OGIS Issue Assessment: Commonly Requested Categories of First-party Records
Published August 30, 2021
Introduction
The Freedom of Information Act (FOIA), 5 U.S.C. § 552(h) directs the Office of Government Information Services (OGIS) to review agency FOIA policies, procedures and compliance; identify procedures and methods for improving compliance; and to offer dispute resolution services to requesters and agencies as a non-exclusive alternative to litigation. As the FOIA Ombudsman, OGIS plays a unique role in the FOIA process, identifying issues and recommending opportunities for changes to improve the FOIA process.
Background
Each day, people seeking records about themselves use the FOIA process to obtain their records as they navigate health care, employment, immigration, law enforcement or other issues that intersect in some way with the federal government.
Both the FOIA and the Privacy Act of 1974, 5 U.S.C. § 552a, grant a right of access to federal records. Most often, but not always, agencies consider requests to access one’s own records as Privacy Act requests, or “first-party” or “first-person” requests. The Privacy Act’s access provisions apply only to U.S. citizens and lawful permanent residents. Generally, federal agencies process access requests under both the Privacy Act and the FOIA to provide requesters with the greatest degree of access. If information is exempt from the access provisions of the Privacy Act, the agency will process the request under FOIA. When an agency processes a request under both laws, it may withhold information only if the requested information is exempt under both laws.
The Privacy Act and the FOIA are often read in tandem; The Privacy Act allows individuals to access records about themselves, while the FOIA allows the public to access government information.[1] Law Professor Margaret B. Kwoka has studied the topic extensively and argues that first-party requests conflict with FOIA’s original legislative intent of transparency about government operations. She notes that first-person requests “are frequently vital to the requester’s interests . . . [t]hey do not, however, advance Congress’ primary goal in enacting FOIA: to promote democratic oversight of government activities.”[2]
Professor Kwoka divides first-party requesters into four broad categories: (1) those using FOIA as a stand-in for administrative discovery relating to a pending agency proceeding or civil litigation; (2) those trying to retrieve documents they need to apply for a government benefit; (3) those using FOIA for discovery relating to private benefits: they use it to obtain information useful for private litigation (such as workplace litigation) or for obtaining products on the private market (such as insurance policies); and (4) those who seek historical files for personal use or personal interest.[3]
FOIA and discovery provide entirely different avenues for obtaining information from the federal government. Discovery is used during litigation to obtain information, usually from an opposing party, while FOIA provides a general right of public access to records. A FOIA requester who is a private party litigant in a civil or a criminal matter is not entitled to greater FOIA access than the average FOIA requester.
Also noteworthy is that many first-party records contain names and other personally identifying information (PII) about other third-party individuals. Law enforcement records, for example, often contain the names of witnesses, suspects or individuals who are merely mentioned but are not the subject of the records. Immigration records frequently contain information about third parties, particularly in cases in which a “petitioner” files forms to request benefits on behalf of another person – i.e., a “beneficiary.” Protecting third-party information in all federal records remains a crucial government function regardless of the access method.
Why OGIS Did This Assessment
The 2018-2020 term of the FOIA Advisory Committee, a group of 20 FOIA experts from inside and outside the government appointed by the Archivist of the United States, studied first-party requests and noted in its July 2020 final report that “many government agencies have come to rely on FOIA to address … needs for access to information by the public beyond the worthy goals of transparency and accountability [for all] originally contemplated by Congress.”[4]
The Committee’s final report cited Professor Kwoka’s research on first-party requests at the Veterans Health Administration; the Social Security Administration; the Equal Employment Opportunity Commission; and the three Department of Homeland Security components that enforce civil immigration law (Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE) and U.S. Citizenship and Immigration Services (USCIS)). In light of the effect of first-party requests on the FOIA process at those agencies, the FOIA Advisory Committee recommended that OGIS and the Office of Information Policy (OIP) at the Department of Justice ask agencies to identify common categories of records requested frequently under the FOIA and/or Privacy Act by or on behalf of individuals seeking records about themselves. The Committee’s recommendation seeks to help agencies explore and consider alternative and more efficient ways for requesters to access records about themselves. (See FOIA Advisory Committee Recommendation No. 2020-14).
This report identifies common categories of records requested frequently under the FOIA and/or Privacy Act by – or on behalf of – individuals seeking records about themselves and completes OGIS’s work on FOIA Advisory Committee Recommendation No. 2020-14. OGIS will continue to monitor the issue.
What OGIS Reviewed
To fulfill FOIA Advisory Committee Recommendation No. 2020-14, OIP asked agencies that received more than 50 FOIA requests in fiscal year (FY) 2019 to answer the following in their 2021 Chief FOIA Officer (CFO) Reports: Does your agency frequently receive common categories of first-party requests? If so, please describe the types of requests and if your agency has explored establishing alternative means of access to these records outside of the FOIA process?[5]
OGIS reviewed the responses of the 70 agencies that answered this question in their 2021 CFO Reports and analyzed individual agency and component efforts regarding categories of information that were the subject of first-party requests and agency processes for responding to such requests.
We note that agencies are not required to report on the number of first-party requests they receive each year although some agencies do track this information on their own. At USCIS, for example, requests for Alien Files (A-Files) or certain immigration records within A-Files, account for a vast majority of records requests – 99 percent when OGIS assessed the USCIS FOIA program in FY 2018.[6] (The A-File is the official government record that contains information regarding transactions involving an individual as they pass through the U.S. immigration and inspection process.)
The agencies’ responses to the CFO Report first-party inquiry mirror what the 2018-2020 term of the FOIA Advisory Committee observed: There are numerous reasons why citizens (and non-citizens) require access to government information and records other than to hold the government accountable.
A copy of the data from our review, including the names of agencies that submitted 2021 Chief FOIA Officer Reports, links to the reports, the number of FOIA requests processed in FY 2020 (the most recent year for which data was available), whether the agency frequently receives first-party requests, the categories of commonly requested records, and whether the agency has established alternative means of access to records outside of the FOIA process is available on this spreadsheet.
Finding 1: A Majority of the Agencies that Submitted Chief FOIA Officers Reports in 2021 Frequently Receive First-party Requests
Of the 70 agencies that submitted CFO Reports in 2021, 61 percent reported that they frequently receive first party-requests. Of the agencies that reported frequently receiving first-party requests, 89 percent received more than 100 FOIA requests in FY 2020.
Figure 1: Percentage of agencies that submitted 2021 Chief FOIA Officer Reports and frequently receive first-party requests
Finding 2: First-party Requesters Frequently Request General Categories of Records Maintained by Most Agencies
An analysis of the 2021 CFO Report data shows that agencies frequently receive first-party requests for general categories of records maintained by most agencies. Table 1 lists the categories of records maintained by most agencies.
Table 1: Categories of Records Maintained by Most Agencies and Frequently Sought by First-party Requesters*
*Please note the table headers are clickable, sort the table by clicking the column header.
Finding 3: First-party Requesters Frequently Seek Access to Unique Records Maintained by Specific Agencies
A review of agency responses to the 2021 CFO Reports shows that agencies frequently receive first-party requests from individuals who have interacted with the agency and seek particular benefits. Table 2 lists categories of records frequently requested by individuals seeking records from particular agencies.
Table 2: Categories of Agency-Specific Records Frequently Sought by First-party Requesters According to 2021 Chief FOIA Officer Reports*
*Please note the table headers are clickable, sort the table by clicking the column header.
Finding 4: Some Agencies Provide Alternative Non-FOIA Means to Access First-party Records
A review of the 2021 CFO Report responses shows that some agencies and components are making records available to first-party requesters through means outside the FOIA. In some cases, agencies make records available online to first parties through online portals and in other instances, they provide information to individuals through agency service centers. Below in Table 3 are highlights from the 2021 CFO Reports.
Table 3: Non-FOIA Means to Access Agency Record According to 2021 Chief FOIA Officer Reports*
*Please note the table headers are clickable, sort the table by clicking the column header.
Conclusion
Recognizing that there is no one-size-fits-all approach to alternative processes for obtaining first-party records, OGIS recommends that agencies examine closely all of the records that they generate, collect and/or maintain and seek creative ways to provide non-FOIA access to first-party records when possible. OGIS has long recognized the crucial link between a strong records management program and an efficient, effective and compliant FOIA program. The Technology Committee of the Chief FOIA Officers Council also recognized the strong link between FOIA and records management and recommended that agency FOIA professionals understand their agency’s records management policies and engage with records management staff.[9] (National Archives and Records Administration policies guide agency compliance with the Federal Records Act (FRA)), 44 U.S.C. Chap. 31.) The Technology Committee noted that when agency FOIA and records management professionals work together, records are better collected and released, driving agency compliance with both the FRA and FOIA.
The 2021 CFO Reports provided agencies the opportunity to survey their FOIA logs for commonly requested categories of records that are frequently the subject of first-party requests under FOIA, as the 2018-2020 term of the FOIA Advisory Committee recommended. Agencies that did not review their FOIA logs before responding to the 2021 CFO Report first-party question should consider doing so. The Committee also recommended that agencies “establish a set of procedures outside of the FOIA for requesters to access these types of records” and “ensure that these procedures guarantee access to the same amount of records or more records than is possible under FOIA within a quicker time frame.” Providing such access may depend on the volume of first-party requests that an agency receives and the technological and staffing resources that are – or might be – available to them. As noted in this report, many first-party records contain the names and other identifying information about other third-party individuals. Moving such requests outside of the federal FOIA process still would require agencies to protect the privacy of any third-party individuals.
OGIS also recommends that agencies use their websites to explain, in plain language, the steps requesters should take to obtain access to first-party records. Agency FOIA professionals who see practices in this report that might work at their agency should contact OGIS; we stand ready to facilitate discussions between agencies to share best practices about ways to provide non-FOIA access to the first-party records.
Although this assessment completes FOIA Advisory Committee Recommendation No. 2020-14, OGIS will continue to monitor the issue of first-party requests. Additionally, a working group of the Process Subcommittee of the 2020-2022 term of the FOIA Advisory Committee is studying the issue to see whether additional recommendations may be warranted. Finally, we note that in providing access to commonly requested records outside of the FOIA process, agencies are helping to fulfill Committee Recommendation No. 2020-15 that “agencies provide for the dissemination of information outside of FOIA, including in online databases where members of the public may access commonly requested types of records.”
Jennifer Dryer, Lead Archives Specialist at the National Declassification Center, conducted this assessment on temporary assignment to OGIS as part of a National Archives and Records Administration Cross-training Program.
Endnotes
[1] U.S. Department of Justice. “Individual Right to Access.” United States Department of Justice Overview of the Privacy Act of 1974, 2020 edition.
[2] Margaret B. Kwoka, “First-Person FOIA,” Yale Law Journal 127:8 (2018), at 2204.
[3] Id. at 2243.
[4] 2018-2020 FOIA Advisory Committee, Final Report and Recommendations to the Archivist of the United States, July 9, 2020.
[5] OIP did not require agencies that received 50 or fewer FOIA requests to answer 2021 Chief FOIA Officer Report questions and instead encouraged them to report on any efforts or successes not captured in their Annual FOIA Reports. See OIP Guidance: Guidelines for 2021 Chief FOIA Officer Reports (posted September 24, 2020).
[6] Office of Government Information Services Compliance Review of U.S. Citizenship and Immigration Services, U.S. Department of Homeland Security Freedom of Information Act Program, February 9, 2018.
[7] Records compiled for law enforcement purposes can include criminal, civil, or administrative enforcement, state or foreign law enforcement, as well as national security and homeland security-related records. Of the 70 agencies that submitted 2021 CFO Reports, in FY 2020, 84 percent cited one or more of Exemption 7’s six subparts, 5 U.S.C. §§ 552 (7)(A) - (7)(F), at least once. See foia.gov.
[8] Most but not all federal agencies have inspectors general. See Council of the Inspectors General on Integrity and Efficiency Inspectors General Directory., February 14, 2020.
Download the Data
Commonly Requested Categories of First-party Records - 2021 Chief FOIA Officer Reports