September 12, 2016
To: Regulation_comments@nara.gov
Subject: RIN 3095-AB89
ARMA International welcomes the opportunity to comment on NARA’s proposed revisions to
the Federal records management regulations contained in 36 CFR Chapter XII, Subchapter B
(Federal Register number 2016-15848). In particular, we concur with many of the updates in
Proposed Part 1236, Electronic Records Management, and offer recommendations we believe
will better assist agencies in organizing, managing, protecting, and preserving electronic records.
ARMA International (ARMA) is a not-for-profit professional association that provides
leadership in the development of standards and best practices for records management and
information governance around the world. Managing electronic records is one such critical area
of information governance, as public and private sector organizations are faced with increasing
legal and regulatory compliance requirements, as well as public policy considerations around
transparency and information security.
Working in collaboration with records management and information governance practitioners
with expertise in global trends, standards, and best practices, ARMA has produced and published
comprehensive industry technical standards for electronic records best practices. These cover
everything from new electronic records inventorying techniques and retention schedule
development to taxonomy design, business process improvement, managing vital records, and
long-term digital preservation. Included as well are best practices for e-mail, social media, and
cloud computing, and standards for applying business process improvement techniques and
implementing electronic document security strategies and technologies.
Overall, ARMA recommends referencing the broader Generally Accepted Recordkeeping
Principles® (the Principles) in guidance documents as a useful reference when considering how
records management controls impact the larger scope of an agency’s recordkeeping practices and
system. The Principles are best practices for records and information management professionals
in both the public and private sectors. They offer standards of conduct and metrics by which to
judge that conduct for records management controls, including controls related to Federal
electronic records management.
With this background and recommendation in mind, ARMA offers the following perspectives
related to both Proposed Part 1235 (Transfer of Records to the National Archives of the United
States), and Proposed Part 1236 (Electronic Records Management):
A. Part 1235 (Transfer of Records to the National Archives of the United States)
1235.32 (access restrictions on transferred records)

ARMA urges NARA to reconsider the blanket authority provided in subsection (a) to remove
restrictions on the access and use of information, or to not apply authorized FOIA
exemptions if NARA believes it to be in the public interest. There is value in maintaining the
requirement for NARA to consult with the originating agency that applied the restriction and
maintained the restriction at time of transfer. As written, “public interest” could be arbitrarily
applied, which may cause agencies to delay transferring inactive information of permanent
record value to NARA until no restrictions remain in force. ARMA is concerned that this
may put those older records at risk for damage or degradation from inconsistent storage
conditions. Therefore, ARMA recommends deleting the words “relax or remove” in the last
sentence of subparagraph (a) but leaving the authority to “impose” legitimate restrictions
which might have been omitted at time of transfer. In addition, we encourage the insertion of
additional language that imposes some obligation on NARA, when it believes a release of
restricted information to be in the public interest, to negotiate lifting the restrictions with the
originating agency, or allow the agency to process any FOIA actions that would cite any
restrictions, or return the material to the agency for processing and maintenance until the
records could be accessed within NARA without restriction.
1235.50 (transfer specifications and standards applicable to electronic records)

When listing the formats for transfers of electronic records, ARMA urges NARA to actually
cite authoritative standards in paragraph (a) as is done in other parts of this regulation, rather
than link to a guidance document on NARA’s website. Agencies will add requirements
during IT system procurements for the ultimate accession transfer of data of permanent value
at the end of the life cycle. ARMA is concerned that the citing of a relatively transitory
guidance document in a Federal regulation as the standard for acceptable transfers could
eliminate previously acceptable formats without any vetting of acceptable formats to
agencies. Agencies could plan to use a format listed on the site in 2016 in designing an IT
system and then later find the format removed from a webpage guidance document without
any further notification or vetting through the Federal Record process. Therefore, ARMA
urges NARA to remove the last sentence of 1235.50(a) citing a guideline document.
B. Proposed Part 1236 (Electronic Records Management)
Section 1236.2 (what definitions apply to Part 1236, Electronic Records Management)

ARMA recommends using the following definitions which are taken from our technical
report Glossary of Records and Information Management Terms (ARMA TR 22-2012):
o ARMA defines an electronic message as “A message (i.e., structured content meant
for communication) sent between networked computing stations.” Our definition
notes that “Electronic messages are potentially complex in that, in addition to content
and structure, they may comprise several sets of metadata (e.g., identity, transmission,
security, content type, content transfer encoding, or format metadata), embedded
links, attachments, etc.”
o ARMA defines unstructured information as “Any information that has no identifiable
structure of any kind (e.g., unstructured text, audio, or video files).”
o In both instances, ARMA’s definitions are more descriptive as they were developed
for the broader community. We believe their use by the Federal government will
facilitate transparency and convergence.
Section 1236.21 (additional requirements for managing electronic messaging records)

ARMA is concerned that the term “employees” is insufficient to compel compliance by those
other than Federal employees, such as those who have been provided government e-mail
accounts and who often have government-furnished devices for the conduct of official
business. These include contractors, consultants, unpaid advisors or board members, nonfederal law enforcement or crisis-response task force members, detailees from state and local
governments, and foreign liaison officers. The e-mail communications of those conducting
government business on government systems should not be excluded just because they are
not Federal employees. Therefore, ARMA recommends adding a sub-paragraph specifying
the applicability of this regulation to all people using government e-mail systems or other
government communications devices to perform or support government functions regardless
of their employment status.

ARMA recommends using more straight-forward language to promote clarity of
expectations. For example, ARMA recommends replacing 1236(a) with:
“Employees should only use official electronic messaging accounts unless an agencyadministrated system is not available. In those instances, use of a non-official electronic
messaging account should be as limited in duration and scope as possible. Use of nonofficial accounts should never be a routine business practice.”
In addition, ARMA recommends specifying that in those instances in which a non-official
account must be used, it must be a unique account used only for agency business and not
intermingled with personal e-mail accounts. This would segregate the messages and make the
use of a non-official account more understandable.

With respect to 1236(d), ARMA recommends removing the word “intentionally” so that it
reads: “If employees fail to follow these requirements, they may face adverse disciplinary
actions in accordance with 5 U.S.C. Ch. 75 (also see 44 U.S.C. 2911).” Because an adverse
disciplinary action is not certain, ARMA is concerned that including the word “intentionally”
could reduce accountability for following the requirements.
Section 1236.22 (additional requirements for managing email records)

In subsections (b)(2) and (5), ARMA is concerned that the treatment of associate nicknames
or aliases is insufficient. As written, it omits organizational e-mail accounts used to conduct
agency business and which are shared by multiple employees. ARMA supports the intent of
these requirements, which is to require the inclusion of senior officials who have an
organizational e-mail address that is not published in a directory as a practical matter and is
known only to a smaller number of direct reports, a command center, a security detail, etc.
However, we urge NARA to include in the regulation other official e-mail accounts shared
by multiple people who share a specific function. Of particular importance is the need to
preserve potentially permanent records and other information of potential long-term value,
such as e-mails shared by watch officer billets in 24-hour command centers, crisis action
teams, those processing requests for information (i.e. OSD.FOIALiaison@mail.mil), or those
providing guidance (i.e. etransfers@NARA.gov). Therefore, ARMA recommends adding
language to include “functional office or any accounts shared by multiple people.”
Thank you for your consideration of our comments. ARMA is pleased to answer any questions
or provide additional information about our recommendations, or about records management
policies and practices in general.
Sincerely,
Tera Ladner, JD, IGP, CRM
President, ARMA International