​Last year brought surveillance reform achingly close to passage. The Fourth Amendment Is Not for Sale Act – which would have forced the government to obtain a warrant before purchasing Americans’ personal data from data brokers – passed the U.S. House but died in the U.S. Senate. A warrant requirement for the review of Americans’ personal data fell short in the House in a tie vote.

Now, we know that these were uphill votes not just because of the intense opposition of federal intelligence agencies, but because the Biden White House had overseen an intense lobbying effort to give the illusion of grassroots opposition from state law enforcement.

To create this illusion, the administration reached out to local and federal law enforcement alike with pre-approved talking points from a Washington lobbying firm, letters to sign, and a list of lawmakers to target.

The efforts involved the misuse of High Intensity Drug Trafficking Areas (HIDTAs). These are hybrid federal-state entities intended to provide coordination and ensure the efficient use of federal funds in fighting organized drug crime. The federal side of this partnership is directly overseen by the White House Office of National Drug Control Policy.

A response to a PPSA Freedom of Information Act (FOIA) request reveals that during the prior 118th Congress, these organizations were repurposed for lobbying Congress. Emails from the Chicago HIDTA piggybacked off efforts from a Capitol Hill lobbying firm and orchestrated all the elements of what would appear to a Member of Congress to be a spontaneous grassroots movement by state law enforcement groups and associations in opposition to popular surveillance reform amendments.

This network of federal agencies working behind the scenes to coordinate this messaging, under the purview of the White House, distorted the debate and abused Congressional trust in sincere-sounding letters to Congressional leaders like Rep. Jim Jordan, Chairman of the House Judiciary Committee, and Rep. Jerry Nadler, Ranking Member. Given that HIDTAs are distribution points for significant amounts of much-needed federal funding, it’s questionable how voluntary the sign-on from state law enforcement groups really was.
​
Perhaps Chairman Jordan and Ranking Member Nadler might want to look into how much federal money might have been spent limiting their oversight. At the very least, the current administration should cut off federal funds for lobbying before the surveillance reform debate begins again next year.

​During last year’s congressional debate over surveillance, many defenders of the status quo, including then-FBI Director Christopher Wray, argued that a warrant requirement for the inspection of Americans’ personal information would be a security risk because it would be too time-consuming and burdensome.
 
But a recent response to one of our Freedom of Information Act (FOIA) requests filed with the Criminal Division of the Department of Justice shows that filling out warrant applications are routine and close to boilerplate.
 
In recent years, many of our FOIA requests have gone ignored. In one instance, we received a rude response from the Department of Justice in which 39 pages were redacted, and the 40th page only said: “Hope that’s helpful.”
 
Perhaps there has been a recent change of heart at DOJ. When we sought documents about cell-site simulators (which mimic cell towers and trick cellphones into revealing personal information), we received a polite and partial response. Included in the release was a draft affidavit to guide special agents of the FBI in applying to a U.S. district court to obtain a search warrant to identify a particular cellular device.
 
In it, an agent is prompted to:
 

• Provide evidence that the target device is located within a given area.

 

• There is probable cause to believe that the targeted individual is likely carrying the targeted cellular device, and is “necessary to identify the suspect and establish a connection between the suspect and the suspected crime.”

 

• “Once investigators ascertain the identity of the Target Cellular Device, they will cease using the investigative technique.”

The draft warrant application concludes: “A search warrant may not be legally necessary to compel the investigative technique described herein. Nevertheless, I hereby submit this warrant application out of abundance of caution.”
 
The agent then submits this document as sworn testimony.
 
PPSA hopes this response to our FOIA is a sign of a renewed commitment to meet our lawful requests for documents. And we urge surveillance hawks to consider that the routine filing of such applications demonstrates that it is far from excessively burdensome.
 
There, that wasn’t so hard now, was it?

​When CNN last week filed a Freedom of Information Act (FOIA) request asking for details about the Department of Government Efficiency (DOGE) and who has been granted access to sensitive or classified government documents, the news organization says it received an anonymous response from an Office of Personnel Management email account.
 
“Good luck with that,” the reply said, “they just got rid of the entire privacy team.”
 
So how outraged are we as a civil liberties organization that often files FOIA requests over the firing of very people who process our requests?
 
Not very. To be candid, PPSA has a higher level of concern over the change of the New York Yankees’ facial-hair policy, although we are split internally between a pro-beard and anti-beard faction.
 
The reason for our insouciance is that while privacy personnel in government offices scrupulously acknowledge receipt of our filings, the follow-up is always a ramshackle mess usually leading to a dead end. Deadlines mandated in statute are routinely ignored. And when the government does deign to answer us, it comes back with something called a “Glomar response.” This is a judicially created doctrine from the 1970s – created in response to reporting on the CIA’s recovery of a sunken Soviet submarine with nuclear-tipped missiles – that allows agencies to issue a non-response response.
 
Glomar responses, once uncommon, are now the boilerplate answer for most of our FOIAs.
 
This happened most recently when PPSA filed a FOIA request asking the National Security Agency to produce records showing how much money it spent buying Americans’ personal digital data, the size of the dataset purchased, and the sources of the data.
 
In July, NSA gave us a classic Glomar response, that it cannot disclose “the existence or non-existence” of the requested information. The government usually shrugs off our lawful requests for information by issuing a Glomar response.
 
When we sought dollar amounts of NSA spending on purchases of Americans’ personal information, and who is selling it to them, the NSA’s Glomar response also included a statement that it had not performed a records search – as required by the FOIA law. Riddle me this: How did the NSA know that these documents merited the hush-hush, top-secret Glomar response, previously reserved for the recovery of Soviet nuclear tipped missiles, if the agency didn’t even search for them?
 
Another one of our FOIA requests: We asked the government to reveal top-line facts about purchases about surveillance of Members of Congress who served on committees with oversight of the intelligence communities?
 
Glomar response.
 
Another one: Can the government reveal how many times it has “unmasked” – or internally identified – Members of Congress caught up in foreign communications?
 
Glomar response.
 
And then there is this middle-finger response from the Department of Justice to another one of our FOIA requests. They sent us 40 completely redacted pages to a FOIA request, with only one line unredacted: “Hope that’s helpful.”
 
We are sorry people in the privacy offices of the government are losing their jobs. We appreciate that they don’t make policy, just execute it, although that responder at Justice – who didn’t have the guts to sign his or her name – should probably find employment elsewhere, preferably a junkyard. We hope the rest of these government employees will be happier in public or private-sector jobs that actually do something for somebody.

​Administrative subpoenas are the backstage pass for federal agents seeking to warrantlessly surveil millions of Americans. PPSA filed a FOIA lawsuit on Tuesday against the Department of Justice to bring this practice to light.
 
Thanks to the investigative efforts of Sen. Ron Wyden (D-OR), we have had a glimpse into the murky practice of using what is really an administrative order (given the deference of courts to such “subpoenas”) to collect bulk data. Sen. Wyden revealed that the Homeland Security Investigations unit of the Homeland Security Department fired off administrative subpoenas to acquire millions of financial records from wire-money transfers. In this way, the government got its hands on millions of financial records, complete with personal information, that included money transfers between Arizona, California, New Mexico, Texas, and Mexico.
 
But a multitude of other agencies also issue administrative subpoenas – and there is no telling what they are collecting.
 
“It is likely that in most cases, they are seeking bulk data of millions of innocent Americans to sift through, rather than targeted data against an individual based on probable cause,” said Gene Schaerr, PPSA general counsel. “It is hard to think of a more direct violation of the Fourth Amendment.”
 
PPSA submitted a FOIA request in June 2023, asking the Justice Department and its units for records on whether probable cause standards were applied to administrative subpoenas. How many administrative subpoenas were issued without probable cause? How many were rejected for lacking probable cause? Perhaps most importantly: How many administrative subpoenas were not directed at a particular identifiable investigation or target?
 
In the year-and-a-half since the filing of our FOIA request, the Justice Department and its constituent parts have failed to respond “promptly” – or at all – to PPSA’s query, as the law requires.
 
The FBI did direct PPSA to its Vault website. But the FBI did not state that the Vault contained all responsive records, and did not identify under what categories in this voluminous online chamber of documents the requested records could be found. The FBI and the Executive Office for the United States Attorneys were only a little more responsive than Justice’s Office of Information Policy, the Criminal and Civil divisions of the Justice Department, and the Bureau of Alcohol, Tobacco, Firearms and Explosives – which did not respond in a substantive way at all.
 
“Courts have held that the Freedom of Information Act does not permit agencies to send requesters on a ‘scavenger hunt,’” Schaerr said. “Yet that is what the FBI is doing. Most of the other Justice Department agencies are completely unresponsive. That is why we are filing suit in the U.S. District Court in Washington, D.C., to ask a federal judge to end this lawlessness.”
 
PPSA will report significant developments in our case as they occur.

​In internal documents unearthed by a PPSA Freedom of Information Act (FOIA) request, the Drug Enforcement Administration (DEA) implicitly admits it searches the cellphones of innocent people who may be lumped in with the guilty.
 
One such document was a template for a search warrant affidavit used when DEA seeks to surveil its targets using cell-site simulators, also known as stingrays. The affidavit template commendably advises: “At a minimum, it is necessary to establish probable cause to believe that the suspect is likely to be carrying the Target Cellular Device, and that records about that cellular device’s use will be pertinent to the investigation.”
 
So far, so good.
 
Then the affidavit template advises that it is “often” the case that the Targeted Cellular Device is carried by someone who is “also” a suspect. Thus, the template contemplates two categories of searches – suspects and those who may not be suspects. This might mean, for example, that a suspected drug dealer’s phone, if used by his teenage daughter, could subject her communications to a search.
 
The DEA is thus led, as is so often the case in surveillance, by the robustness of modern technology that combines the privacy rights of the innocent in investigations of suspects of a crime. If the probable cause justification violates the privacy of people who are “often” suspects, what does this mean to those who are somehow adjacent to a suspect?
 
Other documents obtained in FOIA responses from the DEA showed eight instances in recent years in which it waived the Fourth Amendment requirement for a probable cause warrant for the use of cell-site simulators for cellphone surveillance.
 
These searches of cellphones were performed under “exigent” circumstances. These are emergencies in which law enforcement must move immediately – typically, the abduction of a child, a mass shooter ready to act, or a terrorist on the verge of a mass casualty attack. PPSA supports the need for law enforcement to be free to move forward in such emergencies. Congressional oversight would benefit, however, if the DEA offered categories of justification for these exceptions so we can be assured that they were genuine emergencies.
 
A final note: PPSA had to pull teeth to get the DEA to respond to our FOIA request, which it is required to do by law. We asked for responsive records on “exigent” and “emergency” circumstances in 2023. DEA waited a year to respond. Its response in February, however, was a denial, citing FOIA’s “Exemption 2” – which permits withholding records related solely to an agency’s internal personnel rules and practices. But PPSA did not ask for HR records and practices. Courts have held that “Exemption 2 is not subject to … a genuine and significant public interest,” which certainly describes the surveillance practices of the DEA.
 
To get a response to our FOIA request, PPSA had to appeal to the Office of Information Policy (OIP) of the Department of Justice. OIP overruled the DEA, which subsequently produced the records we quote here. Such grudging responses to the Freedom of Information Act by the DEA force us to look at its practices through a glass darkly. Perhaps the next Congress will take our insights as guidance to direct the DEA to be more forthcoming about its surveillance practices and how they impact the American people.

​The Project for Privacy and Surveillance Accountability recently submitted a series of FOIA requests to law enforcement and intelligence agencies seeking critical information on how the agencies handle data obtained through the use of cell-site simulators, also known as Stingrays or Dirtboxes, which impersonate cell towers and collect sensitive data from wireless devices.  Specifically, PPSA submitted requests to DOJ, CIA, DHS, NSA, and ODNI. 
 
These requests focus on what happens after the government collects this data. As PPSA’s requests state, PPSA “seeks information on how, once the agency obtains information or data from a cell-site simulator, the information obtained is used.” We are particularly interested in learning about the agencies’ policies for data retention, usage, and deletion, especially for data collected from individuals who are not the target of surveillance.
 
PPSA has long been concerned with the invasive nature of these surveillance tools, which capture not only targeted individuals' data but also data from anyone nearby. As we previously stated in a 2021 FOIA request, “this technology gives the government the ability to conduct sweeping dragnets of metadata, location, and even text messages from anyone within a geofenced area.”
 
These FOIA requests specifically demand transparency about what happens after the government collects such data. We seek records regarding policies on data retention, use, and destruction, particularly for information unrelated to surveillance targets. As our requests state, “PPSA wishes to know what policies govern such use and what policies, if any, are in place to protect the civil liberties and privacy of those whose data might happen to get swept up in a cell-site simulator’s data collection activities.”
 
As we previously highlighted, Stingrays represent a significant intrusion into personal privacy, and we are committed to holding the government accountable for its use of such tools. By pursuing these requests, we aim to inform the public about the scope and potential risks of the agencies’ surveillance activities, and to push for greater safeguards over Americans’ private information. PPSA will continue to push towards transparency, and we will keep the public informed of our efforts.

In the Paris Olympics this summer, USA’s Noah Lyles edged out Kishane Thompson of Jamaica to win the gold in the 100-meter race by 0.005 seconds, or 5 milliseconds. That’s far less than the 10th of a second, or 100 milliseconds, that it takes for the human eye to blink.
 
Now imagine if someone had snuck lead linings into the soles of Lyles’ shoes or put itching powder in his nylon vest. When a race comes down to such a slender margin, the slightest change can tip the scales.
 
A legislative version of the 100-meter dash occurred in mid-April when the U.S. House of Representatives voted 212-212 to require the FBI and other government agencies to get a warrant before inspecting the communications of Americans that get caught up in foreign surveillance programs. The warrant requirement for FISA Section 702 finally lost by a single tie-breaking vote.
 
Thanks to a Freedom of Information Act (FOIA) request from Patrick Eddington of the Cato Institute we now know that the Department of Justice did, in fact, put lead linings in the shoes of surveillance reformers.
 
Here’s what happened: In its FOIA, Cato sought audits of Section 702 programs that would show potential abuses of that program and set a deadline for March 29. On March 15, the Justice Department informed D.C. Circuit Judge Tanya Chutkan that it would be “impracticable” to have a response ready by March 29. At that time, Congressional debate was heating up. It wasn’t until July 23 that Cato finally received responsive records.
 
Though heavily redacted, the records contained two shocks.
 
The first is that one person at the FBI conducted 122 improper queries – and that the investigation into these searches were stymied when this individual abruptly left the FBI.
Had Eddington been provided this and other data from Justice’s FOIA response by March 29, he writes in The Orange County Register, “I would have immediately shared those audits and findings contained within with the House and Senate Judiciary and Intelligence Committees, along with any other interested House or Senate committees or Members, to help inform their deliberations over whether to renew the 702 program or let it die.”
 
The second shock is that Cato’s analysis of the 702 audits show that their declassification review was completed ten days before a Justice Department lawyer told Judge Chutkan that it would be “impracticable” to complete these audits before March 29. The work had already been done.
 
Cato is now filing a new FOIA that will target records on how this existing FOIA case was actually handled. In the meantime, Eddington writes, “every judge on the federal bench needs to reevaluate any presumption of regularity by executive branch officials when dealing with cases that involve government surveillance threats to the First and Fourth Amendment rights of Americans.”
​

​The U.S. Department of Justice is pioneering ever-more dismissive gestures in its quest to fob off lawful Freedom of Information Act (FOIA) requests seeking to shed light on government surveillance. One PPSA FOIA request, aimed at uncovering details about the DOJ's purchase of Americans’ commercially available data from third-party data brokers, sets a new record for unprofessionalism.
 
Until now, we had become used to the Catch-22 denials in which the government refuses to even conduct a search for responsive records with a Glomar response. This judge-made doctrine allows the withholding of requested information if it is deemed so sensitive that the government can neither confirm nor deny its existence. But when the government issues a Glomar response without first conducting a search, we can only ask: How could they know that if they haven’t even searched for the records?
 
DOJ’s latest response that arrived this week, however, is a personal best. The DOJ’s response shows that it didn’t bother to even read our FOIA request.
 
Our request sought records detailing the DOJ's acquisition of data on U.S. persons and businesses, including the amounts spent, the sources of the data, and the categories of information obtained. This request was clearly articulated and included a list of DOJ components likely to have the relevant records. Despite this clarity, DOJ responded by stating that the request did not sufficiently identify the records.
 
DOJ's refusal to conduct a proper search appears to be based on a misinterpretation, either genuine or strategic, of our request. DOJ claimed an inability to identify the component responsible for handling a case based solely on the “name” of the case or organization. However, PPSA's request did not rely on any such identifiers.
 
Instead, DOJ's response indicates that it may have resorted to a generic form letter to reject our request without actually reviewing its contents. Precedents like Miller v. Casey and Nation Magazine v. U.S. Customs Service establish that an agency must read requests “as drafted” and interpret them in a way that maximizes the likelihood of uncovering relevant documents.
 
DOJ’s blanket dismissal is not just a bureaucratic oversight. It is an affront to the principles of openness and accountability that FOIA is designed to uphold. If the DOJ, the agency responsible for upholding the law, continues to disregard its legal obligations, it sets a dangerous precedent for all government agencies.
 
The good news is that DOJ’s Office of Information Policy has now ordered staff to conduct a proper search in response to PPSA’s appeal, a directive that should have been unnecessary. It remains to be seen whether the DOJ will comply meaningfully or continue to obstruct … perhaps with another cookie-cutter Glomar response.
 
How far might DOJ go to withhold basic information about its purchasing of Americans’ sensitive and personal information? In a Glomar response to one of our FOIA requests in 2023, DOJ came back with 40 redacted pages from a certain Mr. or Mrs. Blank. They gave us nothing but a sea of black on each page. The only unredacted line in the entire set of documents was: “Hope that’s helpful.”
 
This latest response is just another sign that those on the other end of our FOIA requests are treating their responsibilities with flippancy. This is unfortunate because the American public deserves to know the extent to which our government is purchasing and warrantlessly accessing our most private information. Filing these requests and responding to non-responsive responses administratively and in court is laborious and at times frustrating work.
 
But somebody has to do it – and PPSA will continue to hold the government accountable.

​Cell-site simulators, often known by the trade name “stingrays,” are used by law enforcement to mimic cell towers, spoofing mobile devices into giving up their owners’ location and other personal data. Thousands of stingrays have been deployed around the country, fueled by federal grants to state and local police.
 
PPSA has long reported that the FBI severely restricts what local police and prosecutors can reveal about the use of stingrays in trials. Now we can report that these practices are continuing and interfere with prosecutors’ duty to participate in discovery and turn over potentially exculpatory evidence.
 
The government’s response to a PPSA FOIA request reveals a standard non-disclosure agreement between the federal government and state and local police departments. This template includes a directive that the locals “shall not, in any civil or criminal proceeding, use or provide any information concerning the [redacted] wireless collection equipment/technology.” This includes any documents and “evidentiary results obtained through the use of the equipment.”
 
The agreement also states that if the agency “learns that a District Attorney, prosecutor, or a court” is considering releasing such information, the customer agency must “immediately notify the FBI in order to allow sufficient time for the FBI to intervene …” Most likely the squeeze will come with a threat to end the provision of stingrays to the state or local police, but other forms of intimidation cannot be ruled out.
 
Got that, judges and district attorneys? Any attempt to fully disclose how evidence was obtained, even if it would serve to clear a defendant, must be withheld from the public and defense attorneys or the FBI will want a word with you.

As part of their responses to PPSA’s FOIA requests, the Department of Justice and Department of State recently produced their own derivative classification guides. These protracted documents have hundreds of different classification rules, which might explain part of the prolific growth in derivative classifications that PPSA has previously reported on.
 
But even among this maze of rules, one item stands out: Government classification rules show that the use of or application for a FISA warrant, in any case, is automatically classified as “secret,” a level of protection supposed to be reserved for when a release can be “expected to cause serious damage to national security" if made public. This means the use of FISA in any case will, at a minimum, remain locked away for 25 years. And worse, these qualify for an exception to automatic declassification, and so the government can extend those blackouts indefinitely.
 
“The use of FISA warrants issued against any American for any reason is secret,” said Gene Schaerr, PPSA general counsel. “And given previous scandals, a multitude of abuses could well be hidden in these blanket classifications.”
 
It is easy to understand why the government would want to classify many FISA warrants. Revealing them could expose ongoing efforts to track Chinese spies, counter Russian saboteurs, and catch possible Iranian assassins. There is also something to the customary government concern about protecting “sources and methods.” But does it make sense for the government to hide every FISA warrant? After all, these guides show that federal agents already make the determination to classify other potentially more important information on a case-by-case basis, including government passwords, safe combinations, and attempted or successful cyberattacks on systems containing national security information.
 
Schaerr said:
​
“As we saw in the Crossfire Hurricane scandal, the rights of all Americans can be implicated when the FISA process is abused. At the very least, this ‘classify first, ask questions later’ approach calls for the House to follow the example of the U.S. Senate and to allow for more House staffers to receive security clearances that enable them to advise House Members on the soundness of the government’s use of FISA warrants. This knowledge gap calls out for more Congressional oversight.”

​PPSA has fired off a succession of Freedom of Information Act (FOIA) requests to leading federal law enforcement and intelligence agencies. These FOIAs seek critical details about the government’s purchasing of Americans’ most sensitive and personal data scraped from apps and sold by data brokers.
​
PPSA’s FOIA requests were sent to the Department of Justice and the FBI, the Department of Homeland Security, the CIA, the Defense Intelligence Agency, the National Security Agency, and the Office of the Director of National Intelligence, asking these agencies to reveal the broad outlines of how they collect highly private information of Americans. These digital traces purchased by the government reveal Americans’ familial, romantic, professional, religious, and political associations. This practice is often called the “data broker loophole” because it allows the government to bypass the usual judicial oversight and Fourth Amendment warrant requirement for obtaining personal information.

“Every American should be deeply concerned about the extent to which U.S. law enforcement and intelligence agencies are collecting the details of Americans’ personal lives,” said Gene Schaerr, PPSA general counsel. “This collection happens without individuals’ knowledge, without probable cause, and without significant judicial oversight. The information collected is often detailed, extensive, and easily compiled, posing an immense threat to the personal privacy of every citizen.”

To shed light on these practices, PPSA is requesting these agencies produce records concerning:
​

• Purchases of Commercially Available Data: Records detailing purchases of data on U.S. persons and businesses, including the amount spent, the size of datasets, and data sources.

 

• Frequency of Data Acquisitions: Records showing how often the agency acquires data from third-party brokers.

 

• Vendors: Information on the number of foreign and domestic data vendors selling data to the agency.

 

• Categories of Data: Records indicating the types of commercially available information obtained from these vendors.

Shortly after the House passed the Fourth Amendment Is Not For Sale Act, which would require the government to obtain probable cause warrants before collecting Americans’ personal data, Avril Haines, Director of National Intelligence, ordered all 18 intelligence agencies to devise safeguards “tailored to the sensitivity of the information.” She also directed them to produce an annual report on how each agency uses such data.
 
PPSA believes that revealing, in broad categories, the size, scope, sources, and types of data collected by agencies, would be a good first step in Director Haines’ effort to provide more transparency on data purchases.

​For the second time, PPSA has been forced to go to court to oppose the delaying tactics of the National Security Agency, the CIA, the FBI, and the Office of the Director of National Intelligence in complying with its obligations under Freedom of Information Act (FOIA).
 
PPSA’s FOIA request, now years old, asks these agencies to produce documents concerning their acquisition and use of commercially available information regarding 145 current and former Members of Congress. These Members have served on committees with oversight responsibilities of the intelligence community.
 
Earlier this year, federal Judge Rudolph Contreras rejected the agencies’ insistence that the Glomar doctrine – which allows agencies to neither confirm nor deny the existence of certain records – relieves them of their statutory obligations to search for responsive records. Judge Contreras had narrowed PPSA’s request to exclude operational documents, ordering agencies to search for only policy documents. He cited agencies correspondence with Members of Congress as an example of a policy document. Judge Contreras wrote, “it is difficult to see how a document such as this would reveal sensitive information about Defendants’ intelligence activities, sources or methods.”
 
Yet the intelligence community is defying its legal obligations for a second time. The agencies’ new strategy rests on a nonsensical linkage to an entirely different PPSA case, currently before the D.C. Circuit, that happens to also use the term “policy documents.”
 
By conflating separate cases, the agencies suggest that they meant to challenge Judge Contreras’ order to search only for “policy documents.” But the agencies have not done so, and this is clearly just the latest delay tactic used to ignore FOIA’s clear search requirement, which Judge Contreras reinforced earlier this year. 
 
As a result of this new attempt at delay and obfuscation, agencies are now asking the Court to significantly expand Defendants’ delays by staying this case into 2025. PPSA is hopeful that these agencies will eventually comply with a direct and unambiguous order from a federal judge.

​The Drug Enforcement Administration’s response to three PPSA Freedom of Information Act (FOIA) requests shows just how far government respect for that law has fallen. As we’ve seen recently with other government agencies, DEA didn’t even try to pretend it was following that law.
 
Over the course of a year, PPSA filed three FOIA requests with the DEA seeking documents relating to the use of cell-site simulators, commonly known by the trade name Stingray. Government agencies use these devices to mimic cell towers, pinging consumers’ cellphones in a given geographic area to prompt them to give up private location data, and sometimes the content of communications. PPSA sought records since 2015 that reflect each use of a cell-site simulator by DEA that was conducted without a warrant based on emergency, exceptional, or “exigent” circumstances.
 
We thought it would be a useful guide for public policy to know how often the agency defined something as an emergency, side-stepping the need to obtain a probable cause warrant.
 
On Monday, DEA came back with one combined response to all three FOIAs we had issued over the course of many months. If DEA had followed the law, it would have conformed to a federal precedent, Truitt v. Department of State (1990), which held that it “is elementary that an agency responding to a FOIA request must conduct a search reasonably calculated to uncover all relevant documents, and if challenged, must demonstrate beyond material doubt that the search was reasonable.”
 
Instead, DEA did not even try to pass the laugh test. It waved away all three FOIA requests citing an exemption that covers personnel documents and other Human Relations files. How could PPSA’s request for the use of cell-site simulators for emergency circumstances, in the words of the law, fall under an exemption for subjects that relates “solely to the internal personnel rules and practices of an agency”?
 
In a letter to the Director of Information Policy of the Department of Justice, PPSA general counsel Gene Schaerr responded: “It is almost certain that at least some documents concerning broader surveillance policy or related record-keeping would be responsive. Of course, DEA does not know one way or the other whether this is accurate because it refused to look for responsive records.”
 
How would DEA know that this request only involved personnel records without a responsive search? It is clear that DEA simply wanted to clear this one FOIA request off its desk.
 
We wish this case was an exception. Federal FOIA responses are becoming increasingly farcical. A FOIA response from the Department of Justice included 40 redacted pages with an insulting valediction – “hope that’s helpful.” Expect this lawless attitude toward the Freedom of Information Act to continue until courts step in and start leveling sanctions against those who treat the law as an ignorable suggestion.

​Late last week, Judge Rudolph Contreras ordered the NSA, the CIA, the FBI, and the Office of the Director of National Intelligence to respond to a PPSA Freedom of Information Act (FOIA) request. The government now has two weeks to schedule the production of “policy documents” regarding the intelligence community’s acquisition and use of commercially available information regarding 145 current and former Members of Congress.
 
This is the second time Judge Contreras has had to tell federal agencies to respond to a FOIA request PPSA submitted. In late 2022, Judge Contreras rejected in part the FBI’s insistence that the Glomar doctrine allowed it to ignore FOIA’s requirement to search for responsive records. Despite that clear holding, the FBI – joined this time by several other agencies – again refused to search for records in response to PPSA’s FOIA request. And Judge Contreras had to remind the agencies again that FOIA’s search obligations cannot be ducked so easily. 
 
Instead, Judge Contreras found that PPSA “logically and plausibly” requested the policy documents about the acquisition of commercially available information. And Judge Contreras concluded that a blanket Glomar response, in which the government neither confirms nor denies the existence of the requested documents, is appropriate only when a Glomar response is justified for all categories of responsive records.
 
The judge then described a hypothetical letter from a Member of Congress to the NSA that clarifies the distinction between operational and policy documents. He considered that such a letter might ask if the NSA “had purchased commercially available information on any of the listed Senators or Congresspeople” without revealing whether the NSA (or any other of the defendant agencies) “had a particular interest in surveilling the individual.” Judge Contreras decided that “it is difficult to see how a document such as this would reveal sensitive information about Defendants’ intelligence activities, sources, or methods.”
 
It is on this reasoning that the judge ordered these agencies to produce these policies documents. We eagerly awaits the delivery of these documents in both cases. Stay tuned.

​Earlier this week, PPSA asked the D.C. Circuit court to require federal agencies to follow FOIA’s most basic requirement: conduct a search for records. Although that should be simple enough, agencies have been excusing themselves of that obligation at an alarming rate, and PPSA has asked the court to rein in this practice.   
 
PPSA’s request this week for an en banc hearing follows up on a FOIA request PPSA submitted in 2020 to six agencies – the Department of Justice and the FBI, the Office of the Director of National Intelligence, the National Security Agency, the Central Intelligence Agency, and the Department of State. PPSA sought records from these agencies about the possible surveillance of 48 Members of Congress who serve or served on intelligence oversight committees.
 
The request specifically concerns two intelligence practices under the Foreign Intelligence Surveillance Act (FISA).
 
One such practice is “unmasking,” which results in the naming of Americans caught up in foreign surveillance in U.S. intelligence summaries. The other practice is “upstreaming,” the use of a person’s name as a search term in a database. Targets include prominent current and former House and Senate Members, including Sen. Marco Rubio, Rep. Mike Turner, Rep. Adam Schiff, as well as now-Vice President Kamala Harris and former Secretary of State Mike Pompeo.
 
“Their silence speaks volumes,” Gene Schaerr, PPSA general counsel said at the time. “They clearly do not want to answer our requests.”
 
Last year, the district court invoked the judicially created Glomar doctrine, which allows agencies to neither confirm nor deny the existence of records relating to matters critical to national security. In doing so, the district court relied on the D.C. Circuit’s expansion of the Glomar doctrine in Wolf v. CIA (2007) and Electronic Privacy Information Center (EPIC) v. NSA (2012), which allows agencies to refuse to confirm or deny the existence of records without even searching first to determine if any records might exist. In both instances, the federal court allowed the government to skip the search requirement in the text of the Freedom of Information Act.
 
PPSA is now petitioning the court to reconsider this ruling with an en banc hearing with the court.
 
“FOIA’s plain text requires federal agencies to search for responsive records before determining what information they may properly withhold, even in the Glomar context,” PPSA declares. “Wolf and EPIC are untenable in the face of intervening Supreme Court precedent, and they clash with at least three other circuits that, even in Glomar cases, reject deviating from the demands of FOIA’s plain text.”
 
In short, PPSA is alerting this federal court how far it has strayed from precedent and the law.
 
Glomar began as a judicial solution to protect the most sensitive secrets of the nation. In the original case, Glomar protected secrets involving the CIA’s raising of a sunken Soviet nuclear submarine. It has since been expanded to prevent the searching of records; an inherently absurd proposition given that agencies cannot even make a Glomar determination without looking. And Glomar is now reflexively used to plainly defy FOIA, a law that mandates searches.
 
PPSA will report on the court’s response.

​For years PPSA has documented the increasing disposition of federal intelligence and law enforcement agencies to use the ever-expanding Glomar response – a “cannot confirm or deny” answer once reserved for the nation’s most closely guarded secrets – as a blanket response to any meddlesome Freedom of Information Act (FOIA) requests.
 
We should not overlook, however, another handy tool for FOIA avoidance, and that is to release the requested document but redact many or all of its meaningful parts. Now the Department of Justice Office of the General Counsel has perfected this technique, taking it to its logical end.
 
It began in 2020 when PPSA joined with Demand Progress to file a FOIA request. Our request concerned surveillance that may be taking place under no statute, but instead under a self-professed authority of the executive branch known as Executive Order 12333. The reply from the FBI is, in its own way, telling.
 
In the DOJ response, a certain Mr. or Ms. BLANK who holds the title of BLANK in the Office of the General Counsel returned with 40 pages of responsive documents. Thirty-nine pages are redacted in their entirety, as is the 40th page, with the redacted name of the signator and his/her redacted title, but with one, unredacted statement:
 
Hope that’s helpful.
 
There’s honestly no other way to take this than the Department of Justice shooting a middle finger at the very idea of a FOIA request, an exercise of the Freedom of Information Act, passed by Congress and signed into law by President Lyndon Johnson. This is a shame because the subject of this request is an important one.
 
Demand Progress and PPSA based our FOIA request on a July 2020 letter from now-retired Sen. Patrick Leahy (D-VT) and current Sen. Mike Lee (R-UT) to then-Attorney General William Barr and then-Director of National Intelligence John Ratcliffe. The two senators noted the expiration of Section 215 of the Foreign Intelligence Surveillance Act (FISA), commonly known as the “business records” provision of FISA. The intelligence community had vociferously lobbied for the renewal of Section 215 with predictions that allowing its expiration would lead to something akin to the city-destroying scenes in the 1996 movie Independence Day.
 
Then the Trump Administration called their bluff and allowed this authority to expire. The response from the intelligence community? Crickets.
 
The sudden complacency of the intelligence community struck many as suspicious. Were federal intelligence and law enforcement agencies shifting their surveillance to another authority? Sens. Leahy and Lee seemed to think so. They wrote:
 
“At times the executive branch has tenuously relied on Executive Order 12333, issued in 1981, to conduct surveillance operations wholly independent of any statutory authorization … This would constitute a system of surveillance with no congressional oversight potentially resulting in programmatic Fourth Amendment violations at tremendous scale … We strongly believe that such reliance on Executive Order 12333 would be plainly illegal.”
 
This July 2020 letter, with a detailed series of penetrating questions about the practice and scope of 12333 surveillance, was issued by two powerful and respected members of the United States Senate … And it hit the walls of the Department of Justice and the Office of the Director of National Intelligence with all the full force of wet spaghetti. As with so many other congressional requests, this letter was not answered in any substantive way.
 
So Demand Progress joined with PPSA in October 2020, in an effort to use the law to compel an answer, this time as a formal FOIA request. We leveraged that law to request responsive documents that would reveal how the agencies might be repurposing EO 12333 to pick up the slack from the expired 215 authority, in order to spy on persons inside the United States.
 
And this is the answer we get. It can only be taken, in a general way, as confirmation that Executive Order 12333 is, in fact, being relied upon for the surveillance of people in the United States. This is one more reason why Congress should use the reauthorization of Section 702 to seek broad surveillance reform, including significant guardrails on Executive Order 12333. With mounting evidence of abuses of Americans’ civil rights, a powerful coalition of leading conservatives and liberals in Congress is building steam to do just that.
 
Hope that’s helpful.

​Gene Schaerr, PPSA general counsel, today announced the filing of an administrative appeal with the Department of Justice after a “ludicrous scavenger hunt response” from the FBI to a Freedom of Information Act (FOIA) request.
 
PPSA had submitted this FOIA request in mid-June asking for documents from DOJ law enforcement agencies. PPSA sought records about the use of administrative subpoenas, which are often used to collect bulk data rather than aim at an identifiable target for a specific reason, as required by the Fourth Amendment of the U.S. Constitution. These subpoenas are often used without any showing of probable case.
 
To learn more about this practice, PPSA requested documents concerning when DOJ uses administrative subpoenas, “whether and when it has used them without probable cause, when it has used them as alternatives to a court-ordered subpoena, and when DOJ shares data obtained through administrative subpoenas with other federal or state agencies.”
 
But the FBI couldn’t trouble itself to search for any records. Instead, the FBI blithely directed PPSA to rummage through the voluminous documents on its online “Search Vault,” suggesting that there could be responsive records somewhere in that database.  The FBI never suggested that all responsive records would be found in the Vault.   
 
“The FBI’s scavenger hunt response is ludicrous,” Schaerr said. “PPSA sought records reflecting the FBI’s use of administrative subpoenas with and without probable cause. In both instances, the request did not require the FBI to do anything other than search for records concerning the use of administrative subpoenas, and how those subpoenas addressed the presence or absence of probable cause.”
 
Schaerr cited a precedent, Miller v. Casey (1984), that the FBI is bound to read a FOIA request as drafted, not as agency officials might wish it was drafted.
 
“The FBI’s willful refusal to search is a legal error,” Schaerr said. “The FBI might want to avoid the work FOIA requires of it, but we are hopeful the Director of Information Policy at DOJ, and beyond that if necessary, the courts, will recognize that the law does not recognize exceptions for inconvenience.”
 
PPSA awaits responses from other DOJ components, ranging from the Executive Office for United States Attorneys, DOJ’s Criminal Division, the Drug Enforcement Administration, and the Bureau of Alcohol, Tobacco, Firearms and Explosives.

​PPSA is asking a DC federal court to compel the top federal intelligence and law enforcement agencies to search for records related to how they acquire and use the private, personal information of 110 Members of Congress purchased from third-party data brokers.
 
In a Freedom of Information Act (FOIA) request filed in July, 2021, PPSA had asked the Office of the Director of National Intelligence, the National Security Agency, the Department of Justice and the FBI, and the CIA for records related to the possible purchase and use of commercially available information on current and former members of the House and Senate Judiciary Committees.
 
The request covered such leading Members of Congress as House Judiciary Chairman Jim Jordan, Ranking Member Jerry Nadler, Senate Judiciary Committee Chairman Dick Durbin, Ranking Member Chuck Grassley, and former Members that included Vice President Kamala Harris and Florida Governor Ron DeSantis.
 
PPSA’s motion for summary judgment filed before the U.S. District Court for the District of Columbia confronts the assertion by these multiple agencies that to even search for responsive documents would harm national security.
 
PPSA’s motion notes that under FOIA, “agencies must acknowledge the existence of information responsive to a FOIA request and provide specific, non-conclusory justifications for withholding that information.” The agencies instead stonewalled this FOIA request by invoking the judge-created Glomar response, meant to be a rare exception to the general rule of disclosure, which allows the government to neither confirm nor deny the existence of such records.
 
“Requiring Defendants here to perform FOIA searches within the secrecy of their own silos does not, by itself, compel the automatic disclosure of any information whatsoever," PPSA declares in its motion. “[B]ecause the initial step of conducting an inter-agency search makes no such disclosure, their arguments are neither logical nor plausible justifications for shirking their duty to perform an internal search.”
 
The issue of government spying into the private, personal information of Members of Congress, tasked with oversight of these agencies, involve the serious potential for executive intimidation of the legislative branch. The ODNI recently declassified an internal document noting that commercially available information can be used to “facilitate blackmail, stalking, harassment, and public shaming.”
 
“The government doesn’t even want to entertain our question,” said Gene Schaerr, PPSA general counsel. “What do they have to hide?”

​One of the frustrations – there are many – of trying to pry answers about surveillance policy from federal agencies with Freedom of Information Act (FOIA) requests are the heavy redactions to responsive documents that protect “sources and methods.”
 
No one wants to blow a technique by which government intelligence and law enforcement agencies track bad guys. And no one wants an undercover agent or a confidential informant to wind up tied to a chair in dank basement because their cover was blown.
 
And so when redactions come back with heavy ink, we are supposed to trust that the government has good reasons for holding back that information. According to an Executive Order issued by President Obama, EO 13526, information cannot be classified by the government to merely spare an agency embarrassment.
 
Enter Paul Sperry of RealClear Investigations, who brings to light a new twist in a saga that we thought had been thoroughly explored – the problems with the FBI’s four applications to surveil Trump campaign advisor Carter Page in 2016 and 2017.
 
Sperry reports that redactions in a “Classified Appendix” to Special Counsel John Durham’s final report have nothing to do with sources and methods. It concerns an FBI request to the secret FISA Court to allow the Bureau to continue spying on Carter Page in early 2017. The FBI indicated that it had verified a rumor that Page had worked with the Kremlin to swing the recent election in Trump’s favor.
 
When the black ink is stripped away, Sperry reports, what did the redactions hide? They disguised the fact that the FBI took this investigative lead from a news story in The Washington Post, which the newspaper later retracted after determining it to be false.
 
So that’s the FBI’s “source and method” deemed so sensitive that it had to be hidden from the public?
 
It was a subscription to The Washington Post.
 
Who knows what other embarrassments government hides with its redactions. When all else fails, the government can simply refuse to respond at all by issuing a Glomar response. This is a court-created doctrine that came out of a super-secret CIA project to refloat a sunken Soviet submarine. Ever since, the Glomar response has been used to protect information so sensitive that the government is allowed to neither confirm nor deny… anything.
 
So forgive us if we’re jaded enough to believe that much of the black ink and Glomar responses are just the government protecting its own backside.

​FBI documents acquired through Freedom of Information Act (FOIA) requests by PPSA  and the American Civil Liberties Union show how authorities continue to conceal information about how stingray technology is really being used. The downstream effect of this deception likely results in defendants being denied the ability to know how a case was constructed against them, degrading their right to a fair trial.
 
Dozens of federal and state agencies have benefitted from the generosity of the Department of Justice in sharing with state and local police cell-site simulators, popularly known by the brand name “Stingrays.” These devices trick cellphones into revealing their owners’ locations and other sensitive, personal information.
 
An email from the Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF), released today by PPSA, one ATF official writes to another:
 
“To remain consistent with our DOJ Partner, in this case, the USMS (U.S. Marshall Service) since they are the largest user of this technology, we respectfully request that this technique not be disclosed in an affidavit.”
 
ACLU’s FOIA shows the same instructions from the federal government imposed in nondisclosure agreements on police departments when they ask for this technology to track suspects. These contracts don’t beat around the bush. They explicitly require police departments to withhold information about stingrays and their usage from defendants and lawyers. The FBI argues that such secrecy is required to prevent revealing information that would enable criminals to “thwart law enforcement efforts.”
 
But what’s the big secret? Despite the clandestine nature of this federal/local partnership program, stingray technology and its capabilities have been an open secret for years now. This technology was depicted under another brand name – “triggerfish” –on season three of HBO’s The Wire. That was in 2004. Could the real secret be that police departments are conspiring with the FBI to conceal the use of privacy-invading technology to give prosecutors an unfair, “backdoor” advantage in their cases?
 
PPSA has often reported the ways in which federal or state agencies routinely circumvent constitutional privacy protections. One well-known method is the parallel construction of evidence, in which prosecutors leverage illicitly gained knowledge to turn up evidence from a source acceptable in court. It is well established legal doctrine that illicit evidence, the “fruit of the poisonous tree,” should not be admissible. But who knows what is poisonous if the tree is hidden?
 
The acquired federal documents actually spell out how parallel construction should work – advising the police to pursue “additional and independent investigative means and methods” to obtain evidence collected through use of a cell-site simulator.
 
The suggestions on how to accomplish such secrecy were redacted by the FBI. The Bureau argues that revealing information about stingrays would have a “significant detrimental impact on the national security of the United States.” The revelation of even minor details is so heavily restricted that police have dropped charges against a suspect rather than unveil information in open court.
 
“The important question posed by privacy advocates is why are police departments and the FBI going to such lengths to conceal information about a technology that is public knowledge?” asked Bob Goodlatte, former chairman of the House Judiciary Committee and PPSA Senior Policy Advisor. “The capabilities of stingrays are well-known, with knowledge of their deployment on popular television almost twenty years ago.
 
“Yet the government still insists that the basics of stingray use is a precious national secret,” Goodlatte said. “Congress should demand to know if there is any basis at all for these non-disclosure agreements – and how common parallel construction really is in practice.”

In 2018, the U.S. Supreme Court held that a warrant is needed before government agencies can seize your location history from cell-site records. That opinion, Carpenter v. United States, often described as a landmark ruling, has actually become little more than a legal watermark thanks to the machinations of government agencies.
 
When a government agency wants to know where you’ve been, or anything about you, all it has to do is consult the trove of sensitive personal information on millions of Americans scraped from apps and purchased from third-party data brokers. No warrants required. As they used to say in internet ads, the government knows all about you with this one weird trick.
 
Two responses to PPSA Freedom of Information Act (FOIA) requests show how freely the FBI and DIA access Americans’ personal information.
 
The FBI has a team dedicated to working with cell tower data. Their specialties include “historical CDR (call detail records) analysis and geospatial mapping,” which enables the tracking of people across multiple towers. The FBI conducts “tower dump analysis,” which seems to be the collection of bulk data from cell towers and “real-time cellular tracking” services. The documents obtained by PPSA show that the FBI regularly lends out these services to state and local governments.
 
The Defense Intelligence Agency documents show that the agency uses commercially available data for “cover operations.” Does this mean DIA is using data to help agents impersonate real people? Or is DIA using our personal information as material from which to create fake, chimeric identities, using a blend of personal information from multiple real people?
 
These are just glimpses into how the government uses our personal information, from our movements to our personal interests, relationships, and beliefs. PPSA will continue to use FOIAs and lawsuits to dig out more details about these practices.

PPSA today announces the submittal of a Freedom of Information Act (FOIA) request with the Department of Justice seeking records on how and when DOJ uses secretive non-disclosure orders, or NDOs. Through such orders, DOJ is able to obtain private information from internet and telecom companies while also prohibiting those companies from informing American consumers that their personal information has been searched by the government.
 
In June, the House passed the NDO Fairness Act by voice vote. If enacted, this legislation would restrain the government practice of issuing NDOs to internet and telecom companies. While the Senate prepares to take up this legislation, PPSA thought it would be useful to inform the debate with information on the circumstances and frequency with which the Department of Justice and its agencies issue NDOs. We also thought it would be useful for senators to know what privacy safeguards are in place, including government guidelines, policies, and training requirements.
 
With that in mind, PPSA submitted this FOIA request to the Department of Justice, and its components – the Executive Office for United States Attorneys, the FBI, the Drug Enforcement Administration, DOJ’s Criminal Division, and the Bureau of Alcohol, Tobacco, Firearms and Explosives.
 
We are asking for records concerning:

• The volume of NDOs and circumstances surrounding the use of NDOs, especially those related to searches under the Stored Communications Act.

 

• Internal policies or guidance regarding the use of NDOs, including the process for seeking NDOs and the internal approval process required before seeking an NDO.

 

• All training documents discussing NDOs.

 

• Records discussing any privacy safeguards and legal compliance requirements regarding NDOs.

 
“We have every reason to expect the government can release this basic data about how many NDOs are issued, the circumstances that prompted them, and the guardrails, if any, that constrain them,” said Gene Schaerr, PPSA general counsel. “We are not asking the government for a favor. We are seeking information Americans should know and the Senate needs for its debate.”

​PPSA today announced the filing of a Freedom of Information Act (FOIA) request with the Department of Justice asking for documents and records showing whether DOJ ensures it has probable cause before issuing administrative subpoenas to seize Americans’ private electronic data. 
 
Civil libertarians have long suspected that the DOJ often uses such administrative subpoenas to circumvent the probable-cause requirement for searching Americans’ records. This is particularly troubling, since such subpoenas, issued without a court order or judicial oversight, are often used to collect bulk data rather than targeting information from an identifiable target.
 
“It may be likened to a fishing expedition, with Americans as the fish,” said Gene Schaerr, PPSA general counsel.
 
PPSA’s FOIA request covers all the components of the Department of Justice, including the Executive Office for United States Attorneys, the FBI, the Drug Enforcement Administration, the DOJ’s Criminal Division, and the Bureau of Alcohol, Tobacco, Firearms and Explosives.
 
PPSA is seeking:

• Records reflecting whether probable cause is required to use administrative subpoenas, and whether there has been any change in how this requirement has been applied.

 

• Records reflecting each instance when an administrative subpoena was used without probable cause.

 

• Records reflecting each instance when an administrative subpoena was requested but not approved due to a lack of probable cause.

 

• Records reflecting policies, procedures, or guidance regarding use of administrative subpoenas rather than court-ordered subpoenas.

 

• Records discussing how to share data or information obtained through administrative subpoenas with other federal agencies, state governments, or state and local law enforcement.

 

• Records reflecting the use of administrative subpoenas not directed at or related to particular identifiable investigations or targets.

 
“We are not asking about sources or methods or anything else that would trigger a Glomar response that would shut off all disclosure,” Schaerr said. “We seek topline information necessary for Congress to conduct oversight and for the American people to understand how our government uses our most personal and sensitive information.”

​John Greenwald at The Black Vault reports a curious change in the responsiveness of the National Security Agency to Freedom of Information Act (FOIA) requests regarding Intellipedia, a shared source within the intelligence community.
 
This online system gives the intelligence community a collaborative way to share information, insights, and theories across agencies, breaking down many of the barriers that restricted sharing of intel pre-9/11. Intellipedia consists of wikis that contain “Top Secret Sensitive Compartmented Information,” “Secret Information,” and “Sensitive But Unclassified Information.” Think of it as Wikipedia for spies.
 
For years, NSA had routinely released articles and category pages that reside in this digital resource. The Black Vault filed FOIA requests with NSA – which handles such requests for Intellipedia – to obtain glimpses into the unclassified collaborative thinking of the intelligence community.
 
Greenwald writes that in 2017, a successful FOIA appeal revealed that Intellipedia had more than 50,000 content pages in the unclassified section; more than 114,000 content pages in the “Secret” section; and more than 124,000 pages in the “Top Secret” section. It also included, he writes, “millions of additional pages within those three systems that includes other wiki pages, talk pages, and redirects, and finally, the three systems hold more than 600,000 uploaded files for download.”
 
He postulates that these numbers are likely much larger five years later, a reasonable guess considering the swelling numbers of classified documents across government.
 
The NSA, despite having released unclassified articles and pages for over a decade, is now issuing the all-too common Glomar response – neither confirming nor denying the existence of requested documents – and turning to statutory exemptions that it failed to invoke for over that ten years. What changed?
 
“This sets a concerning precedent,” Greenwald writes, “as it suggests that government agencies might have the ability to bypass the established FOIA exemptions and deny information requests based on internal policy decisions made on a whim.”
 
In our experience, the evolution of the Glomar response into an all-purpose stonewall is the rule. Intellipedia was a refreshing exception, perhaps a reflection of the creative impulse of the people behind it. Now it’s just like everything else in the government – even with unclassified information, it’s strictly need to know, old chum, and you don’t need to know.

In a recent response to a Freedom of Information Act request PPSA submitted in 2020, the National Security Agency released a record showing an exponential – no, make that mind-blowing – increase in the number of “derivative classification” decisions.
 
In plain English, “derivative classification” describes the decision to classify a document because it incorporates, paraphrases, restates, or generates in new form information that is already classified.
 
Makes sense, right? Now explain this.
 
NSA released forms showing that the number of derivative classification decisions in just that agency increased from approximately 11,500 in 2007-2008, to over 20 million in 2008-2009, and to more than 35 million in 2010. That’s an increase of more than 304,000 percent!
 
And, while recent years have seen a decrease – 23 million in 2013 and 7 million in 2017, these are still eye-popping increases over the 2008 level of 11,544.
 
What might explain this explosive reliance on derivative classification? Perhaps it is a response to President Obama’s Executive Order 13526, which was meant to stem the tide of classified documents and to prevent agencies from classifying documents “for self-serving reasons or simply to avoid embarrassment.”
 
Does the explosive increase in derivative documents decisions represent the bureaucracy’s work-around President Obama’s order? Overtly classified documents grew from 55 million when President Obama issued his order to 77.5 million five years later. Are these newly released numbers evidence the government is using the derivative classification mechanism to enlarge the classified state even more?
 
Yet another good question for Congress to ask. In the meantime, PPSA has recently filed a Freedom of Information Act request asking NSA, as well as the FBI and Office of the Director of Intelligence, to produce documents that would explain wild fluctuations in derivative classification and increases in hiring and software purchases to handle such volumes.
 
We will report any details PPSA receives that might explain this explosive growth of derivative classification.