John Vecchione discusses FBI lawsuit on WFTL’s Joyce Kaufman Show

CoA Institute Sues for Records on Potential FBI Payment to Democratic Opposition Researcher Who Compiled Infamous Trump Dossier

Washington D.C. – Cause of Action Institute (“CoA Institute”) has filed a lawsuit in the U.S. District Court for the District of Columbia seeking records relating to the relationship between the Federal Bureau of Investigation (“FBI”) and Christopher Steele, a former British spy who made headlines after he was identified as the lead author of the largely-discredited Trump dossier.

According to a news report, Mr. Steele entered an agreement with the FBI a few weeks before the November 2016 election to investigate then-candidate Donald Trump while, at the same time, he was employed by an opposition research firm to collect information for Democratic presidential nominee Hillary Clinton.

CoA Institute President and CEO John Vecchione: “If a former spy who was being paid to do opposition research on a U.S. presidential nominee was also on the FBI’s payroll, there are serious concerns about the agency’s independence. We need to better understand this financial relationship to ensure the FBI was not misusing taxpayer money to interfere in a presidential election on behalf of one of the candidates.”

On March 7, 2017, CoA Institute sent a FOIA request to the FBI seeking access to records into whether the FBI paid money, or had plans to pay, Mr. Steele for any purpose. To date, the FBI has failed to produce any responsive records within the applicable FOIA timeframe.

The full Complaint can be found here.

For information regarding this press release, please contact Zachary Kurz, Director of Communications at CoA Institute: zachary.kurz@causeofaction.org

 

Office of Special Counsel accepts CoA Institute’s FOIA regulation recommendations

The U.S. Office of Special Counsel (“OSC”) published a final rule yesterday to update its Freedom of Information Act (“FOIA”) regulations. In addition to implementing changes required by the FOIA Improvement Act of 2016, OSC adopted various changes recommended by Cause of Action Institute (“CoA Institute”).

Last summer, CoA Institute was one of two organizations to submit a comment to OSC on its proposed regulatory revisions. First, we asked the agency to revise its fee category definition for a “representative of the news media,” which still included outdated “organized and operated” language.  In 2015, the D.C. Circuit recognized this “organized and operated” standard as superseded by statutory amendment in its landmark decision in Cause of Action v. Federal Trade Commission.  Similarly, we suggested—and OSC agreed—that the fee category definition should include a non-exhaustive list of entities that, in light of alternative and evolving news formats, qualify as a news media requester.  Finally, we recommended that OSC add explicit language detailing its records retention obligations for FOIA-related federal records.  On all counts, OSC substantively agreed with CoA Institute’s proposals.

Our successful comment is yet another small step in our ongoing efforts to provide effective and transparent oversight of the administrative state.

Ryan Mulvey is counsel at Cause of Action Institute

CoA Institute Presses CFPB on Agency Records Kept on Personal Mobile Device

No matter what messaging medium agencies use to conduct business, federal records must be preserved.  If government employees are allowed to evade the Federal Records Act and the Freedom of Information Act (“FOIA”) through use of messaging on their private mobile devices, it threatens government transparency and encumbers efforts to hold agencies accountable.

Just last week, CoA Institute received documents from the Consumer Financial Protection Bureau (“CFPB”) indicating that, in response to our FOIA request, it conducted a search of Director Richard Cordray’s personal mobile device for any text messages that may be agency records.  That action represents the minimum required of CFPB under the law, but the agency has not yet clarified whether it has adequate recordkeeping procedures in place to preserve all agency records created on such personal devices.  It also is unclear whether Director Cordray’s text messages represent the whole body of agency business done on the Director’s phone and if any records may have been destroyed before responding to our request.

In addition, CoA Institute discovered that the National Archives and Records Administration (“NARA”) sent a February 1, 2017 letter to CFPB, requesting information and reports regarding potential destruction of the above-mentioned records.  NARA demanded a reply from CFPB by March 1, 2017.  Today, we filed FOIA requests with both CFPB and NARA in an effort to uncover CFPB’s response and clarify what actions, if any, the agency has taken to fortify its recordkeeping practices.

CoA Institute Uncovers EPA Investigation into Employees’ Use of Encrypted Messaging App

Hours after filing a lawsuit demanding that the Environmental Protection Agency (“EPA”) disclose records about its employees’ use of an encrypted messaging application, Cause of Action Institute (“CoA Institute”) received a letter from the EPA’s Office of General Counsel acknowledging that there is an “open law enforcement” investigation looking into the matter.

The EPA indicated that records created or received by its employees on “Signal,” and records concerning efforts “to retrieve, recover, or retain” those messages, were “part of one or more open law enforcement file(s).” The agency claimed such records were exempt from disclosure under the Freedom of Information Act (“FOIA”) because they were compiled for “law enforcement purposes” and their disclosure “could reasonably be expected to interfere with ongoing enforcement proceedings.”  Further, the EPA stated that it could not find any records reflecting “permission, clearance, or approval” for the use of the encrypted messaging app.

Cause of Action Institute Assistant Vice President Henry Kerner: “The EPA’s response to our lawsuit is unsurprising, but still deeply disturbing.  The unauthorized use of an encrypted messaging app by a government employee is inappropriate, and the EPA appears to agree that its employees might have broken the law.  Although we are pleased to learn that the agency is examining potential wrongdoing, we will continue to fight for the disclosure of records responsive to our FOIA request because we do not agree that the law prohibits the disclosure of the Signal messages.  It will be up to the courts to decide.”

Even though the EPA purports to have provided a final response to CoA Institute’s FOIA request, the recently filed lawsuit will continue. CoA Institute disputes the sufficiency of the EPA’s determination, which suggests that a search for potentially responsive records was never carried out. In addition, we disagree with the agency’s reliance on FOIA Exemption 7(a).

The EPA’s letter can be found here

 

Lawsuit Demands Records on EPA Employees’ Use of Encrypted Messaging App

Washington, D.C. – Cause of Action Institute (“CoA Institute”) has filed a lawsuit in the U.S. District Court for the District of Columbia after the Environmental Protection Agency (“EPA”) failed to disclose records about its employees’ use of an encrypted messaging application, “Signal,” to discuss the Trump administration’s expected changes to the agency’s policy agenda.

The lawsuit follows a February 2, 2017 Freedom of Information Act (“FOIA”) request, which sought all records of Signal communications created or received by EPA officials, as well as records concerning the EPA’s efforts, if any, to retriever, recover, or retain such work-related correspondence in accordance with federal records management laws.

Cause of Action Institute Assistant Vice President Henry Kerner: “Career employees at the EPA appear to be using Signal to avoid transparency laws and vital oversight by the Executive Branch, Congress, and the public.  Communications on this encrypted application, however, which relate to agency business must still be preserved under the Federal Records Act and be made available for disclosure under the FOIA.  Taxpayers have a right to know if the EPA’s leadership is meeting its record preservation obligations.”

According to media reports, at least a dozen EPA career employees have been using Signal to communicate about work-related issues, including how to prevent President Trump’s political appointees from “undermin[ing] their agency’s mission to protect public health and the environment” or “delet[ing] valuable scientific data.”  CoA Institute’s investigation into this matter has been widely discussed in the press, along with Congress’s request for the EPA’s watchdog to independently investigate the matter.  To date, the EPA has failed to issue a timely determination on CoA Institute’s FOIA request, let alone produce any responsive records.

The full complaint can be found here.

For information regarding this press release, please contact Zachary Kurz, Director of Communications: zachary.kurz@causeofaction.org

 

 

 

The Proof is in the Metadata: Recent Developments in CEI v. OSTP

Last summer, in Competitive Enterprise Institute v. Office of Science & Technology Policy, 827 F.3d 145 (D.C. Cir. 2016) (“CEI v. OSTP”), the D.C. Circuit reached an important decision concerning an agency’s obligation to search private email accounts maintained by government officials for records responsive to a Freedom of Information Act (“FOIA”) request. The court determined that if an official “possesses what would otherwise be agency records [e.g., work-related email], the records do not lose their agency character just because the official . . . takes them out the door [e.g., to a private account][.]” Id. at 149. Thus, if a personal email account may contain agency records, the agency cannot categorically refuse to conduct a search of that private account.

This past week, however, the district court on remand appeared to dampen the impact of the D.C. Circuit’s ruling. Judge Gladys Kessler determined that OSTP had met its burden under the FOIA and did not have to conduct a search of former Director John Holdren’s personal email account, the contents of which had been saved on a thumb drive last December under court order. OSTP successfully argued that any agency records on Holdren’s non-governmental account would be duplicative of records already on OSTP servers. The agency pointed to a policy that required Holdren to forward work-related email to his official account or to copy that account on work-related correspondence. OSTP also attested that Holdren obeyed this policy on “approximately 4,500 occasions” and was otherwise entitled to a presumption of compliance “absent evidence to the contrary.” CEI could not rebut the presumption.

The district court’s decision, particularly on the heels of Sunshine Week, is disappointing. First, although a requester admittedly cannot rely on speculation to prove wrongdoing, once a requester has proven that a non-governmental system contains agency records, the agency should not be allowed to forego a search of that system simply because it claims to possess “duplicative” records elsewhere. It is difficult enough to demonstrate that an agency official is violating the spirit, if not the law, of transparent government by using personal email for work-related purposes. The existence and usage of a parallel personal account should be enough, in most cases, to rebut any presumption of compliance with preservation rules. Of course, OSTP may have given sufficient evidence of Holdren’s compliance in this case—an affidavit indicated that he forwarded or copied his official email account approximately 4,500 times—but courts should remain skeptical that all agency records have been forwarded when atypical means of conducting government business are at issue. One need only consider the ongoing saga of former Secretary of State Hillary Clinton’s private email accounts, where additional State Department records were uncovered even after she had averred that all such records had been turned over, to understand why this should be the case.

Second, assuming OSTP had copies of all agency records from Holdren’s personal account, it is not clear that these copies would actually be “duplicative.” For example, CEI argued that it sought Holdren’s email in “electronic format” along with any “metadata.” On this theory, copied or forwarded email records on OSTP’s servers may not, in fact, be “duplicative” because they may not include all original metadata. Judge Kessler found this line of argument unpersuasive and held that the metadata in Holdren’s personal email would “not in itself make each email unique as compared to the forwarded reproduction[.]” This conclusion is wrong and sets a dangerous precedent.

Metadata includes various types of information about an electronic document that are not usually visible, but reflect important characteristics concerning the document’s origin, alteration, or usage. It includes “substantive metadata,” such as tracked changes in Microsoft Word; “system metadata,” which is created by a computer system, such as the information contained in a file’s properties; and “embedded metadata,” such as hyperlink details or Excel formulae. See Aguilar v. Immigration & Customs Enf’t, 255 F.R.D. 350, 354–55 (S.D.N.Y. 2008) (discussing different types of metadata).

Numerous state courts have ruled that metadata forms an integral part of an electronic record and is subject to disclosure under state-based Freedom of Information regimes. No federal court has settled the question for the FOIA, but it seems appropriate to adopt a similar default presumption that metadata must be disclosed so long as it forms an integral part of an electronic record and is readily reproducible. A requester should not even need to specifically request integral metadata.

There may not be a one-size-fits-all approach to distinguishing different types of metadata and which form an integral part of a record. The best approach would take into account an agency’s storage practices and the type of electronic records at issue—Does the agency store email in a hard-copy format or electronically? Are electronic copies kept in native or near-native format? What sort of metadata is preserved in those formats? It would also consider an agency’s ability to readily reproduce metadata—Are email records readily releasable as PDF or MSG files? Finally, it would look to whether a requester has specified that he wants an agency to produce (rather than merely search for) records in a form that includes metadata. See, e.g., Citizens for Responsibility & Ethics in Washington v. Department of Education, 905 F. Supp. 2d 161, 171–72 (D.D.C. 2012) (“CREW did not request that DoEd produce its records in electronic format . . . DoEd thus had no obligation to produce the documents in any particular format.”) (internal citation omitted).

This proposed approach under the FOIA is supported by the treatment of metadata in other legal contexts. Under implementing regulations for the Federal Records Act, for example, “electronic record” is defined as “both record content and associated metadata that the agency determines is required to meet agency business needs.” 36 C.F.R. § 1220.18. “Metadata,” in turn, “consists of preserved contextual information describing the history, tracking, and/or management of an electronic document.” Id. When it comes to email records, some metadata can form an integral part of the electronic record. See id. § 1236.22(a). In the civil discovery context, when metadata exists as part of a document’s native format, it should be produced to an opponent. If a party seeks discovery of additional metadata, a court will typically grant it so long as the metadata is reasonably accessible and potentially relevant to the dispute at hand.

From the outset of its case, CEI argued that it sought agency records that were stored on Holdren’s personal email account in an electronic format. Metadata integral to those records (viz., sender, recipient, and “BCC” recipient information, etc.) might not have carried over in toto to the copies on OSTP’s servers. Such information could be instructive, as any litigator or investigative journalist would attest, and might even explain why Holdren was using a personal email account for official government business in the first place. The district court considered OSTP’s “duplicative” email records “functionally equivalent” to the originals on Holdren’s private account. That much is true when considering the visible content of the email. But that’s only half of the story. Metadata lurks beneath, and without the original integral metadata, any copies of Holdren’s email on OSTP’s servers are incomplete and not duplicative.

Ryan Mulvey is counsel at Cause of Action Institute.