FOIA Reform Sent to President, Privacy Oversight Board May be Curtailed, Powerful Surveillance Letters Not Expanded – for Now: FRINFORMSUM 6/23/2016

The FOIA Improvement Act of 2016 (S.337) was sent to the President’s desk on June 22, and the President has ten business days to sign the bill. If President Obama waits (as he likely will) until the last day to sign it, he will sign FOIA reform into law on the 50^th anniversary of the act – on July 4. The bill codifies several significant FOIA improvements; among them agencies must:

• Apply a 25-year sunset for the “wildly misused” FOIA exemption (b)(5), an exemption that currently has no time limit and was recently used to successfully deny a CIA draft history of the 53-year-old Bay of Pigs invasion.
• Update their FOIA regulations within 180 days after the passage of the bills. (A National Security Archive audit shows that too many federal agencies have not updated their regulations to comply with the 2007 Open Government FOIA improvements. By neglecting to update their “FOIA handbooks,” agencies are essentially ignoring Congress’s FOIA reforms.)
• Improve public digital access to released records.
• See here for Toby McIntosh’s write-up with all the details of what is included in the bill.

The jurisdiction of the Privacy and Civil Liberties Oversight Board (PCLOB) will be narrowed for the second year in a row if the Senate Intelligence Committee’s version of the FY2017 Intelligence Authorization Act becomes law. (PCLOB is an independent agency charged with ensuring that the government’s terrorism efforts don’t infringe on privacy and civil liberties.) Steve Aftergood notes that SSCI’s version would limit the Board’s scope to the privacy and civil liberties “of United States persons” only, and “does not appear to permit even ‘secondary’ consideration of the privacy of non-U.S. persons” – muddying the waters of how PCLOB would – or if it even could – act in areas where nationality is unclear.

Senators Martin Heinrich and Mazie K. Hirono published dissenting remarks to the Committee’s decision, noting that “Limiting the PCLOB’s mandate to only U.S. persons could create ambiguity about the scope of the PCLOB’s mandate, raising questions in particular about how the PCLOB should proceed in the digital domain, where individuals’ U.S. or non-U.S. status is not always apparent.” Senator Ron Wyden also published a dissent, saying “My concern is that by acting to restrict the Board’s purview for the second year in a row, and by making unwarranted criticisms of the Board’s staff in this report, the Intelligence Committee is sending the message that the Board should not do its job too well.”

PCLOB was first curtailed in 2015 when Republicans on the House Intelligence Committee successfully advanced a provision to the 2016 intelligence authorization bill blocking PCLOB access to information on covert programs. The move was allegedly made after Republicans on the committee were angered by an opinion piece written by former PCLOB chair David Medine, which argued that PCLOB is entitled by law to have “access to all relevant reports and material from any executive branch agency. It may also interview government personnel and ask the attorney general to subpoena the production of any relevant information from the private sector.”

PCLOB’s shrinking mandate is troubling, as it has made a number of important contributions to the surveillance debate, including publishing a chart “on how U.S. intelligence agencies use a Reagan-era executive order [12333] to collect Americans’ private information,” that shows most agency guidelines are woefully outdated. “Most agencies have not revisited their handling of data collection since the early 2000s, and in some cases not since the 1980s.”

A 2014 PCLOB report found that the National Security Agency’s (NSA) surveillance of foreign communications is lawful, but that elements of Section 702 come “close to the line” of being unconstitutional. Senators Heinrich and Hirono also argued in their dissent that it is possible that PCLOB could not have reviewed Section 702 under the proposed version of the FY2017 IAA, as it focused “on the communications of foreigners located outside of the United States, but which is also acknowledged to be incidentally collecting Americans’ communications in the process.”

The Senate has blocked an effort by Republicans to expand the use of the FBI’s national security letters (NSL), which demand business records from a wide array of organizations for national security investigations, to include “email metadata and some browsing history information.” The block is a step in the right direction for the NSLs – use of which has grown dramatically after the 2001 Patriot Act lowered the bar for their issuance, but does not address concerns about the NSL’s lack of judicial oversight and their accompanying gag orders.

Last year Nicholas Merrill, who ran the small Internet company Calyx, became the first person allowed to fully disclose the contents of an NSL he received from the FBI in 2004. Thanks to a multi-year court battle Merrill’s gag order was been lifted, and revealed that in 2004 the FBI demanded Merrill “turn over all physical mail addresses, email addresses and Internet Protocol addresses associated with one customer’s account, as well as telephone and billing records and anything else considered to be an ‘electronic communications transactional record.’” The NSL also demanded cell-tower location data and any “screen names” or online nicknames associated with the customer in question.

As recently as 2014, an intelligence panel set up by President Obama proposed, at the very least, requiring judicial approval for issuing NSLs, and cited a 2008 Justice Department Inspector General report as proof that they are extensively misused (more on that 2008 IG report here). The expert intelligence panel also importantly noted that, “We are unable to identify a principled reason why NSLs should be issued by FBI officials when section 215 orders and orders for pen register and trap-and-trace surveillance must be issued by the FISC,” going on to suggest that a transition should take place “as soon as reasonably possible.”

The National Security Agency is withholding 90-year-old information on early American cryptanalytic efforts against Russia and the Soviet Union from a 20-year-old document on the grounds that releasing the information could “reasonably be expected to cause identifiable or describable damage to national security.” Specifically, the NSA claims that the release of the information would harm another government agency’s (OGA) “intelligence activities (including covert action), intelligence sources or methods, or cryptology” – the OGA cited by the NSA is either the Defense Intelligence Agency (DIA) or the CIA. The very dubious withholding joins a growing list of incredulous claims of secrecy, including:

• The CIA withholding documents from 1917 and 1918 — including a document that described World War 1 “secret ink” recipes and instructions on how to open sealed letters covertly.
• The Defense Department needlessly redacting Nikita Khrushchev’s public statements about Jupiter missiles in Turkey from a 50-year-old document; and
• The DIA withholding large sections of a 1975 biographical sketch of General Augusto Pinochet on national security grounds, including Pinochet’s liquor choices – “scotch and pisco sours” – even though it had released the document a year earlier without the redactions.

The National Security Archive today posted a collection of recently discovered British documents that provide a new account of the CIA’s role in a top-secret plan to ravage the Middle East oil industry in the event of a Soviet invasion, turning the oil companies into a paramilitary force ready to execute the “denial policy.” Versions of the “denial policy” remained in effect at least until the Kennedy Administration. The documents also show that British military officials went so far as to contemplate going nuclear to get the job done if suitable conventional weapons were not available.

Michael Landis has a good piece in We’re History on how the X-Men trilogy are inspired by Cold War diplomacy, concluding that “These three connected films show three crucial moments in the Cold War, and three distinct periods of American history, all exploring the dangers of militant nationalism and the rights of racial minorities in a majoritarian society.” It’s worth keeping in mind, however, that the Cuban Missile Crisis eyeball-to-eyeball myth (the “climatic confrontation between US and Soviet ships off the coast of Cuba”) never happened; rather, “the missile-carrying ships were already headed back to the Soviet Union at this point, and were at least 500 nautical miles from the closest American warship.”

Today’s #tbt pick is chosen with the recent cease-fire agreement between the Colombian government and the Revolutionary Armed Forces of Colombia (FARC) in mind. Today’s #tbt pick is a posting from the Archive’s Michael Evans on the under-the-table agreement between the Chiquita Brands International and Colombian terrorist organizations – including FARC. Evans notes:

A Chiquita “Audit Memo” from December 1993 recommended that the company conceal payments to guerrilla groups “to maintain the appearance of a responsible corporate citizen.” By 1995, the company had a “one-inch high binder” of “Boys in the Hills,” according to annotations on another Chiquita accounting record. (“Boys in the hills” is a relatively common expression for guerrilla insurgent groups.) A handwritten memo from 1996 explained how payments to the FARC, ELN and EPL guerrilla groups worked. “We negotiate with all of them,” according to the memo. The EPL, in particular, “helped us out a lot with [the] labor union issue.”

Want to stay on top of the latest FOIA news? Click here to sign up for our weekly FRINFORMSUM email newsletter.

Happy FOIA-ing!