Gone in an Instant: How Instant Messaging Threatens the Freedom of Information Act

New Report: Federal Agencies Violating Federal Law,  
Not Preserving Instant Messaging Records

Arlington, VA (March 16, 2020)Cause of Action Institute (“CoA Institute”) and Americans for Prosperity Foundation (“AFPF”) today released an investigative reportGone in an Instant: How Instant Messaging Threatens the Freedom of Information ActThe report reveals how numerous federal agencies are violating federal records law and guidance from the National Archives by not preserving instant messaging (“IM”) records. Like email in the 1990s, IM’s increasing integration into the workplace is changing the way people do business. In 2014, Congress amended the Federal Records Act to specifically require that electronic messages be retained. Agencies’ failure to preserve records created on IM platforms (Slack, Teams, Hangouts, etc.), which are prevalent in the workplace, threatens to undermine the Freedom of Information Act (“FOIA”) and put much of the federal government in the dark.  

The report scored IMrecordsmanagement practices of more than two dozen agencies and only four received passing scores: Federal Communications Commission, Council of the Inspectors General on Integrity and Efficiency, Department of Agriculture, and National Aeronautics and Space Administration. Nine agencies received a middling grade of needs improvement and thirteen agencies received a “poor” gradeFourteen agencies did not produce records in response to the investigation and were not graded.  

AFPF Chief Policy Counsel and CoA Institute Executive Director James Valvo issued the following statement: 

Retaining government records in a searchable system is fundamental to transparency, allowing journalists, citizen watchdogs, and the general public to oversee what their government is doingWith the use of instantmessaging platforms in the workplace, it is troubling that only four agencies have acceptable policies to preserve records, as required by the Federal Records ActThis report should serve as a wakeup call for Congress and federal agencies to take decisive action to ensure agencies are complying with federal law. 

Key Findings from the Report: 

  • Thirteen of the sixteen agencies that produced their IM policies do not preserve instant messages as a matter of policy—a violation of federal law and NARA guidance. For example: 
  • The General Services Agency declared in a memo that the instant messaging platform it uses, Google Hangouts, “would not be considered a system of record. Therefore, GSA-IT should set the History feature to off for the GSA.gov domain. 
  • The Department of Labor’s records management program, dated 2017, contains a single sentence regarding IM policy: “NOTE: At this time DOL has determined Instant Messaging will not be used to create records.” 
  • Only three agencies produced records reflecting policies to automatically preserve IMs, a commonly available feature on most instant-messaging platforms. 
  • Of the twenty agencies that produced their policies for employee use of IM, thirteen allow its use but prohibit employees from creating or sending an official record through IM and three ban IM use altogether. Prohibiting IM use to conduct business is unrealistic and contrary to NARA guidance. 
  • Many agencies have not incorporated the 2014 Presidential and Federal Records Act Amendments and subsequent NARA guidance into their records management policies. 
  • Agencies are shirking their responsibility to manage IM records by prohibiting the use of instant messaging or erroneously claiming instant messages are insignificant and do not need be saved. 
  • Only ten of the twenty-five agencies that responded to our FOIA requests could produce records of instant messages. 

Read the full report HERE. 

# # # 

Media Contact: briggs@standtogether.org 

About Americans for Prosperity Foundation 

Americans for Prosperity Foundation is a 501(c)(3) nonprofit organization committed to educating and training Americans to be courageous advocates for the ideas, principles, and policies of a free and open society. 

 

About Cause of Action Institute 

Cause of Action Institute is a 501(c)(3) nonprofit, nonpartisan government oversight organization that uses investigative, legal, and communications tools to educate the public on how government accountability, transparency, the rule of law, and principled enforcement of the separation of powers protects liberty and economic opportunity. 

Cause of Action Sues Commerce Dept. for Failing to Release Auto-Tariff Report

Washington, D.C. (Mar. 21, 2019) – Cause of Action Institute (CoA Institute) filed a lawsuit against the Department of Commerce (Commerce) for failing to respond to two Freedom of Information Act (FOIA) requests seeking a copy of the Commerce Secretary’s final report to the President regarding the Section 232 investigation into the national security impacts of the Administration’s proposed foreign automobile tariffs. The Commerce Department has previously stated that it will not make the report public. In an effort to increase transparency and protect Americans’ economic freedom, CoA Institute filed a FOIA request so the public can see the report, but Commerce did not produce it within the statutory timeline.

James Valvo, counsel and senior policy advisor at Cause of Action Institute:

“Commerce claims that the information contained in their report justifies the proposed auto-tariffs, but the government refuses to release this report.  The public should not have to take the government’s word that the report supports tariffs when the administration withholds the document it claims supports its position. The tariffs will harm American consumers and businesses, and the public has a right to see the information contained in the report. We are dedicated to placing this vital information into the public sphere, ensuring that the government complies with its statutory obligations, and we look forward to a robust debate about the merits of the report.”

The Section 232 National Security Investigation of Imports of Automobiles, Including Cars, SUVs, Vans and Light Trucks, and Automotive Parts will provide recommendations for the Administration’s proposal to impose a 25% tariff on imports of cars and car parts. CoA Institute sent requests to both the Department of Commerce and the Bureau of Industry and Security for a copy of this report.

Background:

Documents:

###

Media ContactMatt Frendewey, matt.frendewey@causeofaction.org | 202-699-2018

 

Records Show Former FBI Chief of Staff Sent White House National Security Council Documents to Personal E-mail Account

Former FBI Chief of Staff James Rybicki forwarded a White House-originated e-mail with a draft speech for then-President Obama to a personal e-mail account in December of 2015. The FBI withheld in full the content of the draft speech after consulting with the White House National Security Council about its release. The e-mail was part of the last production of FBI documents in Cause of Action Institute’s FOIA litigation against the FBI regarding the work-related use of personal e-mail accounts by former FBI Director James Comey and former FBI Chief of Staff James Rybicki.

The final FBI production also includes e-mails from former Drug Enforcement Agency (DEA) Administrator and FBI Chief of Staff Chuck Rosenberg, who repeatedly used a private e-mail account for official business in conversations with former FBI Director James Comey.
It’s concerning to see high ranking officials violating government policies – setting a poor example to those they’re responsible for supervising and undermining the public trust that all public business can be properly archived and disclosed. When public officials conceal their work – the economic and individual rights of taxpayers is at risk, which is why Cause of Action remains vigilant and committed to holding all government officials accountable.

You can view and download the documents from this production here:

The first document production can be viewed here, the second here, and the third here.

Kevin Schmidt is Director of Investigations for Cause of Action Institute. You can follow him on Twitter @KevinSchmidt8



Final Release Fourth Production 2 28 2019 (Text)

Investigation Update: The FBI’s Third Production of Documents Showing Personal Email Use by High-Level Employees

Cause of Action Institute (CoA Institute) has obtained a third batch of documents in our investigation of personal email use by former FBI Director James Comey and former FBI Chief of Staff James Rybicki. The FBI’s latest records production is the third of four rolling productions. The first document production can be viewed here and the second here.

The FBI produced 101 pages of records that cover one year of FBI operations calendars between December 2014 and December 2015 that former FBI Chief of Staff James Rybicki forwarded to his personal email account. As with previous document productions, the FBI appears to improperly redact names of FBI employees, even though they can be easily identified. For example, this February 2015 travel manifest redacts Director Comey’s name despite the fact that his speech at the conference is public knowledge according to local press reports: “The training, which began Monday at Foxwoods Resort Casino in Mashantucket, Connecticut, included a keynote address by FBI Director James Comey. The LEEDS training description said it “enables participants to reflect upon and regroup for the next stage of their careers.”
You can view and download the documents here:



18 Cv 1800 File 2 Section 1 Part 2 (Text)

Kevin Schmidt is Director of Investigations for Cause of Action Institute. You can follow him on Twitter @KevinSchmidt8

Records Show How Former FBI Director James Comey Misled the DOJ Inspector General About His Personal Email Use

Cause of Action Institute (CoA Institute) has obtained a second batch of former FBI Director James Comey and former FBI Chief of Staff James Rybicki’s emails sent or received on their personal, non-official email accounts to conduct agency business. The FBI’s latest records production is the second of four rolling productions. The FBI reviewed 518 pages of emails and released 439 pages to CoA Institute. Once again, these emails undermine Director Comey’s statements concerning the types of matters he discussed while using his personal email to conduct official business.

Last month, CoA Institute published the first set of records received as part of our FOIA lawsuit. Contrary to Director Comey’s representations to the DOJ that he never used his personal email account for “sensitive work,” the first batch of emails we obtained revealed otherwise. Those records included emails withheld in full and others redacted in part under the FOIA’s law enforcement exemption, which exempts from public disclosure certain sensitive information created or compiled for law enforcement purposes.

This new second batch of emails tells much of the same story. For example, the redactions in the completely redacted email below cite 3 bases for the application of the law enforcement exemption (b7A, C, & E). These exemptions pertain to information that, if released, could (A) interfere with law enforcement proceedings, (C) constitute an invasion of personal privacy, or (E) disclose law enforcement techniques and thereby risk circumvention of the law. In other words, the FBI determined that the work Director Comey conducted on his personal account was so sensitive in nature that it justified redaction under Exemption 7 of the FOIA to prevent disclosure to the public.

As explained in the FBI’s cover letter accompanying the production to CoA Institute, the FBI is only providing emails that Director Comey and his Chief of Staff forwarded or copied to their official FBI email accounts: “The FBI conducted email searches for any communications to or from James Rybicki’s and James Comey’s personal email accounts, located within Rybicki’s and Comey’s FBI email accounts.”  This follows from Director Comey’s claims that all FBI-related work he conducted on Gmail was forwarded to an official FBI account. As Director Comey told the DOJ Inspector General:

“I was always making sure that the work got forwarded to the government account to either my own account or Rybicki, so I wasn’t worried from a record-keeping perspective was, because there will always be a copy of it in the FBI system.”

But if Director Comey misrepresented the nature of the work he conducted on his personal email account, a plausible concern arises as to whether Director Comey thoroughly searched and forwarded all work related emails from his personal account to his government account This is why using private email accounts for government business is so problematic: The agency—and ultimately the public—must rely on the very people who are violating the rules by using personal email accounts to forward their work-related emails to official government accounts. If they forget or choose not to copy an official account, there is little chance the agency will ever search for and recover the federal records created or received on those personal accounts. And that means those records cannot be produced to the public under the FOIA.  The use of non-official accounts to conduct agency business, whatever the reasoning, imperils transparency, accountability, and good government, and it undermines trust.

You can view and download the documents here:

Part 1 (411 pages)

Part 2 (30 pages)

FBI Cover Letter

Kevin Schmidt is Director of Investigations for Cause of Action Institute. You can follow him on Twitter @KevinSchmidt8

Thomas Kimbrell is an Investigative Analyst at Cause of Action Institute.

____________________________________________________________

Media ContactMatt Frendewey, matt.frendewey@causeofaction.org | 202-699-2018

Congress May Give the FTC More Money and Power, Making Its Internal Watchdog More Important than Ever

  • Congress may grant more power and money to the FTC, even though it needs stronger oversight from its internal watchdog at its current budget and authority.
  • Currently, FTC’s internal watchdog is hired and fired by the FTC, and lacks independence
  • Left unchecked, the powers of the FTC can undermine the ability for entrepreneurs and innovators to reach their full potential

In a recent hearing before the Senate Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security, the five commissioners of the Federal Trade Commission (FTC) requested more resources and authority, and Senators on the committee appear inclined to approve the FTC’s request. According to National Journal:

“I’ve never met an agency, or a department or a commission, that didn’t believe they needed more resources,” [Senator Jerry] Moran said. “I hear it on an ongoing basis. But I think this is different.”

Senator Moran, who chairs the Subcommittee, assembled the five FTC commissioners to hear their recommendations for a burgeoning bill to create a national standard on data privacy. FTC Chairman Joseph Simons opportunistically pushed for greater funding and the authority to make additional rules on data protection and levy civil fines against corporate actors found to have violated consumers’ privacy; and the senator found himself “sympathetic” to the pitch.

However, greater power requires greater accountability, and the FTC’s past use of its funding and authority has not been without controversy. In August 2018, Cause of Action Institute (CoA Institute) submitted comments outlining structural and procedural reforms to prevent the FTC from abusing its authority in the future. Without those reforms and a potential increase in the Commission’s budget and authority, effective oversight of the FTC will be as important as ever.

To that end, the FTC’s Inspector General (IG) is charged with ensuring the agency doesn’t overreach its authority, but CoA Institute’s experience with the IG suggests the office may be reluctant to hold the FTC accountable. This could be because the FTC IG is constrained by its lack of structural independence but also could be because of the IG’s cozy relationship with the agency. While many Inspectors General are nominated by the President and confirmed by the Senate to oversee their respective agencies, the FTC is one of 29 agencies where the IG is appointed by—and can be removed by—the head of the agency.

Most recently, Chairman Simons appointed Andrew Katsaros as the FTC’s Acting IG on June 8, 2018, following Roslyn Mazer’s retirement after three years as IG. So, not only was IG Katsaros chosen by the head of the agency he is supposed to oversee, but he is also designated only as “Acting IG.”  Crucially, the Project on Government Oversight (POGO) notes that acting inspectors general are less effective than permanent inspectors general:

Inspector general offices are most effective when led by a permanent inspector general, rather than an acting official … a permanent IG has the ability to set a long-term strategic plan for the office, including establishing investigative and audit priorities. An acting official, on the other hand, known by all IG office staff to be temporary, may tend to lack direction or vigor.

Curiously, while many inspectors general make their investigative reports public (there is a website dedicated to just publishing these reports from across the government), the FTC IG does not. It appears the FTC IG’s investigative reports aren’t available without a FOIA request, which CoA Institute recently submitted to obtain a September 30, 2015 report (a revised version was sent on October 16, 2015) relevant to one of our prior cases defending against FTC overreach. The report takes the form of a letter from the FTC IG to the U.S. House Committee on Oversight and Government Reform (OGR) regarding the FTC’s handling of its case against LabMD, a small cancer detection lab that, despite ultimately prevailing in court, was put out of business by the FTC’s egregious overreach.

The first substantive section of the letter suggests the IG had no interest in conducting oversight if OGR was investigating the matter, even though IGs and congressional committees commonly conduct investigations in tandem into the same matters: OGR “staff’s representation that they would cease investigative activity factored strongly in the OIG’s decision to initiate investigative activity.”  The IG also complained that OGR did not provide the IG documents related to the inquiry, but the IG has the authority to conduct interviews and request documents from the agency to conduct its oversight duties.

Further, OGR published a report in January 2015 outlining many troubling findings related to FTC’s conduct in the LabMD case. Despite having access to that report, the FTC IG appears to have written its letter more like the agency’s defense counsel, rather than its independent overseer.

For example, the IG’s letter tries to roll back the position the FTC previously represented to OGR on a key issue in a way that is favorable for the agency:

From the OGR Staff Report Dated January 2, 2015:

The FTC admitted that the use of Tiversa’s information was unusual relative to standard agency operating procedures for enforcement measures.

From the FTC Letter to OGR on September 30, 2015:

Based on our investigative activities, the OIG found that the FTC handled evidence received from Tiversa in the same manner it had handled other evidence about data security breaches.

There are other aspects of the letter that also suggest disinterest in holding the FTC accountable. The IG went out of its way to note that LabMD had lost rulings in various federal courts:

We note that LabMD litigated cases against the FTC in the U.S. District Court for the Northern District of Georgia and the U.S. Court of Appeals for the Eleventh Circuit. Both courts denied LabMD’s motion for preliminary relief for lack of jurisdiction.

It’s unclear why the FTC IG felt the need to mention that fact, but its inclusion was incredibly short-sighted considering LabMD won its case before the FTC Administrative Law Judge less than two months later and would eventually win before the Eleventh Circuit Court of Appeals in 2018.

Concerned about the independence and prior work of the FTC’s IG, CoA Institute sent a FOIA request in September 2018, asking for the IG’s five most recent investigative reports, a list of all preliminary investigations opened from January 2012 to the present, and a list of all investigations closed from January 2012, to the present. We have yet to receive any responsive documents from the agency.

If Congress follows through with empowering the FTC with more authority and money, the FTC IG needs to do more to safeguard tax dollars and prevent overreach, waste, fraud, and abuse. History teaches that so far it hasn’t been up to the task.

Kevin Schmidt is Director of Investigations for Cause of Action Institute. You can follow him on Twitter @KevinSchmidt8

FBI Records Show Former FBI Director James Comey’s Use of Personal Email

Cause of Action Institute has acquired former FBI Director James Comey’s work-related emails from his personal Gmail account. Garnered from the FBI through the first of rolling document productions in an ongoing Freedom of Information Act (FOIA) lawsuit, the email records start to shed light on the extent of Comey’s use of private email to conduct agency business.

The problems associated with using personal email for government work are obvious but those caught in the act often try to act like they had no idea they were doing anything wrong or justify their behavior as merely incidental. Cause of Action Institute (CoA Institute) has been at the forefront of shining a light on this behavior,  and first explored the issues raised by government employees using private email for official business in a 2012 journal article: “Gmail.gov: When Politics Gets Personal, Does the Public Have a Right to Know?”  In the six years since that article was published, CoA Institute’s investigations have demonstrated how the use of personal email or messaging apps for government business hinders transparency and accountability.

The ability to shroud government action in secrecy can also harm the economic rights of ordinary Americans. For example, small-scale family fishermen were harmed when the National Oceanic and Atmospheric Administration failed to search private accounts for email records related to onerous regulations that would devastate their business. Government overreach cannot be fought effectively if the process and enforcement are kept in the dark. That’s why CoA Institute is committed to holding the government accountable to transparency laws and has brought cases to uncover the private email use of officials such as former Secretary of State Colin Powell, former Secretary of State Hillary Clinton, and now, former FBI Director James Comey.

On June 14, 2018, after the Department of Justice (DOJ) Inspector General (IG) revealed “numerous instances in which Comey used a personal email account (a Gmail account) to conduct FBI business.” CoA Institute submitted FOIA requests to the Federal Bureau of Investigation (FBI) and the IG to obtain copies of that email correspondence.  After the agencies failed to respond to the requests in a timely fashion, CoA Institute filed a lawsuit on August 1, 2018 to bring transparency to Comey’s use of Gmail, which the IG had concluded was “inconsistent with the DOJ Policy Statement.”

The FBI provided its first rolling production late last week. You can read and download the documents here.

The FBI reviewed 526 pages, released only 156 pages, and withheld 370 pages in full. Notably, the FBI withheld seven emails under the FOIA’s law enforcement exemption, which applies only where the government can show that (1) a law enforcement proceeding is pending or prospective, and (2) release of information about that proceeding could reasonably be expected to cause some articulable harm. These withholdings are particularly troubling given that Director Comey told the IG he only used personal email “to word process an unclassified [document] that was going to be disseminated broadly, [such as a] public speech or public email to the whole organization.” And according to news reports, Comey “stressed that his personal email was never used for classified or sensitive work.”

The e-mails records released to CoA Institute show that Director Comey was aware that his use of personal email for government business would be seen as “embarrassing” to anyone who wasn’t aware of it previously.

The records also show that Director Comey used his Gmail to discuss the FBI’s investigation of Hillary Clinton’s email server. In other words, Comey was using a non-governmental email account while he was investigating Secretary Clinton for the same unlawful behavior.
In this case, as with nearly every instance, when public officials conduct business through unofficial channels, they are denying the public’s right to hold officials accountable through the most fundamentally sound principle of a healthy democracy: Transparency. Cause of Action Institute remains committed to holding government officials at all levels accountable and will continue to report on this case as the DOJ releases the more than 700 pages of Comey related emails that remain outstanding.

The full production can be found here.



FBI Production re Comey Gmails 10.31.18 (Text)

Other CoA Institute investigations of the use of personal email or messaging accounts for government business:

Documents Obtained by Cause of Action Show that Officials Worried About Hillary’s Emails But Took No Action (June 4, 2015)

Off-Grid Government: This Administration’s Pattern of Using Personal Email Accounts (December 22, 2015)

NOAA FOIA Response Suggests Refusal to Search Council Member Email Accounts for Records on At-Sea Monitoring Amendment (February 28, 2018)

CoA Institute Files Reply in Support of Motion to Order Enforcement Action in Colin Powell Email Case (May 4, 2018)

 

Kevin Schmidt is Director of Investigations for Cause of Action Institute. You can follow him on Twitter @KevinSchmidt8

____________________________________________________________

Media Contact: Matt Frendewey, matt.frendewey@causeofaction.org | 202-699-2018