Database CIA Claimed Too Difficult To Compile For FOIA Requesters Released In Full On CIA Website

from the three-years-of-fuckery dept

The CIA has millions of declassified records stashed away in Maryland -- something it claimed was accessible to the public. Actual access, however, resembles something out of Terry Gilliam's "Brazil," rather than what any reasonable person would call "accessible."

This so-called "publicly accessible" database -- known as CREST -- has been the target of MuckRock contributor Mike Best, who kickstarted an effort to liberate records from the vault through the use of manual labor. The records can be accessed by computer, but only certain computers, and only if you know exactly where to find them.

This is the CIA's "publicly available" records system front-end.

And here's how you locate it.

Accessing the information isn't easy. Researchers have to go to the back of the 3rd floor library at the National Archives building in Maryland, which is unfortunately unstaffed for half the day. Tucked away in the library are the only computers that can access the millions of pages of declassified records. If researchers ask the the main "Information" desk, they're answered with confused stares and incorrect directions. Researchers trying to look up on the National Archive's website where to access the computers, won't find it on the page about doing research at that location or on the page for electronic records at that location. That information is tucked away on the page for online databases - despite not being online.

Best's crowdfunding effort sought to free these documents from their four-computer cage. But the only way to do so was to visit in person, print out pages, and rescan them. All of this would be done under multiple forms of surveillance at the National Archive.

To expedite the process, MuckRock turned to litigation. Three years after commencing its FOIA lawsuit against the CIA, MuckRock has emerged victorious. The CIA has released the contents of the CREST vault online at its site, something it repeatedly claimed would take dozens of years and hundreds of thousands of dollars to complete.

The story behind the CIA's forced transparency is amazing. The claims made by the CIA during its opacity efforts are simply astounding. MuckRock has published a long, detailed recounting of its FOIA battle against the agency at its site and I wholeheartedly encourage you to click through and read it. But here are some of the highlights.

First off, everything in the database is in an unsearchable format by choice. The CIA only uses TIFF files, claiming that these are more resistant to alteration. But when faced with litigation, the CIA reversed course on the supposed hardiness of TIFF files.

The declaration... says that CIA cannot release these TIFF files in electronic form because they can be so easily altered by the mere act of a CIA FOIA analyst looking at them, and that the security measures they must take to remove this accidental metadata for an electronic release (involving editing each file separately by hand) would take 28 years and 1,200 CDs.

And there's where the hilarity begins. These are the DOJ's claims as to the difficulty of releasing the database it just released well ahead of its 28-year estimate. Not only is the process supposedly far too onerous to even begin to consider undertaking, but the DOJ claims the documents it just made available to the public at the CIA's website are not of public interest -- this despite being (technically) available to for public viewing at the National Archive for several years now.

In another filing, the CIA admits the 1,200 CDs that would take 28 years to compile have actually already been compiled -- and there are actually 1,450 CDs of records, but it will only consider releasing the quoted 1,200 if forced to. Unless the CIA is still porting these documents over to the CREST system at the National Archive, its claim of "28 years" looks even more ridiculous. From one of MuckRock's filings:

"Moreover, when [CIA] estimates that it would take 28 years just to create copies of the CREST database, it begs the question of how CIA loaded CREST in the first place. The system has only been operational since 2000.”

Then it claimed it would need $108,000 and six months to make copies of the CDs it already had in hand. And it doubled down on its contradictory claims about TIFF files, stating they were so easy to alter because they were so difficult to alter.

This lead to one of the best rebuttals (and lead-offs) in FOIA history:

I file a sur-reply drawing on my extensive experience as a person with a working brain, closing with the following thought: “Last, CIA claims that ‘the act of a CIA employee opening a document on his or her terminal may cause metadata to embed itself on the image header.’ This is a frivolous statement for two reasons. First, files on PCs are not altered unless they are saved after the alteration. Simply opening a file and then closing it without changing it does not embed metadata on the file. Second, if this were a valid concern, it would apply to every file processed by the CIA FOIA office, not just CREST files. Since it clearly does not (which would paralyze the FOIA office), then the Court should view this claim very skeptically.”

Kel McClanahan -- the author of the post and MuckRock's legal rep for this case -- digs into the DOJ/CIA's repeated assertions about the "burdensomeness" of complying with this FOIA request. By the time he's done, everyone and everything is covered with government bullshit.

In 2000, using cutting edge 2000 technology, CIA populates CREST over a matter of months. For the next 15 years they insist that the only way to protect this system is to videotape people who want to access it. In 2015 they say that, using cutting edge 2015 technology, it will take them 28 years to make CD copies of CREST. Then they say that they already MADE CD copies of CREST in a matter of months if not weeks, meaning that it will only take 6 years to copy THOSE copies. But they can copy those records to the web in 4 years. Less than a year later, they say that because of the huge public interest in CREST over the last several years (that they expressly disavowed less than 6 months before, did you remember?) they will have all of CREST online within a year because nobody needs to be videotaped any more. Then, less than 2 months later, they put all of CREST online.

The CIA and DOJ insist this stonewalling had nothing to do with the CIA's online release of CREST files. Apparently, it did all of this out of the goodness of its heart, forfeiting a shot at $100,000+ in FOIA fees and chance to do next to nothing for the next 30 years. It's obvious the effort to move these records online increased once it became apparent the government was going to come out on the losing end of these FOIA lawsuits (Jason Smathers was suing the CIA over the same database). Rather than be on the hook for legal fees, the CIA preempted any judicial judgment by releasing them to the public (the same public it said had "no interest" in these files) in bulk before final rulings could be made.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community. Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis. While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: cia, crest, foia

Companies: muckrock