home | about | documents | news | publications | FOIA | research | internships | search | donate | mailing list






National Security Archive FOIA Audit highlights delinquent agencies; praises Congressional and White House plans for updated regulations

Archive warns updating is not enough without including "best practices"

Posted - March 14, 2014

For more information contact:
Tom Blanton/Nate Jones/Lauren Harper 202/994-7000 or nsarchiv@gwu.edu

Washington, DC, March 14, 2014 – Nearly half (50 out of 101) of all federal agencies have still not updated their Freedom of Information Act regulations to comply with Congress's 2007 FOIA amendments, and even more agencies (55 of 101) have FOIA regulations that predate and ignore President Obama's and Attorney General Holder's 2009 guidance for a "presumption of disclosure," according to the new National Security Archive FOIA Audit released today to mark Sunshine Week.

Congress amended the Freedom of Information Act in 2007 to prohibit agencies from charging processing fees if they missed their response deadlines, to include new online journalists in the fee waiver category for the media, to order agencies to cooperate with the new FOIA ombudsman (the Office of Government Information Services, OGIS), and to require reports of specific data on their FOIA output, among other provisions co-authored by Senators Patrick Leahy (D-VT) and John Cornyn (R-TX). But half the government has yet to incorporate these changes in their regulations, according to the latest National Security Archive FOIA Audit.

After President Obama's "Day One" commitments to open government, Attorney General Eric Holder issued new FOIA guidance on March 19, 2009, declaring that agencies should adopt a "presumption of disclosure," encourage discretionary releases if there was no foreseeable harm (even if technically covered by an exemption), proactively post the records of greatest public interest online, and remove "unnecessary bureaucratic hurdles" from the FOIA process. But five years later, the Archive found a majority of agencies have old regulations that simply ignore this guidance.

This report was made possible by generous funding from the CS Fund / Warsh Mott Legacy. Previous Freedom of Information Audits were made possible by the support of the John S. and James L. Knight Foundation, the Open Society Foundation, and the HKH Foundation.

The Archive's FOIA Audit also highlights some good news this Sunshine Week: New plans from both the House of Representatives and White House have the potential to compel delinquent agencies to update their regulations.

"Both Congress and the White House now recognize the problem of outdated FOIA regulations, and that is something to celebrate," said Archive director Tom Blanton. "But new regs should not follow the Justice Department's terrible lead, they must follow the best practices already identified by the FOIA ombuds office and FOIA experts."

"If and when this important FOIA reform occurs, open government watchdogs must be vigilant to ensure that the agencies' updated regulations are progressive, rather than regressive, and embrace best practices to ensure that more documents are released to requesters, more quickly" said Nate Jones, the Archive's FOIA coordinator.

From House Resolution 1211.

The House of Representatives recently unanimously passed the bipartisan Freedom of Information Act Implementation Act (H.R. 1211), which includes a provision compelling agencies to update their FOIA regulations. The House bill — which now awaits Senate approval — would require each agency to update its FOIA regulations "not later than 180 days after the enactment of this Act."

The White House is also addressing the problem of outdated FOIA regulations, albeit in a different manner. In its latest Open Government Partnership National Action Plan, the White House has committed (on paper, at least) to creating one "core FOIA regulation and common set of practices [that] would make it easier for requesters to understand and navigate the FOIA process and easier for the Government to keep regulations up to date."

Transparency watchdogs went on alert this week after the Department of Justice's Director of Information Policy Melanie Pustay announced during her Senate testimony on March 11, 2014 that, "My office is leading that project" to create the White House-backed common regulation which, she estimated will be, "a one or two year project." Despite Pustay's pledge that she would accept input from OGIS and the requester community, her Department's history of crafting FOIA regulations has been anything but stellar.

In 2011, the back-to-back Rosemary Award-winning Department of Justice proposed FOIA regulations that would have — among many other FOIA setbacks — allowed the Department to lie to FOIA requesters, eliminated online-only publications from receiving media fee status, and made it easier to destroy records. After intense pushback by openness advocates, the DOJ temporarily pulled these regulations, and Pustay claimed, "some people misinterpreted what we were trying to do, misconstrued some of the provisions, and didn't necessarily understand some of the fee guidelines."

Pustay also claimed — to an incredulous Senate Judiciary Committee — that updating FOIA regulations to conform with the 2007 OPEN Government Act was merely optional and "not required." National Security Archive director Tom Blanton warned in his own 2013 Senate testimony that these terrible "vampire" regulations were not gone for good. This year, Pustay testified that the Department of Justice has indeed resubmitted its FOIA regulations for OMB approval; their content is unknown to the public.

As the Department of Justice and other agencies have demonstrated, new regulations do not necessarily make good regulations. As such, the National Security Archive has recommended that any updated FOIA regulations must:

  • mandate that FOIA officers embrace direct communications with requesters;
  • require agencies to receive requests by e-mail and post all responses and documents online;
  • direct agencies to update their FOIA processing software so documents can be posted to any online repository, including the government-sponsored FOIAonline;
  • encourage agencies to join FOIAonline to make their FOIA processing more cost-effective and efficient;
  • stream-line inter and intra-agency "referral" black holes — and keep requesters abreast of where their requests are if the agency does have to refer them;
  • include language encouraging use of the OGIS, which can help requesters and agencies mediate disputes to avoid animosity and costly litigation;
  • end the practice of using fees to discourage FOIA requesters.

The Office of Government Information Services — which reviews and comments on agency regulations as they are proposed — has also compiled a list of best practices for agencies to consider while crafting regulations. These include: "let the Freedom of Information Act itself" — and its presumption for disclosure — "be your guide;" bring attorneys, FOIA processors, records managers and IT pros to the table; include your plan for records management and preservation; and alert requesters of their option to contact OGIS for mediation and dispute resolution services.

A useful compilation of current agency FOIA regulation language — already on the books — put together by the Center of Effective Government also includes helpful guidelines on preventing the destruction of requested records; narrowly interpreting claims of confidential business information; and clarifying fee waivers and procedures.

FOIA experts are currently working to craft model, pro-transparency, CFR-ready language that agencies — or the drafters of government-wide common regulations — can use to bring agencies' Freedom of Information Act regulations up to standard. Watch this space, and then watch the Code of Federal Regulations (CFR).

"As the staffer who waded through every single federal agencies' FOIA website and CFR chapter to locate their — sometimes hidden — regulations, I learned FOIA officials often say they view their FOIA requesters as customers," said Archive researcher Lauren Harper, "I think easy to find, updated model FOIA regulations are the best way for agencies to demonstrate they truly value their customer service, and the spirit of the FOIA."

From the US Second Open Government National Plan for the Open Government Partnership.

The National Security Archive has conducted thirteen FOIA audits since 2002. Modeled after the California Sunshine Survey and subsequent state "FOI Audits," the Archive's FOIA Audits use open-government laws to test whether or not agencies are obeying those same laws. Recommendations from previous Archive FOIA Audits have led directly to laws and executive orders which have: set explicit customer service guidelines, mandated FOIA backlog reduction, assigned individualized FOIA tracking numbers, forced agencies to report the average number of days needed to process requests, and revealed the (often embarrassing) ages of the oldest pending FOIA requests. The surveys include:

The National Security Archive identified and audited the problem of outdated regulations in 2012. While sixteen agencies have updated their regulations since the National Security Archive's initial December 2012 FOIA regulations audit, only, seven of those agencies had regulations that were outdated to begin with. The rate of incorporating substantive best practices in these new regulations has been even more glacial.


FOIA Audit Chart Agency Updates

Review of 17 Agencies that updated their FOIA regulations:

  • 9 were already in good standing (had updated their regs after March 2009 Holder memo),
  • 1 new agency,
  • 2 agencies whose regs pre-dated the OPEN Government Act of 2007, December 31, 2007
  • 2 agencies whose regs pre-dated the Intelligence Authorization Act of 2002 amending the FOIA, November 27, 2002, and
  • 3 agencies whose regs pre-dated The Electronic Freedom of Information Act Amendments of 1996

Are Agency FOIA Regulations up to Date with FOIA Improvements?

Agencies highlighted in GREEN have updated their FOIA regulations since the passing of the Open Government Act on December 31, 2007. Agencies highlighted in RED have not updated their FOIA regulations since the passage of the act. Agencies highlighted in DARK RED have no FOIA regulations. The information about agency FOIA regulations was found by searching each agency's entry in the Code of Federal Regulations.

National Endowment for the Arts 03/24/2014 [1]
National Endowment for the Humanities 03/24/2014 [2]
Institute of Museum and Library Services 03/24/3014 [3]
Overseas Private Investment Corporation 02/13/2014
Federal Reserve System 02/03/2014
Federal Communications Commission 01/17/2014
Federal Financial Institutions Examination Council 12/31/2013
Farm Credit Administration 12/26/2013
Broadcasting Board of Governors 11/08/2013
Privacy and Civil Liberties Oversight Board 11/08/2013
Department of Transportation 09/30/2013
National Science Foundation 08/29/2013
Environmental Protection Agency 06/25/2013
Equal Employment Opportunity Commission 06/19/2013
Commodity Futures Trading Commission 04/16/2013
Consumer Financial Protection Bureau 02/15/2013
Federal Housing Finance Agency 01/31/2013
Department of the Interior 01/30/2013
Council of the Inspectors General on Integrity and Efficiency 12/14/2012
Federal Mediation and Conciliation Service 11/06/2012
Federal Energy Regulatory Commission 10/29/2012
Federal Open Market Committee 10/12/2012
Federal Retirement Thrift Investment Board 10/09/2012
Federal Mine Safety and Health Review Commission 08/14/2012
Special Inspector General for Afghanistan Reconstruction 06/27/2012
National Labor Relations Board 01/31/2012
Nuclear Regulatory Commission 11/22/2011
Securities and Exchange Commission 11/21/2011
Federal Deposit Insurance Corporation 10/14/2011
Department of Veterans Affairs 08/19/2011
United States Copyright Office 05/13/2011
Special Inspector General for Iraq Reconstruction 04/26/2011
Administrative Conference of the US 04/05/2011
Federal Maritime Commission 02/24/2011
Council on Environmental Quality 08/11/2010
Occupational Safety and Health Review Commission 07/16/2010
Department of Education 06/14/2010
Tennessee Valley Authority 03/12/2010
Department of the Treasury 01/06/2010
Federal Election Commission 01/04/2010
Recovery Accountability and Transparency Board 11/20/2009
Postal Regulatory Commission 11/05/2009
Surface Transportation Board 10/15/2009
Federal Labor Relations Authority 10/01/2009
Pension Benefit Guaranty Corporation 06/08/2009
Attorney General Eric Holder FOIA Guidelines, March 19, 2009
Department of Housing and Urban Development 11/26/2008
Legal Services Corporation 11/17/2008
National Credit Union Administration 10/01/2008
Millennium Challenge Corporation 09/17/2008
United States Trade Representative 06/20/2008
OPEN Government Act of 2007, December 31, 2007
Social Security Administration 12/10/2007
Department of Agriculture 11/27/2007
Department of State 10/11/2007
Office of Government Ethics 08/28/2007
Office of the Director of National Intelligence 08/16/2007
Office of Special Counsel 07/25/2007
Central Intelligence Agency 07/18/2007
Peace Corps 05/14/2007
National Transportation Safety Board 04/16/2007
Department of Energy 11/28/2006
Inter-American Foundation 10/30/2006
Department of Commerce 06/01/2006
Department of Labor 05/30/2006
National Indian Gaming Commission 04/19/2006
Office of Personnel Management 05/31/2005
United States Postal Service 06/23/2004
Small Business Administration 04/23/2004
Railroad Retirement Board 10/29/2003
Court Services and Offender Supervision Agency 06/03/2003
United States International Trade Commission 06/03/2003
American Battle Monuments Commission 02/26/2003
Department of Justice 01/31/2003
Department of Homeland Security 01/27/2003
The Intelligence Authorization Act of 2002 amending the FOIA, November 27, 2002
Commission on Civil Rights 11/22/2002
National Archives and Records Administration 06/27/2002
Department of Defense 05/09/2002 [4]
Chemical Safety and Hazard Investigation Board 11/24/2000
Merit Systems Protection Board 08/10/2000
Committee for Purchase from People who are Blind or Severely Disabled 06/02/2000
National Aeronautics and Space Administration 04/12/2000
Office of National Drug Control Policy 12/15/1999
Export-Import Bank 03/25/1999
General Services Administration 10/23/1998
National Mediation Board 08/19/1998
Corporation for National and Community Service 05/13/1998
Office of Management and Budget 04/27/1998
Amtrak 02/13/1998
Defense Nuclear Facilities Safety Board 12/22/1997
Farm Credit System Insurance Corporation 09/23/1997
Consumer Product Safety Commission 09/02/1997
The Electronic Freedom of Information Act Amendments of 1996, October 2, 1996
Agency for International Development 08/20/1996
Armed Forces Retirement Home 06/15/1994
U.S. International Boundary and Water Commission 09/04/1990
Department of Health and Human Services 11/25/1988
National Capital Planning Commission 09/11/1987
Selective Service System 04/24/1987
United States African Development Corporation 07/17/1985
Office of Science and Technology Policy 03/15/1983
Office of Navajo and Hopi Indian Relocation 01/14/1982
The 1976 Government in the Sunshine Act Amendments, September 13, 1976
Federal Trade Commission 02/21/1975[5]
United States Trade and Development Agency NO REGULATIONS
Freedom of Information Act, July 4, 1966, and The Privacy Act Amendments of 1974, November 21, 1974


[1] Effective date of amendment(s) published February 20, 2014, in 79 FR 9621.
[2] Ibid.
[3] Ibid.
[4] The DOD has written to the National Security Archive to state that while its FOIA regulations have not been updated since May 9, 2002, it did revise its Directive covering FOIA regulations on July 28, 2011, to reflect both President Obama and Attorney General Eric Holder's FOIA guidance.
[5] The FTC contacted the Archive to state that the Commission had in fact updated its FOIA regulations several times since 1975. However, at the time of this audit, the FTC's FOIA reading room linked to regulations dating to 1975 and did not refer users to the text of its later updates, making them nearly impossible to find. The eFOIA Amendments of 1996 require agencies to provide a reference on their FOIA website as to the location of "each amendment, revision, or repeal" of its FOIA regulations. After the Archive published its audit, the FTC updated its FOIA reading room to include links to all of its regulations and is now in compliance with the Freedom of Information Act.


home | about | documents | news | publications | FOIA | research | internships | search | donate | mailing list

Contents of this website Copyright 1995-2017 National Security Archive. All rights reserved.
Terms and conditions for use of materials found on this website.