Federal District Court Excuses IRS’s Refusal to Search for Email Records Concerning White House Interference with the FOIA

Last week, Judge Emmet Sullivan of the U.S. District Court for the District of Columbia issued an order denying Cause of Action Institute’s (“CoA Institute”) cross-motion for summary judgment in a Freedom of Information Act (“FOIA”) brought against the Internal Revenue Service (“IRS”).  The opinion was long awaited—summary judgment briefing ended over a year-and-an-half ago.  Although we do not intend to appeal the decision, it is worth highlighting some issues with Judge Sullivan’s opinion and the IRS’s arguments.  The case is a fine example of how courts too frequently defer to agencies when it comes to policing their compliance with the FOIA.

Background: “White House equities” review and FOIA politicization

In March 2014, CoA Institute published a report revealing the existence of a non-public memorandum from then-White House Counsel Gregory Craig that directed department and agency general counsels to send to the White House for consultation all records involving “White House equities” when collected in response to any sort of document request.  This secret memo stands in stark contrast to President Obama’s January 2009 directive on transparency, as well as Attorney General Holder’s March 2009 FOIA memo.  Although originally praised as setting the bar for open government, the Washington Post eventually described the Obama Administration as one of the most secretive governments in American history.

As part of the system of politicized FOIA review established under the “White House equities” policy, whenever a requester sought access to records deemed politically sensitive, potentially embarrassing, or otherwise newsworthy, the agency processing the request would forward copies of those records to a White House attorney for pre-production review.  Not only did the entire process represent an abdication of agency responsibility for the administration of the FOIA, but it severely delayed agency compliance with the FOIA’s deadlines.  As we have previously suggested, “White House equities” review likely continues under the Trump Administration.

The specific FOIA request at issue in this case, which was submitted to the IRS in May 2013, sought records of communications between IRS officials and the White House reflecting “White House equities” consultations.  Similar requests were sent to eleven other agencies.  All those agencies produced the requested records; only the IRS failed to locate a single relevant document.  And the IRS only communicated its failure to find any responsive records two years after CoA Institute submitted its request and filed a lawsuit.

Why the IRS failed to conduct an adequate search for records

Our argument for the inadequacy of the IRS’s search for records reflecting “White House equities” consultations focused on several points, but two were especially important.  First, the IRS failed to search its own FOIA office—the most likely custodian of the records and issue.  Second, the IRS improperly refused to search for any responsive email correspondence within the Office of Disclosure.

The IRS inexplicably limited its search efforts to the Office of Legislative Affairs, a sub-component of the Office of Chief Counsel, and the Executive Secretariat Correspondence Office, which handles communications with the IRS Commissioner.  The agency offered no evidence that it sent search memoranda to its FOIA office, which is part of the “Privacy, Governmental Liaison, and Disclosure” or “PGLD.”  In fact, the IRS effectively admitted that it had foregone a search of the Office of Disclosure because a single senior employee testified that he did not believe any responsive records existed.  And because “White House equities” review was not mentioned in the Internal Revenue Manual, the FOIA officer assigned to CoA Institute’s request determined that consultations with the White House would never have taken place.

The IRS also refused to search individual email accounts within the Office of Disclosure because it would be too “burdensome.” Remarkably, the IRS claimed it would “take one IRS IT person at least 13 years” to capture the correspondence of all 165 employees within the Office of Disclosure.  Yet the IRS offered no explanation for why other reasonable options to search email did not exist, such as requiring individual employees to “self-search” email, conducting a preliminary sample search of individuals within the Office of Disclosure most likely to have responsive records, or making use of e-discovery tools like “Clearwell” and “Encase.”

The Court’s Flawed Opinion and Hyper-Deference to the IRS

One major flaw in the Court’s decision concerns its uncritical acceptance of a single IRS attorney’s belief about the existence of responsive records within the Office of Disclosure.  Although the IRS admittedly conducted a keyword search of its tracking system for incoming FOIA requests, it refused to send out search memoranda or engage in other typical search efforts.  The IRS instead relied on the declaration of John Davis, Deputy Associate Director of Disclosure, who claimed that he had never heard of “White House equities” and was unaware of White House consultations ever taking place.  On this basis alone, the IRS concluded it was “unreasonable” to conduct a more vigorous search.  The Court accepted this reliance without any real explanation when it should have given more consideration to the text of the Craig Memo, which was addressed to the entire Executive Branch—including the IRS—and the fact that the eleven co-defendants in the same case all produced responsive records—nearly all of which were email chains.

As for the search of individual email accounts, the Court yet again uncritically deferred to the IRS’s bizarre claim that it would take thirteen years to process CoA Institute’s FOIA request.

In deferring to the IRS, the Court failed to address the IRS’s practice of conducting email searches by manually inspecting the content of individual hard drives, a central reason why an email search would take so preposterously long.  This practice, which requires the IRS to warehouse a lot of old computer equipment, has been repeatedly criticized by the Treasury Inspector General for Tax Administration because it could lead to violations of records management laws.

Additionally, some doubt exists, based on information independently received by CoA Institute from IRS employees, as to the accuracy of the IRS’s claims regarding its ability to conduct an agency- or component-wide search of its email system.  Because FOIA cases rarely make it to trial, it is nearly impossible to pin the IRS down on the accuracy of its claims.  Regardless, the IRS has certainly made a habit of regularly evading its disclosure obligations, a habit buttressed in this instance by an overly deferential judiciary.

Ryan Mulvey is Counsel at Cause of Action Institute

CoA Institute Calls on General Services Administration to Revise Proposed FOIA Regulations

Cause of Action Institute (“CoA Institute”) submitted a comment today to the General Services Administration (“GSA”) concerning the agency’s proposed rule revising its Freedom of Information Act (“FOIA”) regulations.  CoA Institute explained that the planned changes could cause confusion by directing agency staff to interpret the FOIA statute and GSA’s implementing regulations in light of outdated fee guidelines published by the White House Office of Management and Budget (“OMB”).

OMB published its Uniform Freedom of Information Fee Schedule and Guidelines in 1987.  Although the FOIA requires an agency to promulgate its fee schedule in conformity with the OMB Guidelines, they are no longer authoritative because they conflict with the statutory text, as amended by Congress, and judicial authorities.  Over the past thirty years, OMB has made no effort to revise the Guidelines.  They should not be used as a reference point for the proper administration of the FOIA.

One problematic aspect of the OMB Guidelines is the definition of a “representative of the news media.”  The current statutory definition of this fee category, which was introduced by the OPEN Government Act of 2007, differs from the definition provided by OMB.  Indeed, the OMB definition, which incorporates an “organized and operated” standard, has long been one of the more contentious aspects of the OMB Guidelines.  In 2015, however, the D.C. Circuit issued a landmark decision in Cause of Action v. Federal Trade Commission clarifying that OMB’s definition had been superseded by Congress.

The OMB Guidelines also have been rendered obsolete by other jurisprudential developments.  For this reason, in 2016, the FOIA Advisory Committee and Archivist of the United States called on OMB to update its fee guidance.  CoA Institute filed a petition for rulemaking on the issue, too.  Last November, we filed a lawsuit to compel the agency to provide a response to that petition.  Our lawsuit is still pending.  Until the OMB Guidelines have been revised to reflect modern circumstances and the actual text of the FOIA, no agency should direct its staff to consult them in any way as an authoritative guide to interpreting the law.

Ryan Mulvey is Counsel at Cause of Action Institute

CoA Institute Responds to Opinion in FOIA Case Against IRS

On Tuesday, June 12, the District Court for the District of Columbia issued an opinion in CoA Institute’s long-standing FOIA suit against the IRS for failing to produce records regarding possible White House intrusion in to the agency’s FOIA practices. The opinion can be found here.

 

CoA Institute Calls on Department of Agriculture to Revise Problematic FOIA Rule

Cause of Action Institute (“CoA Institute”) submitted a comment today to the Department of Agriculture (“USDA”) concerning the agency’s publication of a deficient rule that proposes revisions to the agency’s Freedom of Information Act (“FOIA”) regulations.  CoA Institute explained that USDA’s FOIA rule fails to provide a definition of a “representative of the news media” that conforms with statutory and judicial authorities.  The proposed regulations also could cause confusion by directing agency staff to consult outdated fee guidance published by the White House Office of Management and Budget (“OMB”).

News Media Fee Category

USDA’s proposed regulations improperly retain the so-called “organized and operated” standard in the definition of a “representative of the news media.”  This is an important deficiency because the “organized and operated” standard has been used in the past to deny news media requester status to nascent media groups and government watchdog organizations like CoA Institute.  Indeed, CoA Institute took another agency—the Federal Trade Commission—to court, and argued its case all to the way to the D.C. Circuit, just to get the agency to acknowledge that its similar retention of the “organized and operated” standard was unlawful and led to improperly denying CoA Institute a fee reduction.  The D.C. Circuit eventually issued a landmark decision in CoA Institute’s favor to clarify proper fee category definitions and their application in FOIA cases.

Congress amended the FOIA to provide a straightforward and comprehensive definition of a “representative of the news media.”  USDA—and all other agencies—should not attempt to modify that definition or introduce additional hurdles for news media requesters.

OMB Fee Guidelines

USDA’s FOIA rule also proposes to retain references to the OMB’s 1987 FOIA fee guidelines, which are the genesis of the “organized and operated” standard.  Specifically, USDA would like its disclosure officials to estimate fees in accordance with the OMB fee guidelines.  But those guidelines are outdated and unreliable.  Over the past thirty years, Congress has amended the FOIA on numerous occasions, courts have developed overriding FOIA jurisprudence, and technology has evolved in significant ways.  Yet OMB has made no effort to revisit its fee guidance.  That guidance should not be used as a reference point for the proper administration of the FOIA.

In 2016, the FOIA Advisory Committee and the Archivist of the United States called on OMB to update the fee guidelines.  CoA Institute even filed a petition for rulemaking on this issue.  Last November, we filed a lawsuit to compel the agency to provide a response to that petition.  Until OMB acts to revise its fee guidelines, USDA should not direct its staff to consult them in any way as authoritative.

Other Agencies Have Followed CoA Institute’s Advice

CoA Institute has succeeded in convincing a number of other agencies to abandon the OMB’s “organized and operated” standard in favor of a proper definition of “representative of the news media” in line with the FOIA statute and controlling case law.  Those agencies include, among others, the Consumer Product Safety Commission, Office of the Special Counsel, Department of Defense, U.S. Agency for International Development, and Department of Homeland Security.  We hope that USDA similarly will revisit its FOIA rule and eliminate the “organized and operated” standard in lieu of a proper definition of a news media requester.

Ryan Mulvey is Counsel at Cause of Action Institute

Court of Appeals Rebukes Federal Trade Commission’s Data Security Overreach

FOR IMMEDIATE RELEASE

JUNE 8, 2018

WASHINGTON, D.C. – In a landmark ruling on June 6, 2018, the Eleventh Circuit Court of Appeals invalidated a Federal Trade Commission (FTC) order against cancer-screening facility LabMD.  The agency had hounded LabMD for years claiming the company violated an undefined data security rule known only to the FTC.  The opinion sends a clear message that the FTC’s enforcement of data security, without publishing any standards, disregards the rule of law, violates due process, and will not be tolerated by the Courts. Cause of Action Institute represented LabMD in the proceedings at the FTC and filed an amicus curiae brief in the Eleventh Circuit on behalf of nine medical doctors harmed by the FTC’s actions.

Cause of Action Institute’s President and CEO John Vecchione commented on the decision:

“The FTC’s lawless bullying of companies and actions that drove LabMD out of business and denied our physician clients’ access to its services have suffered a stern and public rebuke. Standardless regulatory overreach in this case forced the closure of a successful small business even though the FTC has never presented any evidence of consumer harm, nor published any data security standards with which it says the company should have complied.  Notably the 11th Circuit ruled the FTC-issued injunction was so vague and unintelligible that no court could intelligently enforce it.  The Court made no finding and affirmed no decision of the FTC that LabMD had done anything wrong.

“Scores of companies have knuckled under to the FTC’s insistence on ‘consent’ orders to buy peace.  This ruling is a signal that they don’t have to.  The Court signaled that vague, standardless dictates by unelected bureaucrats would not be enforced in Courts of law.  LabMD’s experience in this case is a stark reminder of the costs required to fight a federal agency that is willing to spend millions of taxpayer dollars over more than eight years of investigation and litigation, all in the pursuit of wrong.  We congratulate Ropes & Gray for its representation of this case before the Circuit and LabMD itself for daring to fight the good fight.  We are also proud of our attorneys and Cause of Action Institute’s contribution to that fight.”

In the opinion, the court explained the absurdity of the FTC’s position– namely that the agency requires data security standards without providing any specificity on those very standards.  From the opinion:

“[T]he Commission’s cease and desist order is nonetheless unenforceable. It does not enjoin a specific act or practice. Instead, it mandates a complete overhaul of LabMD’s data-security program and says precious little about how this is to be accomplished. Moreover, it effectually charges the district court with managing the overhaul. This is a scheme Congress could not have envisioned. We therefore grant LabMD’s petition for review and vacate the Commission’s order.”

While the decision may appear to be narrowly related to the cease and desist order at issue in LabMD, in practice, it will have broad ranging implications for how the agency investigates and enforces data security. The Court also recognized the constitutional injustice of the FTC’s enforcement action in this case: “Being held in contempt and sanctioned pursuant to an insufficiently specific injunction is therefore a denial of due process.”  This abuse of due process by going after a company for allegedly violating Section 5 of the FTC Act, but never telling the company what it is actually supposed to have been doing has been a central theme of the LabMD case from the start.

The FTC lost this case before its own FTC’s chief administrative law judge (ALJ) and now before the Eleventh Circuit. The FTC’s disregard of the ALJ’s opinion, when the Commission considered the case at the administrative level, illustrates the unfairness of the FTC enforcement process where the agency acts as its own detective, prosecutor, judge, and executioner. As former FTC Commissioner Joshua Wright explained: “[I]n 100 percent of the cases in which the administrative law judge ruled found no liability, the Commission reversed. This is a strong sign of an unhealthy and biased institutional process.

Read the full opinion here.

Read more about Cause of Action Institute’s efforts to hold the FTC accountable here and here.

About Cause of Action Institute

Cause of Action Institute is a 501(c)(3) non-profit working to enhance individual and economic liberty by limiting the power of the administrative state to make decisions that are contrary to freedom and prosperity by advocating for a transparent and accountable government free from abuse.

For more information, please contact Mary Beth Gombita, mbgcomms@gmail.com.

What Happens When Government Emails are Allegedly “Fatally Lost”?

President Trump’s phone and email behavior are coming under scrutiny for security reasons, but regardless of the device used, the type of email account being used could be a bigger concern.  Did you know that a government official’s use of private email to conduct government business is wrong?  If the Hillary Clinton email scandal didn’t showcase that, consider one of our recent and ongoing investigations into former Secretary of State Colin Powell’s work-related email records, which were hosted on a personal AOL account.

In September 2016, the House Oversight & Government Reform Committee held a hearing at which then-Under Secretary of State Patrick Kennedy testified that the State Department had undertaken minimal efforts to retrieve Powell’s work-related email.  In October 2016, Cause of Action Institute sought access to Secretary Powell’s work-related emails under the Freedom of Information Act (“FOIA”).  At the same time, we advised the Secretary of State and the Archivist of the United States of their obligations under the Federal Records Act (“FRA”) to recover those same email records.  Once it became apparent that the State Department would not respond to our FOIA request, and the obligation to initiate action through the Attorney General for the recovery of Secretary Powell’s work-related email would not be met, we filed suit in federal district court.  In January 2018, when the court denied the government’s first motion to dismiss, it described the State Department’s efforts at recovery as “anemic.”  As we’ve noted, U.S. District Court Judge Trevor McFadden explained that “[t]he Defendants’ refusal to turn to the law enforcement authority of the Attorney General is particularly striking in the context of a statute with explicitly mandatory language.”  “[T]here is a substantial likelihood that [CoA Institute’s] requested relief would yield access to at least some of the emails at issue.”

After being repeatedly asked by the National Archives and Records Administration (“NARA”) to contact AOL directly for Powell’s emails, the State Department never did so until CoA Institute filed its lawsuit.  But the State Department continues to use the line that the emails have been “fatally lost” and that our lawsuit should therefore be dismissed.  The Defendants argue that, even if they cannot prove fatal loss or completely recover unlawfully removed records, their obligation to initiate action through the Attorney General (and thus marshal the law enforcement authority of the federal government) can be excused if they have no “reason to believe” records are recoverable.

We’re currently pushing back on that argument, as it rests on a fundamental misapprehension of the FRA.  We have asked the court to order the Secretary of State and the U.S. Archivist to initiate action through the Attorney General for the recovery of Powell’s email, as required by law.  This would entail enlisting the law enforcement authority of the federal government to investigate the possibility of forensically recovering the records at issue, among other things.  Such techniques have been successful in previous cases of unlawfully removed federal records, as evidenced by Hillary Clinton’s email scandal and the FBI’s recovery of Peter Strzok and Lisa Page’s text messages.

The problem with the Defendants’ position is that it ignores the clear text of the FRA and thirty years of precedent, which recognizes a non-discretionary obligation for an agency head to go to the Attorney General whenever its own recovery efforts have failed.  In this last line of their closing brief, the Defendants sum up their argument: “We recognize that the Court has previously rejected the contention that the FRA requires referral only when an agency has reason to believe that records can be recovered but respectfully reserve the right to seek further review should the Solicitor General determine that such review is warranted.”

This case illustrates how careless the federal government can be with the protection of government work – the use of a personal account and the subsequent years-long legal battle to recover Secretary Powell’s work-related emails are a failure of our government to follow both the FRA and the FOIA.  Secretary Powell should never have used a personal email account, and the State Department should have acted quicker to recover and preserve vital records of government business that were stored on a third-party commercial server.  If it is this difficult to recover materials that ultimately belong to the American people, the work of the government becomes more and more opaque and the gap between the American people’s knowledge and the federal government’s behavior only widens.

Mary Beth Gombita, Cause of Action Institute.