It seems like these days, everyone is finding classified documents in places they shouldn’t be: their homes, their offices, their storage lockers, their garages, their guitar cases, between the cracks of their couches, under some withered celery in the vegetable drawer … OK, we’re exaggerating—but it is getting ridiculous.
While the pundits continue to speculate whether President Donald Trump, Vice President Mike Pence and President Joe Biden put national security at risk by hoarding these secrets, that ultimately might not be the biggest problem.
What we know for sure is that these episodes illustrate overlapping problems for government transparency. It reveals an epidemic of over-aggressive classification of documents that could easily be made public. It means that an untold number of documents that belong to the public went missing—even though we may not get to see them for at least 25 years, when the law requires a mandatory declassification review. And then there’s the big, troubling transparency question: If these officials pocketed national secrets, what other troves of non-secret but nonetheless important documents did they hold on to, potentially frustrating the public’s ability to ever see them?
It doesn’t do much good to file a Freedom of Information Act request for records that have mysteriously disappeared.
Misbehavior like this is why we created The Foilies, our annual tongue-in-cheek “awards” for agencies and officials that thwart the public’s right to government information or otherwise respond outrageously to requests for documents and records. Each year, the Electronic Frontier Foundation and MuckRock News, in partnership with the Association of Alternative Newsmedia, publish this list of ne’er-do-wells to celebrate Sunshine Week (March 12-18)—an annual event to raise the profile of the democratic concept of government transparency.
It may be many years before the public learns what secret and not-so-secret documents weren’t turned over by past administrations to the National Archives. But when we do, we’ll be sure to nominate them for the top prizes. In the meantime, we have no shortage of redaction rascals and right-to-know knaves, from agencies assessing astronomical fees to obtain documents to officials who overtly obstruct openness to protect corporate interests. Read on and get to know the 2023 who’s-who of government opacity.
(I’m Not Your) Steppin’ Stone to Transparency Award: Federal Bureau of Investigation
We are all lucky that the FBI is always on the lookout for “left wing innovations of a political nature,” especially those nasty “subliminal messages.” That’s why, in 1967, it sent an informant to a Monkees concert, who reported on the band’s anti-war sentiment to add to the FBI’s growing file on the band.
Micky Dolenz, the band’s sole surviving member, is suing for that file under FOIA. As his complaint points out, the FBI spied on many musicians of that era, including Jimi Hendrix and John Lennon.
Dolenz sued after the FBI failed to produce the file beyond the heavily redacted portion that it already published online. The FBI has since provided five more redacted pages, Dolenz’s attorney tell us. Hopefully, this will shed more light on the FBI’s heroic war against Beatles, Monkees, and other subversive members of the animal kingdom.
The Redactions Don’t Gitmo Surreal Award: The U.S. Southern Command
The U.S. facility at Guantanamo Bay regularly serves up both insults and injuries. A number of people still held there have been subjected to torture and other inhumane treatment at U.S. “black sites”; many are imprisoned indefinitely; and the Pentagon considers detainees’ artwork to be property of the U.S. government. The whole thing is a bit surreal, but U.S. Southern Command (SOUTHCOM) has more techniques for turning up the dial.
Bloomberg reporter Jason Leopold submitted a FOIA request in 2017 for artwork created by those detained at Guantanamo Bay. SOUTHCOM finally fulfilled the request last spring, and it took its own creative liberties with the release.
To the hundreds of pages of colorful paintings and drawings created by Gitmo prisoners, the military added hundreds of little white redactions. FOIA requires redactions to be very particular and to specifically cite applicable exemptions. It seems there were plenty of very particular elements with which the agency took issue, claiming that amidst trees of leaves and other scenes were materials that were ineligible for release due to personal privacy concerns and the risk that they would betray law enforcement techniques. When prisoners’ art could potentially disclose military secrets, we’re well through the looking glass.
“Gitmo, after 20-plus years, is not only a black box of secrecy,” Leopold said, “but it has its own Orwellian rules when it comes to transparency.”
We Can Neither Confirm Nor Deny the Existence of This Award: National Security Agency
Sometimes agencies will respond to your FOIA request with a stack of documents. Other times, they will reject the request out of hand. But some agencies choose a third route: They tell you they can neither confirm nor deny whether the information exists, because the subject matter is classified, or because a positive or negative response would expose the agency’s hand in whatever intelligence or investigation game they’re playing.
This so-called “Glomar response” is derived from a Cold War-era case, when the CIA refused to confirm or deny to the Los Angeles Times whether it had information about the USNS Hughes Glomar Explorer, a CIA ship that was used to try to salvage a sunken Soviet spy sub.
“The Reporters Committee for Freedom of the Press is studying the prevalence of so-called ‘Glomar’ responses to FOIA requests across the federal government,” RCFP Senior Staff Attorney Adam Marshall told us. “As part of that project, it has submitted FOIA requests (what else) to every federal agency regarding their Glomar volume over a five-year period.”
So far, RCFP has learned that the U.S. Commodity Futures Trading Commission sent four Glomars; the U.S. Department of Energy Office of the Inspector General sent 14; and the U.S. Department of Health and Human Services Office of the Inspector General sent 102.
The NSA came back with an astounding 2,721 Glomar responses over the five-year period. As Marshall noted on Twitter, in fiscal year 2021 alone, Glomars accounted for at least 41% of all the FOIA requests the NSA processed. And so we honor the NSA for being so transparent about its lack of transparency.
The Leave No Coffee Mug Unturned Award: General Escobedo, Mexico
When an agency receives a records request, an official is supposed to conduct a thorough search, not poke around half-heartedly before generating a boilerplate rejection letter. What’s rare is for an agency to send a photo essay documenting their fruitless hunt for records.
That’s exactly how the city of General Escobedo in Nuevo León, Mexico, responded to a public records request that the EFF filed for documents related to a predictive policing law under Mexico’s national transparency law. The “Inexistencia de Información” letter they sent included a moment-by-moment photo series of their journey, proving they looked really hard, but couldn’t find any records.
First, the photos showed they were outside the city’s security secretariat building. Then they were standing at the door to the police investigative analysis unit. Then they were sitting at a computer, looking at files, with a few screengrabs. Then they were looking in a filing cabinet.
The next photo almost caused us to do a spit take: They were looking in the drawer where they keep their coffee mugs–just in case there was a print-out jammed between the tea bags and the stevia. See, they looked everywhere.
Except … those screengrabs on the computer they breezed past were exactly the kind of documents we wanted. EFF appealed the case before the state’s transparency board, which eventually forced Escobedo to release a slideshow and receipts showing the city had wasted more than 4 million pesos on the Sistema de Predicción de Delitos (SPRED) project.
The Wishy-Washy Access Award: Alphabet and The Dalles, Oregon
The Western United States has been caught in a 20-year megadrought, but when The Oregonian/OregonLive sought records on water usage from the city of The Dalles, the news organization found itself on the wrong side of a lawsuit. The city claimed the data was a trade secret, and filed suit on behalf of Google parent company Alphabet to block the release of records.
Alphabet, like other major tech companies, has increasingly invested in massive data centers that slurp up vast quantities of water to cool off their hardware. How much water, however, was a mystery, and one of pressing concern for locals. One resident told The Associated Press she had seen her well water continue to drop year after year. “At the end of the day, if there’s not enough water, who’s going to win?” she asked. After a 13-month fight, there was something to savor: The city dropped its fight. Alphabet even tried to spin it as a PR win and declared itself a champion of transparency.
“It is one example of the importance of transparency, which we are aiming to increase … which includes site-level water usage numbers for all our U.S. data center sites, including The Dalles,” a spokesperson said at the time.
The data was worth fighting for: The data centers’ water usage had tripled in the past five years, to where it consumes more than a quarter of all water used in the city, according to analysis from Mike Rogoway at The Oregonian/OregonLive.
The Outrageous FOIA Fee of the Year Award: Rochester Community Schools District
This year’s winner for most ludicrous fee assessment takes us to a suburb north of Detroit, where parents were met with a hefty price tag for trying to find out whether the school district was spying on them.
As reported by WXYZ, the parents were part of a Facebook group where they discussed their dissatisfaction with the district’s approach to remote learning. After a local parent sued the district, claiming she was fired because a district official had complained to her employer about her criticism of the district’s COVID-19 policies, these parents began filing public records requests to see if the district was monitoring their social media.
When one parent asked for records to know whether their name was included in any social media monitoring, the district said that to comply with the request, staff would have to search every email ever sent by an employee—a total of 12,115,251 emails. The district told the parent to be prepared to be liable for a whopping $18,641,345 fee, with $9,320,673.73 due in advance. That’s a lot of bake sales.
The Digital Divide Award: U.S. Office of Personnel Management
Strolling through the independent records clearinghouse Government Attic offers a wide range of interesting, useful and refreshingly creative ideas for records to request, such as government agency intranet homepages.
Producing a copy of an intranet homepage should be a pretty easy task for an agency: Open up your browser in the morning; click “Save As”; and, boom—kick back after a job well done. You don’t even need to talk to your colleagues! But after five years of inexplicable transparency purgatory, a lead government information specialist at the U.S. Office of Personnel Management responded curtly to one such request with the following:
“The FOIA does not require agencies to create a record. The records you seek would require the creation of records. Therefore, OPM is unable to provide you any records.” Even odder, the agency’s FOIA log for last year notes the request, but writes that it was closed with “no records,” rather than being rejected. Keep that in mind when calibrating the reliability of FOIA annual reports and other official transparency statistics.
Happily, we can report that other agencies are more digitally adept when responding to these types of requests, even if they do have a maddening tendency to print out the pages and mail them rather than just sending the actual digital files. We can only hope that the Office of Personnel Management manages to get some better-equipped personnel when it comes to understanding that simply copying bits is one of the least-creative acts a computer—or FOIA officer —can do, and they should take these requests as a gift rather than a challenge.
The Bulk Data for Me but Not for Thee Award: Los Angeles Police Department
Police departments have an uncanny knack for being able to fund cutting-edge (if horribly broken) technology to watch the public while only mustering ’90s-era (also horribly broken) technology to help the public watch them back. This appears to be the case in Los Angeles, where the forthrightly named Stop LAPD Spying Coalition found that it was being monitored by the LAPD.
Like any good public watchdog, it filed a records request, in this case for emails that mentioned “Stop LAPD Spying” or “stoplapdspying.” We will make a concession that this is a potentially broad search. It’s not always easy for agencies to search across all departmental emails; sometimes emails are stored in different systems, and so on.
LAPD didn’t seem to have an issue with conducting the search, but, rather, they just had found too much material when they did: “The query resulted in a file(s) that exceeds the maximum gigabyte that our system would allow to export; therefore, we are unable to search for and identify emails responsive to your request.”
LAPD then asked the requester to narrow their request. For better or worse, the reality of public records is that it’s often a negotiation, but if an agency is going to compile more than a gigabyte of emails on an organization dedicated to curbing surveillance, the least the agency can do is have the capability to sift through and export that material. The agency’s response—put bluntly, we talk about you too much to tell you how much we’ve talked about you—would be flattering if it wasn’t both creepy and aggravating.
I Wanted to Clarify That My A** is Covered Award: White House
Backroom dealers sometimes struggle to keep their deals in the backroom, especially when they inadvertently reveal them in emails that are presumptively public records. That’s when they follow up by saying, “I wanted to clarify that the email I sent was pre-decisional and privileged information,” hoping these magic words will exempt the email from disclosure should anyone file a records request.
On June 23, 2022, a White House staffer revealed to the Kentucky governor’s office that President Biden planned to nominate Chad Meredith as a federal judge the next day. Days later, the White House official then tried to use the follow-up “clarification” email as cover. But the Louisville Courier-Journal got the story, and the Kentucky governor’s office released the emails confirming the nomination plans, despite the weak follow-up email trying to claw them back into secrecy.
The president ultimately scrapped Meredith’s nomination entirely after pro-choice advocates criticized Biden’s apparent backroom trading on judicial nominations with Senate Minority Leader Mitch McConnell. Meredith had defended Kentucky’s anti-abortion laws under the previous Republican governor.
The whole ordeal, which was overshadowed by the Supreme Court overruling Roe v. Wade on the very day Meredith would have been nominated, shows the ridiculous ways officials will try to keep public records secret.
The Transparently Proud of Destroying Public Records Awards: Michael Gableman
The effort to investigate unsubstantiated 2020 election fraud claims in Wisconsin sped past comedy, plowed through farce, and fell into ludicrous land. The driver of this ridiculous journey: Michael Gableman, a former Wisconsin Supreme Court justice who was hired by Wisconsin State Assembly Speaker Robin Vos to investigate alleged election fraud.
Gableman’s inquiry has cost taxpayers nearly $2 million, with no evidence of any election wrongdoing disclosed when Vos shut it down and fired Gableman last August.
The probe itself, however, has generated plenty of violations of state public records laws. Gableman’s inquiry is the subject of at least four public records lawsuits. And in the process of responding to public records requests about his election inquiry, Gableman has admitted to routinely deleting records and deactivating an email account he used while working on the probe.
After receiving a records request from American Oversight, someone deleted Gableman’s personal email account, the former justice testified during a hearing in one of the suits. And when questioned about whether he knew who deleted records responsive to a public records request, Gableman was refreshingly honest.
“Did I delete documents? Yes, I did,” he said.
In Gableman’s defense, he believed deleting the records was proper, because in his view, the destroyed records were not part of his election investigation. The problem is that no one can trust Gableman’s judgment, because there is no paper trail to confirm that the records were, in fact, irrelevant to his work. Gableman’s lack of an auditable paper trail to check his work stands in stark contrast to the auditable results of the 2020 Wisconsin election.
For his records destruction and general frustration of the public’s right of access, courts have awarded plaintiffs $163,000 in attorney’s fees and costs in one case, and $98,000 in another.
The Ancient Art of Dodging Accountability Award: Cyber Ninjas
Wisconsin isn’t the only state where we’re recognizing an election “audit” contractor’s misbehavior.
After the audit of the 2020 presidential election in Maricopa County, Arizona—which ultimately reaffirmed Biden’s victory—State Senate President Karen Fann tried to save face by claiming that the reason the project spiraled out of control was because the election system was hard to audit, and not because auditing firm Cyber Ninjas might’ve been inexperienced and tilting at windmills. That’s kind of like saying it’s the homework’s fault that the dog ate it.
“As our efforts have clearly shown, elections processes here in Arizona are not designed to be easily audited, unlike every other government process accountable to citizens,” she wrote in a statement. “… (W)e look forward to implementing improvements to add ease, authentication, transparency, and accountability to our elections processes in the coming legislative session.”
The Cyber Ninjas’ own work, however, was anything but authenticatable, transparent and accountable, as the group tried to evade legitimate public records requests at nearly every turn.
The nonprofit American Oversight and The Arizona Republic newspaper had to take Cyber Ninjas to court in mid-2021 to demand access to audit records. The firm routinely refused to hand over documents, including communications, despite a court order, leading a judge in 2022 to sanction Cyber Ninjas’ founders $50,000 per day.
“I think the variety of creative positions Cyber Ninjas has taken to avoid compliance with this order speaks for itself,” Superior Court Judge John Hannah said. Cyber Ninjas began handing over records last year, revealing connections between the firm and various election conspiracy theorists and lawyers tied to Trump’s campaign and his efforts to overturn the election.
According to The Arizona Republic, Cyber Ninjas’ fines surpassed $10 million, and the firm closed up shop—and yet they still haven’t learned their lesson. The firm continues to withhold and improperly redact text messages and other correspondence. For example, Cyber Ninjas has withheld communications between CEO Doug Logan and prominent election denier Phil Waldron, claiming the messages are covered by legal privilege. This is clearly the FOIA equivalent of a torinoko, the legendary ninja smoke grenade, since Waldron is not a lawyer at all, and definitely not Logan’s lawyer.
The Transparency Tax Award: Mendocino County
The Foilies regularly recounts outrageous public records fees that seem clearly aimed at discouraging specific records requests. But those are usually one-off efforts aimed at specific requests. This award to officials in Mendocino County, Calif., is based on their creation of a fee system that appears designed to discourage everyone from requesting public records.
The ordinance lets officials charge you $20 per hour to look for records if you fail to “describe a specifically identifiable record.” So, if you asked for the sheriff’s “Policy 410.30,” you wouldn’t get charged, but if you asked for “all directives, policies, and orders related to body-worn cameras,” you might have to pony up hard cash. Even worse, the ordinance says that if you ask for emails or other types of records that “may” include information that needs to be redacted or withheld, the county would charge you $50 or $150 per hour, depending on whether an attorney needs to be involved.
In other words, the ordinance punishes the public for not knowing exactly how the county organizes and stores its records, or what records might contain sensitive information. If you have an encyclopedic knowledge of the county’s systems and how to request records, you may not be charged any search fees. But if you are a normal person who just wants to find out what’s happening in the county, you are probably going to be charged a huge search fee.
Mendocino County’s ordinance is on shaky legal ground. The California Public Records Act does not give state and local government agencies the authority to assess their own search fees, review fees, or even fees to redact records. The law only allows agencies to charge the public what it costs to make copies of the records they seek.
But aside from being potentially unlawful, Mendocino County’s fee ordinance is an affront to its residents. It treats all records requests as hostile, resource-wasting inquiries rather than a central mission of any public agency committed to transparency.
The Burn After Reading Award: Immigration and Customs Enforcement
Though it might be surprising, sometimes an agency will fulfill your request—and realize afterward they’d like to hit the undo button. Generally, however, the First Amendment protects your right to keep the records and publish them, even when the government could have originally withheld them.
That’s what happened to the well-known, oft-feared FOIA warrior and journalist Jason Leopold after Immigration and Customs Enforcement (ICE) used the wrong highlighter when they responded to his request for information on Department of Homeland Security (DHS) activity in Portland, Ore., in the wake of George Floyd’s murder during summer of 2020.
Leopold asked ICE for communication and documents from the DHS about the training and placement of DHS personnel in Portland that summer and received a “DHS Component Actions Report” in response. Among the information on the report that ICE later claimed was sensitive enough to warrant a gimme-back: the exact numbers of helmets, crowd-control shields, and pepper-spray projectiles that the DHS loaned to the United States Park Police, the police force of the National Park Service.
The MisFIRE in All Directions Award: Irvington Township
Sometimes you just have to marvel at the hubris of an agency that would prefer to pick unwinnable fights rather than just open up its books.
Irvington Township, N.J., started one such berserk rampage in 2021 when it filed a lawsuit against a retired teacher who had gotten in the habit of regularly asking for information about local government operations. The suit claimed her requests were “unduly burdensome, time consuming and expensive” and that the octogenarian had “bullied and annoyed” township administrators.
Then, in a misguided attempt to avoid negative attention, the town sent cease-and-desist letters to NBC reporters who were covering the lawsuit, also accusing them of harassment. Less than a week after the reporters published their story, Irvington Township withdrew the suit.
But it didn’t end there. Curious about how much the lawsuit had cost and who had authorized it, Adam Steinbaugh, an attorney for the Foundation for Individual Rights and Expression (FIRE), filed his own records requests. Irvington Township failed to respond to the request, and Steinbaugh filed a complaint with the New Jersey Government Records Council.
At that point, Irvington Township claimed that Steinbaugh, being from out of state, had no right to the records (false!) and deserved to be referred to law enforcement and criminally prosecuted (no!). Not only were Irvington Township’s arguments frivolous; they backfired: Saber-rattling about vexatious lawsuits against a free speech lawyer is like threatening them with a good time.
The Foilies (licensed under CC BY Creative Commons) were compiled by the Electronic Frontier Foundation (Director of Investigations Dave Maass, Senior Staff Attorney Aaron Mackey, Frank Stanton Fellow Mukund Rathi, Investigative Researcher Beryl Lipton) and MuckRock (Co-Founder Michael Morisy, Data Reporter Dillon Bergin, and Investigations Editor Derek Kravitz), with further review and editing by Shawn Musgrave. Illustrations are by EFF Designer Caitlyn Crites. The Foilies are published in partnership with the Association of Alternative Newsmedia.
Header image and illustration by Caitlyn Crites of the Electronic Frontier Foundation.