home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Shareware Overload Trio 2
/
Shareware Overload Trio Volume 2 (Chestnut CD-ROM).ISO
/
dir33
/
foia.zip
/
FOIA.DOC
Wrap
Text File
|
1993-01-31
|
90KB
|
1,783 lines
The Freedom Of Information Act
A Citizen's Guide on Using the Freedom of Information Act and
the Privacy Act of 1974 to Request Government Records
Introduction
A popular Government without popular information or the means of acquiring
it, is but a Prologue to a Farce or a Tragedy or perhaps both. Knowledge
will forever govern ignorance, and a people who mean to be their Governors,
must arm themselves with the power knowledge gives. -- James Madison
The Freedom of Information Act (FOIA) established a presumption that records
in the possession of agencies and departments of the Executive Branch of the
United States government are accessible to the people. This was not always
the approach to federal information disclosure policy. Before enactment of
the Freedom of Information Act in 1966, the burden was on the individual to
establish a right to examine these government records. There were no
statutory guidelines or procedures to help a person seeking information.
There were no judicial remedies for those denied access.
With the passage of the FOIA, the burden of proof shifted from the
individual to the government. Those seeking information are no longer
required to show a need for information. Instead, the "need to know"
standard has been replaced by a "right to know" doctrine. The government
now has to justify the need for secrecy.
The FOIA sets standards for determining which records must be made available
for public inspection and which records can be withheld from disclosure.
The law also provides administrative and judicial remedies for those denied
access to records. Above all, the statute requires federal agencies to
provide the fullest possible disclosure of information to the public.
The Privacy Act of 1974 is a companion to the FOIA. The Privacy Act
regulates federal government agency recordkeeping and disclosure practices.
The Act allows most individuals to seek access to federal agency records
about themselves. The Act requires that personal information in agency
files be accurate, complete, relevant, and timely. The Act allows the
subject of a record to challenge the accuracy of the information. The Act
requires that agencies obtain information directly from the subject of the
record and that information gathered for one purpose not be used for another
purpose. As with the FOIA, the Privacy Act provides civil remedies for
individuals whose rights have been violated.
Another important feature of the Privacy Act is the requirement that each
federal agency publish a description of each system of records maintained by
the agency that contains personal information. This prevents agencies from
keeping secret records.
1
The Privacy Act also restricts the disclosure of personally identifiable
information by federal agencies. Together with the FOIA, the Privacy Act
permits disclosure of most personal files to the individual who is the
subject of the files. The two laws restrict disclosure of personal
information to others when disclosure would violate privacy interests.
While both the FOIA and the Privacy Act encourage the disclosure of agency
records, both laws also recognize the legitimate need to restrict disclosure
of some information. For example, agencies may withhold information
classified in the interest of national defense or foreign policy, trade
secrets, and criminal investigatory files. Other specifically defined
categories of confidential information may also be withheld.
The essential feature of both laws is that they make federal agencies
accountable for information disclosure policies and practices. While
neither law grants an absolute right to examine government documents, both
laws provide a right to request records and to receive a response to the
request. If a requested record cannot be released, the requester is
entitled to a reason for the denial. The requester has a right to appeal
the denial and, if necessary, to challenge it in court.
These procedural rights granted by the FOIA and the Privacy Act make the
laws valuable and workable. The disclosure of government information cannot
be controlled by arbitrary or unreviewable actions.
Which Act To Use
The access provisions of the FOIA and the Privacy Act overlap in part. The
two laws have different procedures and different exemptions. As a result,
sometimes information exempt under one law will be disclosable under the
other.
In order to take maximum advantage of the laws, an individual seeking
information about himself or herself should normally cite both laws.
Requests by an individual for information that does not relate solely to
himself or herself should be made under the FOIA.
Congress intended that the two laws be considered together in the processing
of requests for information. Many government agencies will automatically
handle requests from individuals in a way that will maximize the amount of
information that is disclosable. However, a requester should still make a
request in a manner that is most advantageous and that fully protects all
available legal rights. A requester who has any doubts about which law to
use should always cite both the FOIA and the Privacy Act when seeking
documents from the federal government.
The Scope of the Freedom of Information Act
The federal Freedom of Information Act applies to documents held by agencies
2
in the executive branch of the federal Government. The executive branch
includes cabinet departments, military departments, government corporations,
government controlled corporations, independent regulatory agencies, and
other establishments of the executive branch.
The FOIA does not apply to elected officials of the federal government,
including the President, Vice President, Senators, and Congressmen, or the
federal judiciary. The FOIA also does not apply to private companies;
persons who received federal contracts or grants; tax-exempt organizations;
or state or local governments.
All States and some localities have passed laws like the FOIA that allow
people to request access to records. In addition, there are other federal
and state laws that may permit access to documents held by organizations not
covered by the FOIA.
What Records Can Be Requested Under FOIA?
The FOIA requires agencies to publish or make available some types of
information. This includes: (1) Description of agency organization and
office addresses; (2) statements of the general course and method of agency
operation; (3) rules of procedure and descriptions of forms; (4) substantive
rules of general applicability and general policy statements; (5) final
opinions made in the adjudication of cases; and (6) administrative staff
manuals that affect the public. This information must either be published
or made available for inspection and copying without the formality of an
FOIA request.
All other "agency records" may be requested under the FOIA. However, the
FOIA does not define "agency record." Material that is in the possession,
custody, or control of an agency is usually considered to be an agency
record under the FOIA. Personal notes of agency employees may not be agency
records. A record that is not an "agency record" will not be available
under the FOIA.
The form in which a record is maintained by an agency does not affect its
availability. A request may seek a printed or typed document, tape
recording, map, computer printout, computer tape, or a similar item.
Of course, not all records that can be requested must be disclosed.
Information that is exempt from disclosure is described below in the section
entitled "Reasons Access May Be Denied Under the FOIA."
The FOIA carefully provides that a requester may ask for records rather than
information. This means that an agency is only required to look for an
existing record or document in response to an FOIA request. An agency is
not obliged to create a new record to comply with a request. An agency is
not required to collect information it does not have. Nor must an agency do
research or analyze data for a requester.
3
Requesters may ask for existing records. Requests may have to be carefully
written in order to obtain the information that is desired. Sometimes,
agencies will help a requester identify the specific document that contains
the information being sought. Other times, a requester may need to be
creative when writing an FOIA request in order to identify an existing
document or set of documents containing the desired information.
There is a second general limitation on FOIA request. The law requires that
each request must reasonably describe the records being sought. This means
that a request must be specific enough to permit a professional employee of
the agency who is familiar with the subject matter to locate the record in a
reasonable period of time.
Because different agencies organize and index records in different ways, one
agency may consider a request to be reasonably descriptive while another
agency may reject a similar request as too vague. For example, the Federal
Bureau of Investigation has a central index for its primary record system.
As a result, the FBI is able to search for records about a specific person.
However, agencies that do not maintain a central name index may be unable to
conduct the same type of search. These agencies may reject a similar
request because the request does not describe records that can be
identified.
Requesters should make their requests as specific as possible. If a
particular document is required, it should be identified as precisely as
possible, preferably by date and title. However, a request does not have to
be that specific. A requester who cannot identify a specific record should
clearly explain his or her needs. A requester should make sure, however,
that the request is broad enough to cover the information that is needed.
For example, assume that a requester wants to obtain a list of toxic sites
near his home. A request to the Environmental Protection Agency for all
records on toxic waste would cover many more records than are needed. The
fees for such a request might be very high, and it is possible that the
request might be rejected as too vague.
A request for all toxic waste sites within three miles of a particular
address is very specific. But is unlikely that EPA would have an existing
record containing data organized in that fashion. As a result, the request
might be denied because there is no existing record containing the
information.
The requester might do better to ask for a list of toxic waste sites in his
city, county, or state. It is more likely that existing records might
contain this information. The requester might also want to tell the agency
in the request letter exactly what information is desired. The additional
explanation will help the agency to find a record that meets the request.
Many people include their telephone number in their requests. Sometimes
questions about the scope of a request can be resolved quickly when the
4
agency employee and the requester talk. This is an efficient way to resolve
questions that arise during the processing of FOIA requests.
It is to everyone's advantage if requests are as precise and as narrow as
possible. The requester benefits because the request can be processed
faster and cheaper. The agency benefits because it can do a better job of
responding to the request. The agency will also be able to use its scarce
resources to respond to more requests. The FOIA works best when both the
requester and the agency act cooperatively.
Making an FOIA Request
The first step in making a request under the FOIA is to identify the agency
that has the records. An FOIA request must be addressed to a specific
agency. There is no central government records office that services FOIA
requests.
Often, a requester knows beforehand which agency has the desired records.
If not, a requester can consult a government directory such as the United
States Government Manual. This manual has a complete list of all the
federal agencies, a description of agency functions, and the address of each
agency. A requester who is uncertain about which agency has the records
that are needed can make FOIA requests at more than one agency.
All agencies normally require that FOIA requests be in writing. Letters
requesting records under the FOIA can be short and simple. No one needs a
lawyer to make an FOIA request. The Appendix to this section contains a
sample request letter.
The request letter should be addressed to an agency's FOIA officer or to the
head of the agency. The envelope containing the written request should be
marked "Freedom of Information Act Request" in the bottom left-hand corner.
There are three basic elements to an FOIA request letter. First, the letter
should state that the request is being made under the Freedom of Information
Act. Second, the request should identify the records that are being sought
as specifically as possible. Third, the name and address of the requester
must be included.
In addition, under the 1986 amendments to the FOIA, the fees chargeable vary
with the status or purpose of the requester. As result, requesters may have
to provide additional information to permit the agency to determine the
appropriate fees. Different fees can be charged to commercial users,
representatives of the news media, educational and non-commercial scientific
institutions, and individuals. The next section explains the new fee
structure in more detail.
There are several optional items that are often included in an FOIA request.
The first is the telephone number of the requester. This permits an agency
employee processing a request to talk to the requester if necessary.
5
A second optional item is a limitation on the fees that the requester is
willing to pay. It is common for requesters to ask to be contacted if the
charges will exceed a fixed amount. This allows a requester to modify or
withdraw a request if the cost is too high.
A third optional item sometimes included in an FOIA request is a request for
waiver or reduction of fees. The 1986 amendments waived or reduced the
rules for fee waivers. Fees must be waived or reduced if disclosure of the
information is in the public interest because it is likely to contribute
significantly to public understanding of the operations or activities of the
government and is not primarily in the commercial interest of the request.
Decisions about granting fee waivers are separate from and different from
decisions about the amount of fees that can be charged to requesters.
Requesters should keep a copy of their request letter and related
correspondence until the request has been fully resolved.
Fees and Fee Waivers
FOIA requesters may have to pay fees covering some or all of the costs of
processing their request. As amended in 1986, the law establishes three
types of charges that may be imposed on requesters. The 1986 law makes the
process of determining the applicable fees more complicated. However, the
new rules reduce or eliminate entirely the cost for small, noncommercial
requests.
First, fees can be imposed to recover the costs of copying documents. All
agencies have a fixed price for making copies using copying machines.
Requesters are usually charged the actual cost of copying computer tapes,
photographs, or other nonstandard documents.
Second, fees can also be imposed to recover the costs of searching for
documents. This includes the time spent looking for material responsive to
a request. Requesters can minimize search charges by making clear, narrow
requests for identifiable documents whenever possible.
Third, fees can be charged to recover review costs. Review is the process
of examining documents to determine whether any portion is exempt from
disclosure. Before the effective date of the 1986 amendments, no review
charges were imposed on any requester. Effective April 25, 1987, review
charges may be imposed on commercial requesters only. Review charges only
include costs incurred during the initial examination of a document. An
agency may not charge for any costs incurred in resolving issues of law or
policy that may arise while processing a request.
Different fees apply to different categories of requesters. There are three
basic groups of FOIA requesters. The first includes representatives of the
news media, and educational or noncommercial scientific institutions whose
purpose is scholarly or scientific research. Requesters in this category
6
who are not seeking records for commercial use can only be billed for
reasonable standard document duplication charges. A request for information
from a representative of the news media is not considered to be for
commercial use if the request is in support of a news gathering or
dissemination function.
The second group includes FOIA requesters seeking records for commercial
use. Commercial use is not defined in the law, but generally includes
profit making activities. Commercial users pay reasonable standard charges
for document duplication, search, and review.
The third group of FOIA requesters includes everyone not included in either
of the first two groups. People seeking information for their own use,
public interest groups, and non-profit organizations are examples of
requesters who fall into the third group. Charges for these requests are
limited to reasonable standard charges for document duplication and search.
No review charges may be imposed. The 1986 amendments did not change the
fees charged to these requesters.
Small requests are free to requesters in the first and third groups.
This includes all requesters except commercial users. There is no charge
for the first two hours of search time and the first 100 pages of documents.
Noncommercial requesters who limit their requests to a small number of
easily found records will not pay any fees at all.
In addition, the law also prevents agencies from charging fees if the cost
of collecting the fee would exceed the amount collected. This limitation
applies to all requests, including those seeking documents for commercial
use. Thus, if the allowable charges for any FOIA request are small, no fees
are imposed.
Each agency sets charges for duplication, search, and review based on its
own costs. The amount of these charges is included in the agency FOIA
regulations. Each agency also sets its own threshold for minimum charges.
The 1986 FOIA amendments changed the law on fee waivers. The new rules
require that fees must be waived or reduced if disclosure of the information
is in the public interest because it is likely to contribute significantly
to public understanding of the operations or activities of the government
and is not primarily in the commercial interest of the requester.
The new rules for fees and fee waivers have created some confusion.
Determinations about fees are separate and apart from determinations about
eligibility for fee waivers. For example, a news reporter may only be
charged duplication fees and may ask that the duplication fees be waived.
There is no need for a reporter to ask for a waiver of search and review
costs because search and review costs are not charged to reporters.
Only after a requester has been categorized to determine applicable fees
7
does the issue of a fee waiver arise. A requester who seeks a fee waiver
should include a separate request in the original request letter. The
requester should describe how disclosure will contribute to the public
understanding of the operations or activities of the government. The sample
request letter in the Appendix includes optional language asking for a fee
waiver.
Any requester may ask for a fee waiver. Some will find it easier to qualify
than others. A news reporter who is charged only duplication costs may
still ask that the charges be waived because of the public benefits that
will result from disclosure. Representatives of the news media and public
interest groups are very likely to qualify for a waiver of fees. Commercial
users will find it more difficult to qualify.
The eligibility of other requesters will vary. A key element in qualifying
for a fee waiver is the relationship of the information to public
understanding of the operations or activities of government. Another
important factor is the ability of the requester to convey that information
to other interested members of the public. A requester is not eligible for
a fee waiver solely because of indigence.
Requirements for Agency Responses
Each agency is required to determine within ten days (excluding Saturdays,
Sundays, and legal holidays) after the receipt of a request whether to
comply with the request. The actual disclosure of documents is required to
follow promptly thereafter. If a request for records is denied in whole or
in part, the agency must tell the requester the reasons for the denial. The
agency must also tell the requester that there is a right to appeal any
adverse determination to the head of the agency.
The FOIA permits agencies to extend the time limits up to ten days in
unusual circumstances. These circumstances include the need to collect
records from remote locations, review large numbers of records, and consult
with other agencies. Agencies are supposed to notify the requester whenever
an extension is invoked.
The statutory time limits for responses are not always met. Agencies
sometimes receive an unexpectedly large number of FOIA requests at one time
and are unable to meet the deadlines. Some agencies assign inadequate
resources to FOIA offices. The Congress does not condone the failure of any
agency to meet the law's limits. However, as a practical matter, there is
little that a requester can do about it. The courts have been reluctant to
provide relief solely because the FOIA's time limits have not been met.
The best advice to requesters is to be patient. The law allows a requester
to consider a request to be denied if it has not been decided within the
time limits. This permits the requester to file an administrative appeal.
However, this is not always the best course of action. The filing of an
administrative or judicial appeal does not normally result in any faster
8
processing of the request.
Agencies generally process requests in the order in which they were
received. Some agencies will expedite the processing of urgent requests.
Anyone with a pressing need for records should consult with the agency FOIA
officer about how to ask for expedited treatment of requests.
Reasons Access May Be Denied Under the FOIA
An agency may refuse to disclose an agency record that falls within any of
the FOIA's nine statutory exemptions. The exemptions protect against the
disclosure of information that would harm national defense or foreign
policy, privacy of individuals, proprietary interests of business,
functioning of government, and other important interests.
A record that does not qualify as an "agency record" may be denied because
only agency records are available under the FOIA. Personal notes of agency
employees may be denied on this basis.
An agency may withhold exempt information, but it is not always required to
do so. For example, an agency may disclose an exempt internal memorandum
because no harm would result from its disclosure. However, an agency is not
likely to agree to disclose an exempt document that is classified or that
contains a trade secret.
When a record contains some information that qualifies as exempt, the entire
record is not necessarily exempt. Instead, the FOIA specifically provides
that any reasonably segregable portions of a record must be provided to a
requester after the deletion of the portions that are exempt. This is a
very important requirement because it prevents an agency from withholding an
entire document simply because one line or one page is exempt.
Exemption 1: Classified Documents
The first FOIA exemption permits the withholding of properly classified
documents. Information may be classified to protect it in the interest of
national defense or foreign policy. Information that has been classified as
"Confidential," "Secret," or "Top Secret" under the procedures of the
Executive Order on Security Classification can qualify under the first
exemption.
The rules for classification are established by the President and not the
FOIA or other law. The FOIA provides that, if a document has been properly
classified under the President's rules, the document can be withheld from
disclosure.
Classified documents may be requested under the FOIA. An agency can review
the document to determine if it still requires protection. In addition, the
Executive Order on Security Classification establishes a special procedure
for requesting the declassification of documents. If a requested document
9
is declassified, it can be released in response to an FOIA request.
However, a document that was formerly classified may still be exempt under
other FOIA exemptions.
Exemption 2: Internal Personnel Rules and Practices
The second FOIA exemption covers matters that are related solely to an
agency's internal personnel rules and practices. As interpreted by the
courts, there are two separate classes of documents that are generally held
to fall within exemption two.
First, information relating to personnel rules or internal agency practices
is exempt if it is a trivial administrative matter of no genuine public
interest. A rule governing lunch hours for agency employees is an example.
Second, internal administrative manuals can be exempt if disclosure would
risk circumvention of law or agency regulations. In order to fall into this
category, the material will normally have to regulate internal agency
conduct rather than public behavior.
Exemption 3: Information Exempt Under Other Laws
The third exemption incorporates into the FOIA other laws that restrict the
availability of information. To qualify under exemption three, a statute
must require that matters be withheld from the public in such a manner as to
leave no discretion to the agency. Alternatively, the statute must
establish particular criteria for withholding or refer to particular types
of matters to be withheld.
One example of a qualifying statute is the provision of the Tax Code
prohibiting the public disclosure of tax returns and tax law designating
identifiable census data as confidential. Whether a particular statute
qualifies under Exemption 3 can be a difficult legal determination.
Exemption 4: Confidential Business Information
The fourth exemption protects from public disclosure two types of
information: trade secrets and confidential business information. A trade
secret is a commercially valuable plan, formula, process, or device. This
is a narrow category of information. An example of a trade secret is the
recipe for a commercial food product.
The second type of protected data is commercial or financial information
obtained from a person and privileged or confidential. The courts have held
that data qualifies for withholding if disclosure by the government would be
likely to harm the competitive position of the person who submitted the
information. Detail information on a company's marketing plans, profits, or
costs can qualify as confidential business information. Information may
also be withheld if disclosure would be likely to impair the government's
ability to obtain similar information in the future.
10
Only information obtained from a person other than a government agency
qualifies under the fourth exemption. A person is an individual, a
partnership, or a corporation. Information that an agency created on its
own cannot normally be withheld under exemption four.
Although there is no formal requirement under the FOIA, many agencies will
notify a submitter of business information that disclosure of the
information is being considered. The submitter can file suit to block
disclosure under the FOIA. Such lawsuits are generally referred to as
"reverse" FOIA lawsuits because the FOIA is being used in an attempt to
prevent rather than to require disclosure of information. A reverse FOIA
lawsuit may be filed when a submitter of documents and the government
disagree whether the information is confidential.
Exemption 5: Internal Government Communications
The FOIA's fifth exemption applies to internal government documents. One
example is a letter from one government department to another about a joint
decision that has not yet been made. Another example is a memorandum from
an agency employee to his supervisor describing options for conducting the
agency's business.
The purpose of the exemption is to safeguard the deliberative policymaking
processes of government. The exemption encourages frank discussions of
policy matters between agency officials by allowing supporting documents to
be withheld from public disclosure. The exemption also protects against
premature disclosure of policies before final adoption.
While the policy behind the fifth exemption is well-accepted, the
application of the exemption is complicated. The fifth exemption may be the
most difficult FOIA exemption to understand and apply. For example, the
exemption protects the policymaking process, but it does not protect purely
factual information related to the policy process. Factual information must
be disclosed unless it is inextricably intertwined with protected
information about an agency decision.
Protection for the decision making process is appropriate only for the
period while decisions are being made. Thus, the fifth exemption has been
held to distinguish between documents that are pre-decisional and therefore
may be protected, and those which are post-decisional and therefore not
subject to protection. Once a policy is adopted, the public has a greater
interests in knowing the basis for the decision.
The exemption also incorporates some of the privileges that apply in
litigation involving the government. For example, papers prepared by the
government's lawyers are exempt in the same way that papers prepared by
private lawyers for clients are not available through discovery in civil
litigation.
11
Exemption 6: Personal Privacy
The sixth exemption covers personnel, medical, and similar files the
disclosure of which would constitute a clearly unwarranted invasion of
personal privacy. This exemption protects the privacy interests of
individuals by allowing an agency to withhold from disclosure intimate
personal data kept in government files. Only individuals have privacy
interests. Corporations and other legal persons have no privacy rights
under the sixth exemption.
The exemption requires agencies to strike a balance between an individual's
privacy interests and the public's right to know. However, since only a
clearly unwarranted invasion of privacy is a basis for withholding, there is
a perceptible tilt in favor of disclosure in the exemption. Nevertheless,
the sixth exemption makes it hard to obtain information about another
individual without the consent of the individual.
The Privacy Act of 1974 also regulates the disclosure of personal
information about individuals. The FOIA and the Privacy Act overlap in
part, but there is no inconsistency. Individuals seeking records about
themselves should cite both laws when making a request. This ensures that
the maximum amount of disclosable information will be released. Records
that can be denied to an individual under the Privacy Act are not
necessarily exempt under the FOIA.
Exemption 7: Law Enforcement
The seventh exemption allows agencies to withhold law enforcement records in
order to protect the law enforcement process from interference. The
exemption was amended slightly in 1986, but it still retains six specific
subexemptions.
Exemption (7)(A) allows the withholding of law enforcement records that
could reasonably be expected to interfere with enforcement proceedings.
This exemption protects active law enforcement investigations from
interference through premature disclosure.
Exemption (7)(B) allows the withholding of information that would deprive a
person of a right to a fair trial or an impartial adjudication. This
exemption is rarely used.
Exemption (7)(C) recognizes that individuals have a privacy interest in
information maintained in law enforcement files. If the disclosure of
information could reasonably be expected to constitute an unwarranted
invasion of personal privacy, the information is exempt from disclosure.
The standards for privacy protection in Exemption 6 and Exemption (7)(C)
differ slightly. Exemption (7)(C) refers only to unwarranted invasions of
personal privacy rather than to clearly unwarranted invasions.
Exemption (7)(D) protects the identity of confidential sources. Information
12
that could reasonably be expected to reveal the identity of a confidential
source is exempt. A confidential source can include a state, local, or
foreign agency or authority, or a private institution that furnished
information on a confidential basis. In addition, the exemption protects
information furnished by a confidential source if the data was compiled by a
criminal law enforcement authority during a criminal investigation or by an
agency conducting a lawful national security intelligence investigation.
Exemption (7)(E) protects from disclosure information that would reveal
techniques and procedures for law enforcement investigations or prosecutions
or that would disclose guidelines for law enforcement investigations or
prosecutions if disclosure of the information could reasonably be expected
to risk circumvention of the law.
Exemption (7)(F) protects law enforcement information that could reasonably
be expected to endanger the life or physical safety of any individual.
Exemption 8: Financial Institutions
The eighth exemption protects information that is contained in or related to
examination, operating, or condition reports prepared by or for a bank
supervisory agency such as the Federal Deposit Insurance Corporation, or the
Federal Reserve, or similar agencies.
Exemption 9: Geological Information
The ninth FOIA exemption covers geological and geophysical information,
data, and maps about wells. This exemption is rarely used.
FOIA Exclusions
The 1986 amendments to the FOIA gave limited authority to agencies to
respond to a request without confirming the existence of the requested
records. Ordinarily, any proper request must receive an answer stating
whether there is any responsive information, even if the requested
information is exempt from disclosure.
In some narrow circumstances, acknowledgement of the existence of a record
can produce consequences similar to those resulting from disclosure of the
record itself. In order to avoid this type of problem, the 1986 amendments
established three "record exclusions." However, these exclusions do not
broaden the ability of agencies to withhold documents.
The exclusions allow agencies to treat certain exempt records as if the
records were not subject to the FOIA. Agencies are not required to confirm
the existence of three specific categories of records. If those records are
requested, agencies may state that there are no disclosable records
responsive to the request. However, these exclusions give agencies no
authority to withhold additional categories of information from the public.
13
The first exclusion is triggered when a request seeks information that is
exempt because disclosure could reasonably be expected to interfere with a
current law enforcement investigation. There are specific prerequisites for
the application of this exclusion. First, the investigation in question
must involve a possible violation of criminal law. Second, there must be a
reason to believe that the subject of the investigation is not already aware
that the investigation is underway. Third, disclosure of the existence of
the records -- as distinguished from contents of the records -- could
reasonably be expected to interfere with enforcement proceedings.
When all three of these conditions are present, an agency may respond to an
FOIA request for investigatory records as if the records are not subject to
the requirements of the FOIA. In other words, the agency's response does
not have to reveal that it is conducting an investigation.
The second exclusion applies to informant records maintained by a criminal
law enforcement agency under the informant's name or personal identifier.
The agency is not required to confirm the existence of these records unless
the informant's status has been officially confirmed. This exclusion helps
agencies to protect the identity of confidential informants. Information
that might identify informants has always been exempt under the FOIA.
The third exclusion applies only to records maintained by the Federal Bureau
of Investigation which pertain to foreign intelligence, counterintelligence,
or international terrorism. When the existence of those type of records is
classified, the FBI may treat the records as not subject to the requirements
of FOIA.
This exclusion does not apply to all classified records on the specific
subjects. It only applies when the records are classified and when the
existence of the records is also classified. Since the underlying records
must be classified before the exclusion is relevant, agencies have no new
substantive withholding authority.
In enacting these exclusions, congressional sponsors stated that it was
their intent that agencies must inform FOIA requesters that these exclusions
are available for agency use. Requesters who believe that records were
improperly withheld because of the exclusions can seek judicial review.
Administrative Appeal Procedures
Whenever an FOIA request is denied, the agency must inform the requester of
the reasons for the denial and the requester's right to appeal the denial to
the head of the agency. A requester may appeal the denial of a request for
a document or for fee waiver. A requester may contest the type or amount of
fees that were charged. A requester may appeal any other adverse
determination including a rejection of a request for failure to describe
adequately the documents being requested. A requester can also appeal
because the agency failed to conduct an adequate search for the documents
that were requested.
14
A person whose request was granted in part and denied in part may appeal the
partial denial. If an agency has agreed to disclose some but not all of the
requested documents, the filing of an appeal does not affect the release of
the documents that are disclosable. There is no risk to the requester in
filing an appeal.
The appeal to the head of an agency is a simple administrative appeal. A
lawyer can be helpful, but no one needs a lawyer to file an appeal. Anyone
who can write a letter can file an appeal. Appeals to the head of the
agency often result in the disclosure of some records that have been
withheld. A requester who is not convinced that the agency's initial
decision is correct should appeal. There is no charge for filing an appeal.
An appeal is filed by sending a letter to the head of the agency. The
letter must identify the FOIA request that is being appealed. The envelope
containing the letter of appeal should be marked in the lower left hand
corner with the words "Freedom of Information Act Appeal."
Many agencies assign a number to all FOIA requests that are received. The
number should be included in the appeal letter, along with the name and
address of the requester. It is a common practice to include a copy of the
agency's initial decision letter as part of the appeal, but this it not
required. It can also be helpful for the requester to include a telephone
number in the appeal letter.
An appeal will normally include the requester's arguments supporting
disclosure of the documents. A requester may include any facts or any
arguments supporting the case for reversing the initial decision. However,
an appeal letter does not have to contain any arguments at all. It is
sufficient to state that the agency's initial decision is being appealed.
The Appendix to this section includes a sample appeal letter.
The FOIA does not set a time limit for filing an administrative appeal of an
FOIA denial. However, it is good practice to file an appeal promptly. Some
agency regulations establish a time limit for filing an administrative
appeal. A requester whose appeal is rejected by an agency because it is too
late may refile the original FOIA request and start the process again.
A requester who delays filing an appeal runs the risk that the documents
could be destroyed. However, as long as an agency is considering a request
or an appeal, the agency must preserve the documents.
An agency is required to make a decision on an appeal within twenty days
(excluding Saturdays, Sundays, and federal holidays). It is possible for an
agency to extend the time limits by an additional ten days. Once the time
period has elapsed, a requester may consider a that the appeal has been
denied and may proceed with a judicial appeal. However, unless there is an
urgent need for records, this is not always the best course of action. The
courts are not sympathetic to appeals based solely on an agency's failure to
15
comply with the FOIA's time limits.
Filing a Judicial Appeal
When an administrative appeal is denied, a requester has the right to appeal
the denial in court. An FOIA appeal can be filed in the United States
District Court in the district where the requester lives. The requester can
also file suit in the district where the documents are located or in the
District of Columbia. When a requester goes to court, the burden of
justifying the withholding of documents is on the government. This is a
distinct advantage for the requester.
Requesters are sometimes successful when they go to court, but the results
vary considerably. Some requesters who file judicial appeals find that an
agency will disclose some documents previously withheld rather than fight
about disclosure in court. This does not always happen, and there is no
guarantee that the filing of a judicial appeal will result in any additional
disclosure.
Most requesters require the assistance of an attorney to file a judicial
appeal. A person who files a lawsuit and substantially prevails may be
awarded reasonable attorney fees and litigation costs reasonably incurred.
Some requesters may be able to handle their own appeal without an attorney.
Since this is not a litigation guide, details of the judicial appeal process
have been not included. Anyone considering filing an appeal can begin by
reviewing the provisions of the FOIA on judicial review.
The Privacy Act of 1974
The Privacy Act of 1974 provides safeguards against an invasion of privacy
through the misuse of records by federal agencies. In general, the Act
allows citizens to learn how records are collected, maintained, used, and
disseminated by the federal government. The Act also permits individuals to
gain access to most personal information maintained by federal agencies and
to seek amendment of any incorrect or incomplete information.
The Privacy Act applies to personal information maintained by agencies in
the executive branch of the federal government. The executive branch
includes cabinet departments, military departments, government corporations,
government controlled corporations, independent regulatory agencies, and
other establishments in the executive branch. Agencies subject to the
Freedom of Information Act (FOIA) are also subject to the Privacy Act. The
Privacy Act does not generally apply to records maintained by state and
local governments or private companies or organizations.
The Privacy Act grants rights only to United States citizens and to aliens
lawfully admitted for permanent residence. As a result, foreign nationals
cannot use the Act's provisions. However, foreigners may use the FOIA to
request records about themselves.
16
The only records subject to the Privacy Act are records about individuals
that are maintained in a system of records. The idea of a "system of
records" is unique to the Privacy Act and requires explanation.
The Act defines a "record" to include most personal information maintained
by an agency about an individual. A record contains information about
education, financial transactions, medical history, criminal history, or
employment history. A system of records is a group of records from which
information is actually retrieved by name, social security number, or other
identifying symbol assigned to an individual.
Some personal information is not kept in a system of records. This
information is not subject to the provisions of the Privacy Act, although
access may be requested under the FOIA. Most personal information in
government files is subject to the Privacy Act.
The Privacy Act also establishes general records management requirements for
federal agencies. In summary, there are five basic requirements that are
more relevant to individuals.
First, agencies must establish procedures allowing individuals to see and
copy records about themselves. An individual may also seek to amend any
information that is not accurate, relevant, timely, or complete. The rights
to inspect and to correct records are the most important provisions of the
Privacy Act. This section explains in more detail how an individual can
exercise these rights.
Second, agencies must publish notices describing all systems of records.
The notices include a complete description of personal-data recordkeeping
policies, practices, and systems. This requirement prevents the maintenance
of secret record systems.
Third, agencies must make reasonable efforts to maintain accurate, relevant,
timely, and complete records about individuals. Agencies are prohibited
from maintaining information about how individuals exercise rights
guaranteed by the First Amendment to the U.S. Constitution unless
maintenance of the information is specifically authorized by statute or
relates to authorized law enforcement activity.
Fourth, the Act establishes rules governing the use and disclosure of
personal information. The Act specifies that information collected for one
purpose may not be used for another purpose without notice to or the consent
of the subject of the record. The Act also requires that agencies keep a
record of some disclosures of personal information.
Fifth, the Act provides legal remedies that permit individuals to seek
enforcement of rights under the Act. In addition, there are criminal
penalties that apply to federal employees who fail to comply with the Act's
provisions.
17
Locating Records
There is no central index of federal government records. An individual who
wants to inspect records about himself or herself must first identify which
agency has the records. Often, this will not be difficult. For example, an
individual who was employed by the federal government knows that the
employing agency or the Office of Personnel Management maintains personnel
files.
Similarly, an individual who receives veterans' benefits will normally find
the related records at the Veterans Administration or at the Defense
Department. Tax records are maintained by the Internal Revenue Service,
social security records by the Social Security Administration, passport
records by the State Department, etc.
For those who are uncertain about which agency has the records that are
needed, there are several sources of information. First, an individual can
ask an agency that might maintain the records. If that agency does not have
the records, it may be able to identify the proper agency.
Second, a government directory such as the United States Government Manual
contains a complete list of all federal agencies, a description of agency
functions, and the address of the agency and its field offices. An agency
responsible for operating a program normally maintains the records related
to that program.
Third, a Federal Information Center can help to identify government
agencies, their functions, and their records. These Centers, which are
operated by the General Services Administration, serve as clearinghouses for
information about the federal government. There are several dozen Federal
Information Centers throughout the country.
Fourth, the Office of Federal Register publishes an annual compilation of
system of records notices for all agencies. These notices contain a
complete description of each record system maintained by each agency. The
compilation - which is published in five large volumes - is the most
complete reference for information about federal agency personal information
practices. The information that appears in the compilation is also
published occasionally in the Federal Register.
The compilation -- formally called Privacy Act Issuance -- maybe difficult
to find. Copies will be available in some federal depository libraries and
possibly in other libraries as well. Although the compilation is the best
single source of detailed information about personal records maintained by
the federal agencies, it is not necessary to consult the compilation before
making a Privacy Act request.
A requester is not required to identify the specific system of records that
contains the information being sought. It is sufficient to identify the
agency that has the records. Using information provided by the requester,
18
the agency will determine which system of records has the files that have
been requested.
Those who request records under the Privacy Act can help the agency by
identifying the type of records being sought. Large agencies maintain
dozens or even hundreds of different record systems. A request is processed
faster if the requester tells the agency that he or she was employed by the
agency, was the recipient of benefits under an agency program, or had other
specific contacts with the agency.
Making a Privacy Act Request for Access
The fastest way to make a Privacy Act request is to identify the specific
system of records. The request can be addressed to the system manager. Few
people do this. Instead, most people address their requests to the head of
the agency that has the records or the agency's Privacy Act Officer. The
envelope containing the written request should be marked "Privacy Act
Request" in the bottom left-hand corner.
There are three basic elements to a request for records under the Privacy
Act. First, the letter should state that the request is being made under
the Privacy Act. Second, the letter should include the name, address, and
signature of the requester. Third, the request should describe as
specifically as possible the records that are wanted. The Appendix to this
section includes a sample Privacy Act request letter. It is a common
practice for an individual seeking records about himself or herself to make
the request both under the Privacy Act of 1974 and the Freedom of
Information Act. See the discussion in the front of this section about
which act to use.
A requester can describe the records by identifying a specific system of
records, by describing his or her contacts with an agency, or by simply
asking for all records about himself or herself. The broader and less
specific a request is, the longer it may take for an agency to respond.
It is a good practice for a requester to describe the type of records that
he or she expects to find. For example, an individual seeking a copy of his
service record in the Army should state he was in the Army and include the
approximate dates of service. This will help the Defense Department narrow
its search to record systems that are likely to contain the information
being sought. An individual seeking records from the Federal Bureau of
Investigation may ask that files in specific field offices be searched in
addition to the FBI's central office files. The FBI dose not routinely
search field office records without a specific request.
Agencies generally require requesters to provide some proof of identity
before records will be disclosed. Agencies may have different requirements.
Some agencies will accept a signature; others may require a notarized
signature. If an individual goes to the agency to inspect records, standard
personal identification may be acceptable. More stringent requirements may
19
apply if the records being sought are especially sensitive.
Agencies will inform requesters of a special identification requirements.
Requesters who need records quickly should first consult regulations or talk
to the agency's Privacy Act Officer to find out how to provide adequate
identification.
An individual who visits an agency office to inspect a Privacy Act record
may wish to bring along a friend or relative to review the record. When a
requester brings another person, the agency may ask the requester to sign a
written statement authorizing discussion of the record in the presence of
that person.
It is a crime to knowingly and willfully request or obtain records under the
Privacy Act under false pretenses. A request for access under the Privacy
Act can be made only by the subject of the record. An individual cannot
make a request under the Privacy Act for a record about another person. The
only exception is for a parent or legal guardian who can request records for
a minor or a person who has been declared incompetent.
Fees
Under the Privacy Act, fees can be charged only for the cost of conveying
records. No fees may be charged for the time it takes to search for the
records or the time it takes to review the records to determine if any
exemptions apply. This is a major difference from the FOIA. Under the
FOIA, fees can sometimes be charged to recover search costs and review
costs. The different fee structure in the two laws is one reason many
requesters seeking records about themselves cite both laws. This minimizes
allowable fees.
Many agencies will not charge fees for making copies of files under the
Privacy Act, especially when the files are small. If paying the copying
charges is a problem, the requester should explain in the request letter.
An agency can waive fees under the Privacy Act.
Requirements for Agency Responses
Unlike FOIA, there is no fixed time when an agency must respond to a request
for access to records under the Privacy Act. It is good practice for an
agency to acknowledge receipt of a Privacy Act request within ten days and
to provide the requested records within thirty days.
At many agencies, FOIA and Privacy Act requests are processed by the same
personnel. When then is a backlog of requests, it takes longer to receive a
response. As a practical matter, there is little that a requester can do
when an agency response is delayed. Requesters can be patient.
Agencies generally process requests in the order in which they were
received. Some agencies will expedite the processing of urgent requests.
20
Anyone with a pressing need for records should consult the agency Privacy
Act Officer about how to ask for expedited treatment of requests.
Reasons Access May Be Denied Under the Privacy Act
Not all records about an individual must be disclosed under the Privacy Act.
Some records may be withheld to protect important government interests such
as national security or law enforcement.
The Privacy Act exemptions are different from the exemptions of the FOIA.
Under the FOIA, any record may be withheld from disclosure if it contains
exempt information when a request is received. The decision to apply an
FOIA exemption is made only after a request has been made. In contrast,
Privacy Act exemptions apply not only to records but to systems of records.
Before an agency can apply a Privacy Act exemption, the agency must first
issue a regulation stating that there may be exempt records in that system
of records. Thus, there is a procedural prerequisite for the application of
the Privacy Act exemptions.
Without reviewing agency regulations, it is hard to tell whether particular
Privacy Act records are exempt from disclosure. However, it is a safe
assumption that any system of records that qualifies for an exemption has
been exempted by the agency.
Since most record systems are not exempt, the exemptions are not relevant to
most requests. Also, agencies do not automatically rely upon the Privacy
Act exemptions unless there is a specific reason to do so. Thus, some
records that are exempt may be disclosed upon request.
Because Privacy Act exemptions are complex and used infrequently, most
requesters need not worry about them. The exemptions are discussed here for
those interested in the law's details and for reference when an agency
withholds records. Anyone interested in more information about the Privacy
Act's exemptions can begin by reading the relevant sections of the Act.
The Privacy Act's exemptions differ from those of the FOIA in another
important way. The FOIA is mostly a disclosure law. Information exempt
under the FOIA is exempt from disclosure only. That is not true under the
Privacy Act. It imposes many separate requirements on personal records. No
system of records is exempt from all Privacy Act requirements.
For example, no system of records is ever exempt from the requirement that a
description of the system be published. No system of records can be
exempted from the limitations on disclosure of the records outside the
agency. No system is exempt from the requirement to maintain an accounting
for disclosures. No system is exempt from the restriction against the
maintenance of unauthorized information on the exercise of First Amendment
rights. All systems are subject to the requirement that reasonable efforts
be taken to assure that records disclosed outside the agency be accurate,
complete, timely, and relevant. Agencies must maintain proper
21
administrative controls and security for all systems. Finally, The Privacy
Act's criminal penalties remain fully applicable to each system of records.
1. General Exemptions
There are two general exemptions under the Privacy Act. The first applies
to all records maintained by the Central Intelligence Agency. The second
general exemption applies to selected records maintained by an agency or
component whose principal function is any activity pertaining to criminal
law enforcement. Records of these criminal law enforcement agencies can be
exempt under the Privacy Act if the records consists of (A) information
compiled to identify individual criminal offenders and which consist only of
identifying that and notations of arrests, the nature and disposition of
criminal charges, sentencing, confinement, release, and parole or probation
status: (B) criminal investigatory records associated with an identifiable
individual; or (C) reports identifiable to a particular individual compiled
at any stage from arrest through release from supervision.
Systems of records subject to these general exemptions may be exempted from
many of the Privacy Act's requirements. Exemption from the Act's access and
correction provisions is the most important. Individuals have no right
under the Privacy Act to ask for a copy of records that are generally exempt
or to seek correction of erroneous records.
In practice, these exemptions are not as expansive as they sound. Most
agencies that have exempt records will accept and process Privacy Act
requests. The records will be reviewed on a case-by-case basis. Agencies
will often disclose any information that does not require protection.
Agencies also tend to follow a similar policy for requests for correction.
Individuals interested in obtaining records from the Central Intelligence
Agency or from law enforcement agencies should not be discouraged from
making requests for access. Even if the Privacy Act access exemption is
applied, portions of the records may still be disclosable under the FOIA.
This is a primary reason individuals should cite both the Privacy Act and
the FOIA when requesting records.
The general exemption from access does not prevent requesters from filing a
lawsuit under the Privacy Act when access is denied. The right to sue under
the FOIA is not changed because of a Privacy Act exemption.
2. Specific Exemptions
There are seven specific Privacy Act exemptions that can be applied to many
systems of records. Records subject to these exemptions are not exempt from
as many of the Act's requirements as are the records subject to the general
exemptions. However, records exempt under the specific exemptions are
exempt from the Privacy Act's access and correction provisions.
Nevertheless, since the access and correction exemptions are not always
applied when available, those seeking records should not be discouraged from
22
making a request. Also, the FOIA can be used to seek access to records
exempt under the Privacy Act.
The first specific exemption covers record systems containing information
that is properly classified. Classified information is also exempt from
disclosure under the FOIA. Information that has been classified in the
interest of national defense or foreign policy will normally be unavailable
under either the FOIA or the Privacy Act.
The second specific exemption applies to systems of records containing
investigatory material compiled for law enforcement purposes other than
material covered by the general law enforcement exemption. The specific law
enforcement exemption is limited when -- as a result of the maintenance of
the records -- an individual is denied any right, privilege, or benefit to
which he or she would be entitled by federal law or for which he or she
would otherwise be entitled. In such a case, disclosure is required except
where disclosure would reveal the identity of a confidential source who
furnished information to the government under an express promise that the
identity of the source would be held in confidence. If the information was
collected from a confidential source before the effective date of the
Privacy Act (September 27, 1975), an implied promise of confidentiality is
sufficient to permit withholding of the identity of the source.
The third specific exemption applies to systems of records maintained in
connection with providing protective services to the President of the United
States or other individuals who receive protection from the Secret Service.
The fourth specific exemption applies to systems of records required by
statute to be maintained and used solely as statistical records.
The fifth specific exemption covers investigatory material compiled solely
to determine suitability, eligibility, or qualifications for federal
civilian employment, military service, federal contracts, or access to
classified information. However, this exemption applies only to the extent
that disclosure of information would reveal the identity of a confidential
source who provided the information under a promise of confidentiality.
The sixth specific exemption applies to systems of records that contain
testing or examination of material used solely to determine individual
qualifications for appointment or promotion in federal service, but only
when disclosure would compromise the objectivity or fairness of the testing
or examination process. Effectively, this exemption permits withholding of
questions used in employment tests.
The seven specific exemption covers evaluation material used to determine
potential for promotion in the armed services. The material is only exempt
to the extent that disclosure would reveal the identity of a confidential
source who provided the information under a promise of confidentiality.
3. Medical Records
23
Medical records maintained by federal agencies -- for example, records at
Veterans Administration hospitals -- are not formally exempt from the
Privacy Act's access provisions. However, the Privacy Act authorizes a
special procedure for medical records that operates, at least in part, like
an exemption.
Agencies may deny individuals direct access to medical records, including
psychological records, if the agency deems it necessary. An agency normally
reviews medical records requested by an individual. If the agency
determines that direct disclosure is unwise, it can arrange for disclosure
to a physician selected by the individual or possibly to another person
chosen by the individual.
4. Litigation Records
The Privacy Act's access provisions include a general limitation on access
to litigation records. The Act does not require an agency to disclose to an
individual any information compiled in reasonable anticipation of a civil
action or proceeding. This limitation operates like an exemption, although
there is no requirement that the exemption be applied to a system of records
before it can be used.
Administrative Appeal Procedures for
Denial of Access
Unlike the FOIA, the Privacy Act does not provide for an administrative
appeal of the denial of access. However, many agencies have established
procedures that will allow Privacy Act requesters to appeal a denial of
access without going to court. An administrative appeal is often allowed
under the Privacy Act, even though it is not required, because many
individuals cite both the FOIA and Privacy Act when making a request. The
FOIA provides specifically for an administrative appeal, and agencies are
required to consider an appeal under the FOIA.
When a Privacy Act request for access is denied, agencies usually inform the
requester of any appeal rights that are available. If no information on
appeal rights is included in the denial letter, the requester should ask the
Privacy Act Officer. Unless an agency has established an alternative
procedure, it is possible that an appeal filed directly with the head of the
agency will be considered by the agency.
When a request for access is denied under the Privacy Act, the agency
explains the reason for the denial. The explanation must name the system of
records and explain which exemption is applicable to the system. An appeal
may be made on the basis that the record is not exempt, that the system of
records has not been properly exempted, or that the record is exempt but no
harm to an important interest will result if the record is disclosed.
There are three basic elements to a Privacy Act appeal letter. First, the
24
letter should state that the appeal is being made under the Privacy Act of
1974. If the FOIA was cited when the request for access was made, the
letter should state that the appeal is also being made under the FOIA. This
is important because the FOIA grants requesters statutory appeal rights.
Second, a Privacy Act appeal letter should identify the denial that is being
appealed and the records that were withheld. The appeal letter should also
explain why the denial of access is improper or unnecessary.
Third, the appeal should include the requester's name and address. It is
good practice for a requester to also include a telephone number when making
an appeal. The Appendix at the end of this section includes a sample letter
of appeal.
Amending Records Under the Privacy Act
The Privacy Act grants an important right in addition to the ability to
inspect records. The Act permits an individual to request a correction of a
record that is not accurate, relevant, timely, or complete. This remedy
allows an individual to correct errors and to prevent those errors from
being disseminated by the agency or used unfairly against the individual.
The right to seek a correction extends only to records subject to the
Privacy Act. Also, an individual can only correct errors contained in a
record that pertains to himself or herself. Records disclosed under the
FOIA cannot be amended through the Privacy Act unless the records are also
subject to the Privacy Act. Records about unrelated events or about other
people cannot be amended unless the records are in a Privacy Act file
maintained under the name of the individual who is seeking to make the
correction.
A request to amend a record should be in writing. Agency regulations
explain the procedures in greater detail, but the process is not
complicated. A letter requesting an amendment of a record will normally be
addressed to the Privacy Act Officer of the agency or to the agency official
responsible for the maintenance of the record system containing the
erroneous information. The envelope containing the request should be marked
"Privacy Act Amendment Request" on the lower left corner.
There are five basic elements to a request for amending a Privacy Act
record.
First, the letter should state that it is a request to amend a record under
the Privacy Act of 1974.
Second, the request should identify the specific record and the specific
information in the record for which an amendment is being sought.
Third, the request should state why the information is not accurate,
relevant, timely, or complete. Supporting evidence may be included with the
25
request.
Fourth, the request should state what new or additional information, if any,
should be included in place of the erroneous information. Evidence of the
validity of the new or additional information should be included. If the
information in the file is wrong and needs to be removed rather than
supplemented or corrected, the request should make this clear.
Fifth, the request should include the name and address of the requester. It
is a good idea for the requester to include a telephone number. The
Appendix includes a sample letter requesting amendment of a Privacy Act
record.
Appeals and Requirements for Agency Responses
An agency that receives a request for amendment under the Privacy Act must
acknowledge receipt of the request within ten days (not including Saturdays,
Sundays, and legal holidays). The agency must promptly rule on the request.
The agency may make the amendment requested. If so, the agency must notify
any person or agency to which the record had previously been disclosed of
the correction.
If the agency refuses to make the change requested, the agency must inform
the requester of: (1) the agency's refusal to amend the record; (2) the
reason for refusing to amend the request; and (3) the procedures for
requesting a review of the denial. The agency must provide the name and
business address of the official responsible for conducting the review.
An agency must decide an appeal of a denial of a request for amendment
within thirty days (excluding Saturdays, Sundays, and legal holidays),
unless the time period is extended by the agency for good cause. If the
appeal is granted, the record will be corrected.
If the appeal is denied, the agency must inform the requester of the right
to judicial review. In addition, a requester whose appeal has been denied
also has the right to place in the agency file a concise statement of
disagreement with the information that was the subject of the request for
amendment.
When a statement of disagreement has been filed and an agency is disclosing
the disputed information, the agency must mark the information and provide
copies of the statement of disagreement. The agency may also include a
concise statement of its reasons for not making the requested amendments.
The agency must also give a copy of the statement of disagreement to any
person or agency to whom the record had previously been disclosed.
Finding a Judicial Appeal
The Privacy Act provides a civil remedy whenever an agency denies access to
26
a record or refuses to amend a record. An individual may sue an agency if
the agency fails to maintain records with accuracy, relevance, timeliness,
and completeness as is necessary to assure fairness in any agency
determination and the agency makes a determination that is adverse to the
individual. An individual may also sue an agency if the agency fails to
comply with any other Privacy Act provision in a manner that has an adverse
effect on the individual.
The Privacy Act protects a wide range of rights about personal records
maintained by federal agencies. The most important are the right to inspect
records and the right to seek correction of records. Other rights have also
been mentioned here, and still others can be found in the text of the Act.
Most of these rights can become the subject of litigation.
An individual may file a lawsuit against an agency in the federal district
court in which the individual lives, in which the records are situated, or
in the District of Columbia. A lawsuit must be filed within two years from
which the basis for the lawsuit arose.
Most individuals require the assistance of an attorney to file a judicial
appeal. An individual who files a lawsuit and substantially prevails may be
awarded reasonable attorney fees and litigation costs reasonably incurred.
Some requesters may be able to handle their own appeal without an attorney.
Since this is not a litigation guide, details about the judicial appeal
process have not been included. Anyone considering filing an appeal can
begin by reviewing the provisions of the Privacy Act on civil remedies.
Appendix: Sample Request and Appeal Letters
A. Freedom of Information Act Request Letter
Agency Head [or Freedom of Information Act Officer]
Name of Agency
Address of Agency
City, State, Zip Code
Re: Freedom of Information Act Request.
Dear_____:
This is a request under the Freedom of Information Act.
I request that a copy of the following documents [or documents containing
the following information] be provided to me: [identify the documents or
information as specifically as possible].
In order to help determine my status to assess fees, you should know that I
am (insert a suitable description of the requester and the purpose of the
request).
[Sample requester descriptions:
27
a representative of the news media affiliated with the newspaper
(magazine, television station, etc.) and this request is made as part of new
gathering and not for a commercial use.
affiliated with an educational or noncommercial scientific
institution and this request is made for a scholarly or scientific purpose.
an individual seeking information for personal use and not for a
commercial use.
affiliated with a private corporation and am seeking information
for use in the company business.]
[Optional] I am willing to pay fees for this request up to a maximum of
$XXX. If you estimate that the fees will exceed this limit, please inform
me first.
[Optional] I request a waiver of all fees of this request. Disclosure of
the requested information to me is in the public interest because it is
likely to contribute significantly to public understanding of the operations
or activities of the government and is not primarily in my commercial
interest. [Include a specific explanation.]
Thank you for your consideration of this request.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
B. Freedom of Information Act Appeal Letter
Agency Head or Appeal Officer
Name of Agency
Address of Agency
City, State, Zip Code
Re: Freedom of Information Act Appeal
Dear_____:
This is an appeal under the Freedom of Information Act.
On (date), I requested documents under the Freedom of Information Act. My
request was assigned the following identification number: XXXXX. On
(date), I received a response to my request in a letter signed by (name of
official). I appeal the denial of my request.
[Optional] The documents that were withheld must be disclosed under the FOIA
because * * *.
[Optional] I appeal the decision to deny my request for a waiver of fees. I
believe that I am entitled to a waiver of fees. Disclosure of the documents
28
I requested is in the public interest because the information is likely to
contribute significantly to public understanding of the operations or
activities of government and is not primarily in my commercial interests.
(Provide details)
[Optional] I appeal the decision to require me to pay review costs for this
request. I am not seeking the documents for a commercial use. (Provide
details)
[Optional] I appeal the decision to require me to pay search charges for
this request. I am a reporter seeking information as part of news gathering
and not for commercial use.
Thank you for your consideration of this appeal.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
C. Privacy Act Request for Access Letter
Privacy at Officer [or System of Records Manager]
Name of Agency
City, State, Zip Code
Re: Privacy Act Request for Access.
Dear_____:
This is a request under the Privacy Act of 1974.
I request a copy of any records [or specifically named records] about me
maintained at your agency.
[Optional] To help you to locate my records, I have had the following
contacts with your agency: [mention job applications, periods of employment,
loans or agency programs applied for, etc.).
[Optional] Please consider that this request is also made under the Freedom
of Information Act. Please provide any additional information that may be
available under the FOIA.
[Optional] I am wiling to pay fees for this request up to a maximum of $
XXX. If you estimate that the fees will exceed this limit, please inform me
first.
[Optional] Enclosed is [a notarized signature or other identifying document]
that will verify my identity.
29
Thank you for your consideration of this request.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
D. Privacy Act Denial of Access Letter
Agency Head or Appeal Officer
Name of Agency
City, State, Zip Code
Re: Appeal of Denial of Privacy Act Access Request.
Dear____:
This is an appeal under the Privacy Act of the denial of my request for
access to records.
On (date), I requested access to records under the Privacy Act of 1974. My
request was assigned the following identification number: XXXXX. On (date),
I received a response to my request in a letter signed by (name of
official). I appeal the denial of my request.
[Optional] The records that were withheld should be disclosed to me because
* * *.
[Optional] Please consider that this appeal is also made under the Freedom
of Information Act. Please provide any additional information that may be
available under the FOIA.
Thank you for your consideration of this appeal.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
E. Privacy Act Request to Amend Records
Privacy Act Officer [or System of Records Manager]
Name of Agency
City, State, Zip Code
Re: Privacy Act Request to Amend Records
Dear_____:
30
This is a request under the Privacy Act to amend records about myself
maintained by your agency.
I believe that the following information is not correct: [Describe the
incorrect information as specifically as possible].
The information is not (accurate) (relevant) (timely) (complete) because * *
*.
[Optional] Enclosed are copies of documents that show that the information
is incorrect.
I request that the information be [deleted] [changed to read:]
Thank you for your consideration of this request.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
F. Privacy Act Appeal of Refusal to Amend Records
Agency Head or Appeal Officer
Name of Agency
City, State, Zip Code
Re: Privacy Act Request to Amend Records
Dear_____:
This is an appeal made under the Privacy Act of the refusal of your agency
to amend records as I requested.
On (date), I was informed by (name of official) that my request was
rejected. I appeal the rejection of my request.
The rejection of my request for amendment was wrong because * * *.
[Optional] I enclose additional evidence that shows that the records are
incorrect and that the amendment I requested is appropriate.
Thank you for your consideration of this appeal.
Sincerely,
Name
Address
31
City, State, Zip Code
Telephone number [Optional]
Proxy Solicitation Materials
A proxy statement is a document which is intended to provide security
holders with the information necessary to enable them to vote in an informed
manner on matters intended to be acted upon at security holders' meetings,
whether the traditional annual meeting or a special meeting. Typically, a
security holder is also provided with a "proxy" to authorize designated
persons to vote his or her securities in the event the holder does not
attend the meeting. Definitive (final) copies of proxy statements and
proxies are filed with the Commission at the time they are sent to security
holders. Preliminary proxy filings are non-public upon filing, but may be
obtained under FOIA once the definitive proxy has been filed and released.
Location: Definitive filings received within 60 days of the current date are
available in paper copy. Filings are also available on microfiche.
Retention: Permanent. Interpretive Responsibility: Division of Corporation
Finance, Office of the Chief Counsel.
32
