Archives for December 2018

CoA Institute Discovers Curious DHS FOIA Notification Process for Employee Records

Earlier today, Cause of Action Institute (CoA Institute) received a misdirected email from the Department of Homeland Security (DHS) that apparently was intended to serve as a notification to an unidentified agency employee that certain personnel records were to be released under the Freedom of Information Act (FOIA).

The “awareness” email indicated that employee-related records were scheduled to be released in response to a FOIA request.  It also identified the name of the FOIA requester—a CoA Institute employee—and included an attached file containing the records at issue.  The email was issued “[i]n accordance with DHS Instruction 262-11-001,” which is publicly available on the DHS’s website and appears to have been first issued at the end of February 2018.

Under Instruction 262-11-001, the DHS is required to “inform current [agency] employees when their employment records . . . are about to be released under the FOIA.”  “Employment records” is defined broadly to include any “[p]ast and present personnel information,” and could include any record containing personal information (e.g., name, position title, salary rates, etc.).  Copies of records also are provided as a courtesy to the employee.

The DHS instruction does not attempt to broaden the scope of Exemption 6, and it recognizes that federal employees generally have no expectation of privacy in their personnel records.  More importantly, the policy prohibits employees from interjecting themselves into the FOIA process.  This sort of inappropriate involvement has occurred at DHS and other agencies in the past under the guise of “sensitive review,” particularly whenever politically sensitive records have been at issue.

Nevertheless, the DHS “awareness” policy still raises good government concerns.  As set forth in the sample notices appended to the instruction, agency employees are routinely provided copies of responsive records scheduled for release, as well as the names and institutional affiliations of the requesters who will be receiving those records.

To be sure, FOIA requesters typically have no expectation of privacy in their identities, and FOIA requests themselves are public records subject to disclosure.  There are some exceptions.  The D.C. Circuit recently accepted the Internal Revenue Service’s argument that requester names and affiliations could be withheld under Exemption 3, in conjunction with I.R.C. § 6103.  Other agencies, which post FOIA logs online, only release tracking numbers or the subjects of requests.  In those cases, a formal FOIA request is required to obtain personally identifying information.

Regardless of whether the DHS policy is lawful, it is questionable as a matter of best practice.  Proactively sending records and requester information to agency employees could open the door to abuse and retaliation, particularly if an employee works in an influential position or if a requester is a member of the news media.  The broad definition of “employee record” also raises questions about the breadth of implementation.

Finally, there are issues of fairness and efficiency.  If an agency employee knows that his records are going to be released, is it fair to proactively disclose details about the requester immediately and without requiring the employee to file his own FOIA request and wait in line like anyone else?  The public often waits months for the information being given to employees as a matter of course, even though the agency admits that there are no cognizable employee privacy interests at stake.

More importantly, an agency-wide process of identifying employees whose equities are implicated in records and individually notifying them about the release of their personal details likely requires a significant investment of agency resources.  Would it not be more responsible to spend those resources on improving transparency to the public at large?  To reducing agency FOIA backlogs?  Notifying employees whenever their information is released to the public is likely only to contribute to a culture of secrecy and a further breakdown in the trust between the administrative state and the public.

Ryan P. Mulvey is Counsel at Cause of Action Institute

2018.02.20 DHS Instruction 262-11-001

2018.12.20 DHS Notification Email

Cause of Action Institute Defends Fisheries from New Proposed Rule

CoA shared concerns about financial burden and legality of proposed rule

Today, Ryan Mulvey, counsel at Cause of Action Institute, spoke before the Mid-Atlantic Fishery Management Council (Council) in Annapolis, MD, about an Omnibus Amendment that would create new economic burdens on fishermen. The new rule, if enacted by the federal government, could increase costs on fishermen by as much as $810 per sea day. Mulvey also questioned whether the federal government had the authority to implement the new rule.

Ryan Mulvey issued the following statement:

“The federal government lacks clear statutory authorization to pass the Omnibus Amendment, and this rule could have devastating economic consequences on fishermen. I urged the Mid-Atlantic Council to investigate the serious legal ramifications of industry-funded monitoring schemes, and to protect the economic interests of small-business fishing firms in the Mid-Atlantic regions by asking the federal government to reject the Omnibus Amendment.”

A copy of Mulvey’s written comments for Cause of Action on the rule can be found here.

A blog about the rule and its legal and economic challenges can be found here.

____________________________________________________________

Media ContactMatt Frendewey, matt.frendewey@causeofaction.org | 202-699-2018

Investigation Update: VA releases 2014 memo on “sensitive review,” but fails to conduct an adequate search for more recent FOIA guidance

  • In August 2018, a group of eight Democratic Senators, wrote to the Department of Veterans Affairs (VA) to express alarm over the possible politicization of the agency’s Freedom of Information Act (FOIA) processes. Specifically, they were concerned about the involvement of political appointees in the FOIA decision-making process.
  •  Cause of Action Institute (CoA Institute) submitted a FOIA request to the VA seeking records about the agency’s “sensitive review” process, but the agency only disclosed a single document. After considering CoA Institute’s appeal, the VA Office of General Counsel ordered supplemental searches for additional records.
  • “Sensitive review” raises serious transparency concerns because the involvement of political appointees in FOIA administrative can lead to severe delays and, at worst, improper record redaction and incomplete disclosure.
  • Whenever politically sensitive or potentially embarrassing records are at issue, politicians and bureaucrats will have an incentive to enforce secrecy and non-disclosure.

Earlier this year, CoA Institute opened an investigation into the sensitive review process at the VA. As I mentioned in an earlier post, the public has long been aware of internal practices at the agency that could open the door to FOIA abuse. During the Bush Administration, the VA issued a directive concerning the processing of “high visibility” or “sensitive” requests that implicated potentially embarrassing or newsworthy records. The Obama White House subsequently updated that guidance in October 2013, when the VA instructed its departmental components to clear FOIA responses and productions through a centralized office. This clearance process imposed a “temporary requirement” for front office review and entailed a “sensitivity determination” leading to unnamed “specific procedures.”

Another record recently disclosed to CoA Institute illustrates how the VA again updated its sensitive review process in February 2014. According to the memorandum, the agency intended to continue its “long standing” procedure for notifying leadership of incoming FOIA requests that may be “substantial interest to the Office of the Secretary.” Exact guidance on the sorts of requests that would trigger such review, however, was still under development at the time. It is unknown how the notification process was implemented in the absence of that guidance.

To date, the VA has failed to disclose any further records about sensitive review. CoA Institute successfully appealed the Office of the Secretary’s final response, and the agency’s Office of General Counsel ordered additional searches on remand. A precise deadline for a supplemental response was not given, but we will provide updates as any additional records become available.

In light of its commitment to open government, CoA Institute has been a leader in examining cases of sensitive review at other agencies, including the National Oceanic and Atmospheric Administration and the Federal Aviation Administration. We also have analyzed the practice at the Environmental Protection Agency on several occasions (here, here, and here). A recent press report concerning the EPA confirmed our warnings about the potential for delay when “sensitive” or politically charged records are targeted for special processing.

Regardless of which party or president controls the government, sensitive review poses a serious threat to government transparency. Alerting or involving political appointees in FOIA administration can lead to severe delays and, at its worst, contribute to intentionally inadequate searches, politicized document review, improper record redaction, and incomplete disclosure.

Loader Loading...
EAD Logo Taking too long?

Reload Reload document
| Open Open in new tab

Download [68.44 KB]

Ryan P. Mulvey is Counsel at Cause of Action Institute.

____________________________________________________________

Media ContactMatt Frendewey, matt.frendewey@causeofaction.org | 202-699-2018

CoA Institute Highlights Deficiencies in Proposed Rule to Shift Burdensome Costs of At-Sea Monitoring to Commercial Fishermen

The New England Fishery Management Council (NEFMC), in coordination with the National Marine Fisheries Service (NMFS), seeks to approve and implement a controversial set of regulatory amendments that would create a new industry-funding requirement for at-sea monitoring in the Atlantic herring fishery and, moreover, create a standardized process for introducing similar requirements in other New England fisheries.  Under the so-called Omnibus Amendment, the fishing industry would be forced to bear the burdensome cost of allowing third-party monitors to ride their boats in line with the NEFMC’s supplemental monitoring goals.  This would unfairly and unlawfully restrict economic opportunity in the fishing industry.

Learn More

Records Show How Former FBI Director James Comey Misled the DOJ Inspector General About His Personal Email Use

Cause of Action Institute (CoA Institute) has obtained a second batch of former FBI Director James Comey and former FBI Chief of Staff James Rybicki’s emails sent or received on their personal, non-official email accounts to conduct agency business. The FBI’s latest records production is the second of four rolling productions. The FBI reviewed 518 pages of emails and released 439 pages to CoA Institute. Once again, these emails undermine Director Comey’s statements concerning the types of matters he discussed while using his personal email to conduct official business.

Last month, CoA Institute published the first set of records received as part of our FOIA lawsuit. Contrary to Director Comey’s representations to the DOJ that he never used his personal email account for “sensitive work,” the first batch of emails we obtained revealed otherwise. Those records included emails withheld in full and others redacted in part under the FOIA’s law enforcement exemption, which exempts from public disclosure certain sensitive information created or compiled for law enforcement purposes.

This new second batch of emails tells much of the same story. For example, the redactions in the completely redacted email below cite 3 bases for the application of the law enforcement exemption (b7A, C, & E). These exemptions pertain to information that, if released, could (A) interfere with law enforcement proceedings, (C) constitute an invasion of personal privacy, or (E) disclose law enforcement techniques and thereby risk circumvention of the law. In other words, the FBI determined that the work Director Comey conducted on his personal account was so sensitive in nature that it justified redaction under Exemption 7 of the FOIA to prevent disclosure to the public.

As explained in the FBI’s cover letter accompanying the production to CoA Institute, the FBI is only providing emails that Director Comey and his Chief of Staff forwarded or copied to their official FBI email accounts: “The FBI conducted email searches for any communications to or from James Rybicki’s and James Comey’s personal email accounts, located within Rybicki’s and Comey’s FBI email accounts.”  This follows from Director Comey’s claims that all FBI-related work he conducted on Gmail was forwarded to an official FBI account. As Director Comey told the DOJ Inspector General:

“I was always making sure that the work got forwarded to the government account to either my own account or Rybicki, so I wasn’t worried from a record-keeping perspective was, because there will always be a copy of it in the FBI system.”

But if Director Comey misrepresented the nature of the work he conducted on his personal email account, a plausible concern arises as to whether Director Comey thoroughly searched and forwarded all work related emails from his personal account to his government account This is why using private email accounts for government business is so problematic: The agency—and ultimately the public—must rely on the very people who are violating the rules by using personal email accounts to forward their work-related emails to official government accounts. If they forget or choose not to copy an official account, there is little chance the agency will ever search for and recover the federal records created or received on those personal accounts. And that means those records cannot be produced to the public under the FOIA.  The use of non-official accounts to conduct agency business, whatever the reasoning, imperils transparency, accountability, and good government, and it undermines trust.

You can view and download the documents here:

Part 1 (411 pages)

Part 2 (30 pages)

FBI Cover Letter

Kevin Schmidt is Director of Investigations for Cause of Action Institute. You can follow him on Twitter @KevinSchmidt8

Thomas Kimbrell is an Investigative Analyst at Cause of Action Institute.

____________________________________________________________

Media ContactMatt Frendewey, matt.frendewey@causeofaction.org | 202-699-2018

Congress May Give the FTC More Money and Power, Making Its Internal Watchdog More Important than Ever

  • Congress may grant more power and money to the FTC, even though it needs stronger oversight from its internal watchdog at its current budget and authority.
  • Currently, FTC’s internal watchdog is hired and fired by the FTC, and lacks independence
  • Left unchecked, the powers of the FTC can undermine the ability for entrepreneurs and innovators to reach their full potential

In a recent hearing before the Senate Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security, the five commissioners of the Federal Trade Commission (FTC) requested more resources and authority, and Senators on the committee appear inclined to approve the FTC’s request. According to National Journal:

“I’ve never met an agency, or a department or a commission, that didn’t believe they needed more resources,” [Senator Jerry] Moran said. “I hear it on an ongoing basis. But I think this is different.”

Senator Moran, who chairs the Subcommittee, assembled the five FTC commissioners to hear their recommendations for a burgeoning bill to create a national standard on data privacy. FTC Chairman Joseph Simons opportunistically pushed for greater funding and the authority to make additional rules on data protection and levy civil fines against corporate actors found to have violated consumers’ privacy; and the senator found himself “sympathetic” to the pitch.

However, greater power requires greater accountability, and the FTC’s past use of its funding and authority has not been without controversy. In August 2018, Cause of Action Institute (CoA Institute) submitted comments outlining structural and procedural reforms to prevent the FTC from abusing its authority in the future. Without those reforms and a potential increase in the Commission’s budget and authority, effective oversight of the FTC will be as important as ever.

To that end, the FTC’s Inspector General (IG) is charged with ensuring the agency doesn’t overreach its authority, but CoA Institute’s experience with the IG suggests the office may be reluctant to hold the FTC accountable. This could be because the FTC IG is constrained by its lack of structural independence but also could be because of the IG’s cozy relationship with the agency. While many Inspectors General are nominated by the President and confirmed by the Senate to oversee their respective agencies, the FTC is one of 29 agencies where the IG is appointed by—and can be removed by—the head of the agency.

Most recently, Chairman Simons appointed Andrew Katsaros as the FTC’s Acting IG on June 8, 2018, following Roslyn Mazer’s retirement after three years as IG. So, not only was IG Katsaros chosen by the head of the agency he is supposed to oversee, but he is also designated only as “Acting IG.”  Crucially, the Project on Government Oversight (POGO) notes that acting inspectors general are less effective than permanent inspectors general:

Inspector general offices are most effective when led by a permanent inspector general, rather than an acting official … a permanent IG has the ability to set a long-term strategic plan for the office, including establishing investigative and audit priorities. An acting official, on the other hand, known by all IG office staff to be temporary, may tend to lack direction or vigor.

Curiously, while many inspectors general make their investigative reports public (there is a website dedicated to just publishing these reports from across the government), the FTC IG does not. It appears the FTC IG’s investigative reports aren’t available without a FOIA request, which CoA Institute recently submitted to obtain a September 30, 2015 report (a revised version was sent on October 16, 2015) relevant to one of our prior cases defending against FTC overreach. The report takes the form of a letter from the FTC IG to the U.S. House Committee on Oversight and Government Reform (OGR) regarding the FTC’s handling of its case against LabMD, a small cancer detection lab that, despite ultimately prevailing in court, was put out of business by the FTC’s egregious overreach.

The first substantive section of the letter suggests the IG had no interest in conducting oversight if OGR was investigating the matter, even though IGs and congressional committees commonly conduct investigations in tandem into the same matters: OGR “staff’s representation that they would cease investigative activity factored strongly in the OIG’s decision to initiate investigative activity.”  The IG also complained that OGR did not provide the IG documents related to the inquiry, but the IG has the authority to conduct interviews and request documents from the agency to conduct its oversight duties.

Further, OGR published a report in January 2015 outlining many troubling findings related to FTC’s conduct in the LabMD case. Despite having access to that report, the FTC IG appears to have written its letter more like the agency’s defense counsel, rather than its independent overseer.

For example, the IG’s letter tries to roll back the position the FTC previously represented to OGR on a key issue in a way that is favorable for the agency:

From the OGR Staff Report Dated January 2, 2015:

The FTC admitted that the use of Tiversa’s information was unusual relative to standard agency operating procedures for enforcement measures.

From the FTC Letter to OGR on September 30, 2015:

Based on our investigative activities, the OIG found that the FTC handled evidence received from Tiversa in the same manner it had handled other evidence about data security breaches.

There are other aspects of the letter that also suggest disinterest in holding the FTC accountable. The IG went out of its way to note that LabMD had lost rulings in various federal courts:

We note that LabMD litigated cases against the FTC in the U.S. District Court for the Northern District of Georgia and the U.S. Court of Appeals for the Eleventh Circuit. Both courts denied LabMD’s motion for preliminary relief for lack of jurisdiction.

It’s unclear why the FTC IG felt the need to mention that fact, but its inclusion was incredibly short-sighted considering LabMD won its case before the FTC Administrative Law Judge less than two months later and would eventually win before the Eleventh Circuit Court of Appeals in 2018.

Concerned about the independence and prior work of the FTC’s IG, CoA Institute sent a FOIA request in September 2018, asking for the IG’s five most recent investigative reports, a list of all preliminary investigations opened from January 2012 to the present, and a list of all investigations closed from January 2012, to the present. We have yet to receive any responsive documents from the agency.

If Congress follows through with empowering the FTC with more authority and money, the FTC IG needs to do more to safeguard tax dollars and prevent overreach, waste, fraud, and abuse. History teaches that so far it hasn’t been up to the task.

Kevin Schmidt is Director of Investigations for Cause of Action Institute. You can follow him on Twitter @KevinSchmidt8