pending civil legal action. This data is confidential if it is about individuals and protected nonpublic if it is data not on individuals.[123] The “chief attorney” for the agency determines whether or not a civil legal action is pending.[124] A challenge to the determination must be brought in district court.[125] But some inactive civil investigative data is public. The investigation becomes inactive when a decision is made not to pursue the action or when the statute of limitations or the appeal period expires.[126]

13.9.3 Use of Not Public Data at a Contested Hearing

Notwithstanding the above two sections of the Data Practices Act, a question may still remain about whether an agency can introduce not public data that has not been the subject of a discovery order, as evidence at a contested case hearing. For example, suppose an agency, in defense of a discrimination charge, wishes to introduce certain private personnel data on other employees to show that it has treated all employees the same. The agency can, seek an appropriate order from the ALJ, before the contested case hearing, relying on provisions in the Minnesota APA:

All evidence, including records and documents containing information classified by the law as not public, in the possession of the agency of which it desires to avail itself or which is offered into evidence by a party to a contested case proceeding, shall be made a part of the hearing record of the case. No factual information or evidence shall be considered in the determination of the case unless it is part of the record. Documentary evidence may be received in the form of copies or excerpts, or by incorporation by reference. When the hearing record contains information which is not public, the administrative law judge or the agency may conduct a closed hearing to discuss the information, issue necessary protective orders, and seal all or part of the hearing record.[127]

The statute makes it clear that even not public data must be in the record to be considered in a contested case. Where it is appropriate to maintain the not public status of the data in the contested case record, the ALJ is authorized to close all or a portion of the hearing, or to seal all or a portion of the record, such as individual exhibits or portions of the transcript.[128] Under the authority to seal a part of the hearing record, an ALJ may also order that initials be used in place of proper names in a contested case record. This is most commonly ordered for minor and victims in cases in which the identification of these persons would have adverse consequences for them. The use of initials is authorized by rule.[129] The level of not public status accorded to any data by the judge should be the least restrictive necessary to accomplish the purpose.

13.10. Expedited Data Practices Complaints

In 2010, the legislature added Minnesota Statutes, section 13.085, to the Data Practices Act, creating an expedited complaint procedure for alleged violations of the Act.[130] The statute permits a complainant alleging a violation of the Data Practices Act to file a complaint requesting an order to compel compliance with the Act.[131] The complaint is subject to a two-year limitations period, unless the act or failure to act that is the subject of the complaint involves concealment or misrepresentation by the government that could not be discovered during that period. In that case, the complainant has one year after the concealment or misrepresentation is discovered.[132] A statutory fee of $1,000 (or a bond to guarantee payment of the fee) must accompany the complaint when it is filed.[133] The OAH has a standard form for Expedited Data Practices Complaints posted at its website.[134]

Once a complaint is received, OAH must immediately notify the Respondent.[135] The Respondent must file a response to the complaint within 15 business days of receiving the notice, unless the time is extended by OAH for good cause shown.[136] OAH must also notify, if practicable, an individual or entity that is the subject of all or part of the data at issue.[137] OAH is also required to notify the Commissioner of Administration when a complaint is received. If the Commissioner of Administration accepted a request for an opinion pursuant to Minnesota Statutes section 13.072 on the same matter before the complaint was filed with OAH, the complaint must be dismissed and the filing fee refunded.[138]

The ALJ must make a preliminary determination on the complaint within 20 business days after the Response is filed, or the time to respond has expired. The ALJ may determine that the complaint presents insufficient facts to establish probable cause to believe that a violation of the Data Practices Act has occurred and dismiss the complaint; or the ALJ may determine that the complaint establishes probable cause to believe that a violation of the Act has occurred, and a hearing must be scheduled.[139]

If the complaint is dismissed, the complainant may petition the Chief ALJ for reconsideration within five business days after the complaint is dismissed. If the Chief ALJ determines that the ALJ made a clear material error, the matter will be scheduled for a hearing.[140]

A hearing on the complaint must be held within 30 days after the parties are notified that a hearing will be held. The parties and the ALJ may waive an oral hearing.[141] Parties may submit evidence, affidavits, documentation and arguments at a hearing.[142] The ALJ may continue a hearing to enable the parties to submit additional evidence or testimony and must consider any evidence submitted until the hearing record is closed.[143] The hearing must be open to the public, but the ALJ may inspect the disputed data in camera, and close the hearing as needed to consider not public information in the record.[144] The ALJ may also issue needed protective orders, and seal all or part of the hearing record.[145] Proceedings on a complaint brought pursuant to section 13.085 are not contested cases or governed by chapter 14, except to the extent specified by section 13.085.[146]

Within ten business days after the hearing record closes, the ALJ must render a decision. The ALJ must determine whether a violation of the Data Practices Act occurred, and must make at least one of the following dispositions:

  • (1) dismiss the complaint;
  • (2) find that an act or failure to act constituted a violation of this chapter;
  • (3) impose a civil penalty against the respondent of up to $300;
  • (4) issue an order compelling the respondent to comply with a provision of law that has been violated, and may establish a deadline for production of data, if necessary; and
  • (5) refer the complaint to the appropriate prosecuting authority for consideration of criminal charges.[147]

An order issued pursuant to section 13.085 is enforceable through the district court in the district where the Respondent is located.[148]

A final decision on a complaint may be appealed pursuant to Minnesota Statutes, sections 14.63 to 14.69.[149] The decision is not controlling in a subsequent action in district court for alleging the same violation and seeking damages. A government entity or person that releases data pursuant to an order issued under section 13.085 is immune from civil and criminal liability for that release.[150]

The statute establishes a rebuttable presumption that a complainant who substantially prevails on the merits in an action brought under section 13.085 is entitled to an award of reasonable attorney fees, up to $5,000, unless the ALJ determines that the violation is merely technical or that there is a genuine uncertainty about the law’s meaning.[151] In addition, if the Respondent government entity was also the subject of a written opinion pursuant to Minnesota Statutes, section 13.072, and the ALJ finds that the opinion was directly related to the matter in dispute and the government entity failed to act in conformity with the opinion, reasonable attorney fees up to $5,000 must be awarded to the complainant.[152]

OAH must refund the $1,000 filing fee to a substantially prevailing complainant, except for $50. In such a case, OAH’s costs, up to $1,000 must be billed to the Respondent.[153]

If the ALJ determines that the complaint was frivolous, or brought for purposes of harassment, the ALJ must order that the complainant pay the Respondent’s reasonable attorney’s fees, not to exceed $5,000.

Footnotes

  1. Minn. Stat. §§ 13.01-.90 (2021).
  2. Rules adopted by the Commissioner of Administration supplement the Data Practices Act. See Minn. R. 1205.0100-.2000 (2021).
  3. 274 N.W.2d 84 (Minn. 1978).
  4. Id. at 87.
  5. 5 U.S.C. § 552 (2013).
  6. Id. § 552a.
  7. See Minn. Stat. §§ 15.17 (detailing what records must be kept by public officials), 138.17 (setting forth records destruction procedure for public documents) (2021).
  8. See, e.g., id. §§ 13.02, .03.
  9. Id. § 13.04, subd. 2.
  10. Id. subd. 3.
  11. Id. §§ 13.025, .05.
  12. Id. § 13.09.
  13. Minn. Stat. § 13.01, subd. 1.
  14. Id. § 13.02, subd. 17.
  15. Id., subd. 11.
  16. Id., subd. 18.
  17. Id. §§ 13.02, subd. 11, .05, subds. 6, 11, .46 subds. 1, 5.
  18. Id. § 13.05, subd. 11; see also Helmberger v. Johnson Controls, Inc., 839 N.W.2d 527, 533-34 (Minn. 2013). The court’s decision in Helmberger was subsequently addressed by legislative action. 2014 Minn. Laws, ch. 293, § 2, at 1 (appending the quoted text to subd. 11).
  19. Minn. Stat. § 13.90 (2021).
  20. Minnesota R. Pub. Access To Recs. Of Jud. Branch 1-11.
  21. Minn. Stat. § 13.02, subd. 7 (2021).
  22. 493 N.W.2d 614 (Minn. Ct. App. 1992).
  23. Id. at 618.
  24. Navarre v. S. Wash. Cnty. Schs., 652 N.W.2d 9, 25 (Minn. 2002) (finding disclosure of mental impressions derived directly from personnel data in physical form is private data); Deli v. Hasselmo, 542 N.W.2d 649, 654 (Minn. Ct. App. 1996).
  25. Pathmanathan v. St. Cloud State Univ., 461 N.W.2d 726, 728 (Minn. Ct. App. 1990).
  26. Minn. Stat. § 13.02, subd. 5 (2021).
  27. Id. subd. 4.
  28. Id. subds. 3, 9, 12-15.
  29. Id. subds. 9, 12; MINN. R. 1205.0400, subp. 2 (2021).
  30. Minn. Stat. § 13.02, subds. 3, 13 (2021); MINN. R. 1205.0600, subp. 2 (2021).
  31. Minn. Stat. § 13.03, subd. 1 (2021).
  32. Id. § 13.10, subd. 1.
  33. Id.
  34. Id., subd. 2.
  35. Id., subd. 3. But see Estate of Benson v. Minn. Bd. of Med. Practice, 526 N.W.2d 634, 637-38 (Minn. Ct. App. 1995) (denying claim for invasion of decedent’s statutory privacy interests where the wrongful publications occurred prior to decedent’s death).
  36. Minn. Stat. § 13.03, subd. 4 (2021).
  37. Minn. R. 1205.0200, subp. 8 (2021).
  38. Minn. Stat.§ 13.02, subd. 19 (2021).
  39. Id. § 13.05, subd. 7.
  40. Id. § 13.02, subd. 8a.
  41. Id. § 13.03, subd. 1.
  42. Additionally, two 2016 Minnesota Supreme Court cases discuss how the purpose for maintaining data and the location of where data are maintained impact the classification of the data, see KSTP TV v. Metropolitan Council, 884 NW 2d 342 (Minn. 2016) and Harlow v. State Dept. of Human Services, 883 N.W.2d 561 (Minn. 2016).
  43. § 13.03, subd. 1.
  44. Prairie Island Indian Cmty. v. Dep’t of Pub. Safety, 658 N.W.2d 876, 882-83 (Minn. Ct. App. 2003).
  45. Minn. Stat. § 13.06 (2014).
  46. Id., subd. 7.
  47. Minn. Stat. § 13.02, subd. 16 (2021) (defining responsible authority).
  48. Id. § 13.03, subd. 3.
  49. Id. (b).
  50. Id. (c); Demers v. City of Minneapolis, 468 N.W.2d 71, 75 (Minn. 1991).
  51. Minn. Stat.§ 13.03, subd. 3(c) (2021).
  52. Id. (f).
  53. Nw. Publ’ns Inc. v. City of Bloomington, 499 N.W.2d 509, 511 (Minn. Ct. App. 1993).
  54. Minn. Stat. §13.03, subd. 3(f) (2021).
  55. Id.
  56. Minn. Stat. §13.03, subd. 1 (2021), see also Webster v. Hennepin Cnty., 910 N.W.2d 420 (Minn. 2018), finding that multi-mailbox keyword searches on a Microsoft Exchange Server are ‘convenient,’ and the responsive emails ‘accessible,’ when the systems are used as designed.
  57. Minn. Stat. § 13.04, subd. 2 (2021).
  58. Id.; see Donald A. Gemberling & Garry A. Weissman, Data Practices at the Cusp of the Millennium, 22 Wm. Mitchell L. Rev. 767, 788 (1996); Donald A. Gemberling & Garry A. Weissman, Data Privacy: Everything You Wanted to Know about the Minnesota Government Data Practices Act—From “A” to “Z”, 8 Wm Mitchell L. Rev. 573, 586 (1982).
  59. Gemberling & Weissman, Data Practices, supra note 58, at 779-80.
  60. Kobluk v. Univ. of Minn., 613 N.W.2d 425, 427 (Minn. Ct. App. 2000); Edina Educ. Assoc. v. Bd. of Educ. of Indep. Sch. Dist. No. 273, 562 N.W.2d 306, 311 (Minn. Ct. App. 1997).
  61. Minn. Stat. § 13.04, subd. 2 (2021).
  62. Id. subd. 3.
  63. Id.; Wiegel v. City of St. Paul, 639 N.W.2d 378, 384-85 (Minn. 2002) (finding interviewer notes on employee applying for a promotion was private data available to the employee as a matter of right).
  64. Minn. Stat. § 13.04, subd. 3 (2021).
  65. Id.
  66. Id.
  67. Id., subd. 4. But determinations of maltreatment of vulnerable adults or children can only be challenged by the process outlined in §§ 260E.35 and 626.557.
  68. Minn. R. 1205.1500, subp. 2(A) (2021).
  69. Id. (B).
  70. Hennepin Cnty. Cmty. Servs. Dept. v. Hale, 470 N.W.2d 159, 164 (Minn. Ct. App. 1991); see Schwanke v. Dept. of Admin., 851 N.W.2d 591, 594-95 (Minn. 2014) (individual can challenge a personnel evaluation completed by a supervisor); see also In re Dunbar, 620 N.W.2d 45, 47 (Minn. Ct. App. 2000) (upholding a decision by the Commissioner of Administration directing a school district to rescind and destroy a letter drafted by its employees that criticized a foster care provider).
  71. Minn. Stat. § 13.04, subd. 4(a) (2021).
  72. Id.
  73. Id.
  74. Id. The procedure for exercising the right of appeal is found in MINN. R. 1205.1600 (2021).
  75. Minn. R. 1205.1600, subp. 2 (2021).
  76. Id. subp. 3.
  77. Minn. Stat. § 13.04, subd. 4 (2021).
  78. Hennepin Cnty. Comty. Servs. Dept. v. Hale, 470 N.W.2d 159, 165 (Minn. Ct. App. 1991).
  79. Minn. Stat. § 13.02, subd. 16 (2021).
  80. Id. § 13.03, subd. 1.
  81. Id. subd. 2(a). The procedures are required to be in writing and copies must be easily available. Id. (b).
  82. Minn. Stat. § 13.03, subd. 2(b) (2021).
  83. Id. § 13.05, subd. 13.
  84. Id. § 13.025, subd. 1.
  85. Id. § 13.05, subd. 3.
  86. Id., subd. 4.
  87. Id., subd. 5(a).
  88. Id.
  89. Id. § 13.025, subd. 2.
  90. Id., subd. 3.
  91. Minn. Med. Ass’n v. State, 274 N.W.2d 84, 87 (Minn. 1978).
  92. Minn. Stat. § 13.05, subd. 13 (2021).
  93. Id. § 13.08, subd. 1; see also Westrom v. Dep’t of Labor & Indus., 686 N.W.2d 27, 34-37 (Minn. 2004) (finding, where family sued for damages because Department released penalty orders and written objections to those orders to the news media, that data was collected as part of an active investigation leading to a civil legal action and, therefore, confidential and nonpublic pursuant to Minn. Stat. § 13.39); Navarre v. S. Wash. Cnty. Schs., 652 N.W.2d 9, 29-31 (Minn. 2002) (concluding that damages recoverable under the Data Practices Act include damages for emotional harm and loss of reputation). But see Estate of Benson v. Minn. Bd. of Med. Practice, 526 N.W.2d 634, 637-38 (Minn. Ct. App. 1995) (denying claim for invasion of decedent’s statutory privacy interests where the wrongful publications occurred prior to decedent’s death).
  94. Manteuffel v. City of N. St. Paul, 570 N.W.2d 807, 812 (Minn. Ct. App. 1997)
  95. Minn. Stat. § 13.08, subd. 1 (2021).
  96. Id., subd. 2.
  97. Id., subd. 4; Wiegel v. City of St. Paul, 639 N.W.2d 378, 383-84 (Minn. 2002) (finding person who is the subject of private data on individuals, and who is denied access to that data by a government agency is an “aggrieved person” and may recover attorney fees in an action to compel compliance with the Data Practices Act); Star Tribune v. City of St. Paul, 660 N.W.2d 821, 827 (Minn. Ct. App. 2003) (finding names of individual police officers in data collected for traffic stop study to address racial profiling was data on an individual employee and was therefore private personnel data unavailable to a newspaper); Washington v. Indep. Sch. Dist. No. 625, 610 N.W.2d 347, 350 (Minn. Ct. App. 1999) (holding a party is not “aggrieved” until its rights are infringed; finding, therefore, attorney fees could not be awarded for work prior to entry of court order where not-public investigative personnel data was available only upon court order).
  98. Minn. Stat. § 13.08, subd. 4(a) (2021).
  99. Id. § 13.09.
  100. Id. § 13.072, subd. 1.
  101. Id.
  102. Id., subd. 2.
  103. Minn. Stat. § 13.072, subd. 2 (2021). Opinions are available online, in a searchable format, from the Minnesota Department of Administration’s Data Practices Office, webpage, athttps://mn.gov/admin/data-practices.
  104. Id., subd. 1(f). For an analysis of the scope of and weight to be given to the commissioner’s opinions, see Margaret Westin, The Minnesota Government Data Practices Act: A Practitioner’s Guide and Observations on Access to Government Information, 22 Wm. Mitchell L. Rev. 839, 869 (1996).
  105. Minn. Stat. § 13.072, subd. 2 (2021); Minn. R. 1205.0400, subp. 2 (2021); Donald A. Gemberling & Garry A. Weissman, Data Practices at the Cusp of the Millennium, 22 Wm. Mitchell L. Rev. 767, 785-86 (1996).
  106. Minn. R. 1400.6700, subp. 2 (2021); see § 8.5.
  107. Minn. R. 1400.7000, subp. 1 (2021).
  108. Minn. Stat. § 13.03, subd. 6 (2021) (emphasis added).
  109. Minn. R. 1400.6600 (2021).
  110. Id. 1400.7000, subp. 3.
  111. 414 N.W.2d 406 (Minn. 1987).
  112. Id. at 409.
  113. Montgomery Ward & Co. v. Cnty. of Hennepin, 450 N.W.2d 299, 306-08 (Minn. 1990).
  114. Minn. Stat. § 13.08, subd. 5 (2021).
  115. Gemberling & Weissman, Data Practices, supra note 105, at 797.
  116. Minn. Stat. § 13.03, subd. 1 (2021); Demers v. City of Minneapolis, 468 N.W.2d 71, 73 (Minn. 1991); Gemberling & Weissman, Data Practices, supra note 105, at 773.
  117. Minn. Stat. § 13.03, subd.3 (2021).
  118. Id. § 13.04, subd. 3.
  119. Id.
  120. Id. § 13.03.
  121. Id. § 13.05, subd. 12.
  122. Martin & Redgrave, Civil Discovery and the Data Practices Act, Bench & Bar, at 27 (Oct. 1995).
  123. Minn. Stat. § 13.39 subd. 2 (2021). But, a notice of claimed damages sent to a city is not data collected in an active investigation. St. Peter Herald v. City of St. Peter, 496 N.W.2d 812, 814 (Minn. 1993); Uckun v. State Bd. of Med. Practice, 733 N.W.2d 778, 789 (Minn. Ct. App. 2007) (finding Board of Medical Practice publication of temporary suspension of appellant’s license, which included confidential civil investigative data about physician, was permissible to promote public health and safety); Westrom v. Dep’t of Labor & Indus., 667 N.W.2d 148, 152 (Minn. Ct. App. 2003) (finding order assessing a penalty for failure to maintain workers’ compensation insurance, and objections filed to the order by the employer, are either data collected as part of an active investigation or data retained in anticipation of a pending civil legal action, and therefore confidential).
  124. Minn. Stat. § 13.39, subd. 1 (2021).
  125. Id., subd. 2a.
  126. Id., subd. 3.
  127. Id. § 14.60, subd. 2 (emphasis added). The OAH rules require a statement in the notice of and order for hearing to alert parties to the availability of this remedy to protect not public data. See MINN. R. 1400.5600, subp. 2(M) (2021).
  128. By statute, some hearings are not public. See § 11.2.2 (discussing public hearings).
  129. Minn. R. 1400.5500(M) (2021).
  130. 2010 Minn. Laws, ch. 297, § 3, at 2-5.
  131. The expedited process excludes accuracy and completeness challenges and sex offender accuracy and completeness challenges pursuant to Minn. Stat. §§ 13.04, subds. 4, 4a, .085, subd. 2(a) (2021). See Utes v. Minn. Bd. of Physical Therapy, OAH 8-0305-30394, 2013 WL 1411606, at *2- 3 (Minn. Off. Admin. Hrgs. March 13, 2013).
  132. Minn. Stat. § 13.085, subd. 2(b) (2021).
  133. Id. (c).
  134. Available at https://mn.gov/oah/forms-and-filing/forms/
  135. Minn. Stat. § 13.085, subd. 2(d) (2021).
  136. Id. (f).
  137. Id. (d).
  138. Id. (e).
  139. Id., subd. 3(a). The purpose of a probable cause determination is to determine whether, given the facts disclosed by the record, it is fair and reasonable to hear the matter on the merits. State v. Florence, 239 N.W. 2d 892, 902 (Minn. 1976).
  140. Minn. Stat. § 13.085, subd. 3(c) (2021).
  141. Id., subd. 4(a).
  142. Id., subd. 3(b).
  143. Id., subd. 4(a), (b).
  144. Id. (c).
  145. Id.
  146. Id., subd. 5(d).
  147. Id. (a).
  148. Id. (c).
  149. Id. (d).
  150. Id. (e), (f).
  151. Id., subd. 6(a); see Schmid v. Gerhardt, O.A.H. 8-0305-21608-DP, 2011 WL 346133, at *6 (Minn. Off. Admin. Hrgs. January 25, 2011).
  152. Minn. Stat. § 14.085, subd. 6(b) (2021).
  153. Id. (c).