For environmental consulting firms
How California Environmental Consultants Prove What They Delivered — and Why It Matters When a Client Disputes It
Under Public Resources Code §21167.6, the administrative record of CEQA proceedings must include all documents submitted during the review process. When a client or opposing party questions what was delivered and when, the burden falls on the lead agency or consultant to produce it. Email threads and Dropbox links are not that record.
The administrative record requirement
Public Resources Code §21167.6 requires that the administrative record for CEQA proceedings include all written comments received during any comment period, all responses to those comments, and all documents submitted. When litigation is threatened or filed, "what we sent the client" becomes "what is in the record." Reconstructing that from email timestamps and Sent folders is not the same as having a verified, version-locked record. Courts and agencies know the difference.
Where the gap lives
A Notice of Preparation goes out by email. A Draft EIR gets shared via Dropbox link. Comment response packages are forwarded in chains. None of these create a tamper-proof, timestamped record tied to the specific file version that was delivered, confirmed received, and logged against a specific date. CEQA's administrative record standard requires exactly that record. Most firms' current process produces a best-guess reconstruction of it.
What constitutes defensible proof
A defensible CEQA delivery record includes: the exact file version (cryptographic fingerprint, not just filename), the timestamp of delivery, the identity and confirmation of the recipient, and a chain of custody that cannot be altered after the fact. Mainstay generates a SHA-256 hash of each document at the moment of delivery — tied to a timestamp and recipient record that is immutable. The result is a PDF receipt you produce in a dispute or regulatory review. Not a reconstruction. A record.
Common CEQA delivery failure modes
The scenarios that create liability are specific. A client claims the NOP was never received — but you sent it to an outdated address. A project opponent argues the Final EIR distributed to commenting agencies differed from the certified version — and you have no file-level proof they are identical. A DTSC project manager disputes which version of a HHRA was submitted for their review. In each case, the burden of proof falls on the consultant or lead agency, and email does not meet it.
Common questions
What does Pub. Resources Code §21167.6 require for CEQA delivery records?
Section 21167.6 requires the administrative record to include all documents submitted, received, or relied upon during a CEQA proceeding. In practice, this means the record must show what was delivered, in what version, to whom, and when — with sufficient specificity to withstand challenge in superior court. Email metadata alone typically does not satisfy this standard.
Is a read receipt or Dropbox 'viewed' notification sufficient proof?
Not reliably. Read receipts can be disabled, Dropbox view logs can be ambiguous about which version was downloaded, and neither ties the confirmation to a specific cryptographic fingerprint of the file. A SHA-256 hash-based delivery record is file-specific and immutable — the file itself proves it was the version delivered, not just that something was accessed.
What's the risk if a CEQA delivery dispute goes to DTSC or a regional water board?
Regulatory agencies have discretion to require re-submittal, extend comment periods, or void approvals if the administrative record is found incomplete. The cost of reconstructing or re-running a process — plus legal fees — typically far exceeds the cost of maintaining a proper delivery record from the start.
Can Mainstay help with NOPs, Draft EIRs, Final EIRs, and NODs?
Yes. Mainstay tracks delivery proof for any CEQA document type — NOP, NOP response, Draft EIR, comment letters, response to comments, Final EIR, findings, MMRP, NOD, and NOE. Each delivery is timestamped and fingerprinted at the file level.
What happens if a CEQA delivery record is incomplete when litigation is filed?
Under Pub. Resources Code § 21167.6, the lead agency must produce the administrative record within 60 days of a petitioner's request. If delivery records are incomplete — missing recipient confirmations, version ambiguity, or gaps in the comment response distribution — the agency must reconstruct them under litigation pressure. Courts have discretion to draw adverse inferences from gaps in the administrative record, and reconstruction from email threads is rarely as clean as a contemporaneous delivery record.
How long must CEQA administrative records be retained after project approval?
The CEQA challenge window under Pub. Resources Code § 21167 runs 30 days from NOD filing for most EIR projects and 180 days from project approval if no NOD was filed. However, appeals, related permits, and mitigation monitoring obligations can extend the period during which records are relevant. Best practice is to retain the complete delivery record — including comment response distribution proof — for at least five years after all challenge windows close.
Does email confirmation count as proof of delivery for CEQA comment responses?
Not reliably. Pub. Resources Code § 21092.5 requires that commenting agencies receive responses to their comments at least 10 days before EIR certification, but the statute does not specify the delivery method. The evidentiary problem with email is version ambiguity — an email with a link to a shared folder does not prove the file the recipient accessed was the certified version. A delivery record tied to a specific file fingerprint (SHA-256 hash) and a confirmed open event is file-specific in a way that email confirmation is not.
See the receipt loop on your projects.
20 minutes with Kris — your deadlines, your deliverables.
Book a demo (opens Calendly scheduling site)