By Matt Ehling
In January, Public Record Media (PRM) filed a Freedom of Information Act (FOIA) lawsuit against the U.S. Department of Justice (DOJ), seeking records related to mass surveillance programs that collected communications data on more than one million U.S. persons. On March 1st, DOJ produced its answer to PRM’s lawsuit, and submitted a letter containing a “no records” determination. PRM stipulated to a dismissal of the case soon after.
Surveillance documents sought
PRM’s original FOIA request in the case dated to June of 2013, and was filed in the wake of press reports about a broad-based telephone “metadata” collection program operated by the United States government. Such reports were based on documents leaked by former intelligence contractor Edward Snowden.
Among the documents produced by Snowden was a court order for the acquisition of telephone call routing data for all users of the Verizon cellular telephone network in the United States from April 25th to July 19th, 2013 . The authenticity of the leaked document was confirmed by the U.S. government, and was later followed by the release of an Obama administration white paper about the metadata program, as well as the declassification of related documents. The breadth of the metadata collection order caused controversy, and triggered a series of congressional hearings and investigations.
In the wake of the Snowden disclosures, PRM submitted a FOIA request aimed at discovering the existence of legal memoranda governing the telephone metadata program, as well as other types of “mass collection” operations. The request was directed specifically to the Office of the Attorney General within DOJ.
Under the FOIA statute, final legal opinions are public records which must be produced, and PRM sought to use the FOIA mechanism to obtain the government’s legal justification behind its controversial collection activities. PRM’s request also sought correspondence between staff of the Attorney General’s Office and members of Congress about mass collection programs, as well as any “minimization” procedures related to such programs.
Lawsuit and answer
After receiving PRM’s FOIA request in 2013, DOJ placed the request on a “complex” track for fulfillment, due to the agency’s stated need to conduct a search in “another office.”
Representatives of the agency contacted PRM in 2015 and 2016 to provide an update on the progress of the request. By January of 2017, PRM had not received a response, and filed suit against the agency in federal court.
DOJ responded to PRM’s lawsuit in early March, and produced a letter from senior counsel Vanessa R. Brinkmann dated October 27, 2016. Brinkmann’s letter provided a “no records” determination, and stated that the agency had e-mailed its determination to PRM in October of 2016. (The production of the letter in court filings was the first time that PRM staff had seen the letter, however.)
Given complications stemming from DOJ’s “no records” response, PRM decided to seek a dismissal of the case, and dismissal was stipulated to on March 8, 2017.
The difficulty with “no records” responses
In FOIA litigation, disputes typically turn on whether public requesters can access records held by government agencies. In general, a government agency must respond to records requests by stating whether it holds records or not. Then, the agency must either provide the records, or assert an “exception” under the FOIA statute that provides a legal basis for withholding the documents. If a requester disputes a withholding determination, litigation may commence. During litigation, agencies can be compelled to provide a “Vaughn” index that describes the records in generic terms, so that requesters have a basis to contest withholding determinations made by the agency.
When agencies issue “no records” determinations, litigation becomes more difficult, since a requester then has to contest the adequacy of the government’s search for records. The evidence for governmental searches is typically supported by sworn declarations, and often given weight by the courts. Overcoming such assertions can be a difficult task. According to attorney Scott Hodes (who served as PRM’s counsel in its DOJ case) “the subject matter of the request and the offices the request was seeking information from made it difficult to defeat the adequacy of the agency’s search for records.” In PRM’s case, the decision was made that success was less than likely, leading to the dismissal decision.
The possibility of FOIA “exclusions”
It is also possible that FOIA “exclusions” may have been invoked in regard to PRM’s request. In DOJ’s October, 2016 letter, senior counsel Vanessa R. Brinkmann wrote that:
“For your information, Congress excluded three discreet categories of law enforcement and national security records from the requirements of FOIA … This response is limited to those records that are subject to the requirements of FOIA. This is a standard notification that is given to all our requesters and should not be taken as an indication that excluded records do, or do not, exist.”
FOIA “exclusions” stem from amendments made to the law in 1986. Prior to that time, all government records were considered to be covered by FOIA, and withholding records under a FOIA exemption was the only way to prevent their release. In 1986, Congress added three “exclusions” intended to allow certain records related to FBI investigations to be excluded from FOIA’s coverage entirely. In such cases, requesters would not be notified about the existence of documents, even if the government actually held them.
The third of the three FOIA exclusions relates to classified FBI records pertaining to foreign intelligence, counterintelligence, or international terrorism. Records sought through PRM’s FOIA request relate to mass collection programs utilized in a national security context, such as the original telephone metadata program. PRM’s interest in the documents stems from the fact that such wide-ranging collection activities have gathered the communications data of U.S. persons wholly unrelated to foreign intelligence or terrorism activities. However, given the foreign intelligence nexus, it is possible that DOJ invoked a FOIA exclusion in formulating its “no records” response.
Other details also raise this possibility. In DOJ’s initial, 2013 response letter, FOIA specialist Christine Wallace notified PRM that searching for responsive records required a “search in another office.” DOJ’s October 2016 determination letter noted that “you may wish to contact the Federal Bureau of Investigation and/or the National Security Division as possible repositories for information.”
The reference to the FBI is worth noting, in that a connection to FBI records – even a distant one – is required to trigger a FOIA exclusion. For instance, DOJ’s 2004 FOIA handbook states that:
“While the [FOIA] statute refers to records maintained by the FBI, exceptional circumstances could possibly arise in which it would be appropriate for another component of the Department of Justice or another federal agency to invoke this exclusion on a derivative basis as well … such a situation could occur where information in records … is derived from FBI records which fully qualify for (c)(3) exclusion protection.”
Given this, it is possible that responsive records may exist within the Attorney General’s office, but their existence remains effectively hidden due to the invocation of an exclusion. At the same time, it is difficult to know with any certainty. According to attorney Scott Hodes, “a properly used exclusion should not provide any evidence that it was invoked in the first place.”
DOJ’s “no records” response may also have turned on how the agency defined what constituted a “mass collection” program (which PRM’s request described as “any electronic collection and/or monitoring program operated by the United States government that acquires communications-related data on over one million U.S. persons.”) Alternately, the legal memos and minimization procedures sought by PRM may be have been exclusively held within other DOJ components. The former – but not the later – would explain the absence of Attorney General correspondence with members of Congress related to mass collection programs – another item sought by PRM in its original request.
“Minimization” procedures listed
Part of PRM’s FOIA request centered on “minimization” procedures for mass collection programs. Minimization procedures have long been a part of U.S. wiretapping protocols, and they have their roots in the 1968 Omnibus Crime Control bill that created the modern legal framework for telephone wiretapping. Minimization procedures are intended to limit the collection, retention, or dissemination of data that is unrelated to the target of a wiretap or other electronic surveillance.
DOJ’s October, 2016 letter noted that since PRM’s FOIA request, several sets of minimization procedures related to mass collection programs had been declassified. DOJ’s letter provided the internet locations for declassified procedures from the Central Intelligence Agency (CIA), the Federal Bureau of Investigation (FBI), the National Counterterrorism Center (NCTC), and the National Security Agency (NSA).
The procedures apply to the post-2015 telephone metadata program, as well as to the communication collection program authorized by section 702 of the Foreign Intelligence Surveillance Act (FISA). While the telephone metadata program only dealt with “routing” information pertaining to telephone calls, FISA’s Section 702 program was designed to collect the content of certain electronic communications. Under Section 702, government agencies can target “non-United States persons” located outside of the United States for communications surveillance. However, if targeted persons were communicating with persons inside the United States, or if target data was otherwise commingled with “U.S. person” data, all of that information could potentially be collected under the 702 program.
For instance, in 2013 the New York Times revealed that the NSA was not only collecting data in which a U.S. person was communicating with a targeted person overseas, but also e-mail and text data from any U.S. person that simply mentioned a target. Such collection was occurring without the use of a search warrant. According to the Times article, the NSA program also required the collection of “most e-mail and other text-based communications” that crossed the United States border, since such data had to be “captured and reassembled” in order to find the information pertinent to the target.
The minimization procedures referenced in DOJ’s 2016 letter address, in large part, the methods by which various federal government agencies dealt with U.S. person data acquired through Section 702 collection. Two other documents deal with how minimization procedures for the telephone metadata program have been handled since the reform of that program under the 2015 U.S.A. FREEDOM Act. The 2015 legislation changed the nature of the metadata program by limiting the scope of the metadata requests that could be made by federal agencies.
Minimization procedures recently made headlines on April 28th, when the New York Times reported that the NSA had terminated the warrantless collection of e-mails and text messages from U.S. persons that only mentioned terms associated with targets of Section 702 surveillance. The Times story noted that “inadvertent” failures on the part of the NSA to comply with procedures designed to minimize searches of U.S. person data led to the the agency’s decision to scale the program back.
PRM pursuing additional surveillance documents
PRM is currently pursuing additional documents related to mass collection programs through FOIA requests aimed at other components of the Department of Justice, as well as other federal agencies.