[author: Jeff Fehrman]

Every day, the Freedom of Information Act illuminates government practices by ensuring public access to federal records. It is the quintessential Sunshine Act and has been a key tool for ensuring government transparency since its passage in 1966.

In many ways, FOIA processes and discovery are kissing cousins, both in purpose—seeking, fundamentally, to illuminate the facts of a matter—and in practice. When a request for documents is made pursuant to FOIA, for example, government officials gather data from various repositories and custodians, cull through that data to find relevant files, review those files for responsiveness, and, finally, produce the information requested, minus those documents that are outside the scope of the request or otherwise protected by a FOIA exemption.

And, like eDiscovery, the FOIA process is too often difficult, risky, expensive, and slow. So slow that some agencies claim it will take the better part of a century to review and produce documents. (More on that below.) So risky that FOIA disasters could be their own journalistic subgenre.

Indeed, since the FOIA process plays out, nominally in the public sphere, those disasters are often more public than their eDiscovery analogs. Three recent ones, plus one FOIA success story, remind us how technology can modernize records response and empower teams to get through massive documents corpuses quickly, efficiently, and effectively.

USPS FOIA Response Forgets About Redaction

When it comes to FOIA, the government often has a reputation for overzealous redaction. It’s not unusual, for example, for entire pages to be produced with virtually every word blacked out.

Amazing. pic.twitter.com/UagWKTdkH7— Jason Leopold (@JasonLeopold) August 31, 2018

Responding to a recent FOIA request, the public records officers at the United States Postal Service took the opposite approach: releasing an entire file, with nary a black mark.

This wasn’t just any file, however. It was the security clearance application for Abigail Spanberger, a former CIA officer and current Democratic Congressional candidate for Virginia’s Seventh District.

Security clearance applications, which, if approved, allow individuals access to confidential, secret, and top-secret government information, are incredibly detailed, often laying out some of the most intimate details of an individual's life. The standard application, used by military personnel, government contractors, and government employees, stretches over 127 pages and includes questions on everything from one’s weight and Social Security number to employment history and past relationships.

Following her graduation from the University of Virginia, Spanberger submitted security clearance applications to both the CIA and Postal Service, the New York Times reports. She served in the CIA for eight years as a covert officer investigating international terrorism before becoming a political candidate.

It is unclear how and why the document was released without redaction, though Spanberger claims the disclosure was politically motivated. She alleges that her file was shared with the press by the Congressional Leadership Fund, a Republican super PAC. The CLF, in turn, appears to have received the application from America Rising, a PAC described by the Wall Street Journal as “the unofficial research arm of the Republican Party.”

“America Rising submitted a standard Freedom of Information Act (FOIA) request seeking information from the National Personnel Records Center which was referred to the United States Postal Service, an independent agency, which provided us responsive documents,” America Rising CEO Joe Pounder told BuzzFeed News. “Why the USPS disclosed certain information in response to the FOIA is for their response.”

The Postal Service, in turn, said it took “full responsibility for this unfortunate error” and was taking steps to avoid inadvertently releasing sensitive information in the future.” Maybe start with some redaction 101.

Not the Kind of Transparency FOIA Intended

In another case of the unintentional release of personal information, CNN reported on Labor Day that the government had accidentally disclosed sensitive personal information on dozens of FOIA requesters, including their Social Security numbers. The information was made available during an upgrade to FOIAOnline.gov, which allows users to search records released under FOIA and access FOIA requests and reporting. The Department of Defense, Department of Justice, Environmental Protection Agency, and others use the system.

During a recent upgrade, searches of FOIA requests revealed much more detail than intended. According to CNN:

The problem was with the feature that allowed anyone to search existing FOIA requests. The idea is that people can see what has already been requested, by whom, and in some cases what may have been provided. When users click through to the individual request, the description field is withheld, pending agency approval. Yet those descriptions were viewable in full on the search results page, including if Americans had included their or others' Social Security numbers or any other personal information.

At least 80 Social Security numbers and other sensitive information such as date of birth, address, and contact information were published.

The glitch also exposed other sensitive information about individuals. In one instance, a victim of a violent crime seeking information about the case described the crime. In others, victims of identity fraud seeking more information about their cases had their Social Security Numbers exposed in the process.

Thankfully, the error was quickly fixed after CNN contacted the government. But that might be too late for some. "These sorts of data points allow people to engage in identity theft or some kind of harassment, or other malicious behavior," Nuala O’Connor, former chief privacy officer for the Department of Homeland Security and current CEO of the Center for Democracy and Technology, told CNN. “It puts potentially already vulnerable people at greater risk."

The State Department's 300-Pages-Per-Month Review Rate

While the cases above may be isolated, this FOIA disaster is systematic. According to the State Department, the fastest it can commit to reviewing documents pursuant to a FOIA request is 300 pages per month. A request of fewer than 100,000 emails would require up to 66 years of review.

That snail’s approach to doc review was revealed in recent FOIA litigation between Citizens United (yes, that Citizens United) and the State Department over emails from former Assistant Secretary of State Victoria Nuland.

In a Joint Status Report, the State Department argued that it could process “a minimum of 300 pages a month” for the approximately 95,000 emails at issue and was “unable to commit to a higher processing minimum.”

Should those emails be short, say 1.5 pages per email, the State Department could complete its FOIA request in 45 years. Slightly longer, at 2 pages each, and that time frame expands to 66 years, at which point the original FOIA requester may no longer be alive.

What makes the State’s process so slow? First, the department’s FOIA system requires manual input of simple metadata, such as to, from, and subject line fields. Even basic Bates stamping needs to be done electronically but still manually by a government employee. (Actual stamps might be faster.) From there, documents undergo a Kafkaesque line-by-line examination, often requiring multiple levels of successive review and involving multiple agencies and employees.

Notwithstanding the State Department’s need to protect state secrets, much of that approach is unnecessarily slow. Today’s technology allows documents to be ingested quickly, in minutes or hours, with software automating processes like metadata extraction, Bates stamping, virus scanning, and more. Intuitive technology can make it easy to organize documents and create sophisticated searches so that reviewers can quickly hone in on the most essential information. Information that shouldn’t be released can be culled with a click, while redactions are as simple as dragging a mouse. And, for the most sensitive information, multiple-level reviews can be accomplished easily with powerful collaboration tools that keep teams connected and efficient.

That’s why more government agencies are moving to un-FUBAR their FOIA processes, adopting innovative technologies that speed up and improve public records response while reducing the risk of FOIA errors. Should the State Department follow suit, getting through under 100,000 documents could become much easier.

Until then, they’ll be working on Citizens United’s FOIA request until 2084.

The Sierra Club Puts FOIA to Work—And Changes the Government in the Process

Of course, it’s not all sturm und drang when it comes to public records. As mentioned above, many agencies are dramatically improving their FOIA processes. Meanwhile, requesting parties are making sure that FOIA continues to illuminate government action and decision-making, using that same technology to help them navigate FOIA document dumps and find the needles buried in the haystacks.

Take, for example, the Sierra Club’s campaign to expose Scott Pruitt’s EPA. Through a series of FOIA requests, the environmental organization gained unexpected insight into the EPA.

The goal was to take a more proactive approach to EPA initiatives under the Trump administration, Elena Saxonhouse, a Club senior attorney, explains. “Rather than just reacting every time we saw them do something bad that gets reported,” she told Slate in a recent feature highlighting the FOIA campaign, “let’s go on the offensive.”

That campaign resulted in, first, litigation and, subsequently, more than a few massive document dumps. As Slate’s Aaron Mak reports:

When the disclosures finally came, they arrived in files that were often more than 20,000 pages long. [...] It took a group of 12 people, including members of the club’s policy and legal departments, about a week of reading late into the night in their offices, kitchens, and living rooms to review each document dump. What made the review particularly difficult was the sheer amount of white noise contained within the records.

What made those document dumps manageable was the same technology that can turn review and production from a decade-long process into an efficient one. Mak continues, quoting Washington Post correspondent Juliet Eilperin, who used the Club’s FOIA requests to break story after story:

“When these documents came out, every single time, [we] would go through from top to bottom and read thousands and thousands of pages,” said Eilperin. “There was no other practical way to do it.” Some reporters used the searchable indexes that the FOIA team’s researchers put together with the help of Logikcull software, allowing for quick searches using keywords. But they still had to know what to search for.

To see how the Sierra Club’s FOIA requests led to unexpected revelations about fountain pens and Chick-fil-A, and eventually, a shakeup at the very top of the EPA read the full Slate feature here.