It Looks Like The FBI Thought About Prosecuting FOIA Requesters After Influx Of Automated Requests

Legal Issues

from the nice-optics,-g-men dept

Emma Best of MuckRock has unearthed some disturbing details in an FBI response to an FOIA request: apparently the agency considered — however briefly — the investigation and prosecution of people filing requests.

The nature of the requests may shed some light on the FBI’s thought process because the heavily-redacted email included in the response certainly doesn’t. Each year, the FBI updates its Dead List — the names of people the FBI has files on who have passed away. Death increases the chances of released files because this major life event tends to terminate investigations.

The FBI claims it can’t find its updated Dead List. This seems odd, if not downright unbelievable, but the DOJ has backed the FBI’s claim and FOIA requests for the latest copy are being rejected. No problem, said MuckRock. It went to work with an older version of the list which included 7,000 names.

To accomplish this, the names of the subjects were extracted from the Dead List and a simple script written to submit FOIA requests for them. The requests were submitted on February 29th 2016, with the script and data made available online so that others could make their own requests and trigger the DOJ’s “rule of three” for frequently requested records, which would see the files posted online by the FBI.

Rather than follow its own rule for publication of frequently-requested files, the FBI decided to stop responding altogether.

The FBI acknowledged a large number of them before they began ignoring them. Over a month later (after the Bureau had exceeded legal time limit), the FBI sent a letter stating that they had “received an exceedingly high volume of submissions” which they would not accept.

Which led to this amazing bit of government agency shitposting:

According to the Bureau, fulfilling the FOIA requests would have prevented the FBI from fulfilling FOIA requests. Their letter stated that the “manner of submission interfered with the FBI’s ability to perform its FOIA and PA statutory responsibilities as an agency. Accordingly, the FBI did not accept these submissions on February 29th, 2016.”

A new FOIA request was sent requesting communications discussing the voluminous requests for files on Dead List subjects. That’s when things went from slightly obstructionist to downright ominous.

One of the emails contained in this document dump arrived with all but one word redacted. The FOIA exemption cited for the redaction of the entire body of the email was b(7)e: “techniques and procedures for law enforcement investigations or prosecutions.” All that remained of the email is the word “Options.” Everything underneath it was apparently a discussion about investigating/prosecuting FOIA requesters who participated in MuckRock’s automated FOIA requests. CCed on the email are officials from the Criminal Justice Information Services, which handles the FBI’s multiple criminal/investigation target databases.

No one knows for sure what basis the FBI thought it had for prosecuting FOIA requesters, but it’s pretty easy to imagine it had something to with the CFAA. It’s almost impossible to abuse the FOIA process in a fashion that would result in criminal charges, but give the government some automated computer activity it doesn’t like, and the CFAA can be read imaginatively enough to support at least an investigation. Another email in the batch received by the requester contains a heading that appears to show the mass requests had been passed on to the government’s ESOC (Enterprise Security Operations Center) as “suspicious.”

But this isn’t the end of the FBI’s bad faith FOIA response “efforts.” It took plenty of care to protect the people involved in this prosecution discussion but showed far less interest in protecting FOIA requesters when releasing this batch of documents.

Despite redacting the names and email addresses of the public servants handling the case, the FBI released not only the author’s name and address in the file (technically improper since there was no waiver, albeit understandable) but the name, email address and home address of another requester who also used the script to file requests. Their name along with their email and physical addresses were left unredacted not once, not twice, not thrice – but seven times, not including the email headers, several of which also showed their name and email address.

Given the nature of the FBI’s response to the mass request for Dead List files, this careless redaction effort appears to be no accident.

It’s hard to imagine that the Bureau, which once hung a sign in their FOIA office instructing people that “when in doubt – cross it out” would fail to redact this information so many times by accident. In context, it’s hard to see it as anything but retaliatory.

On top of that, the FBI appears to have deliberately ignored the requester’s supporting info for his fee waiver request, charged the requester duplication fees for documents it had previously compiled and released to other requesters, and stated — with the DOJ’s support — there was no “public interest” in Dead List documents, despite the massive number of requests (the ones the FBI chose to ignore en masse) clearly showing otherwise.

This is nasty, petty stuff and it’s coming from one of the most powerful law enforcement agencies in the world. People with access to vast databases of information on American citizens are seeking to leverage this access to chill First Amendment-protected activity. The government as a whole barely fulfills it obligations (and almost never in a timely fashion) when it comes to the Freedom of Information Act. Agencies like the FBI are taking it several steps further, shirking obligations while engaging in small-scale vindictive acts.

Filed Under: chilling effects, fbi, foia, prosecution, transparency