Today, IRAP filed a lawsuit against DHS, USCIS, and the State Department under the Freedom of Information Act (“FOIA”). Like most good FOIA stories, our quarrel began when IRAP asked these agencies to produce documents and the agencies did not respond. This time, however, IRAP is after more than just documents.
Most people think of the FOIA simply as a way to make the government produce documents on demand, such as training manuals or records explaining how individual cases were decided. Conceived of as a powerful tool to enforce government transparency, the FOIA has become a bureaucratic instrument to which far too little attention is paid, both by the general public and by the agencies in charge of administering the statute.
But we should all pay a little more attention, because the FOIA does not just require agencies to respond to requests for information. Rather, it requires agencies to affirmatively disclose certain types of information to the public without being asked. And when agencies ignore those affirmative requirements, the result is more work for advocates like IRAP and less transparency for everyone.
IRAP is challenging the agencies’ failure to comply with a little-known requirement in Section 552(g) of the FOIA: the Infosystems Requirement. This provision requires every agency to maintain a public index of all of their major information systems, as well as descriptions of those systems. (What could this look like? Check out the indices compiled by the Department of Justice and the U.S. Postal Service as a starting point for conversation). Basically, this part of the FOIA requires agencies to publicly describe how they collect, store, and access electronic information, so that requesters can better understand what information to ask for, and how best to do so.
Congress added the Infosystems Requirement as part of the 1996 “E-FOIA” Amendments, which sought to “reduce uncertainty among FOIA requestors” and make agency records more accessible online. In 2016, Congress amended the Infosystems Requirement to clarify that agencies must maintain an index and descriptions of major information systems on their websites, regardless of whether anyone requested this information.
The Infosystems Requirement is, admittedly, not the sexiest provision—which helps to explain why it has largely been overlooked for decades. But agency compliance with the Infosystems Requirement matters when it comes to understanding government operations.
Consider: IRAP files FOIA requests all the time, both to understand why particular clients’ applications get denied and to understand how refugee (and other) programs work in general. And because the State Department and DHS (including USCIS) are key players when it comes to refugee admissions and policies, IRAP regularly seeks information from these agencies in particular. We do this to bring transparency and accountability to frustratingly opaque refugee programs, so that we can help our clients and educate the general public.
When agencies do not fully disclose the types of records that they keep or where those records are located, they force IRAP—and themselves—to spend far more time on FOIA requests and litigation. At present, IRAP staff spend hours tracking down publicly available information about agency records and systems across dozens of websites. Because this information is incomplete, IRAP must often guess what types of records they are looking for, which results in less precise FOIA requests. When FOIA requests are less precise, agencies spend more time searching for responsive records, and IRAP spends more time appealing and litigating denials or incomplete FOIA productions.
Similarly, the absence of an index of major information systems can lead to unnecessary fights over which agencies control and access certain records. For example, IRAP sued USCIS in June 2020 over the agency’s failure to search within the Worldwide Refugee Admissions Processing System (WRAPS) for records related to our client’s case. This past summer, a federal court agreed with IRAP that USCIS was required to search WRAPS. To get to this point, however, IRAP had to file multiple FOIA requests and appeals with multiple agencies, dating back to 2017 – and then spend more than 500 hours preparing and litigating our case.
This hardly seems like an efficient use of IRAP’s, the court’s, or the government’s time. If USCIS simply listed and described its systems online, then the agency would have had more difficulty claiming that it lacked access to WRAPS–and FOIA staff would have known that they had to search for records within this particular system. In short, compliance with the FOIA’s Infosystems Requirement would have reduced confusion on both sides and might even have eliminated the source of the dispute.
More troublingly, widespread noncompliance with the Infosystems Requirement speaks to the government’s broader disregard for the FOIA’s affirmative requirements. The government cannot simply ignore its obligations under federal law.
Nonetheless – more than two decades after Congress passed the E-FOIA – neither DHS nor the State Department maintain indexes or descriptions of their major information systems that comply with the Infosystems Requirement. The partial indexes that DHS and the State Department do provide were created to comply with different statutes, serve purposes unrelated to the FOIA, and do not comprehensively list or describe all of the agencies’ major information systems.
Through this lawsuit, IRAP hopes to bring attention to the Infosystems Requirement and force DHS and the State Department to adequately index and describe their major information systems. But while ensuring compliance with the Infosystems Requirement is a useful start, the real issue is larger than any single FOIA provision. It is time for the agencies—and the public—to treat the FOIA and its procedural requirements seriously. Until we understand how federal agencies implement the FOIA, advocates, journalists, and the general public will remain in the dark about basic government functions.