We recently posted a list of agencies that have taken a step that makes it easier for us to resolve Freedom of Information Act (FOIA) disputes. These agencies have a Privacy Act “routine use” that allows the agency to share with OGIS information about FOIA request and appeal files.
Agencies store FOIA case files in systems of records that are protected by the Privacy Act of 1974, which usually means that the agency needs written consent from the requester before it can discuss or share information in FOIA files with another government agency such as OGIS. (FOIA requesters who have asked for our assistance might be familiar with the privacy consent statement that we ask them to sign before we open a case). However, if a government agency (such as OGIS) routinely needs access to another agency’s files, the agency that controls the records can include a “routine use” that allows OGIS access to those files in its FOIA/Privacy Act System of Records.
Several years ago, OGIS worked with the Department of Justice to develop a model routine use that agencies can use for this purpose:
To the National Archives and Records Administration, Office of Government Information Services (OGIS), to the extent necessary to fulfill its responsibilities in 5 U.S.C. § 552(h), to review administrative agency policies, procedures and compliance with the Freedom of Information Act (FOIA), and to facilitate OGIS’ offering of mediation services to resolve disputes between persons making FOIA requests and administrative agencies.
Twelve of the 15 Cabinet-level Departments and eight other agencies have amended their FOIA/ Privacy Act System of Records so that it includes the routine use mentioned above, allowing OGIS and the agencies to share information from FOIA case files. In the past two years, we have contacted many of those agencies that have not yet amended their System of Records to include a routine use for OGIS to ask that they do so, and in the coming weeks, we will contact them again. You can see all of the agencies we have contacted thus far, the dates of contact, and the response—if any—from each agency here.
While contacting these agencies is a significant effort for our small staff, we have found that the inclusion of a routine use for OGIS makes it significantly easier for us to do our work. We hope that these lists provide a little more insight into how we work, and the steps we are taking to make sure that we can assist the FOIA community—both requesters and agencies.
What specific examples of FOIA information are protected under the Privacy Act? (E.g. FOIA requester name? Topic of FOIA request? Information regarding responsive records located? Etc…) I am thinking of examples where FOIA case-related information might occur in the archival historical record–what (FOIA-related information) would need to be protected under the Privacy Act in these instances? I would be curious to have a better understanding of that. Thank you.
Thanks for the interesting question. The answer will depend of how the records are maintained and how the information is retrieved. Here is a great primer on the Privacy Act https://www.justice.gov/opcl/overview-privacy-act-1974-2015-edition