Silence Matters: School Safety, Security Plans And The CT FOIA

by Pullman & Comley - School Law

Pullman & Comley - School Law

In the aftermath of another senseless and tragic school shooting, school districts are understandably looking inwards as they contemplate the need to adjust their security measures. I am frequently asked how school districts can consider their options while still complying with the Connecticut Freedom of Information Act [“FOIA”].  Fortunately, the FOIA contains protections for schools that balance the public’s “right to know” with common sense concerns about safeguarding sensitive discussions (and documents) about school security measures.

So can the school board meet in executive session to discuss the district’s security plan and strategy? Generally yes. The FOIA permits executive session for discussions of “matters concerning security strategy or the deployment of security personnel, or devices affecting public security.” Connecticut General Statutes §1-200(6)(C).  As such, a discussion of the layout of the district’s security system, specifically the best types of security devices to use to secure a building and where these devices should be located, would be covered by this executive session provision. Brazzell v. Stratford Boothe Park Commission, #FIC 1990-254 (January 23, 1991). Please note: Any votes that may need to be cast with respect to the security plan or strategy would have to take place in public; a motion to authorize revisions to the security plan “as presented to the board in executive session” would likely suffice.

Can we withhold from disclosure the actual security/safety plan and strategy? The FOIA contains a common sense, albeit lengthy, exception that exempts from disclosure documents where there are “reasonable grounds” to believe that disclosure may result in a “safety risk.” Specifically, the relevant FOIA provision exempts from disclosure:

Records when there are reasonable grounds to believe disclosure may result in a safety risk, including the risk of harm to any person, any government-owned or leased institution or facility . . . except that such records shall be disclosed to a law enforcement agency upon the request of the law enforcement agency. Such reasonable grounds shall be determined . . . by the Commissioner of Emergency Services and Public Protection, after consultation with the chief executive officer of a municipal, district or regional agency, with respect to records concerning such agency . . . . Such records include, but are not limited to:

(i) Security manuals or reports;

(ii) Engineering and architectural drawings of government-owned or leased institutions or facilities;

(iii) Operational specifications of security systems utilized at any government-owned or leased institution or facility, except that a general description of any such security system and the cost and quality of such system may be disclosed;

(iv) Training manuals prepared for government-owned or leased institutions or facilities that describe, in any manner, security procedures, emergency plans or security equipment;

(v) Internal security audits of government-owned or leased institutions or facilities;

(vi) Minutes or records of meetings, or portions of such minutes or records, that contain or reveal information relating to security or other records otherwise exempt from disclosure under this subdivision;

(vii) Logs or other documents that contain information on the movement or assignment of security personnel; and

(viii) Emergency plans and emergency preparedness, response, recovery and mitigation plans, including plans provided by a person to a state agency or a local emergency management agency or official.

Connecticut General Statutes §1-210(b)(19)(emphasis added). As one can see, school districts and municipalities may have to seek guidance from the State Commissioner of Emergency Services and Public Protection before refusing to disclose security records. In turn, the Freedom of Information Commission [“FOIC”] and the courts should defer to that state agency’s safety risk assessment “unless frivolous, patently unfounded, or in bad faith.” People for Ethical Treatment of Animals, Inc. v. FOIC, 321 Conn. 805, 810–12 (2016).

As an example, in Miner v. Water and Sewer Department, Town of Wallingford, #FIC 2011-005 (December 14, 2011), the FOIC ruled that a report on the municipal water supply was properly withheld from disclosure based on the possible safety risk of release.  Specifically, it was recognized that information that identifies and/or assists in determining  the location of sources of drinking water supply, that describes the manner in which the town water division operates its sources of supply, and technical information relating to the volumes of sources of supply” may result in a safety risk because with such information “an individual or entity seeking to cause harm to a water system would be aided by the ability to identify the locations of facilities or sources of supply, methods of operation, and quantities of water to be contaminated.”

So how far can we go in refusing to disclose security plans and strategies? As you can see from Miner, the FOIC will be cognizant of circumstances where the release of information will aid those seeking to do harm.  While conclusory information that provides a general description of a security system – as well as its cost and quality — may have to be disclosed, specific information relating to strategy and the deployment of security personnel and the specifications of security equipment and systems should be exempt from disclosure.  Of course, from a practical perspective, school boards will still have to balance the need to provide assurance to the public about the strength of their security measures without releasing too much information that could be used by potential wrongdoers.

Written by:

Pullman & Comley - School Law

Pullman & Comley - School Law on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.