You are viewing an archived webpage. The information on this page may be out of date. Learn about EPIC's recent work at

FOIA Gallery 2020

Introduction to the Freedom of Information Act and EPIC

The Freedom of Information Act establishes a legal right for individuals to obtain records in the possession of government agencies. The FOIA is critical for the functioning of democratic government because it helps ensure that the public is fully informed about matters of public concern. The FOIA has helped uncover fraud, waste, and abuse in the federal government.

A hallmark of the new surveillance measures proposed by various government agencies is their disregard for public accountability. As the government seeks to expand its power to collect information about individuals, it increasingly hides that surveillance power behind a wall of secrecy. Congress has long recognized this tendency in the Executive Branch, and sought to limit government secrecy by creating legal obligations of openness under the FOIA and the Privacy Act of 1974. EPIC has used these open government laws aggressively to enable public oversight of potentially invasive surveillance initiatives.

EPIC's FOIA work over the past year has resulted in disclosure of critical information about the activities of the government. EPIC's litigation has also generated case law that benefits FOIA requesters and the open government community across the country.

Previous EPIC FOIA Galleries were published in 2001, 2002, 2003, 2004, 2005, 2006, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, and 2019

For more information about EPIC's FOIA work, see EPIC: Open Government, EPIC: FOIA Cases, EPIC: Open Government Litigation Manual, and FOIA.ROCKS.

EPIC’s FOIA Work in 2019-2020

For EPIC’s Open Government Project, 2019-2020 was a year filled with great success stories. Through vigorous and effective litigation, EPIC maintained its record as a champion for a more open and transparent government. In 2019, EPIC obtained formerly secret records from government agencies including the FTC, DHS, DOJ, State Department, Census Bureau, National Archives and Records Administration (NARA), and the National Security Commission on Artificial Intelligence (NSCAI).

Last year EPIC filed five FOIA lawsuits, including a lawsuit to obtain the unredacted Mueller Report--the first lawsuit in the country.

EPIC Obtains Mueller Report


As a result of Freedom of Information Act lawsuit EPIC v. DOJ, EPIC obtained an annotated version of the Mueller Report. EPIC filed the first FOIA lawsuit in the country to obtain the complete final report by Special Counsel Robert S. Mueller concerning Russian interference in the 2016 U.S. presidential election. The version of the Mueller Report provided to EPIC contains new details about the extensive redactions made by the Justice Department. The federal court rebuked Attorney General Barr and agreed to review the complete Mueller Report to determine what additional material must be released. Judge Reggie B. Walton wrote, "The Court has grave concerns about the objectivity of the process that preceded the public release of the redacted version of the Mueller Report[.]” The Court cited the summary of the principle findings prepared by the Attorney General. Judge Walton explained that "the need for the American public to have faith in the judicial process” requires that the court review the Mueller Report without redactions. "Adherence to the FOIA’s objective of keeping the American public informed of what its government is up to demands nothing less,” wrote Judge Walton. The Court also denied the Department of Justice’s motion for summary judgment.

EPIC v. AI Commission — EPIC Prevails in Court, Obtains Agency Documents


As a result of Freedom of Information Act Lawsuit EPIC v. NSCAI, a federal court ruled that the National Security Commission on Artificial Intelligence is an agency subject to the FOIA. EPIC has sought to make the activities of the AI Commission open to the public, and EPIC sued the Commission when it ignored EPIC's FOIA request. Judge Trevor N. McFadden rejected the Commission's arguments that it is exempt from the law. "[L]ike a stranger offering candy to a child, the Government invites the Court not to read [the FOIA] literally," the court wrote. "The Government has not convinced the Court that it should ignore what Congress said." Following the court’s decision, the AI Commission released documents about its activities. The records obtained by EPIC show that the AI Commission was aware of work on algorithmic transparency and AI Bias. But the Commission's recent report to Congress did not endorse these recommendations, instead criticizing EU privacy law and calling for greater "government access to data on Americans."

EPIC Pursues Pre-Trial Risk Assessment Reports


Through a series of Freedom of Information Act requests, EPIC has obtained documents from several states about their use of pre-trial risk assessments. For example, the Nebraska Department of Correctional Services released to EPIC several documents about Nebraska's flawed risk assessment software. These documents include emails among Nebraska state officials expressing concerns about the accuracy of the Vant4ge algorithm used for risk assessment. The head of the state agency wrote, "there has not been consistency in how the STRONG-R training is delivered" and "there are errors in how the 'severity index' of specific crimes is coded in the Vant4ge software" which "affect the final risk and needs score calculations produced by the assessment." EPIC also obtained documents from the Idaho Department of Corrections about its risk assessment instrument, the "Level of Service Inventory-Revised" (LSI-R). Revealed in an annotated scoresheet that informs the LSI-R's calculation, the Idaho Department of Corrections uses several subjective categories to calculate an offender's risk and recidivism rate--including information about the alleged criminality of a defendant's social network, participation in leisurely activity, and mental health.

EPIC Uncovers Kavanaugh Role in Warrantless Surveillance Program


In response to Freedom of Information Act lawsuit EPIC v. NARA, the National Archives and Records Administration has released to EPIC emails that show that now Justice Kavanaugh, as a top White House advisor, drafted several speeches defending warrantless wiretapping after the New York Times exposed the controversial program in 2005. EPIC has created an index of the email subject lines to illustrate Kavanaugh's role in President Bush's 2006 State of the Union, former Attorney General Gonzales' January 2006 speech at Georgetown Law, and speeches promoting border surveillance. Kavanaugh was particularly involved in revising a paragraph on the NSA program in the 2006 State of the Union. Documents previously obtained by EPIC revealed that Kavanaugh exchanged hundreds of emails with White House and DOJ staff about the NSA surveillance program and gathered legal justifications for the program.

EPIC v. DHS — EPIC Obtains Election Threat Assessments


As a result of Freedom of Information Act lawsuit EPIC v. DHS, EPIC obtained a previously undisclosed report from the Department of Homeland Security about security breaches prior to the 2016 Presidential Election. The DHS/FBI report "Threats of Federal, State, and Local Government Systems" describes attacks on US elections and includes recommendations for cybersecurity risks. EPIC also received an original draft of the proposal by former DHS Secretary Jeh Johnson to designate state election systems as critical infrastructure. Released in a set of previously withheld documents, the draft memo states "[g]iven the vital role elections play in this country, certain systems and assets of election infrastructure meet the statutory definition of critical infrastructure in fact and in law." The DHS policy was announced on January 6, 2017, the same day the ODNI found extensive Russian interference in the 2016 presidential election. Other documents released as a result of EPIC's suit show the DHS continued to encourage state efforts in election security by making federal resources available on a voluntary basis.

EPIC Frees Drone Status Reports from DHS


In response to Freedom of Information Act lawsuit EPIC v. DHS, EPIC obtained the Department of Homeland Security drone status report required by a Presidential Memorandum. The 2015 Memorandum required federal agencies to detail drone policies and procedures to protect privacy, civil rights, and civil liberties. The DHS report attempts to justify the use of drones by Customs and Border Protection, but an Inspector General report calls into question the CBP's policies and procedures. The Inspector General found that CBP failed to complete a required analysis for a drone surveillance system and failed to implement effective safeguards for information collected by drones.

EPIC Uncovers 29,000 Complaints Against Facebook at FTC


Through two Freedom of Information Act requests, the Federal Trade Commission confirmed that there are over 29,000 pending consumer complaints about Facebook made while under the consent order. In an email to EPIC, the FTC provided a breakdown of the total number of complaints per year. In 2018 alone, the FTC received 8,391 consumer complaints about Facebook, nearly twice the number received in 2016 (4,612), and more than four times the number received in 2014 (1,860). EPIC also obtained thousands of additional consumer complaints (part 1, part 2) against Facebook. The most recent documents released by the FTC follow the Commission’s proposed $5 billion settlement with Facebook. Among the complaints uncovered by EPIC are those from consumer groups and members of Congress. EPIC also obtained records of new complaints in the FTC’s Consumer Sentinel database.

EPIC to Supreme Court: Access to Commercial Records is Critical for Government Oversight


EPIC filed an amicus brief in Food Marketing Institute v. Argus Leader Media urging the Supreme Court to protect the public's right to access commercial information held by federal agencies. In a 6-3 decision, the Supreme Court narrowed public access to government documents by expanding the definition of "confidential" information. The Court overturned four decades of caselaw which held that a company must show substantial competitive harm to block an open government request. EPIC warned the Court that removing the harm requirement "would deprive the public, and government watchdogs such as EPIC, of access to important information about 'what the government is up to.’” EPIC described several of its own FOIA cases—including the now defunct airport body scanner program and the FTC’s probe of Facebook post Cambridge Analytica—where access to commercial records made possible meaningful oversight and reform. EPIC wrote, "The public must have access to commercial information in agency records to conduct effective oversight of government programs that implicate privacy."

EPIC Reveals Scope of State Dept. Facial Recognition Plan


As a result of the Freedom of Information Act lawsuit EPIC v. State, EPIC received from the State Department several agency agreements concerning State Department’s facial recognition program, which includes a database that stores current and archived data about U.S. persons. The Consular Consolidated Database contains millions of images from visa and passport applicants, which other federal agencies are now accessing for purposes unrelated to the processing of visa and passport application. The State Department agreements include the Labor, Interior, and Defense Departments. Several of the documents EPIC obtained concealed the name of the federal agency accessing the State Department database.

EPIC v. Census — EPIC Finds Census Data Transfer Plan


Through a Freedom of Information Act request, EPIC received awritten agreement between the Census Bureau and the Department of Homeland Security about the transfer of noncitizen personal data. The document reveals that the Census Bureau obtains vast quantities of noncitizens' personal data from the Department of Homeland Security without having first conducted a required Privacy Impact Assessment. Under the written agreement, the DHS transfers the "Legal Permanent Resident File" to the Bureau each year, which includes citizenship, immigration status, marital status, and other sensitive personal information. Yet the Census Bureau conducted no analysis of the privacy risks and failed to describe the personal data gathered.

Share this page:

Defend Privacy. Support EPIC.
US Needs a Data Protection Agency
2020 Election Security