1995 Congressional DocumentsIntelligence and Security
1995 Congressional Documents
<greek-l>[COMMITTEE PRINT]
deg.Union Calendar No. 73
104th Congress, 1st Session - - - - - - - - - - House
Report 104-156
A CITIZEN'S GUIDE ON USING THE FREEDOM OF INFORMATION ACT AND THE
PRIVACY ACT OF 1974 TO REQUEST GOVERNMENT RECORDS
__________
FIRST REPORT
by the
COMMITTEE ON GOVERNMENT
REFORM AND OVERSIGHT
<GRAPHIC NOT AVAILABLE IN TIFF FORMAT>
June 22, 1995.--Committed to the Committee of the Whole House on the
State of the Union and ordered to be printed
COMMITTEE ON GOVERNMENT REFORM AND OVERSIGHT
WILLIAM F. CLINGER, Jr.,
Pennsylvania, Chairman
BENJAMIN A. GILMAN, New York
DAN BURTON, Indiana
J. DENNIS HASTERT, Illinois
CONSTANCE A. MORELLA, Maryland
CHRISTOPHER SHAYS, Connecticut
STEVEN SCHIFF, New Mexico
ILEANA ROS-LEHTINEN, Florida
WILLIAM H. ZELIFF, Jr., New
Hampshire
JOHN M. McHUGH, New York
STEPHEN HORN, California
JOHN L. MICA, Florida
PETER BLUTE, Massachusetts
THOMAS M. DAVIS, Virginia
DAVID M. McINTOSH, Indiana
JON D. FOX, Pennsylvania
RANDY TATE, Washington
DICK CHRYSLER, Michigan
GIL GUTKNECHT, Minnesota
MARK E. SOUDER, Indiana
WILLIAM J. MARTINI, New Jersey
JOE SCARBOROUGH, Florida
JOHN B. SHADEGG, Arizona
MICHAEL PATRICK FLANAGAN, Illinois
CHARLES F. BASS, New Hampshire
STEVEN C. LaTOURETTE, Ohio
MARSHALL ``MARK'' SANFORD, South
Carolina
CARDISS COLLINS, Illinois ROBERT L. EHRLICH, Jr., Maryland
HENRY A. WAXMAN, California
TOM LANTOS, California
ROBERT E. WISE, Jr., West Virginia
MAJOR R. OWENS, New York
EDOLPHUS TOWNS, New York
JOHN M. SPRATT, Jr., South Carolina
LOUISE McINTOSH SLAUGHTER, New York
PAUL E. KANJORSKI, Pennsylvania
GARY A. CONDIT, California
COLLIN C. PETERSON, Minnesota
KAREN L. THURMAN, Florida
CAROLYN B. MALONEY, New York
THOMAS M. BARRETT, Wisconsin
GENE TAYLOR, Mississippi
BARBARA-ROSE COLLINS, Michigan
ELEANOR HOLMES NORTON, District of Columbia
JAMES P. MORAN, Virginia
GENE GREEN, Texas
CARRIE P. MEEK, Florida
FRANK MASCARA, Pennsylvania
CHAKA FATTAH, Pennsylvania
BILL K. BREWSTER, Oklahoma
------
BERNARD SANDERS, Vermont (Independent)
James L. Clarke, Staff Director
Kevin M. Sabo, General Counsel
Judith McCoy, Chief Clerk
Bud Myers, Minority Staff Director
(ii)
LETTER OF TRANSMITTAL
----------
House of Representatives,
Washington, DC, June 22, 1995.
Hon. Newt Gingrich,
Speaker of the House of Representatives,
Washington, DC.
Dear Mr. Speaker: By direction of the Committee on
Government Reform and Oversight, I submit herewith the
committee's first report to the 104th Congress.
William F. Clinger, Jr.,
Chairman.
(iii)
<HEAD>C O N T E N T S
<RULE>_________________________________________________________________
Page
I. Preface..........................................................1
II. Introduction.....................................................2
III. Recommendations..................................................3
IV. How to use this guide............................................4
V. Which act to use.................................................4
VI. The Freedom of Information Act...................................5
A. The scope of the Freedom of Information Act........... 5
B. What records can be requested under the FOIA?......... 5
C. Making an FOIA request................................ 7
D. Fees and fee waivers.................................. 9
E. Requirements for agency responses..................... 10
F. Reasons access my be denied under the FOIA............ 11
1. Exemption 1.--Classified documents.............. 12
2. Exemption 2.--Internal personnel rules and 12
practices.
3. Exemption 3.--Information exempt under other 12
laws.
4. Exemption 4.--Confidential business information. 12
5. Exemption 5.--Internal Government communications 13
6. Exemption 6.--Personal privacy.................. 14
7. Exemption 7.--Law enforcement................... 14
8. Exemption 8.--Financial institutions............ 15
9. Exemption 9.--Geological information............ 15
G. FOIA exclusions....................................... 15
H. Administrative appeal procedures...................... 16
I. Filing a judicial appeal.............................. 18
VII. The Privacy Act of 1974.........................................18
A. The scope of the Privacy Act of 1974.................. 18
B. The Computer Matching and Privacy Protection Act...... 19
C. Locating records...................................... 20
D. Making a Privacy Act request for access............... 22
E. Fees.................................................. 23
F. Requirements for agency responses..................... 23
G. Reasons access may be denied under the Privacy Act.... 24
1. General exemptions.............................. 25
2. Specific exemptions............................. 25
3. Medical records................................. 26
4. Litigation records.............................. 27
H. Administrative appeal procedures for denial of access. 27
I. Amending records under the Privacy Act................ 28
J. Appeals and requirements for agency responses......... 28
K. Filing for judicial appeal............................ 29
APPENDIXES
Appendix 1.--Sample request and appeal letters................... 31
A. Freedom of Information Act request letter................. 31
B. Freedom of Information Act appeal letter.................. 32
C. Privacy Act request for access letter..................... 33
D. Privacy Act denial of access appeal....................... 34
E. Privacy Act request to amend records...................... 35
F. Privacy Act appeal of refusal to amend records............ 36
Appendix 2.--Bibliography of congressional publications on the 37
Freedom of Information Act.
Appendix 3.--Bibliography of congressional publications on the 41
Privacy Act of 1974.
Appendix 4.--Text of the Freedom of Information Act.............. 44
Appendix 5.--Text of the Privacy Act of 1974..................... 51
(v)
Union Calendar No. 73
104th Congress Report
HOUSE OF REPRESENTATIVES
1st Session 104-156
_______________________________________________________________________
A CITIZEN'S GUIDE ON USING THE FREEDOM OF INFORMATION ACT AND THE
PRIVACY ACT OF 1974 TO REQUEST GOVERNMENT RECORDS
_______
June 22, 1995.--Committed to the Committee of the Whole House on the
State of the Union and ordered to be printed
_______________________________________________________________________
Mr. Clinger, from the Committee on Government Reform and Oversight,
submitted the following
FIRST REPORT
On June 21, 1995, the Committee on Government Reform and
Oversight approved and adopted a report entitled ``A Citizen's
Guide on Using the Freedom of Information Act and the Privacy
Act of 1974 To Request Government Records.'' The chairman was
directed to transmit a copy to the Speaker of the House.
I. Preface
In 1977, the House Committee on Government Operations
issued the first Citizen's Guide on how to request records from
Federal agencies.\1\ The original Guide was reprinted many
times and widely distributed. The Superintendent of Documents
at the Government Printing Office reported that almost 50,000
copies were sold between 1977 and 1986 when the guide went out
of print. In addition, thousands of copies were distributed by
the House Committee on Government Operations, Members of
Congress, the Congressional Research Service, and other Federal
agencies. The original Citizen's Guide is one of the most
widely read congressional committee reports in history.
\1\ A Citizen's Guide on How to Use the Freedom of Information Act
and the Privacy Act in Requesting Government Documents, H. Rept. No.
95-796, 95th Cong., 1st sess. (1977).
---------------------------------------------------------------------------
In 1987, the committee issued a revised Citizen's Guide.\2\
The new edition was prepared to reflect changes to the Freedom
of Information Act made during 1986. As a result of special
efforts by the Superintendent of Documents at the Government
Printing Office, the availability of the new Guide was well
publicized. The 1987 edition appeared on GPO's ``Best Seller''
list in the months following its issuance.
\2\ A Citizen's Guide on Using the Freedom of Information Act and
the Privacy Act of 1974 To Request Government Records, H. Rept. No.
100-199, 100th Cong., 1st sess. (1987).
During the 100th Congress, major amendments were made to
the Privacy Act of 1974. The Computer Matching and Privacy
Protection Act of 1988 \3\ added new provisions to the Privacy
Act and changed several existing requirements. None of the
changes affects citizen's rights to request or see records held
by Federal agencies. However, some of the information in the
1987 Guide became outdated as a result, and a third edition was
issued in 1989.\4\
\3\ Public Law 100-503.
\4\ A Citizen's Guide on Using the Freedom of Information Act and
the Privacy Act of 1974 To Request Government Records, H. Rept. No.
101-193, 101st Cong., 1st sess. (1989).
---------------------------------------------------------------------------
During the 101st Congress, the Privacy Act of 1974 was
amended through further adjustments to the Computer Matching
and Privacy Protection Act of 1988. The changes do not affect
access rights. This fourth edition of the Citizen's Guide
reflected all changes to the FOIA and Privacy Act made through
the end of 1990.\5\ A fifth edition of the Guide, produced in
1993, included an expanded bibliography and editorial
changes.\6\
\5\ A Citizen's Guide on Using the Freedom of Information Act and
the Privacy Act of 1974 To Request Government Records, H. Rept. No.
102-146, 102d Cong., 1st sess. (1991).
\6\ A Citizen's Guide on Using the Freedom of Information Act and
the Privacy Act of 1974 To Request Government Records, H. Rept. No.
103-104, 103d Cong., 1st sess. (1993).
---------------------------------------------------------------------------
This sixth edition contains bibliography additions and
editorial changes and represents the first report issued by the
new Government Reform and Oversight Committee.
II. Introduction
A popular Government without popular information or
the means of acquiring it, is but a Prologue to a Farce
or a Tragedy or perhaps both. Knowledge will forever
govern ignorance, and a people who mean to be their own
Governors, must arm themselves with the power knowledge
gives.--James Madison \7\
\7\ Letter to W.T. Barry, Aug. 4, 1822, in G.P. Hunt, ed., IX The
Writings of James Madison 103 (1910).
The committee wishes to acknowledge the assistance of Harold C.
Relyea, Specialist, American National Government, Government Division,
Congressional Research Service, in the preparation of this report.
The Freedom of Information Act [FOIA] establishes a
presumption that records in the possession of agencies and
departments of the executive branch of the U.S. Government are
accessible to the people. This was not always the approach to
Federal information disclosure policy. Before enactment of the
FOIA in 1966, the burden was on the individual to establish a
right to examine these government records. There were no
statutory guidelines or procedures to help a person seeking
information. There were no judicial remedies for those denied
access.
With the passage of the FOIA, the burden of proof shifted
from the individual to the government. Those seeking
information are no longer required to show a need for
information. Instead, the ``need to know'' standard has been
replaced by a ``right to know'' doctrine. The government now
has to justify the need for secrecy.
The FOIA sets standards for determining which records must
be disclosed and which records may be withheld. The law also
provides administrative and judicial remedies for those denied
access to records. Above all, the statute requires Federal
agencies to provide the fullest possible disclosure of
information to the public.
The Privacy Act of 1974 is a companion to the FOIA. The
Privacy Act regulates Federal Government agency recordkeeping
and disclosure practices. The act allows most individuals to
seek access to Federal agency records about themselves. The act
requires that personal information in agency files be accurate,
complete, relevant, and timely. The subject of a record may
challenge the accuracy of information. The act requires that
agencies obtain information directly from the subject of the
record and that information gathered for one purpose not be
used for another purpose. As with the FOIA, the Privacy Act
provides civil remedies for individuals whose rights may have
been violated.
Another important feature of the Privacy Act is the
requirement that each Federal agency publish a description of
each system of records maintained by the agency that contains
personal information. This prevents agencies from keeping
secret records.
The Privacy Act also restricts the disclosure of personally
identifiable information by Federal agencies. Together with the
FOIA, the Privacy Act permits disclosure of most personal files
to the individual who is the subject of the files. The two laws
restrict disclosure of personal information to others when
disclosure would violate privacy interests.
While both the FOIA and the Privacy Act support the
disclosure of agency records, both laws also recognize the
legitimate need to restrict disclosure of some information. For
example, agencies may withhold information properly classified
in the interest of national defense or foreign policy and
criminal investigatory files. Other specifically defined
categories of information may also be withheld.
The essential feature of both laws is that they make
Federal agencies accountable for information disclosure
policies and practices. While neither law grants an absolute
right to examine government documents, both laws establish the
right to request records and to receive a response to the
request. If a record cannot be released, the requester is
entitled to be told the reason for the denial. The requester
also has a right to appeal the denial and, if necessary, to
challenge it in court.
These procedural rights granted by the FOIA and the Privacy
Act make the laws valuable and workable. As a result, the
disclosure of Federal Government information cannot be
controlled by arbitrary or unreviewable actions.
III. Recommendations
The committee recommends that this Citizen's Guide be made
widely available at low cost to anyone who has an interest in
obtaining documents from the Federal Government. The Government
Printing Office and Federal agencies subject to the Freedom of
Information Act and the Privacy Act of 1974 should distribute
this report widely.
The committee also recommends that this Citizen's Guide be
used by Federal agencies in training programs for government
employees who are responsible for administering the Freedom of
Information Act and the Privacy Act of 1974. The Guide should
also be used by those government employees who only
occasionally work with these two laws.
IV. How To Use This Guide
This report explains how to use the Freedom of Information
Act and the Privacy Act of 1974. It reflects all changes to the
laws made since 1977. Major amendments to the Freedom of
Information Act passed in 1974 and 1986. A major addition to
the Privacy Act of 1974 was enacted in 1988. Minor amendments
to the Privacy Act were made in 1989 and 1990.
This Guide is intended to serve as a general introduction
to the Freedom of Information Act and the Privacy Act.\8\ It
offers neither a comprehensive explanation of the details of
these acts nor an analysis of case law. The Guide will enable
those who are unfamiliar with the laws to understand the
process and to make a request. In addition, the complete text
of each law is included in an appendix.
\8\ This Guide is primarily intended to help the general public. It
includes a complete explanation of the basics of the two laws. In the
interest of producing a guide that would be both simple and useful to
the intended audience, the committee deliberately avoided addressing
some of the issues that are highly controversial. The committee
cautions against treating the neutrally written descriptions contained
in this report as definitive expressions of the committee's views of
the law or congressional intent.
The committee has expressed its views on some of these issues in
other reports. See, for example, Security Classification Policy and
Executive Order 12356, H. Rept. No. 97-731, 97th Cong. 2d sess. (1982);
Who Cares About Privacy? Oversight of the Privacy Act of 1974 by the
Office of Management and Budget and by the Congress, H. Rept. No. 98-
455, 98th Cong., 1st sess. (1983); Electronic Collection and
Dissemination of Information by Federal Agencies: A Policy Overview, H.
Rept. No. 99-560, 99th Cong., 2d sess. (1986); Freedom of Information
Act Amendments of 1986, H. Rept. No. 99-832, 99th Cong., 2d sess.
(1986) (report to accompany H.R. 4862). The latter report is a
legislative report for a bill reforming the business procedures of the
FOIA. The bill did not become law. The 1986 amendments to the FOIA were
made by the Freedom of Information Reform Act of 1986, Public Law 99-
570. There were no committee reports in either House or Senate
accompanying the Freedom of Information Reform Act.
---------------------------------------------------------------------------
Readers should be aware that FOIA litigation is a complex
area of law. There are thousands of court decisions
interpreting the FOIA.\9\ These decisions must be considered in
order to develop a complete understanding of the principles
governing disclosure of government information. Anyone
requiring more details about the FOIA, its history, or the case
law should consult other sources. There has been less
controversy and less litigation over the Privacy Act, but there
is nevertheless a considerable body of case law for the Privacy
Act as well. There are also other sources of information on the
Privacy Act.
\9\ See, e.g., U.S. Department of Justice, Freedom of Information
Case List (published biennially).
---------------------------------------------------------------------------
However, no one should be discouraged from making a request
under either law. No special expertise is required. Using the
Freedom of Information Act and the Privacy Act is as simple as
writing a letter. This Citizen's Guide explains the essentials.
V. Which Act To Use
The access provisions of the FOIA and the Privacy Act
overlap in part. The two laws have different procedures and
different exemptions. As a result, sometimes information exempt
under one law will be disclosable under the other.
In order to take maximum advantage of the laws, an
individual seeking information about himself or herself should
ordinarily cite both laws. Requests by an individual for
information that does not relate solely to himself or herself
should be made only under the FOIA.
Congress intended that the two laws be considered together
in the processing of requests for information. Most government
agencies will automatically handle requests from individuals in
a way that will maximize the amount of information that is
disclosable. However, a requester should still make a request
in a manner that is most advantageous and that fully protects
all available legal rights. A requester who has any doubts
about which law to use should always cite both the FOIA and the
Privacy Act when seeking documents from the Federal Government.
VI. The Freedom of Information Act
A. THE SCOPE OF THE FREEDOM OF INFORMATION ACT
The Federal Freedom of Information Act applies to documents
held by agencies in the executive branch of the Federal
Government. The executive branch includes cabinet departments,
military departments, government corporations, government
controlled corporations, independent regulatory agencies, and
other establishments in the executive branch.
The FOIA does not apply to elected officials of the Federal
Government, including the President,\10\ Vice President,
Senators, and Congressmen.\11\ The FOIA does not apply to the
Federal judiciary. The FOIA does not apply to private
companies; persons who receive Federal contracts or grants;
tax-exempt organizations; or State or local governments.
\10\ The Presidential Records Act of 1978, 44 U.S.C.
Sec. Sec. 2201-2207 (1982), does make the documentary materials of
former Presidents subject to the FOIA in part. Presidential papers and
documents generated after Jan. 20, 1981, will be available--subject to
certain restrictions and delays--under the general framework of the
FOIA.
\11\ Virtually all official records of the Congress are available
to the public. The Congressional Record, all bills introduced in the
House and the Senate, and all committee reports (except for those
containing classified information) are printed and disseminated. Most
committee hearings are also printed and available. Copies of most
congressional publications are available at Federal depository
libraries throughout the country. Historical records of the Congress
are made available in accordance with procedures established by House
and Senate rules.
In addition, almost all activities of the Congress take place in
public. The sessions of the House and Senate are normally open to the
public and televised. Most committee hearings and markups are open to
the public, and some are televised.
---------------------------------------------------------------------------
All States and some localities have passed laws like the
FOIA that allow people to request access to records. In
addition, there are other Federal and State laws that may
permit access to documents held by organizations not covered by
the Federal FOIA.\12\
\12\ See, e.g., the Federal Fair Credit Reporting Act, 15 U.S.C.
Sec. 1681 et seq. (1982) (providing for access to files of credit
bureaus), the Federal Family Educational Rights and Privacy Act of
1974, 20 U.S.C. Sec. 1232g (1982) (providing for access to records
maintained by schools and colleges). Some States have enacted laws
allowing individuals to have access to personnel records maintained by
employers. See, e.g., Michigan Compiled Laws Annotated Sec. 423.501
---------------------------------------------------------------------------
B. WHAT RECORDS CAN BE REQUESTED UNDER THE FOIA?
The FOIA requires agencies to publish or make available for
public inspection several types of information. This includes:
(1) descriptions of agency organization and office addresses;
(2) statements of the general course and method of agency
operation; (3) rules of procedure and descriptions of forms;
(4) substantive rules of general applicability and general
policy statements; (5) final opinions made in the adjudication
of cases; and (6) administrative staff manuals that affect the
public. This information must either be published in the
Federal Register or made available for inspection and copying
without the formality of an FOIA request.
All other ``records'' of a Federal agency may be requested
under the FOIA. However, the FOIA does not define ``record.''
Any item containing information that is in the possession and
control of an agency is usually considered to be an agency
record under the FOIA. Personal notes of agency employees may
not be agency records. A document that is not a ``record'' will
not be available under the FOIA.
The form in which a record is maintained by an agency does
not affect its availability. A request may seek a printed or
typed document, tape recording, map, photograph, computer
printout, computer tape or disk, or a similar item.
Of course, not all records that can be requested must be
disclosed. Information that is exempt from disclosure is
described below in the section entitled ``Reasons Access May Be
Denied Under the FOIA.''
The FOIA carefully provides that a requester may ask for
records rather than information. This means that an agency is
only required to look for an existing record or document in
response to an FOIA request. An agency is not obliged to create
a new record to comply with a request. An agency is not
required to collect information it does not have. Nor must an
agency do research or analyze data for a requester.\13\
\13\ When records are maintained in a computer, an agency is
required to retrieve information in response to an FOIA request. The
process of retrieving the information may result in the creation of a
new document when the data is printed out on paper or written on
computer tape or disk. Since this may be the only way computerized data
can be disclosed, agencies are required to provide the data even if it
means a new document must be created.
---------------------------------------------------------------------------
Requesters must ask for existing records. Requests may have
to be carefully written in order to obtain the desired
information. Sometimes, an agency will help a requester
identify a specific document that contains the information
being sought. Other times, a requester may need to be creative
when writing an FOIA request in order to identify an existing
document or set of documents containing the desired
information.
There is a second general limitation on FOIA requests. The
law requires that each request must reasonably describe the
records being sought. This means that a request must be
specific enough to permit a professional employee of the agency
who is familiar with the subject matter to locate the record in
a reasonable period of time.
Because agencies organize and index records in different
ways, one agency may consider a request to be reasonably
descriptive while another agency may reject a similar request
as too vague. For example, the Federal Bureau of Investigation
has a central index for its primary record system. As a result,
the FBI is able to search for records about a specific person.
However, agencies that do not maintain a central name index may
be unable to conduct the same type of search. These agencies
may reject a similar request because the request does not
describe records that can be identified.
Requesters should make requests as specific as possible. If
a particular document is required, it should be identified
precisely, preferably by date and title. However, a request
does not always have to be that specific. A requester who
cannot identify a specific record should clearly explain his or
her needs. A requester should make sure, however, that a
request is broad enough to include all desired information.
For example, assume that a requester wants to obtain a list
of toxic waste sites near his home. A request to the
Environmental Protection Agency for all records on toxic waste
would cover many more records than are needed. The fees for
such a request might be very high, and it is possible that the
request might be rejected as too vague.
A request for all toxic waste sites within 3 miles of a
particular address is very specific. But it is unlikely that
EPA would have an existing record containing data organized in
that fashion. As a result, the request might be denied because
there is no existing record containing the information.
The requester might do better to ask for a list of toxic
waste sites in his city, county, or State. It is more likely
that existing records might contain this information. The
requester might also want to tell the agency in the request
letter exactly what information is desired. This additional
explanation may help the agency to find a record that meets the
request.
Many people include their telephone number with their
requests. Some questions about the scope of a request can be
resolved quickly when an agency employee and the requester
talk. This is an efficient way to resolve questions that arise
during the processing of FOIA requests.
It is to everyone's advantage if requests are as precise
and as narrow as possible. The requester benefits because the
request can be processed faster and cheaper. The agency
benefits because it can do a better job of responding to the
request. The agency will also be able to use its resources to
respond to more requests. The FOIA works best when both the
requester and the agency act cooperatively.
C. MAKING AN FOIA REQUEST
The first step in making a request under the FOIA is to
identify the agency that has the records. An FOIA request must
be addressed to a specific agency. There is no central
government records office that services FOIA requests.
Often, a requester knows beforehand which agency has the
desired records. If not, a requester can consult a government
directory such as the United States Government Manual.\14\ This
manual has a complete list of all Federal agencies, a
description of agency functions, and the address of each
agency. A requester who is uncertain about which agency has the
records that are needed can make FOIA requests at more than one
agency.
\14\ The United States Government Manual is sold by the
Superintendent of Documents of the U.S. Government Printing Office.
Virtually every public library should have a copy on its shelves.
---------------------------------------------------------------------------
Agencies require that FOIA requests be in writing. Letters
requesting records under the FOIA can be short and simple. No
one needs a lawyer to make an FOIA request. Appendix 1 of this
Guide contains a sample request letter.
The request letter should be addressed to the agency's FOIA
officer or to the head of the agency. The envelope containing
the written request should be marked ``Freedom of Information
Act Request'' in the bottom left-hand corner.\15\
\15\ All agencies have issued FOIA regulations that describe the
request process in greater detail. For example, large agencies may have
several components each of which has its own FOIA rules. A requester
who can find agency FOIA regulations in the Code of Federal Regulations
(available in many libraries) might find it useful to check these
regulations before making a request. A requester who follows the
agency's specific procedures may receive a faster response. However,
the simple procedures suggested in this guide will be adequate to meet
the minimum requirements for an FOIA request.
---------------------------------------------------------------------------
There are three basic elements to an FOIA request letter.
First, the letter should state that the request is being made
under the Freedom of Information Act. Second, the request
should identify the records that are being sought as
specifically as possible. Third, the name and address of the
requester must be included.
Under the 1986 amendments to the FOIA, fees chargeable vary
with the status or purpose of the requester. As a result, a
requester may have to provide additional information to permit
the agency to determine the appropriate fees. Different fees
can be charged to commercial users, representatives of the news
media, educational or noncommercial scientific institutions,
and individuals. The next section explains the fee structure in
more detail.
There are several optional items that are often included in
an FOIA request. The first is the telephone number of the
requester. This permits an agency employee processing a request
to speak with the requester if necessary.
A second optional item is a limitation on the fees that the
requester is willing to pay. It is common for a requester to
ask to be notified in advance if the charges will exceed a
fixed amount. This allows the requester to modify or withdraw a
request if the cost may be too high. Also, by stating a
willingness to pay a set amount of fees in the original request
letter, a requester may avoid the necessity of additional
correspondence and delay.
A third optional item sometimes included in an FOIA request
is a request for a waiver or reduction of fees. The 1986
amendments to the FOIA changed the rules for fee waivers. Fees
must be waived or reduced if disclosure of the information is
in the public interest because it is likely to contribute
significantly to public understanding of the operations or
activities of the government and is not primarily in the
commercial interest of the requester. Decisions about granting
fee waivers are separate from and different than decisions
about the amount of fees that can be charged to a requester.
A requester should keep a copy of the request letter and
related correspondence until the request has been finally
resolved.
D. FEES AND FEE WAIVERS
FOIA requesters may have to pay fees covering some or all
of the costs of processing their requests. As amended in 1986,
the law establishes three types of fees that may be charged.
The 1986 law makes the process of determining the applicable
fees more complicated. However, the 1986 rules reduce or
eliminate entirely the cost for small, noncommercial requests.
First, fees can be imposed to recover the cost of copying
documents. All agencies have a fixed price for making copies
using copying machines. A requester is usually charged the
actual cost of copying computer tapes, photographs, and other
nonstandard documents.
Second, fees can also be imposed to recover the costs of
searching for documents. This includes the time spent looking
for material responsive to a request. A requester can minimize
search charges by making clear, narrow requests for
identifiable documents whenever possible.
Third, fees can be charged to recover review costs. Review
is the process of examining documents to determine whether any
portion is exempt from disclosure. Before the 1986 amendments
took effect, no review costs were charged to any requester.
Effective on April 25, 1987, review costs may be charged to
commercial requesters only. Review charges only include costs
incurred during the initial examination of a document. An
agency may not charge for any costs incurred in resolving
issues of law or policy that may arise while processing a
request.
Different fees apply to different requesters. There are
three categories of FOIA requesters. The first includes
representatives of the news media, and educational or
noncommercial scientific institutions whose purpose is
scholarly or scientific research. A requester in this category
who is not seeking records for commercial use can only be
billed for reasonable standard document duplication charges. A
request for information from a representative of the news media
is not considered to be for commercial use if the request is in
support of a news gathering or dissemination function.
The second category includes FOIA requesters seeking
records for commercial use. Commercial use is not defined in
the law, but it generally includes profit making activities. A
commercial user can be charged reasonable standard charges for
document duplication, search, and review.
The third category of FOIA requesters includes everyone not
in the first two categories. People seeking information for
personal use, public interest groups, and nonprofit
organizations are examples of requesters who fall into the
third group. Charges for these requesters are limited to
reasonable standard charges for document duplication and
search. Review costs may not be charged. The 1986 amendments
did not change the fees charged to these requesters.
Small requests are free for a requester in the first and
third categories. This includes all requesters except
commercial users. There is no charge for the first 2 hours of
search time and for the first 100 pages of documents. A
noncommercial requester who limits a request to a small number
of easily found records will not pay any fees at all.
In addition, the law also prevents agencies from charging
fees if the cost of collecting the fee would exceed the amount
collected. This limitation applies to all requests, including
those seeking documents for commercial use. Thus, if the
allowable charges for any FOIA request are small, no fees are
imposed.
Each agency sets charges for duplication, search, and
review based on its own costs. The amount of these charges is
listed in agency FOIA regulations. Each agency also sets its
own threshold for minimum charges.
The 1986 FOIA amendments also changed the law on fee
waivers. Fees now must be waived or reduced if disclosure of
the information is in the public interest because it is likely
to contribute significantly to public understanding of the
operations or activities of the government and is not primarily
in the commercial interest of the requester.
The 1986 amendments on fees and fee waivers have created
some confusion. Determinations about fees are separate and
distinct from determinations about fee waivers. For example, a
requester who can demonstrate that he or she is a news reporter
may only be charged duplication fees. But a requester found to
be a reporter is not automatically entitled to a waiver of
those fees. A reporter who seeks a waiver must demonstrate that
the request also meets the standards for waivers.
Normally, only after a requester has been categorized to
determine the applicable fees does the issue of a fee waiver
arise. A requester who seeks a fee waiver should ask for a
waiver in the original request letter. However, a request for a
waiver can be made at a later time. The requester should
describe how disclosure will contribute to public understanding
of the operations or activities of the government. The sample
request letter in the appendix includes optional language
asking for a fee waiver.
Any requester may ask for a fee waiver. Some will find it
easier to qualify than others. A news reporter who is only
charged duplication costs may still ask that the charges be
waived because of the public benefits that will result from
disclosure. A representative of the news media, a scholar, or a
public interest group are more likely to qualify for a waiver
of fees. A commercial user may find it difficult to qualify for
waivers.
The eligibility of other requesters will vary. A key
element in qualifying for a fee waiver is the relationship of
the information to public understanding of the operations or
activities of government. Another important factor is the
ability of the requester to convey that information to other
interested members of the public. A requester is not eligible
for a fee waiver solely because of indigence.
E. REQUIREMENTS FOR AGENCY RESPONSES
Each agency is required to determine within 10 days
(excluding Saturdays, Sundays, and legal holidays) after the
receipt of a request whether to comply with the request. The
actual disclosure of documents is required to follow promptly
thereafter. If a request is denied in whole or in part, the
agency must tell the requester the reasons for the denial. The
agency must also tell the requester that there is a right to
appeal any adverse determination to the head of the agency or
his or her designee.
The FOIA permits an agency to extend the time limits up to
10 days in unusual circumstances. These circumstances include
the need to collect records from remote locations, review large
numbers of records, and consult with other agencies. The agency
is supposed to notify the requester whenever an extension is
invoked.\16\
\16\ Agencies that take more than 10 days to respond to a request
do not always notify each requester that an extension has been invoked.
---------------------------------------------------------------------------
The statutory time limits for responses are not always met.
An agency sometimes receives an unexpectedly large number of
FOIA requests at one time and is unable to meet the deadlines.
Some agencies assign inadequate resources to FOIA offices. The
Congress does not condone the failure of any agency to meet the
law's time limits. However, as a practical matter, there is
little that a requester can do about it. The courts have been
reluctant to provide relief solely because the FOIA's time
limits have not been met.
The best advice to requesters is to be patient. The law
allows a requester to consider that his or her request has been
denied if it has not been decided within the time limits. This
permits the requester to file an administrative appeal or file
a lawsuit in Federal District Court. However, this is not
always the best course of action. The filing of an
administrative or judicial appeal will not necessarily result
in any faster processing of the request.
Each agency generally processes requests in the order of
receipt. Some agencies will expedite the processing of urgent
requests. Anyone with a pressing need for records should
consult with the agency FOIA officer about how to ask for
expedited treatment of requests.
F. REASONS ACCESS MAY BE DENIED UNDER THE FOIA
An agency may refuse to disclose an agency record that
falls within any of the FOIA's nine statutory exemptions. The
exemptions protect against the disclosure of information that
would harm national defense or foreign policy, privacy of
individuals, proprietary interests of business, functioning of
the government, and other important interests. A document that
does not qualify as an ``agency record'' may be denied because
only agency records are available under the FOIA. Personal
notes of agency employees may be denied on this basis. However,
most records in the possession of an agency are ``agency
records'' within the meaning of the FOIA.
An agency may withhold exempt information, but it is not
always required to do so. For example, an agency may disclose
an exempt internal memorandum because no harm would result from
its disclosure. However, an agency should not disclose an
exempt document that is classified or that contains a trade
secret.
When a record contains some information that qualifies as
exempt, the entire record is not necessarily exempt. Instead,
the FOIA specifically provides that any reasonably segregable
portions of a record must be provided to a requester after the
deletion of the portions that are exempt. This is a very
important requirement because it prevents an agency from
withholding an entire document simply because one line or one
page is exempt.
1. Exemption 1.--Classified Documents
The first FOIA exemption permits the withholding of
properly classified documents. Information may be classified in
the interest of national defense or foreign policy.
The rules for classification are established by the
President and not the FOIA or other law. The FOIA provides
that, if a document has been properly classified under a
Presidential Executive order, the document can be withheld from
disclosure.
Classified documents may be requested under the FOIA. An
agency can review the document to determine if it still
requires protection. In addition, the Executive order on
security classification establishes a special procedure for
requesting the declassification of documents.\17\ If a
requested document is declassified, it can be released in
response to an FOIA request. However, a document that is
declassified may still be exempt under other FOIA exemptions.
\17\ At the time that this guide was prepared, the current
Executive order on security classification was Executive Order 12958,
which was promulgated by President Clinton on Apr. 17, 1995. The text
of the order can be found at 60 Federal Register 19825-43 (Apr. 20,
1995). The rules for mandatory review for declassification are in sec.
3.6 of the Executive order.
---------------------------------------------------------------------------
2. Exemption 2.--Internal Personnel Rules and Practices
The second FOIA exemption covers matters that are related
solely to an agency's internal personnel rules and practices.
As interpreted by the courts, there are two separate classes of
documents that are generally held to fall within exemption 2.
First, information relating to personnel rules or internal
agency practices is exempt if it is trivial administrative
matter of no genuine public interest. A rule governing lunch
hours for agency employees is an example.
Second, an internal administrative manual can be exempt if
disclosure would risk circumvention of law or agency
regulations. In order to fall into this category, the material
will normally have to regulate internal agency conduct rather
than public behavior.
3. Exemption 3.--Information Exempt Under Other Laws
The third exemption incorporates into the FOIA other laws
that restrict the availability of information. To qualify under
this exemption, a statute must require that matters be withheld
from the public in such a manner as to leave no discretion to
the agency. Alternatively, the statute must establish
particular criteria for withholding or refer to particular
types of matters to be withheld.
One example of a qualifying statute is the provision of the
Tax Code prohibiting the public disclosure of tax returns and
tax return information.\18\ Another qualifying exemption 3
statute is the law designating identifiable census data as
confidential.\19\ Whether a particular statute qualifies under
exemption 3 can be a difficult legal question.
\18\ 26 U.S.C. Sec. 6103 (1988).
\19\ 13 U.S.C. Sec. 9 (1988).
---------------------------------------------------------------------------
4. Exemption 4.--Confidential Business Information
The fourth exemption protects from public disclosure two
types of information: Trade secrets and confidential business
information. A trade secret is a commercially valuable plan,
formula, process, or device. This is a narrow category of
information. An example of a trade secret is the recipe for a
commercial food product.
The second type of protected data is commercial or
financial information obtained from a person and privileged or
confidential. The courts have held that data qualifies for
withholding if disclosure by the government would be likely to
harm the competitive position of the person who submitted the
information. Detailed information on a company's marketing
plans, profits, or costs can qualify as confidential business
information. Information may also be withheld if disclosure
would be likely to impair the government's ability to obtain
similar information in the future.
Only information obtained from a person other than a
government agency qualifies under the fourth exemption. A
person is an individual, a partnership, or a corporation.
Information that an agency created on its own cannot normally
be withheld under exemption four.
Although there is no formal requirement under the FOIA,
many agencies will notify a submitter of business information
that disclosure of the information is being considered.\20\ The
submitter then has an opportunity to convince the agency that
the information qualifies for withholding. A submitter can also
file suit to block disclosure under the FOIA. Such lawsuits are
generally referred to as ``reverse'' FOIA lawsuits because the
FOIA is being used in an attempt to prevent rather than to
require the disclosure of information. A reverse FOIA lawsuit
may be filed when the submitter of documents and the government
disagree whether the information is exempt.
\20\ See Predisclosure Notification Procedures for Confidential
Commercial Information, Executive Order 12600, 3 C.F.R. 235 (1988).
---------------------------------------------------------------------------
5. Exemption 5.--Internal Government Communications
The FOIA's fifth exemption applies to internal government
documents. An example is a letter from one government
department to another about a joint decision that has not yet
been made. Another example is a memorandum from an agency
employee to his supervisor describing options for conducting
the agency's business.
The purpose of the fifth exemption is to safeguard the
deliberative policymaking process of government. The exemption
encourages frank discussion of policy matters between agency
officials by allowing supporting documents to be withheld from
public disclosure. The exemption also protects against
premature disclosure of policies before final adoption.
While the policy behind the fifth exemption is well
accepted, the application of the exemption is complicated. The
fifth exemption may be the most difficult FOIA exemption to
understand and apply. For example, the exemption protects the
policymaking process, but it does not protect purely factual
information related to the policy process. Factual information
must be disclosed unless it is inextricably intertwined with
protected information about an agency decision.
Protection for the decisionmaking process is appropriate
only for the period while decisions are being made. Thus, the
fifth exemption has been held to distinguish between documents
that are pre-decisional and therefore may be protected, and
those which are post-decisional and therefore not subject to
protection. Once a policy is adopted, the public has a greater
interest in knowing the basis for the decision.
The exemption also incorporates some of the privileges that
apply in litigation involving the government. For example,
papers prepared by the government's lawyers can be withheld in
the same way that papers prepared by private lawyers for
clients are not available through discovery in civil
litigation.
6. Exemption 6.--Personal Privacy
The sixth exemption covers personnel, medical, and similar
files the disclosure of which would constitute a clearly
unwarranted invasion of personal privacy. This exemption
protects the privacy interests of individuals by allowing an
agency to withhold personal data kept in government files. Only
individuals have privacy interests. Corporations and other
legal persons have no privacy rights under the sixth exemption.
The exemption requires agencies to strike a balance between
an individual's privacy interest and the public's right to
know. However, since only a clearly unwarranted invasion of
privacy is a basis for withholding, there is a perceptible tilt
in favor of disclosure in the exemption. Nevertheless, the
sixth exemption makes it harder to obtain information about
another individual without the consent of that individual.
The Privacy Act of 1974 also regulates the disclosure of
personal information about an individual. The FOIA and the
Privacy Act overlap in part, but there is no inconsistency. An
individual seeking records about himself or herself should cite
both laws when making a request. This ensures that the maximum
amount of disclosable information will be released. Records
that can be denied to an individual under the Privacy Act are
not necessarily exempt under the FOIA.
7. Exemption 7.--Law Enforcement
The seventh exemption allows agencies to withhold law
enforcement records in order to protect the law enforcement
process from interference. The exemption was amended slightly
in 1986, but it still retains six specific subexemptions.
Exemption (7)(A) allows the withholding of a law
enforcement record that could reasonably be expected to
interfere with enforcement proceedings. This exemption protects
an active law enforcement investigation from interference
through premature disclosure.
Exemption (7)(B) allows the withholding of information that
would deprive a person of a right to a fair trial or an
impartial adjudication. This exemption is rarely used.
Exemption (7)(C) recognizes that individuals have a privacy
interest in information maintained in law enforcement files. If
the disclosure of information could reasonably be expected to
constitute an unwarranted invasion of personal privacy, the
information is exempt from disclosure. The standards for
privacy protection in exemption 6 and exemption (7)(C) differ
slightly. Exemption (7)(C) protects against an unwarranted
invasion of personal privacy while exemption 6 protects against
clearly a unwarranted invasion. Also, exemption (7)(C) allows
the withholding of information that ``could reasonably be
expected to'' invade someone's privacy. Under exemption 6,
information can be withheld only if disclosure ``would'' invade
someone's privacy.
Exemption (7)(D) protects the identity of confidential
sources. Information that could reasonably be expected to
reveal the identity of a confidential source is exempt. A
confidential source can include a State, local, or foreign
agency or authority, or a private institution that furnished
information on a confidential basis. In addition, the exemption
protects information furnished by a confidential source if the
data was compiled by a criminal law enforcement authority
during a criminal investigation or by an agency conducting a
lawful national security intelligence investigation.
Exemption (7)(E) protects from disclosure information that
would reveal techniques and procedures for law enforcement
investigations or prosecutions or that would disclose
guidelines for law enforcement investigations or prosecutions
if disclosure of the information could reasonably be expected
to risk circumvention of the law.
Exemption (7)(F) protects law enforcement information that
could reasonably be expected to endanger the life or physical
safety of any individual.
8. Exemption 8.--Financial Institutions
The eighth exemption protects information that is contained
in or related to examination, operating, or condition reports
prepared by or for a bank supervisory agency such as the
Federal Deposit Insurance Corporation, the Federal Reserve, or
similar agencies.
9. Exemption 9.--Geological Information
The ninth FOIA exemption covers geological and geophysical
information, data, and maps about wells. This exemption is
rarely used.
G. FOIA EXCLUSIONS
The 1986 amendments to the FOIA gave limited authority to
agencies to respond to a request without confirming the
existence of the requested records. Ordinarily, any proper
request must receive an answer stating whether there is any
responsive information, even if the requested information is
exempt from disclosure.
In some narrow circumstances, acknowledgement of the
existence of a record can produce consequences similar to those
resulting from disclosure of the record itself. In order to
avoid this type of problem, the 1986 amendments established
three ``record exclusions.''
The exclusions allow an agency to treat certain exempt
records as if the records were not subject to the FOIA. An
agency is not required to confirm the existence of three
specific categories of records. If these records are requested,
the agency may respond that there are no disclosable records
responsive to the request. However, these exclusions do not
broaden the authority of any agency to withhold documents from
the public. The exclusions are only applicable to information
that is otherwise exempt from disclosure.
The first exclusion may be used when a request seeks
information that is exempt because disclosure could reasonably
be expected to interfere with a current law enforcement
investigation (exemption (7)(A)). There are three specific
prerequisites for the application of this exclusion. First, the
investigation in question must involve a possible violation of
criminal law. Second, there must be reason to believe that the
subject of the investigation is not already aware that the
investigation is underway. Third, disclosure of the existence
of the records--as distinguished from the contents of the
records--could reasonably be expected to interfere with
enforcement proceedings.
When all of these conditions exist, an agency may respond
to an FOIA request for investigatory records as if the records
are not subject to the requirements of the FOIA. In other
words, the agency's response does not have to reveal that it is
conducting an investigation.
The second exclusion applies to informant records
maintained by a criminal law enforcement agency under the
informant's name or personal identifier. The agency is not
required to confirm the existence of these records unless the
informant's status has been officially confirmed. This
exclusion helps agencies to protect the identity of
confidential informants. Information that might identify
informants has always been exempt under the FOIA.
The third exclusion only applies to records maintained by
the Federal Bureau of Investigation which pertain to foreign
intelligence, counterintelligence, or international terrorism.
When the existence of these types of records is classified, the
FBI may treat the records as not subject to the requirements of
FOIA.
This exclusion does not apply to all classified records on
the specific subjects. It only applies when the records are
classified and when the existence of the records is also
classified. Since the underlying records must be classified
before the exclusion is relevant, agencies have no new
substantive withholding authority.
In enacting these exclusions, congressional sponsors stated
that it was their intent that agencies must inform FOIA
requesters that these exclusions are available for agency use.
Requesters who believe that records were improperly withheld
because of the exclusions can seek judicial review.
H. ADMINISTRATIVE APPEAL PROCEDURES
Whenever an FOIA request is denied, the agency must inform
the requester of the reasons for the denial and the requester's
right to appeal the denial to the head of the agency. A
requester may appeal the denial of a request for a document or
for a fee waiver. A requester may contest the type or amount of
fees that were charged. A requester may appeal any other type
of adverse determination, including a rejection of a request
for failure to describe adequately the documents being
requested or a response indicating that no requested records
were located. A requester can also appeal because the agency
failed to conduct an adequate search for the documents that
were requested.
A person whose request was granted in part and denied in
part may appeal the part that was denied. If an agency has
agreed to disclose some but not all requested documents, the
filing of an appeal does not affect the release of the
documents that are disclosable. There is no risk to the
requester in filing an appeal.
The appeal to the head of the agency is a simple
administrative appeal. A lawyer can be helpful, but no one
needs a lawyer to file an appeal. Anyone who can write a letter
can file an appeal. Appeals to the head of the agency often
result in the disclosure of some records that had been
withheld. A requester who is not convinced that the agency's
initial decision is correct should appeal. There is no charge
for filing an administrative appeal.
An appeal is filed by sending a letter to the head of the
agency. The letter must identify the FOIA request that is being
appealed. The envelope containing the letter of appeal should
be marked in the lower left hand corner with the words
``Freedom of Information Act Appeal.'' \21\
\21\ Agency FOIA regulations will ordinarily describe the appeal
procedures and requirements with more specificity. At most agencies,
decisions on FOIA appeals have been delegated to other agency
officials. Requesters who have an opportunity to review agency
regulations in the Code of Federal Regulations (available in many
libraries) may be able to speed up the processing of the appeal.
However, following the simple procedures described in this Guide will
be sufficient to maintain a proper appeal.
---------------------------------------------------------------------------
Many agencies assign a number to all FOIA requests that are
received. The number should be included in the appeal letter,
along with the name and address of the requester. It is a
common practice to include a copy of the agency's initial
decision letter as part of the appeal, but this is not
ordinarily required. It can also be helpful for the requester
to include a telephone number in the appeal letter.
An appeal will normally include the requester's arguments
supporting disclosure of the documents. A requester may include
any facts or any arguments supporting the case for reversing
the initial decision. However, an appeal letter does not have
to contain any arguments at all. It is sufficient to state that
the agency's initial decision is being appealed. Appendix 1
includes a sample appeal letter.
The FOIA does not set a time limit for filing an
administrative appeal of an FOIA denial. However, it is good
practice to file an appeal promptly. Some agency regulations
establish a time limit for filing an administrative appeal. A
requester whose appeal is rejected by an agency because it is
too late may refile the original FOIA request and start the
process again.
A requester who delays filing an appeal runs the risk that
the documents could be destroyed. However, as long as an agency
is considering a request or an appeal, the agency must preserve
the documents.
An agency is required to make a decision on an appeal
within 20 days (excluding Saturdays, Sundays, and legal
holidays). It is possible for an agency to extend the time
limits by an additional 10 days. Once the time period has
elapsed, a requester may consider that the appeal has been
denied and may proceed with a judicial appeal. However, unless
there is an urgent need for records, this may not be the best
course of action. The courts are not sympathetic to appeals
based solely on an agency's failure to comply with the FOIA's
time limits.
I. FILING A JUDICIAL APPEAL
When an administrative appeal is denied, a requester has
the right to appeal the denial in court. An FOIA appeal can be
filed in the U.S. District Court in the district where the
requester lives. The requester can also file suit in the
district where the documents are located or in the District of
Columbia. When a requester goes to court, the burden of
justifying the withholding of documents is on the government.
This is a distinct advantage for the requester.
Requesters are sometimes successful when they go to court,
but the results vary considerably. Some requesters who file
judicial appeals find that an agency will disclose some
documents previously withheld rather than fight about
disclosure in court. This does not always happen, and there is
no guarantee that the filing of a judicial appeal will result
in any additional disclosure.
Most requesters require the assistance of an attorney to
file a judicial appeal. A person who files a lawsuit and
substantially prevails may be awarded reasonable attorney fees
and litigation costs reasonably incurred. Some requesters may
be able to handle their own case without an attorney. Since
this is not a litigation guide, details of the judicial appeal
process have not been included. Anyone considering filing an
FOIA lawsuit can begin by reading the provisions of the FOIA on
judicial review.\22\
\22\ More information on judicial review under the FOIA and Privacy
Act can be found in Adler, Litigation Under the Federal Open Government
Laws (American Civil Liberties Union Foundation) (last published in
1994).
---------------------------------------------------------------------------
VII. The Privacy Act of 1974
A. THE SCOPE OF THE PRIVACY ACT OF 1974
The Privacy Act of 1974 provides safeguards against an
invasion of privacy through the misuse of records by Federal
agencies. In general, the act allows a citizen to learn how
records are collected, maintained, used, and disseminated by
the Federal Government. The act also permits an individual to
gain access to most personal information maintained by Federal
agencies and to seek amendment of any inaccurate, incomplete,
untimely, or irrelevant information.
The Privacy Act applies to personal information maintained
by agencies in the executive branch of the Federal Government.
The executive branch includes cabinet departments, military
departments, government corporations, government controlled
corporations, independent regulatory agencies, and other
establishments in the executive branch. Agencies subject to the
Freedom of Information Act [FOIA] are also subject to the
Privacy Act. The Privacy Act does not generally apply to
records maintained by State and local governments or private
companies or organizations.\23\
\23\ The Privacy Act applies to some records that are not
maintained by an agency. Subsection (m) of the act provides that, when
an agency provides by contract for the operation of a system of records
on its behalf, the requirements of the Privacy Act apply to those
records. As a result, some records maintained outside of a Federal
agency are subject to the Privacy Act. Descriptions of these systems
are published in the Federal Register. However, most records maintained
outside of Federal agencies are not subject to the Privacy Act.
---------------------------------------------------------------------------
The Privacy Act only grants rights to U.S. citizens and to
aliens lawfully admitted for permanent residence. As a result,
a nonresident foreign national cannot use the act's provisions.
However, a nonresident foreign national may use the FOIA to
request records about himself or herself.
In general, the only records subject to the Privacy Act are
records that are maintained in a system of records. The idea of
a ``system of records'' is unique to the Privacy Act and
requires explanation.
The act defines a ``record'' to include most personal
information maintained by an agency about an individual. A
record contains individually identifiable information,
including but not limited to information about education,
financial transactions, medical history, criminal history, or
employment history. A ``system of records'' is a group of
records from which information is actually retrieved by name,
social security number, or other identifying symbol assigned to
an individual.
Some personal information is not kept in a system of
records. This information is not subject to the provisions of
the Privacy Act, although access may be requested under the
FOIA. Most personal information in government files is subject
to the Privacy Act.
The Privacy Act also establishes general records management
requirements for Federal agencies. In summary, there are five
basic requirements that are most relevant to individuals.
First, each agency must establish procedures allowing
individuals to see and copy records about themselves. An
individual may also seek to amend any information that is not
accurate, relevant, timely, or complete. The rights to inspect
and to correct records are the most important provisions of the
Privacy Act. This guide explains in more detail how an
individual can exercise these rights.
Second, each agency must publish notices describing all
systems of records. The notices include a complete description
of personal data recordkeeping policies, practices, and
systems. This requirement prevents the maintenance of secret
record systems.
Third, each agency must make reasonable efforts to maintain
accurate, relevant, timely, and complete records about
individuals. Agencies are prohibited from maintaining
information about how individuals exercise rights guaranteed by
the First Amendment to the U.S. Constitution unless maintenance
of the information is specifically authorized by statute or by
the individual or relates to an authorized law enforcement
activity.
Fourth, the act establishes rules governing the use and
disclosure of personal information. The act specifies that
information collected for one purpose may not be used for
another purpose without notice to or the consent of the subject
of the record. The act also requires that each agency keep a
record of some disclosures of personal information.
Fifth, the act provides legal remedies that permit an
individual to seek enforcement of the rights granted under the
act. In addition, Federal employees who fail to comply with the
act's provisions may be subjected to criminal penalties.
B. THE COMPUTER MATCHING AND PRIVACY PROTECTION ACT
The Computer Matching and Privacy Protection Act of 1988
(Public Law 100-503) amended the Privacy Act by adding new
provisions regulating the use of computer matching. Records
used during the conduct of a matching program are subject to an
additional set of requirements.
Computer matching is the computerized comparison of
information about individuals for the purpose of determining
eligibility for Federal benefit programs. A matching program
can be subject to the requirements of the Computer Matching Act
if records from a Privacy Act system of records are used during
the program. If Federal Privacy Act records are matched against
State or local records, then the State or local matching
program can be subject to the new matching requirements.
In general, matching programs involving Federal records
must be conducted under a matching agreement between the source
and recipient agencies. The matching agreement describes the
purpose and procedures of the matching and establishes
protections for matching records. The agreement is subject to
review and approval by a Data Integrity Board. Each Federal
agency involved in a matching activity must establish a Data
Integrity Board.
For an individual seeking access to or correction of
records, the computer matching legislation provides no special
access rights. If matching records are Federal records, then
the access and correction provisions of the Privacy Act apply.
There is no general right of access or correction for matching
records of State and local agencies. It is possible that rights
are available under State or local laws. There is, however, a
requirement that an individual be notified of agency findings
prior to the taking of any adverse action as a result of a
computer matching program. An individual must also be given an
opportunity to contest such findings. The notice and
opportunity-to-contest provisions apply to matching records
whether the matching was done by the Federal Government or by a
State or local government. Section 7201 of Public Law 101-508
modified the due process notice requirement to permit the use
of statutory or regulatory notice periods.
The matching provisions also require that any agency--
Federal or non-Federal--involved in computer matching must
independently verify information used to take adverse action
against an individual. This requirement was included in order
to protect individuals from arbitrary or unjustified denials of
benefits. Independent verification includes independent
investigation and confirmation of information. Public Law 101-
508 also modified the independent verification requirement in
circumstances in which it was unnecessary.
Most of the provisions of the Computer Matching and Privacy
Protection Act of 1988 were originally scheduled to become
effective in July 1989. Public Law 101-56 delayed the effective
date for most matching programs until January 1, 1990.
C. LOCATING RECORDS
There is no central index of Federal Government records
about individuals. An individual who wants to inspect records
about himself or herself must first identify which agency has
the records. Often, this will not be difficult. For example, an
individual who was employed by the Federal Government knows
that the employing agency or the Office of Personnel Management
maintains personnel files.
Similarly, an individual who receives veterans' benefits
will normally find relevant records at the Department of
Veterans Affairs or at the Defense Department. Tax records are
maintained by the Internal Revenue Service, social security
records by the Social Security Administration, passport records
by the State Department, etc.
For those who are uncertain about which agency has the
records that are needed, there are several sources of
information. First, an individual can ask an agency that might
maintain the records. If that agency does not have the records,
it may be able to identify the proper agency.
Second, a government directory such as the United States
Government Manual \24\ contains a complete list of all Federal
agencies, a description of agency functions, and the address of
the agency and its field offices. An agency responsible for
operating a program normally maintains the records related to
that program.
\24\ The United States Government Manual is sold by the
Superintendent of Documents of the U.S. Government Printing Office.
Virtually every public library should have a copy.
---------------------------------------------------------------------------
Third, a Federal Information Center can help to identify
government agencies, their functions, and their records. These
Centers, which are operated by the General Services
Administration, serve as clearinghouses for information about
the Federal Government. There are Federal Information Centers
throughout the country.
Fourth, every 2 years, the Office of the Federal Register
publishes a compilation of system of records notices for all
agencies. These notices contain a complete description of each
record system maintained by each agency. The compilation--which
is published in five large volumes--is the most complete
reference for information about Federal agency personal
information practices.\25\ The information that appears in the
compilation also appears in various issues of the Federal
Register.\26\
\25\ Each system notice contains the name of the system; its
location; the categories of individuals covered by the system; the
categories of records in the system; the legal authority for
maintenance of the system; the routine disclosures that may be made for
records in the system; the policies and practices of storing,
retrieving, accessing, retaining, and disposing of records; the name
and address of the manager of the system; procedures for requesting
access to the records; procedures for requesting correction or
amendment of the records; the source of the information in the system;
and a description of any disclosure exemptions that may be applied to
the records in the system.
\26\ Agencies are required to publish in the Federal Register a
description of each system of records when the system is established or
amended. In the past, agencies were required to publish an annual
compilation in the Federal Register, but that requirement was
eliminated in 1982. As a result, for most agencies it will be difficult
to find a complete list of all systems of records in the Federal
Register. Some agencies do, however, reprint all system notices from
time to time. An agency's Privacy Act/FOIA officer may be able to
provide more information about the agency's publication practices.
---------------------------------------------------------------------------
The compilation--formally called Privacy Act Issuances--may
be difficult to find and hard to use. It does not contain a
comprehensive index. Copies will be available in some Federal
depository libraries and possibly in other libraries as well.
Although the compilation is the best single source of detailed
information about personal records maintained by Federal
agencies, it is not necessary to consult the compilation before
making a Privacy Act request. A requester is not required to
identify the specific system of records that contains the
information being sought. It is sufficient to identify the
agency that has the records. Using information provided by the
requester, the agency will determine which system of records
has the files that have been requested.
Those who request records under the Privacy Act can help
the agency by identifying the type of records being sought.
Large agencies maintain hundreds of different record systems. A
request can be processed faster if the requester tells the
agency that he or she was employed by the agency, was the
recipient of benefits under an agency program, or had other
specific contacts with the agency.
D. MAKING A PRIVACY ACT REQUEST FOR ACCESS
The fastest way to make a Privacy Act request is to
identify the specific system of records. The request can be
addressed to the system manager. Few people do this. Instead,
most people address their requests to the head of the agency
that has the records or to the agency's Privacy Act/FOIA
officer. The envelope containing the written request should be
marked ``Privacy Act/FOIA Request'' in the bottom left-hand
corner.\27\
\27\ All agencies have Privacy Act regulations that describe the
request process in greater detail. Large agencies may have several
components, each of which has its own Privacy Act rules. Requesters who
can find agency Privacy Act regulations in the Code of Federal
Regulations (available in many libraries) might read these regulations
before making a request. A requester who follows the agency's specific
procedures may receive a faster response. However, the simple
procedures suggested in this guide are adequate to meet the minimum
statutory requirements for a Privacy Act request.
---------------------------------------------------------------------------
There are three basic elements to a request for records
under the Privacy Act. First, the letter should state that the
request is being made under the Privacy Act. Second, the letter
should include the name, address, and signature of the
requester. Third, the request should describe the records as
specifically as possible. Appendix 1 includes a sample Privacy
Act request letter.
It is a common practice for an individual seeking records
about himself or herself to make the request under both the
Privacy Act of 1974 and the Freedom of Information Act. See the
discussion in the front of this guide about which act to use.
A requester can describe the records by identifying a
specific system of records, by describing his or her contacts
with an agency, or by simply asking for all records about
himself or herself. The broader and less specific a request is,
the longer it may take for an agency to respond.
It is a good practice for a requester to describe the type
of records that he or she expects to find. For example, an
individual seeking a copy of his service record in the Army
should state that he was in the Army and include the
approximate dates of service. This will help the Defense
Department narrow its search to record systems that are likely
to contain the information being sought. An individual seeking
records from the Federal Bureau of Investigation may ask that
files in specific field offices be searched in addition to the
FBI's central office files. The FBI does not routinely search
field office records without a specific request.
An agency will generally require a requester to provide
some proof of identity before records will be disclosed.
Agencies may have different requirements. Some agencies will
accept a signature; others may require certification of
identity by a notarized signature or by a declaration by the
requester under penalty of perjury. If an individual goes to
the agency to inspect records, standard personal identification
may be acceptable. More stringent requirements may apply if the
records being sought are especially sensitive.
An agency will inform requesters of any special
identification requirements. Requesters who need records
quickly should first consult agency regulations or talk to the
agency's Privacy Act/FOIA officer to find out how to provide
adequate identification.
An individual who visits an agency office to inspect a
Privacy Act record may bring along a friend or relative to
review the record. When a requester brings another person, the
agency may ask the requester to sign a written statement
authorizing discussion of the record in the presence of that
person.
It is a crime to knowingly and willfully request or obtain
records under the Privacy Act under false pretenses. A request
for access under the Privacy Act can only be made by the
subject of the record. An individual cannot make a request
under the Privacy Act for a record about another person. The
only exception is for a parent or legal guardian who may
request records on behalf of a minor or a person who has been
declared incompetent.
E. FEES
Under the Privacy Act, fees can only be charged for the
cost of copying records. No fees may be charged for the time it
takes to search for records or for the time it takes to review
the records to determine if any exemptions apply. This is a
major difference from the FOIA. Under the FOIA, fees can
sometimes be charged to recover search costs and review
costs.\28\ The different fee structure in the two laws is one
reason many requesters seeking records about themselves cite
both laws. This minimizes allowable fees.
\28\ An individual seeking records about himself or herself under
the FOIA should not be charged review charges. The only charges
applicable under the FOIA are search and copy charges.
---------------------------------------------------------------------------
Many agencies will not charge fees for making a copy of a
Privacy Act file, especially when the file is small. If paying
the copying charges is a problem, the requester should explain
in the request letter. An agency can waive fees under the
Privacy Act.
F. REQUIREMENTS FOR AGENCY RESPONSES
Unlike the FOIA, there is no fixed time when an agency must
respond to a request for access to records under the Privacy
Act. It is good practice for an agency to acknowledge receipt
of a Privacy Act request within 10 days and to provide the
requested records within 30 days.
At many agencies, FOIA and Privacy Act requests are
processed by the same personnel. When there is a backlog of
requests, it takes longer to receive a response. As a practical
matter, there is little that a requester can do when an agency
response is delayed. Requesters should be patient.
Agencies generally process requests in the order in which
they were received. Some agencies will expedite the processing
of urgent requests. Anyone with a pressing need for records
should consult with the agency Privacy Act/FOIA officer about
how to ask for expedited treatment of requests.
G. REASONS ACCESS MAY BE DENIED UNDER THE PRIVACY ACT
Not all records about an individual must be disclosed under
the Privacy Act. Some records may be withheld to protect
important government interests such as national security or law
enforcement.
The Privacy Act exemptions are different than the
exemptions of the FOIA. Under the FOIA, any record may be
withheld from disclosure if it contains exempt information when
a request is received. The decision to apply an FOIA exemption
is made only after a request has been made. In contrast,
Privacy Act exemptions apply not to a record but to a system of
records. Before an agency can apply a Privacy Act exemption,
the agency must first issue a regulation stating that there may
be exempt records in that system of records.
Without reviewing system notices or agency regulations, it
is hard to tell whether particular Privacy Act records are
exempt from disclosure. However, it is a safe assumption that
any system of records that qualifies for an exemption has been
exempted by the agency.
Since most record systems are not exempt, the exemptions
are not relevant to most requests. Also, agencies do not always
rely upon available Privacy Act exemptions unless there is a
specific reason to do so. Thus, some records that could be
withheld will nevertheless be disclosed upon request.
Because Privacy Act exemptions are complex and used
infrequently, most requesters need not worry about them. The
exemptions are discussed here for those interested in the act's
details and for reference when an agency withholds records.
Anyone needing more information about the Privacy Act's
exemptions can begin by reading the relevant sections of the
act. The complete text of the act is reprinted in an appendix
to this guide.\29\
\29\ In 1975, the Office of Management and Budget issued guidance
to Federal agencies on the Privacy Act of 1974. Those guidelines are a
good source of commentary and explanation for many of the provisions of
the act. The OMB guidelines can be found at 40 Federal Register 28948
(July 9, 1975).
---------------------------------------------------------------------------
The Privacy Act's exemptions differ from those of the FOIA
in another important way. The FOIA is a disclosure law.
Information exempt under the FOIA is exempt from disclosure
only. The Privacy Act, however, imposes many separate
requirements on personal records. Some systems of records are
exempt from the disclosure requirements, but no system is
exempt from all Privacy Act requirements.
For example, no system of records is ever exempt from the
requirement that a description of the system be published. No
system of records can be exempted from the limitations on
disclosure of the records outside of the agency. No system is
exempt from the requirement to maintain an accounting for
disclosures. No system is exempt from the restriction against
the maintenance of unauthorized information on the exercise of
First Amendment rights. All systems are subject to the
requirement that reasonable efforts be taken to ensure that
records disclosed outside the agency be accurate, complete,
timely, and relevant. Each agency must maintain proper
administrative controls and security for all systems. Finally,
the Privacy Act's criminal penalties remain fully applicable to
each system of records.
1. General Exemptions
There are two general exemptions under the Privacy Act. The
first applies to all records maintained by the Central
Intelligence Agency. The second applies to selected records
maintained by an agency or component whose principal function
is any activity pertaining to criminal law enforcement. Records
of criminal law enforcement agencies can be exempt under the
Privacy Act if the records consist of (A) information compiled
to identify individual criminal offenders and which consists
only of identifying data and notations of arrests, the nature
and disposition of criminal charges, sentencing, confinement,
release, and parole and probation status; (B) criminal
investigatory records associated with an identifiable
individual; or (C) reports identifiable to a particular
individual compiled at any stage from arrest through release
from supervision.
Systems of records subject to the general exemptions may be
exempted from many of the Privacy Act's requirements. Exemption
from the act's access and correction provisions is the most
important. An individual has no right under the Privacy Act to
ask for a copy of or to seek correction of a record subject to
the general exemptions.
In practice, these exemptions are not as expansive as they
sound. Most agencies that have exempt records will accept and
process Privacy Act requests. The records will be reviewed on a
case-by-case basis. Agencies will often disclose any
information that does not require protection. Agencies also
tend to follow a similar policy for requests for correction.
Individuals interested in obtaining records from the
Central Intelligence Agency or from law enforcement agencies
should not be discouraged from making requests for access. Even
if the Privacy Act access exemption is applied, portions of the
record may still be disclosable under the FOIA. This is a
primary reason individuals should cite both the Privacy Act and
the FOIA when requesting records.
2. Specific Exemptions
There are seven specific Privacy Act exemptions that can be
applied to systems of records. Records subject to these
exemptions are not exempt from as many of the act's
requirements as are the records subject to the general
exemptions. However, records exempt under the specific
exemptions are likely to be exempt from the Privacy Act's
access and correction provisions. Nevertheless, since the
access and correction exemptions are not always applied when
available, those seeking records should not be discouraged from
making a request. Also, the FOIA can be used to seek access to
records exempt under the Privacy Act.
The first specific exemption covers record systems
containing information properly classified in the interest of
national defense or foreign policy. Classified information is
also exempt from disclosure under the FOIA and will normally be
unavailable under both the FOIA and Privacy Acts.
The second specific exemption applies to systems of records
containing investigatory material compiled for law enforcement
purposes other than material covered by the general law
enforcement exemption. The specific law enforcement exemption
is limited when--as a result of the maintenance of the
records--an individual is denied any right, privilege, or
benefit to which he or she would be entitled by Federal law or
for which he or she would otherwise be entitled. In such a
case, disclosure is required except where disclosure would
reveal the identity of a confidential source who furnished
information to the government under an express promise that the
identity of the source would be held in confidence. If the
information was collected from a confidential source before the
effective date of the Privacy Act (September 27, 1975), an
implied promise of confidentiality is sufficient to permit
withholding of the identity of the source.\30\
\30\ This distinction between express and implied promises of
confidentiality is repeated throughout the specific exemptions of the
Privacy Act.
---------------------------------------------------------------------------
The third specific exemption applies to systems of records
maintained in connection with providing protective services to
the President of the United States or other individuals who
receive protection from the Secret Service.
The fourth specific exemption applies to systems of records
required by statute to be maintained and used solely as
statistical records.
The fifth specific exemption covers investigatory material
compiled solely to determine suitability, eligibility, or
qualifications for Federal civilian employment, military
service, Federal contracts, or access to classified
information. However, this exemption applies only to the extent
that disclosure of information would reveal the identity of a
confidential source who provided the information under a
promise of confidentiality.
The sixth specific exemption applies to systems of records
that contain testing or examination material used solely to
determine individual qualifications for appointment or
promotion in Federal service, but only when disclosure would
compromise the objectivity or fairness of the testing or
examination process. Effectively, this exemption permits
withholding of questions used in employment tests.
The seventh specific exemption covers evaluation material
used to determine potential for promotion in the armed
services. The material is only exempt to the extent that
disclosure would reveal the identity of a confidential source
who provided the information under a promise of
confidentiality.
3. Medical Records
Medical records maintained by Federal agencies--for
example, records at Veterans Administration hospitals--are not
formally exempt from the Privacy Act's access provisions.
However, the Privacy Act authorizes a special procedure for
medical records that operates, at least in part, like an
exemption.
Agencies may deny individuals direct access to medical
records, including psychological records, if the agency deems
it necessary. An agency normally reviews medical records
requested by an individual. If the agency determines that
direct disclosure is unwise, it can arrange for disclosure to a
physician selected by the individual or possibly to another
person chosen by the individual.
4. Litigation Records
The Privacy Act's access provisions include a general
limitation on access to civil litigation records. The act does
not require an agency to disclose to an individual any
information compiled in reasonable anticipation of a civil
action or proceeding. This limitation operates like an
exemption, although there is no requirement that the exemption
be applied by regulation to a system of records before it can
be used.
H. ADMINISTRATIVE APPEAL PROCEDURES FOR DENIAL OF ACCESS
Unlike the FOIA, the Privacy Act does not provide for an
administrative appeal of the denial of access. However, many
agencies have established procedures that will allow Privacy
Act requesters to appeal a denial of access without going to
court. An administrative appeal is often allowed under the
Privacy Act, even though it is not required, because many
individuals cite both the FOIA and Privacy Act when making a
request. The FOIA provides specifically for an administrative
appeal, and agencies are required to consider an appeal under
the FOIA.
When a Privacy Act request for access is denied, agencies
usually inform the requester of any appeal rights that are
available. If no information on appeal rights is included in
the denial letter, the requester should ask the Privacy Act/
FOIA officer. Unless an agency has established an alternative
procedure, it is possible that an appeal filed directly with
the head of the agency will be considered by the agency.
When a request for access is denied under the Privacy Act,
the agency explains the reason for the denial. The explanation
must name the system of records and explain which exemption is
applicable to the system. An appeal may be made on the basis
that the record is not exempt, that the system of records has
not been properly exempted, or that the record is exempt but no
harm to an important interest will result if the record is
disclosed.
There are three basic elements to a Privacy Act appeal
letter. First, the letter should state that the appeal is being
made under the Privacy Act of 1974. If the FOIA was cited when
the request for access was made, the letter should state that
the appeal is also being made under the FOIA. This is important
because the FOIA grants requesters statutory appeal rights.
Second, a Privacy Act appeal letter should identify the
denial that is being appealed and the records that were
withheld. The appeal letter should also explain why the denial
of access was improper or unnecessary.
Third, the appeal should include the requester's name and
address. It is a good practice for a requester to also include
a telephone number when making an appeal.
Appendix 1 includes a sample letter of appeal.
I. AMENDING RECORDS UNDER THE PRIVACY ACT
The Privacy Act grants an important right in addition to
the ability to inspect records. The act permits an individual
to request a correction of a record that is not accurate,
relevant, timely, or complete. This remedy allows an individual
to correct errors and to prevent incorrect information from
being disseminated by the agency or used unfairly against the
individual.
The right to seek a correction extends only to records
subject to the Privacy Act. Also, an individual can only
correct errors contained in a record that pertains to himself
or herself. Records disclosed under the FOIA cannot be amended
through the Privacy Act unless the records are also subject to
the Privacy Act. Records about unrelated events or about other
people cannot be amended unless the records are in a Privacy
Act file maintained under the name of the individual who is
seeking to make the correction.
A request to amend a record should be in writing. Agency
regulations explain the procedure in greater detail, but the
process is not complicated. A letter requesting an amendment of
a record will normally be addressed to the Privacy Act/FOIA
officer of the agency or to the agency official responsible for
the maintenance of the record system containing the erroneous
information. The envelope containing the request should be
marked ``Privacy Act Amendment Request'' on the lower left
corner.
There are five basic elements to a request for amending a
Privacy Act record.
First, the letter should state that it is a request to
amend a record under the Privacy Act of 1974.
Second, the request should identify the specific record and
the specific information in the record for which an amendment
is being sought. Copies of the records sought to be amended may
be included.
Third, the request should state why the information is not
accurate, relevant, timely, or complete. Supporting evidence
may be included with the request.
Fourth, the request should state what new or additional
information, if any, should be included in place of the
erroneous information. Evidence of the validity of the new or
additional information should be included. If the information
in the file is wrong and needs to be removed rather than
supplemented or corrected, the request should make this clear.
Fifth, the request should include the name and address of
the requester. It is a good idea for a requester to include a
telephone number.
Appendix 1 includes a sample letter requesting amendment of
a Privacy Act record.
J. APPEALS AND REQUIREMENTS FOR AGENCY RESPONSES
An agency that receives a request for amendment under the
Privacy Act must acknowledge receipt of the request within 10
days (not including Saturdays, Sundays, and legal holidays).
The agency must promptly rule on the request.
The agency may make the amendment requested. If so, the
agency must notify any person or agency to which the record had
previously been disclosed of the correction.
If the agency refuses to make the change requested, the
agency must inform the requester of: (1) the agency's refusal
to amend the record; (2) the reason for refusing to amend the
request; and (3) the procedures for requesting a review of the
denial. The agency must provide the name and business address
of the official responsible for conducting the review.
An agency must decide an appeal of a denial of a request
for amendment within 30 days (excluding Saturdays, Sundays, and
legal holidays), unless the time period is extended by the
agency for good cause. If the appeal is granted, the record
will be corrected.
If the appeal is denied, the agency must inform the
requester of the right to judicial review. In addition, a
requester whose appeal has been denied also has the right to
place in the agency file a concise statement of disagreement
with the information that was the subject of the request for
amendment.
When a statement of disagreement has been filed and an
agency is disclosing the disputed information, the agency must
mark the information and provide copies of the statement of
disagreement. The agency may also include a concise statement
of its reasons for not making the requested amendments. The
agency must also give a copy of the statement of disagreement
to any person or agency to whom the record had previously been
disclosed.
K. FILING FOR JUDICIAL APPEAL
The Privacy Act provides a civil remedy whenever an agency
denies access to a record or refuses to amend a record. An
individual may sue an agency if the agency fails to maintain
records with accuracy, relevance, timeliness, and completeness
as is necessary to assure fairness in any agency determination
and the agency makes a determination that is adverse to the
individual. An individual may also sue an agency if the agency
fails to comply with any other Privacy Act provision in a
manner that has an adverse effect on the individual.
The Privacy Act protects a wide range of rights about
personal records maintained by Federal agencies. The most
important are the right to inspect records and the right to
seek correction of records. Other rights have also been
mentioned here, and still others can be found in the text of
the act. Most of these rights can become the subject of
litigation.
An individual may file a lawsuit against an agency in the
Federal District Court in which the individual lives, in which
the records are situated, or in the District of Columbia. A
lawsuit must be filed within 2 years from the date on which the
basis for the lawsuit arose.
Most individuals require the assistance of an attorney to
file a lawsuit. An individual who files a lawsuit and
substantially prevails may be awarded reasonable attorney fees
and litigation costs reasonably incurred. Some requesters may
be able to handle their own case without an attorney. Since
this is not a litigation guide, details about the judicial
appeal process have not been included. Anyone considering
filing a Privacy Act lawsuit can begin by reviewing the
provisions of the Privacy Act on civil remedies.\31\
\31\ See footnote 22.
A P P E N D I X E S
----------
Appendix 1.--Sample Request and Appeal Letters
a. freedom of information act request letter
Agency Head [or Freedom of Information Act Officer]
Name of Agency
Address of Agency
City, State, Zip Code
Re: Freedom of Information Act Request
Dear :
This is a request under the Freedom of Information Act.
I request that a copy of the following documents [or documents
containing the following information] be provided to me: [identify the
documents or information as specifically as possible].
In order to help to determine my status for purposes of determining
the applicability of any fees, you should know that I am (insert a
suitable description of the requester and the purpose of the request).
[Sample requester descriptions:
a representative of the news media affiliated with the ________
newspaper (magazine, television station, etc.), and this
request is made as part of news gathering and not for a
commercial use.
affiliated with an educational or noncommercial scientific
institution, and this request is made for a scholarly or
scientific purpose and not for a commercial use.
an individual seeking information for personal use and not for
a commercial use.
affiliated with a private corporation and am seeking
information for use in the company's business.]
[Optional] I am willing to pay fees for this request up to a
maximum of $____. If you estimate that the fees will exceed this limit,
please inform me first.
[Optional] I request a waiver of all fees for this request.
Disclosure of the requested information to me is in the public interest
because it is likely to contribute significantly to public
understanding of the operations or activities of the government and is
not primarily in my commercial interest. [Include specific details,
including how the requested information will be disseminated by the
requester for public benefit.]
[Optional] I also include a telephone number at which I can be
contacted during the hours of ________, if necessary, to discuss any
aspect of my request.
Thank you for your consideration of this request.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
b. freedom of information act appeal letter
Agency Head or Appeal Officer
Name of Agency
Address of Agency
City, State, Zip Code
Re: Freedom of Information Act Appeal
Dear :
This is an appeal under the Freedom of Information Act.
On (date), I requested documents under the Freedom of Information
Act. My request was assigned the following identification number:
________. On (date), I received a response to my request in a letter
signed by (name of official). I appeal the denial of my request.
[Optional] The documents that were withheld must be disclosed under
the FOIA because . . . .
[Optional] I appeal the decision to deny my request for a waiver of
fees. I believe that I am entitled to a waiver of fees. Disclosure of
the documents I requested is in the public interest because it is
likely to contribute significantly to public understanding of the
operations or activities of the government and is not primarily in my
commercial interest. (Provide details)
[Optional] I appeal the decision to require me to pay review costs
for this request. I am not seeking the documents for a commercial use.
(Provide details)
[Optional] I appeal the decision to require me to pay search and/or
review charges for this request. I am a representative of the news
media seeking information as part of news gathering and not for
commercial use.
[Optional] I appeal the decision to require me to pay search and/or
review charges for this request. I am a representative of an
educational institution seeking information for a scholarly purpose.
[Optional] I also include a telephone number at which I can be
contacted during the hours of ________, if necessary, to discuss any
aspect of my appeal.
Thank you for your consideration of this appeal.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
c. privacy act request for access letter
Privacy Act or Freedom of Information Officer
Name of Agency
Address of Agency
City, State, Zip Code
Re: Privacy Act and Freedom of Information Act Request for Access
Dear :
This is a request under the Privacy Act of 1974 and the Freedom of
Information Act.
I request a copy of any records [or specifically named records]
about me maintained at your agency.
[Optional] To help you to locate my records, I have had the
following contacts with your agency: [mention job applications, periods
of employment, loans or agency programs applied for, etc.].
[Optional] I am willing to pay fees for this request up to a
maximum of $____. If you estimate that the fees will exceed this limit
please inform me first.
[Optional] Enclosed is [a notarized signature or other identifying
document] that will verify my identity.
[Optional] I also include a telephone number at which I can be
contacted during the hours of ________, if necessary, to discuss any
aspect of my request.
Thank you for your consideration of this request.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
d. privacy act denial of access appeal
Agency Head or Appeal Officer
Name of Agency
Address of Agency
City, State, Zip Code
Re: Appeal of Denial of Privacy Act and Freedom of Information Act
Access Request
Dear :
This is an appeal under the Privacy Act and the Freedom of
Information Act of the denial of my request for access to records.
On (date), I requested access to records under the Privacy Act of
1974. My request was assigned the following identification number:
________. On (date), I received a response to my request in a letter
signed by (name of official). I appeal the denial of my request.
[Optional] The records that were withheld should be disclosed to me
because . . . .
[Optional] Please consider that this appeal is also made under the
Freedom of Information Act. Please provide any additional information
that may be available under the FOIA.
[Optional] I also include a telephone number at which I can be
contacted during the hours of ________, if necessary, to discuss any
aspect of my appeal.
Thank you for your consideration of this appeal.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
e. privacy act request to amend records
Privacy Act and Freedom of Information Act Officer
Name of Agency
Address of Agency
City, State, Zip Code
Re: Privacy Act Request to Amend Records
Dear :
This is a request under the Privacy Act to amend records about
myself maintained by your agency.
I believe that the following is not correct: [Describe the
incorrect information as specifically as possible].
The information is not (accurate) (relevant) (timely) (complete)
because . . . .
[Optional] Enclosed are copies of documents that show that the
information is incorrect.
[Optional] I also include a telephone number at which I can be
contacted during the hours of ________, if necessary, to discuss any
aspect of my request.
I request that the information be [deleted] [changed to read:].
Thank you for your consideration of this request.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
f. privacy act appeal of refusal to amend records
Agency Head or Appeal Officer
Name of Agency
Address of Agency
City, State, Zip Code
Re: Privacy Act Appeal of Refusal to Amend Records
Dear :
This is an appeal under the Privacy Act of the refusal of your
agency to amend records as I requested.
On (date), I requested that records about me be amended. My request
was assigned the following identification number ________. On (date), I
was informed by (name of official) that my request was rejected. I
appeal the rejection of my request.
The rejection of my request for amendment was wrong because . . . .
[Optional] I enclose additional evidence that shows that the
records are incorrect and that the amendment I requested is
appropriate.
[Optional] I also include a telephone number at which I can be
contacted during the hours of ________, if necessary, to discuss any
aspect of my appeal.
Thank you for your consideration of this appeal.
Sincerely,
Name
Address
City, State, Zip Code
Telephone number [Optional]
Appendix 2.--Bibliography of Congressional Publications on the Freedom
of Information Act
CONGRESSIONAL HEARINGS, REPORTS, DOCUMENTS, AND PRINTS
(LISTED CHRONOLOGICALLY BY PUBLICATION DATE)
Note on availability: Most of these publications are out of print.
Copies of all congressional publications should be available at Federal
Depository Libraries located throughout the country.
1964
Senate Committee on the Judiciary. Clarifying and Protecting the
Right of the Public to Information and for Other Purposes. S. Rept.
1219, 88th Congress, 2d Session. 1964.
Senate Committee on the Judiciary. Freedom of Information.
Hearings, 98th Congress, 1st Session. 1964.
1965
House Committee on Government Operations. Federal Public Records
Law. Hearings, 89th Congress, 2d Session. 1965.
Senate Committee on the Judiciary. Administrative Procedure Act.
Hearings, 89th Congress, 1st Session. 1965.
Senate Committee on the Judiciary. Clarifying and Protecting the
Right of the Public to Information, and for Other Purposes. S. Rept.
813, 89th Congress, 1st Session. 1965.
1966
House Committee on Government Operations. Clarifying and Protecting
the Right of the Public to Information. H. Rept. 1497, 89th Congress,
2d Session. 1966.
1967
House Committee on the Judiciary. Codification of Public Law 89-
487. H. Rept. 125, 90th Congress, 1st Session. 1967.
Senate Committee on the Judiciary. Amending Section 552 of Title 5,
United States Code. S. Rept. 248, 90th Congress, 1st Session. 1967.
1968
House Committee on Government Operations. Freedom of Information
Act (Compilation and Analysis of Departmental Regulations Implementing
5 U.S.C. 552). Committee print, 90th Congress, 2d Session. 1968.
Senate Committee on the Judiciary. The Freedom of Information Act
(Ten Months Review). Committee print, 90th Congress, 2d Session. 1968.
1972
House Committee on Government Operations. Administration of the
Freedom of Information Act. H. Rept. 92-1419, 92nd Congress, 2d
Session. 1972.
House Committee on Government Operations. Sale or Distribution of
Mailing Lists By Federal Agencies. Hearings, 92nd Congress, 2d Session.
1972.
House Committee on Government Operations. U.S. Government
Information Policies and Practices--Administration and Operation of the
Freedom of Information Act. (Parts 4-6). Hearings, 92nd Congress, 2d
Session. 1972.
House Committee on Government Operations. U.S. Government
Information Policies and Practices--Security Classification Problems
Involving Subsection (b)(1) of the Freedom of Information Act. (Part
7). Hearings, 92nd Congress, 2d Session. 1972.
1973
House Committee on Government Operations. Availability of
Information to Congress. Hearings, 93rd Congress, 1st Session. 1973.
House Committee on Government Operations. Executive Classification
of Information--Security Classification Problems Involving Exemption
(b)(1) of the Freedom of Information Act (5 U.S.C. 552). H. Rept. 93-
221, 93rd Congress, 1st Session. 1973.
House Committee on Government Operations. The Freedom of
Information Act. Hearings, 93rd Congress, 1st Session. 1973.
Senate Committee on Government Operations and Committee on the
Judiciary. Executive Privilege, Secrecy in Government, Freedom of
Information. Hearings, 93rd Congress, 1st Session. 1973.
1974
House Committee on Government Operations. Amending Section 552 of
Title 5, United States Code, Known as the Freedom of Information Act.
H. Rept. 93-876, 93rd Congress, 2d Session. 1974.
House Committee on Government Operations. Amending the Freedom of
Information Act to Require that Information Be Made Available to
Congress. H. Rept. 93-990, 93rd Congress, 2d Session. 1974.
House Committee on Government Operations. Security Classification
Reform. Hearings, 93rd Congress, 2d Session. 1974.
House of Representatives. Message from the President of the United
States. Vetoing H.R. 12471, Amend Freedom of Information Act. H. Doc.
93-383. 93rd Congress. 2d Session. 1974.
House/Senate Committee of Conference. Freedom of Information Act
Amendments. H. Rept. 93-1380 or S. Rept. 93-1200, 93rd Congress, 2d
Session. 1974.
Senate Committee on the Judiciary. Amending the Freedom of
Information Act. S. Rept. 93-854, 93rd Congress, 2d Session. 1974.
Senate Committee on the Judiciary. Freedom of Information Act
Source Book: Legislative Materials, Cases, Articles. S. Doc. 93-82,
93rd Congress. 2d Session. 1974.
1975
House Committee on Government Operations and Senate Committee on
the Judiciary. Freedom of Information Act and Amendments of 1974 (P.L.
93-502). Source Book: Legislative History, Texts, and Other Documents.
Joint committee print, 94th Congress, 1st Session. 1975.
1977
House Committee on Government Operations. Business Record Exemption
of the Freedom of Information Act. Hearings, 95th Congress, 1st
Session. 1977.
Senate Committee on the Judiciary. Freedom of Information Act.
Hearings, 95th Congress, 1st Session. 1977.
1978
House Committee on Government Operations. FBI Compliance with the
Freedom of Information Act. Hearing, 95th Congress, 2d Session. 1978.
House Committee on Government Operations. Freedom of Information
Act Requests for Business Data and Reverse-FOIA Lawsuits. H. Rept. 95-
1382, 95th Congress, 2d Session. 1978.
Senate Committee on the Judiciary. The Erosion of Law Enforcement
Intelligence and Its Impact on the Public Security. Committee print,
95th Congress, 2d Session. 1978.
Senate Committee on the Judiciary. The Erosion of Law Enforcement
Intelligence and Its Impact on the Public Security. Hearings, 95th
Congress, 1st and 2d Sessions. 1977-1978.
1979
House Committee on Government Operations. Security Classification
Exemption to the Freedom of Information Act. Hearing, 95th Congress,
1st Session. 1979.
1980
House Permanent Select Committee on Intelligence. Impact of the
Freedom of Information Act and the Privacy Act on Intelligence
Activities. Hearing, 96th Congress, 1st Session. 1980.
Senate Committee on Governmental Affairs. Oversight of the
Administration of the Federal Freedom of Information Act. Hearings,
96th Congress, 2d Session. 1980.
Senate Committee on the Judiciary. Agency Implementation of the
1974 Amendments to the Freedom of Information Act. Committee print,
95th Congress, 2d Session. 1980.
1981
House Committee on Government Operations. Freedom of Information
Act Oversight. Hearings, 97th Congress, 1st Session. 1981.
House Committee on Government Operations. The Freedom of
Information Act: Central Intelligence Agency Exemptions. Hearings, 96th
Congress, 2d Session. 1981.
House Committee on Government Operations. The Freedom of
Information Act: Federal Law Enforcement Implementation. Hearing, 96th
Congress, 1st Session. 1981.
1982
Senate Committee on the Judiciary. Freedom of Information Act.
Hearings, 97th Congress, 1st Session. 1982.
Senate Committee on the Judiciary. The Freedom of Information
Reform Act. S. Rept. 97-690, 97th Congress, 2d Session. 1982.
1983
Senate Committee on the Judiciary. Freedom of Information Reform
Act. S. Rept. 98-221, 98th Congress, 1st Session. 1983.
1984
Senate Committee on the Judiciary. Freedom of Information Reform
Act. Hearings, 98th Congress, 1st Session. 1984.
1985
House Committee on Government Operations. The Freedom of
Information Reform Act. Hearings, 98th Congress, 2d Session. 1985.
Senate Committee on the Judiciary. Amendments to the Freedom of
Information Act. Hearing, 98th Congress, 2d Session. 1985.
1986
House Committee on Government Operations. Freedom of Information
Act Amendments of 1986. Hearing, 99th Congress, 2d Session. 1986.
House Committee on Government Operations. Freedom of Information
Act Amendments of 1986. H. Rept. 99-832, 99th Congress, 2d Session.
1986.
1988
House Committee on Government Operations. FOIA: Alternate Dispute
Resolution Proposals. Hearings, 100th Congress, 1st Session. 1988.
1989
Senate Committee on the Judiciary. The Freedom of Information Act.
Hearing, 100th Congress, 2d Session. 1989.
1990
House Committee on Government Operations. Federal Information
Dissemination Policies and Practices. Hearings, 101st Congress, 1st
Session. 1990.
House Committee on Government Operations. Paperwork Reduction and
Federal Information Resources Management Act of 1990. H. Rept. 101-927,
101st Congress, 2d Session. 1990.
1991
House Committee on Government Operations, Creative Ways of Using
and Disseminating Federal Information. Hearings, 102d Congress, 1st and
2d Sessions. 1991, 1992.
1992
House Committee on Government Operations. Assassination Materials
Disclosure Act of 1992. H. Rept. 102-624 Part 1, 102d Congress, 2d
Session. 1992.
House Committee on the Judiciary. Assassination Materials
Disclosure Act of 1992. Hearing, 102d Congress, 2d Session. 1992.
House Committee on the Judiciary. Assassination Materials
Disclosure Act of 1992. H. Rept. 102-624 Part 2, 102d Congress, 2d
Session. 1992.
Senate Committee on Governmental Affairs. The Assassination
Materials Disclosure Act of 1992. Hearing, 102d Congress, 2d Session.
1992.
Senate Committee on Governmental Affairs. Assassination Materials
Disclosure Act of 1992. S. Rept. 102-328, 102d Congress, 2d Session.
1992.
1993
House Committee on Government Operations. Assassination Materials
Disclosure Act of 1992. Hearings, 103d Congress, 2d Session. 1993.
Senate Committee on the Judiciary. The Electronic Freedom of
Information Improvement Act. Hearing, 103d Congress, 2d Session. 1993.
1994
House Committee on Government Operations. The Effectiveness of
Public Law 102-526, The President John F. Kennedy Assassination Records
Collection Act of 1992. Hearing, 103d Congress, 1st Session. 1994.
Senate Committee on the Judiciary. Electronic Freedom of
Information Improvement Act of 1994. S. Rept. 103-365, 103d Congress,
2d Session. 1994.
Appendix 3.--Bibliography of Congressional Publications on the Privacy
Act of 1974
CONGRESSIONAL HEARINGS, REPORTS, DOCUMENTS, AND PRINTS
(LISTED CHRONOLOGICALLY BY PUBLICATION DATE)
Note on availability: Most of these publications are out of print.
Copies of all congressional publications should be available at Federal
Depository Libraries located throughout the country.
1972
House Committee on Government Operations. Records Maintained By
Government Agencies. Hearings, 92nd Congress, 2d Session. 1972.
1974
House Committee on Government Operations. Access to Records.
Hearings, 93rd Congress, 2d Session. 1974.
House Committee on Government Operations. Federal Information
Systems and Plans--Federal Use and Development of Advanced Information
Technology. Hearings, 93rd Congress, 1st and 2