Focusing public attention on emerging privacy and civil liberties issues

FOIA Gallery 2014

In recognition of Sunshine Week
March 16-22, 2013

Introduction to the Freedom of Information Act

The Freedom of Information Act establishes a legal right for individuals to obtain records in the possession of government agencies. The FOIA is critical for the functioning of democratic government because it helps ensure that the public is fully informed about matters of public concern. The FOIA has helped uncover fraud, waste, and abuse in the federal government. It has become particularly important in the last few years as the government has tried to keep more of its activities secret.

A hallmark of the new surveillance measures proposed by various government agencies is their disregard for public accountability. As the government seeks to expand its power to collect information about individuals, it increasingly hides that surveillance power behind a wall of secrecy. Congress has long recognized this tendency in the Executive Branch, and sought to limit government secrecy by creating legal obligations of openness under the FOIA and the Privacy Act of 1974. EPIC has used these open government laws aggressively to enable public oversight of potentially invasive surveillance initiatives.

Public access through the FOIA not only allows for a more informed public debate over new surveillance proposals, but also ensures accountability for government officials. Public debate fosters the development of more robust security systems and leads to solutions that better respect the nation's democratic values.

Previous EPIC FOIA Galleries were published in 2001, 2002, 2003, 2004, 2005, 2006, 2010, 2011, 2012, and 2013.

For more information about the FOIA and EPIC's FOIA work, see EPIC: Open Government, EPIC: FOIA Cases, and EPIC: Open Government Litigation Manual.

EPIC FOIA: 2013-2014

EPIC’s FOIA work over the past year has resulted in public disclosure of information about several formerly secret government surveillance programs. To obtain these documents, EPIC aggressively deployed the tools provided by the FOIA - detailed requests to agencies, comprehensive administrative appeals, and lawsuits in federal court. Through these cases, EPIC “substantially prevailed” and forced the disclosure of documents from the Central Intelligence Agency (CIA), the Department of Homeland Security, The Federal Bureau of Investigation (FBI), the Office of the Director of National Intelligence, the Department of Education, the National Security Agency (NSA), the Transportation Security Administration (TSA), and other federal agencies. In several of these cases, EPIC has also obtained attorneys fees.

Several of EPIC’s FOIA cases were featured in news stories in during the past year:

Documents Released on U.S. Wiretapping Since Sept. 11 Terrorist Attacks, New York Times, March 3, 2014

NSA Pays EPIC’s Fees To Resolve Secret Directive Row, Law 360, February 13, 2014

Privacy Group Sues DOJ For Email Surveillance Disclosure, Law 360, December 10, 2013

US Government Ordered to Reveal Details of “Internet Kill Switch" to Deactivate Wi-fi Networks,, November 27, 2013

Judge Orders Homeland Security to Release Details for Shutting Down Wireless Networks, AllGov, November 20, 2013

Facial Recognition is Making Gains in Surveillance, New York Times, August 21, 2013

FBI Files Reveal New Details on Clandestine Phone Surveillance Unit, Slate, August 10, 2013

The CIA and the NYPD, New York Times, July 6, 2013

Fresh Questions for the CIA as NYPD Collaboration Revealed in New Report, The Guardian, June 27, 2013

FBI Drivers License Photo Searches Raise Privacy Questions, Information Week, June 18, 2013

EPIC currently has two FOIA cases before the DC Circuit Court of Appeals. In November 2013, EPIC won a lawsuit against the Department of Homeland Security. EPIC asked for the document describing the policy that allowed the federal government to shut down cellular service during a peaceful protest.  A federal court ruled in EPIC’s favor, finding that the DHS could not properly withhold the information EPIC is seeking. The Department of Homeland Security appealed the decision

EPIC is also pursuing EPIC v. NSA,  a case in which EPIC is seeking to obtain  “NSPD 54,” which describes the scope of the NSA’s cybersecurity authority. EPIC forced the NSA to disclose some documents related to NSPD 54. However, a federal judge ruled that the Presidential Directive itself is not subject to the Freedom of Information Act, which was a surprising decision.

Documents from both of these, along with several other significant documents EPIC obtained in the past year, are highlighted below.

EPIC FOIA: Previously Secret Reports Highlight Extensive NSA Surveillance

EPIC obtained documents that detailed the number of times the Surveillance Court authorized the use of techniques that gather the telephone numbers and metadata of phone customers and Internet users. The previously secret reports cover the period between 2000 and 2012. The reports reveal a dramatic increase in the use of these techniques in 2004 and significant reduction in 2008, likely the consequence of a shift to other investigative techniques. The documents also show that nearly all applications were approved by the Surveillance Court without modifications.

EPIC FOIA: FBI Uses State Driver’s License Photo Databases for Facial Recognition

EPIC obtained several agreements between the Federal Bureau of Investigation and state departments of motor vehicles. The agreements allow the Bureau to use facial recognition to compare subjects of Bureau criminal investigations and missing persons with the millions of driver’s license and identification photos retained by the participating states.

EPIC FOIA: DHS is Developing Crowd-Scanning Facial Recognition Technology

EPIC obtained records revealing that the Department of Homeland Security has begun to develop crowd-scanning facial recognition technology called Biometric Optical Surveillance System (BOSS). The agency intends to use this technology at large-scale events, including inaugurations, sports events, and political conventions. These documents also revealed that the agency had failed to establish privacy safeguards for the BOSS technology.

EPIC FOIA: Government Drones Can Intercept Signals and Identify Humans on the Ground

EPIC obtained documents that revealed that the Bureau of Customs and Border Protection is operating drones in the United States capable of intercepting electronic communications. The records also suggested that ten Predator B drones operated by the agency have the capability to recognize and identify a person on the ground.

EPIC FOIA: Documents Reveal CIA Collaboration with New York Police Department

A Central Intelligence Agency Inspector General’s report obtained by EPIC revealed that the agency had collaborated with the New York Police Department in domestic surveillance efforts. The Central Intelligence Agency is prohibited from engaging in domestic surveillance, but the report indicated that the agency had embedded four officers within the New York Police Department over the past decade and that the collaboration with the Police Department was fraught with “irregular personnel practices,” that it lacked “formal documentation in some important instances,” and that “there was inadequate direction and control” by agency supervisors.

EPIC FOIA: Debt Collectors Fail to Protect Student Privacy

EPIC has obtained documents which reveal that many private debt collection agencies maintain incomplete and insufficient quality control reports. As government contractors, debt collectors are required to follow the Privacy Act, a federal law that protects personal information. The Education Department also requires student debt collectors to submit quality control reports indicating whether the companies maintain accurate student loan information. The documents obtained by EPIC in this FOIA lawsuit reveal that many companies provide small sample sizes to conceal possible violations of the Act. The documents also show that many companies do not submit required information about Privacy Act compliance to the Education Department.