CIA Tells FOIA Requester That He Needs To Know Everything About The Emails He's Requesting Before He Can Request Them

from the using-the-rarely-seen-tautology-exemption dept

More FOIA-related nonsense, this time from the CIA. Michael Morisy, co-founder of MuckRock, sent a request for internal emails discussing (rather ironically) the fact that the CIA's "FOIA Portal" seems to suffer from extended periods of downtime.

This is a request under the Freedom of Information Act. I hereby request the following records:

A copy of emails sent to or from the CIA's FOIA office regarding the FOIA Portal's Technical Issues.

According to the CIA's current FOIA website: "FOIA requests cannot currently be made online due to technical issues. Requests can still be submitted via the US Postal Service and facsimile."

http://www.foia.cia.gov/

Please also include any attachments to these emails.
Given the agency's disdain for the FOIA process (second only to the NYPD), I'm sure this sort of outage is viewed as a feature, not a bug. But whatever internal musings the CIA had about its FOIA portal issues will apparently be staying internal for the time being.

The CIA rejected Morisy's request in full, basically stating that searching for emails is hard work and that the requester could have at least bothered to know exactly who was talking about the portal issues and exactly when they were doing it before making the request.
The FOIA requires requesters to "reasonably describe" the information they seek so that professional employees familiar with the subject matter can locate responsive information with a reasonable amount of effort. Commonly this equates to a requirement that the documents must be locatable through the indexing of our various systems. Extremely broad or vague requests or requests requiring research do not satisfy this requirement. We require requesters seeking any form of "electronic communications" such as emails, to provide the specific "to" and "from" recipients, time frame and subject. We note that you have provided the subject only. Therefore, we must decline your request.
Obviously, a FOIA requester isn't going to know these sorts of specifics beforehand, hence THE REQUEST FOR INFORMATION. As MuckRock's JPat Brown points out, Twitter user Mythosopher had perhaps the best response to this refusal...
You can't see any emails or know who sent or received them. But you must request the exact email and who sent and received it.
... along with this graphic:


The CIA has pretty much ensured many requests will be found too cumbersome to comply with. It used 2013's brief sequester as an excuse to shut down its office in charge of declassifying historical documents and fold it in with the FOIA department's steady stream of extension requests and denials. And the CIA joins an ever-lengthening list of federal agencies completely mystified by internal email systems. Oddly, this same government expects the US public to trust that agencies like the FBI, CIA, NSA and countless law enforcement entities will be able to find the needles in your personal email haystacks -- obtained in bulk with FISA court orders, NSLs or old-fashioned open-ended, non-specific warrants.

The CIA itself has already raided internal networks to root out Senate staffers and whistleblowers, but no one heard anyone complain about the lack of specifics making the job too tough to do. It's only when the public asks to dip into the government's business that these agencies suddenly start acting like the impossible is being demanded.


Reader Comments (rss)

(Flattened / Threaded)

  •  
    icon
    rw (profile), Jul 29th, 2014 @ 6:47am

    Secrecy = ?

    Ah, the best of Police States...

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Ninja (profile), Jul 29th, 2014 @ 7:51am

    Well, it's easy then, they just need to let him look at the e-mails to see which ones he want to request. Problem solved!

    Or he can ask Snowden (or some other whistleblower).

     

    reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2014 @ 2:03pm

      Re:

      Actually, this presents an even better option:

      Since they require the "to" and "from" and a timeframe as well, the following needs to happen:

      1) Request a list of all internal email addresses belonging to individuals involved in maintaining CIA public-facing IT infrastructure.

      When this is denied,

      2) generate a rainbow table of possible cia.gov usernames, based on the formatting of known addresses. Then request a list of all internal email addresses referenced in emails between any of the addresses in the table. Be helpful and provide a script that makes this query trivial on an exchange server (just to show how easily it can be done).

      When this is denied, publish it all and report the CIA for willful obstruction of the FOIA.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    Geno0wl (profile), Jul 29th, 2014 @ 8:11am

    My wife recently asked

    I recently decided to delete any e-mail from gmail older than about a year. When my wife question why I would bother doing such an odd thing, as who would care read that crap. I asked "do you read teachdirt?".
    When she stared blankly back at me I turned to continue my deletion spree. With malice in my heart that I feel such a thing is even necessary is amazing to me.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Michael, Jul 29th, 2014 @ 8:16am

    A copy of emails sent to or from the CIA's FOIA office regarding the FOIA Portal's Technical Issues.

    You have to be reasonable.

    Considering how inept the CIA appears to be when it comes to technology and keeping their portal up, this really could be an awful lot of emails.

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    jupiterkansas (profile), Jul 29th, 2014 @ 8:20am

    The whole idea of FOIA requests is ridiculous. If the information can be made publicly available, then the government should simply make it publicly available. Why does it have to be specifically requested? Just dump it on a server and let everyone access it.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    beech, Jul 29th, 2014 @ 8:21am

    Guys, you all need to calm down because there is a perfectly reasonable reason the CIA doesn't want to share this info:

    Terrorism.

    If the CIA were to inform the public about their foia policy, then terrorists might use it to learn things about CIA operations! All information must be kept securely locked up until we win the War on Terror (approximately around the heat death of the universe).

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Pawn to d4, Jul 29th, 2014 @ 8:35am

    At least we now know what CIA really stands for: circus in action.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jul 29th, 2014 @ 8:58am

    to - anyone
    from - anyone
    when - all time

     

    reply to this | link to this | view in chronology ]

  •  
    icon
    Chris-Mouse (profile), Jul 29th, 2014 @ 9:34am

    Of course the CIA can't search their email system. The only guy who could find anything on the computer is currently in Russia on a leave of absence.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    John, Jul 29th, 2014 @ 9:50am

    Whistle for work

    This seems exactly what happens when we ask for privacy then expect the groups that work on privacy everyday to do what we ask like that isn't hypocritical. Yet you think information is free like the guy who gave their lives for it. The C.I.A is just doing what they were made to but keep asking them for stuff and then tell them to keep your stuff out of it and try to make sense of that. Whistleblowers shouldn't run like rats. When caught they should stand and fight. They don't believe what this country was made on and that's why they are just scared rats they bring plague and disease that turns you blind to your own words. Put me on trial or hang me that is the true meaning of being a hero. Words written on keyboards only waste time words spoken in front of millions changes the world.

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      AricTheRed (profile), Jul 29th, 2014 @ 9:54am

      Re: Whistle for work

      You Sir are totally mistaken.

      The CIA does not work toward privacy, exactly the oposite, as does the NSA and the FBI. Latley, in particular, they have been the enemies of privacy and security.

       

      reply to this | link to this | view in chronology ]

    •  
      icon
      Padpaw (profile), Jul 29th, 2014 @ 2:18pm

      Re: Whistle for work

      Any chance you could be a bit more clear and concise on what your trying to say, as I cannot make head or tails what your point is.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Anonymous Coward, Jul 29th, 2014 @ 7:24pm

      Re: Whistle for work

      Whistleblowers shouldn't run like rats. When caught they should stand and fight...Words written on keyboards only waste time words spoken in front of millions changes the world.
      They should run like Usain Bolt. There is no "fighting" when caught, only being flushed down the memory hole. In an information war, one of the only ways to have one's words heard by millions is to stay alive and speak with a keyboard.

      They don't believe what this country was made on and that's why they are just scared rats...
      They don't believe what this country has become, and that's why they are just angry.

      Put me on trial or hang me that is the true meaning of being a hero.
      No, that's called being a fanatic or a martyr. People who welcome and dream of a glorious and heroic death don't tend to be whistle blowers, they tend to fly planes into skyscrapers.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    Austin (profile), Jul 29th, 2014 @ 10:05am

    Wait wait wait...

    I understand that the NSA and CIA are not one-and-the-same, but...let me see if I get this straight?

    You're going to capture all the emails sent by every person on earth and store them, after constantly revised guidelines and whatnot, indefinitely? Ok. And you're doing this because, in the event of a terrorist attack, you want to be able to search this database of, most likely, several hundred trillion emails? Alright. And the emails you'll be looking for will have a subject line like "the wedding is on such and such day" and you probably won't know when it was sent, and probably not both the sender and recipient? Alright. But you'll have JUST ONE of those 4 pieces of information and, very quickly, be able to search it to stop a terrorist attack? Okie.

    So tell me again why the hell you can't do this? Because searching a few hundred/thousand emails on the desktops of probably no more than 10 people (if even that) in the FOIA office is too hard?

    If someone tells you one of those employees in the FOIA office is secretly a terrorist, is it too hard then? Because I'd totally lie to you and tell you that, if it makes you DO YOUR DAMNDED JOB!

    (NOTE: CIA, this is just making a point. Please don't send one of your poor innocent FOIA office workers to gitmo or anything.)

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      Padpaw (profile), Jul 29th, 2014 @ 2:19pm

      Re: Wait wait wait...

      The main purpose is to setup a way blackmail and arrest people for any little thing. They just say it's for your safety to cover up their crimes

       

      reply to this | link to this | view in chronology ]

  •  
    identicon
    Tavis, Jul 29th, 2014 @ 10:22am

    Hey, NSA!

    Don't know which emails you need to release in that request?

    COLLECT THEM ALL.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jul 29th, 2014 @ 10:57am

    It is ironic that the very logic they are using in their excuse, saying the request is too vague, is the same logic they are quick to discard when it's time to collect everyone else's emails, via vague search patterns and 2 degrees of separation.

    Apparently the possibility that a vague search pattern may turn up something uncomfortable only matters when it's their emails being searched.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    Anonymous Coward, Jul 29th, 2014 @ 11:03am

    I'm convinced Michelle Meeks (who was stupid enough to sign that bullshit letter) is a complete fucktard.

    Congratulations, Michelle on choosing a career path with an agency that is fast becoming a punchline to so many jokes!

    (...and for those who say I shouldn't single her out, then by all means, start naming names and lets hold SOMEONE accountable for their actions for a change)

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Jul 29th, 2014 @ 11:54am

      Re:

      I agree with holding people accountable, but just calling someone a fucktard doesn't do that. That's simply meaningless name-calling that ultimately gets people to ignore any actual point you may have.

       

      reply to this | link to this | view in chronology ]

      •  
        identicon
        Anonymous Coward, Jul 29th, 2014 @ 12:09pm

        Re: Re:

        Sorry, John, but I have to respectfully disagree.

        For her to sign such a ridiculous letter, with her full name, knowing full well the circular logic that she's trying to sell as "policy" does, in fact, qualify her for fucktard status. This letter is insulting to the intelligence of anyone reading it, and is (just another example of) a complete disgrace.

        To be fair, she should be pissed off as hell, for being put in this position. When an agency operates like this, with no repercussions, with this degree of fuckery, sometimes you just have to call it like you see it. And I can't think of ANY logical, intelligent justification for this horse shit, hence my reasoning for the fucktard comment.

         

        reply to this | link to this | view in chronology ]

        •  
          icon
          John Fenderson (profile), Jul 29th, 2014 @ 1:08pm

          Re: Re: Re:

          Don't misunderstand me -- I'm not saying that you're wrong, I'm just saying that you're not actually holding anyone's feet to the fire in saying that. It's better (as in more effective) to simply eviscerate the position that she signed her name to.

           

          reply to this | link to this | view in chronology ]

          •  
            identicon
            Anonymous Coward, Jul 29th, 2014 @ 2:00pm

            Re: Re: Re: Re:

            Given that any "real" change is unlikely due to the stranglehold that the "intelligence" lobby has on government, realistically, shaming idiots is fast becoming the only recourse.

             

            reply to this | link to this | view in chronology ]

  •  
    identicon
    Vel the Enigmatic, Jul 29th, 2014 @ 2:22pm

    Hahahaaaa...No.

    Isn't it absolutely telling how screwed up in the head the CIA as a collective is when they treat emails like cookies in a cookie jar?

    They can take as much as they want, but as soon as someone else wants a cookie or 4, they tell them they need to know the exact diameter of cookie and the number of chocolate chips in it before they will give it up?

    Maybe someone should tell Mother White House it's time to make her children behave.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    anon, Jul 29th, 2014 @ 11:25pm

    FOIA request

    TLDR
    - you messed up your request, didn't give a date, and (apparently) weren't clear enough in the 'to/from' section.

    - FOIA is important to me.

    - releasing ALL information without any form of process, is illogical, impractical, and dangerous in my eyes

    - a QUICK correction to your request would have given you what you were looking for :

    i request e-mails sent -TO- or -FROM- the [FOIA handling office(s)] regarding the [technical difficulties] covering the previous [x months]


    --------------------- start reading if you like books---------

    you sent a request, they didn't like it, they said no, simple, send a new request being sufficiently specific that you actually CAN argue that they blew you off... and let me recommend that you highlight the three sections of required information...

    TECHNICALLY - they're in the right, you didn't provide a date range...

    TECHNICALLY - she's wrong about the to/from section.. easy to fix though, and since you forgot the date range, you'll be needing to send in a new request anyway.

    don't know the name of the office which deals with FOIA issues? state that part, clearly... (i want the e-mails sent to the office or offices which handle FOIA requests) thats specific enough, that their bureaucratic system will be able to find it.


    when a bureaucratic system is annoying, but has simple and spelled out requirements, it's REALLY not that hard for a person with half a brain to lock said bureaucracy into having no LEGAL choice but to respond. - and if you can take a highlighter to your document, covering the 3 things that are required, and they say no, NOW you have a legal standing... legally, YOU were wrong...

    by the way, i DO believe in the freedom of information, such that it does not LEGITIMATELY harm our nation (oh, you want a list of all our spies and their families and addresses and kids? No, fairly sure you shouldn't have that, sorry.) but an issue where there is a government system, specifically designed for use by the public, and it is consistently slow/broken, and you want to know if they've managed to figure out why/how/eta on a fix, sure, that seems completely reasonable.

    there ARE legitimiate reasons why some information is NOT made public. there ARE pieces of information that could/MAYBE should be made public that aren't.

    as for the 'they should just dump it all on a computer and make it public' do you realize the SIZE of that server? do you realize the POWER you'd be giving to joe shmoe? or what about to that hacker who really SHOULDN'T have all of the e-mails between the co-workers of an office? if you work in an office where e-mails are sent back and forth, i guarentee there are some e-mails which include things like, "hey, lets have a bbq next weekend" - enough of that information combined can be DANGEROUS to the people involved...


    done with care, one can pull information from pictures on facebook, collate some information, and identify the specific phone owned by a specific person, their schedule, family, home, work... and that's using 'public' photos that people put on their facebook... a stalker could make -insert sarcasm- WONDERFUL use of that information.. and you wanna just drop all that information to the public, on government workers at the CIA? sure, lets throw some blackmail and extortion into the mix - well, more than usual anyway

     

    reply to this | link to this | view in chronology ]

    •  
      icon
      John Fenderson (profile), Jul 30th, 2014 @ 8:23am

      Re: FOIA request

      "do you realize the SIZE of that server? do you realize the POWER you'd be giving to joe shmoe? or what about to that hacker who really SHOULDN'T have all of the e-mails between the co-workers of an office? if you work in an office where e-mails are sent back and forth, i guarentee there are some e-mails which include things like, "hey, lets have a bbq next weekend" - enough of that information combined can be DANGEROUS to the people involved..."


      None of that seems to bother the NSA.

       

      reply to this | link to this | view in chronology ]

    •  
      identicon
      Kel McClanahan, Jul 31st, 2014 @ 12:19pm

      Re: FOIA request

      You would think that this would work, but it doesn't. This is actually a policy being challenged in a current lawsuit brought by MuckRock against CIA (disclosure: I am their lawyer in that case). When they say "to" or "from," that's not "people in this office." That's names.

      Problem is, CIA won't give out the names of its employees, or even their titles. To be fair, it doesn't have to; there's a statute that allows them to withhold that information called the CIA Act of 1949.

      One of the requests in the lawsuit should demonstrate the extremity of this practice. There are two mailing lists used in IMS (Information Management Services, the CIA FOIA office) called CIO-IMS-STAFF and CIO-IMS-ALL. MuckRock filed a FOIA request for "[a]ll email messages (and attachments) sent to the CIO-IMS-STAFF or CIO-IMS-ALL mailing lists by the Director or Deputy Director of IMS between 9/1/12-12/31/12." There you have a sender, a group of recipients you do not know, and a date range.

      CIA's response? "We require requesters seeking any form of 'electronic communications' such as emails, to provide the specific 'to' and 'from' recipients, time frame and subject. We note that you have provided the senders and the time frame."

      That's not a reasonable determination. And because CIA considers overbroad requests to "not be received," they don't allow you to file an administrative appeal, for whatever minimal good that would do (that's a discussion for another day, though). The only recourse for a person seeking emails who does not know everything about the emails he wants is expensive, protracted litigation.

      I'll add two small things and stop here. #1, for those interested, the case is this one -- https://www.muckrock.com/news/archives/2014/jun/11/why-were-suing-cia/. #2, CIA uses Lotus Notes for its email system.

       

      reply to this | link to this | view in chronology ]

  •  
    icon
    That One Guy (profile), Jul 30th, 2014 @ 7:27am

    Reminds me of a comic

    Kid: How do you spell this word?
    Teacher: Look it up in the dictionary.
    Kid: But I don't know how to spell it.
    Teacher: So look it up in the dictionary.

     

    reply to this | link to this | view in chronology ]

  •  
    identicon
    John Fembup, Jul 30th, 2014 @ 2:07pm

    A "subject" only is insufficient.

    "We require requesters seeking any form of "electronic communications" such as emails, to provide the specific "to" and "from" recipients, time frame and subject. We note that you have provided the subject only. Therefore, we must decline your request."

    Well, no wonder CIA never tells Congress anything!

     

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
Advertisement
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
Advertisement
Recent Stories
Advertisement
Support Techdirt - Get Great Stuff!

Close

Email This

This feature is only available to registered users. Register or sign in to use it.