Washington, DC, March 11, 2017 – Three out of five of all federal agencies are flouting the new law that improved the Freedom of Information Act (FOIA) and required them to update their FOIA regulations, according to the new National Security Archive FOIA Audit released today to celebrate Sunshine Week.

The National Security Archive Audit found that only 38 out of 99 federal agencies have updated their FOIA regulations in compliance with the FOIA Improvement Act of 2016 that was passed with bipartisan, bicameral support. The new law required agencies to update their FOIA regulations within 180 days of passage – that was June 30 so December 27, 2016 was the deadline.

Updated regulations were supposed to include the law’s new improvements, such as requiring agencies provide requesters with no less than 90 days to file an appeal, prohibiting agencies from charging “search or duplication fees when the agency fails to meet the notice requirements and time limits set by existing law,” and mandating agencies notify requesters of their right to seek assistance from either the agency’s FOIA Public Liaison or to seek dispute resolution services with the Office of Government Information Services (OGIS), the FOIA ombudsman.

In previous Congressional testimony, director of the Department of Justice Office of Information Policy (OIP) Melanie Pustay told lawmakers that she believed updating agency FOIA regulations to comply with updated FOIA laws or Presidential directives was merely optional and "not required." But now that Senators and Congress members responded to Pustay’s dodge and wrote the regulations update as a statutory requirement, OIP is clearly failing in its mandate to oversee FOIA compliance throughout the federal government.

Because 61 agencies have not updated their FOIA regulations, many requesters may still be charged improper FOIA fees if an agency misses a deadline, could be unaware of the mediation services available to them, and are being robbed of their rightful appeals deadlines. While the law mandates that requesters be given “not less than 90 days” to file an appeal, many agencies with outdated regulations routinely give requesters much shorter 30, 45, and 60-day deadlines.

Making it more difficult for requesters to file appeals is especially detrimental because, as the government’s own data reported by the Associated Press shows, in one of three cases where an appeal is filed the government admits that its initial decision was wrong and releases additional information. The most recent government statistics from OIP show that governmentwide only four percent of FOIA requests were appealed in FY 2015 (14,639 appeals were filed out of 346,071 denials). If you extrapolate from these findings, that means in FY2015 alone the government potentially improperly withheld information in over 115,000 FOIA requests – and potentially millions of pages of documents that should have been released were not. Denying requesters their full appeal rights by improperly shortening their timeline for filing appeals severely curtails requesters ability to obtain information they are entitled to.

Text of the FOIA Improvement Act of 2016.

Notable scofflaws include nearly half of the cabinet-level departments. The departments of State, Commerce, Treasury, Agriculture, Veterans Affairs, and Education have all failed to follow the law’s instruction.

Six other agencies, including the Office of Special Counsel, the Small Business Administration, and the United States Copyright Office, followed Congress’s mandate to update their FOIA regulations but failed to add in the law’s improved appeal deadline, for some reason keeping shorter, illegal appeals time limits in their regulations.

Stand out agencies, including the departments of the Interior, Homeland Security, and Energy, were able to update their regulations by the mandated timeline in a manner that made the actions of their agencies more accessible to the public. A close reading of many of these star agencies’ updated regulations shows that they heeded the advice of the requester community who published a template for model FOIA regulations in 2014 co-authored by the National Security Archive. DOJ OIP followed with their own, weaker, template in 2016. (See Openthegovernment.org’s excellent comparison.) Pro-FOIA agencies also posted their regulations for comment and accepted the suggested improvements of open government groups and the FOIA Ombuds office, OGIS.

Our audit identified 27 agencies which updated regulations that explicitly provided an email address for requesters to easily and instantly submit FOIAs, even though this best practice is not strictly required by law. The House version of FOIA Reform included a provision stating “at a minimum, each agency shall accept request for records…through an email address and shall publish such email address on the website of the agency,” but unfortunately this provision was ultimately not adopted. Now some agencies, including the Federal Bureau of Investigation, Federal Communications Commission and Customs and Border Protection, are rolling back access to their records by denying requests submitted by email.

“This audit shows that agencies’ negligence in updating their FOIA regulations can be just as damaging as active censorship,” said the Archive’s communications director Lauren Harper. Director Tom Blanton remarked, “The senators and congress members who put so much work into passing the new FOIA law are not going to be very happy to see so many agencies ignoring their good work.” Nate Jones, the Archive’s FOIA project director and member of the FOIA Federal Advisory Committee noted, “Agencies need to stop dragging their heels and follow Congress’ orders and make FOIA work for requesters.”

The National Security Archive has conducted 16 FOIA Audits since 2002. Modeled after the California Sunshine Survey and subsequent state "FOI Audits," the Archive's FOIA Audits use open-government laws to test whether or not agencies are obeying those same laws. Recommendations from previous Archive FOIA Audits have led directly to laws and executive orders which have: set explicit customer service guidelines, mandated FOIA backlog reduction, assigned individualized FOIA tracking numbers, forced agencies to report the average number of days needed to process requests, and revealed the (often embarrassing) ages of the oldest pending FOIA requests. The surveys include: