FOIA in the COVID-19 Era: When Government Agencies Can’t Comply with Government Mandates

Transparency is the cornerstone of democracy—when government information flows freely, it shines a light on every corner. It’s the best defense against corruption and the strongest weapon for liberty. That’s why the Freedom of Information Act (FOIA) is so critical. Title 5 U.S.C. § 552 of the United States Code guarantees public access to government information in the interest of providing transparency. FOIA requires agencies to locate, review and provide responsive documents within 20 business days, and many state and local jurisdictions have even more stringent regulations.

Now, back to the real world. In the digital era, with more information being generated than ever before, how fast and accurate are government responses to FOIA requests?

Long-suffering compliance executives will appreciate this: Government agencies often can’t comply with government mandates. It’s been bad for a while, and in the COVID-19 environment, it’s become much worse.

The vast quantities of regulated information are matched by the inability to find the right data; agencies don’t have the technology or the processes. For example, in 2018, the Department of Justice received 830,000-plus FOIA requests at a cost of $504.7 million; 90% of this was spent on processing requests. Those on the ‘simple’ track were met in 30.77 days; those on the ‘complex’ track took an average of 71.92 days. The federal government simply couldn’t find requested information in more than half of all FOIA cases. And those may have been the good times.

A global pandemic has made the situation tangentially worse. It’s a domino effect of sorts. As COVID-19 ran rampant, state and local governments began issuing broad edicts, such as Executive Orders (EOs), to release information and help protect consumers. Not every constituency accepted the legality of those sweeping mandates, and many responded by filing lawsuits. As the suits gained traction, there was a massive spike in FOIA requests. Officials sought to respond as fast as possible, but the challenges often proved overwhelming. In fact, some agencies are reported to have said that many requests will not be met until the pandemic is effectively over.

Here’s a hint of how it’s playing out at the local level. New York’s “FOIL” law requires a response within an astounding 5 business days; the current mean response time is 100 days. Regulations in the District of Columbia mandate a response within 15 business days; the current mean is 125 days. In fact, it’s likely that few if any States are meeting their FOIA requirements.

So much for transparent government.

One obvious problem is that many agency employees have been working remotely, perhaps for the first time ever. There were no contingency plans for such a drastic change. But technology also has a lot to do with it—and it may lead the way to significantly better options.

Most public sector organizations have a decentralized and on-premises approach to information management. Massive volumes of data reside on local servers, work stations, and users’ laptops, which makes it near-impossible to conduct a centralized search. There was a time when existing eDiscovery tools met staffers’ needs, but those days are long gone—when multiple professionals in multiple locations need uniform access, there’s a rapid breakdown.

So what’s the answer here? It’s up in the cloud.

A central, cloud-based archive for managing most records would make all data easily available not only for FOIA and eDiscovery requests but many routine business processes as well. In addition, a centralized data repository would apply role-based access controls to ensure only authorized agency employees have access to sensitive data, and provide important security features such as automatic data masking or redaction of personal information. It would also help to ensure that expired content is automatically deleted through defensible disposition, which would in turn raise employee productivity, enhance compliance, and reduce the risk of sensitive data leakage.

And here’s the best part: The new technologies may already be paid for.

The Cares Act and subsequent legislation, which provides over $350 billion in resources for state and local government agencies, deem IT improvements that facilitate FOIA processing as eligible expenditures.

Ensuring compliance with FOIA requests in the short term is indeed important. However, implementing a cloud-based and centralized approach to information management will deliver benefits far beyond the current challenges.

Bill Tolson is VP of Global Compliance & eDiscovery at Archive360, and specializes in multiple aspects of compliance, including data security, cloud computing, Machine Learning and cloud archiving.