Searching over 5,500,000 cases.


searching
Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.

Electronic Privacy Information Center v. Federal Bureau of Investigation

United States District Court, District of Columbia

February 21, 2017

ELECTRONIC PRIVACY INFORMATION CENTER, Plaintiff,
v.
FEDERAL BUREAU OF INVESTIGATION, Defendant.

          MEMORANDUM OPINION

          Amit P. Mehta United States District Judge.

         I. INTRODUCTION

         Plaintiff Electronic Privacy Information Center brings this Freedom of Information Act (“FOIA”) action against Defendant Federal Bureau of Investigation (“FBI”), seeking disclosure of unpublished privacy assessments prepared by the agency. These assessments, known as “Privacy Impact Assessments” and “Privacy Threshold Analyses, ” are designed to evaluate whether the FBI's information technology systems effectively protect sensitive personal information that comes into the agency's possession. The FBI produced the privacy assessments sought by Plaintiff but with heavy redactions.

         This action is before the court on the parties' cross motions for summary judgment. Plaintiff contends that the FBI failed to: (1) conduct an adequate search; (2) justify its redactions of the privacy assessments under FOIA Exemption 7(E); and (3) demonstrate that it disclosed all reasonably segregable portions of the records responsive to Plaintiff's request. Defendant, for its part, seeks judgment on the adequacy of its search, its withholdings, and its segregability determination.

         The court agrees with Plaintiff that the FBI has neither adequately described its search nor properly justified its withholding of information under FOIA Exemption 7(E). The court will not, however, order disclosure of the withheld information at this time, but instead will give the FBI an opportunity to supplement the record. The court also will defer evaluating the FBI's segregability determination until after it renews its Motion for Summary Judgment. Accordingly, for the reasons that follow, the court grants in part and denies in part the parties' cross motions for summary judgment.

         II. BACKGROUND

         A. Factual Background

         On June 4, 2014, Plaintiff Electronic Privacy Information Center (“EPIC”) submitted a FOIA request to Defendant the Federal Bureau of Investigation (“FBI”) seeking all unpublished FBI Privacy Impact Assessments (“PIAs”) and Privacy Threshold Analyses (“PTAs”). Def.'s Mot. for Summ. J., ECF No. 26 [hereinafter Def.'s Mot.], Def.'s Stmt. of Mat. Facts, ECF No. 26-1 [hereinafter Def.'s Stmt.], ¶ 1; Pl.'s Mot. for Summ. J., ECF No. 27 [hereinafter Pl.'s Mot.], Pl.'s Stmt. of Mat. Facts and Resp. to Def.'s Stmt., ECF No. 27-2 [hereinafter Pl.'s Stmt.], ¶ 1.

         Generally speaking, PIAs and PTAs concern the FBI's methods for collecting and storing personal information. A PIA is “an analysis of how information in identifiable form is collected, stored, protected, shared, and managed” in federal agency information technology (“IT”) systems. More specifically, a PIA analyzes an agency's IT systems in order to: “(1) ensure that handling conforms to applicable legal, regulatory, and policy requirements regarding privacy; (2) determine the risks and effects of collecting, maintaining, and disseminating information; and (3) examine and evaluate protections and alternative processes for handling information to mitigate potential privacy risks.” Def.'s Mot., Ex. 1, ECF. No. 26-2 [hereinafter Hardy Decl.], ¶ 6. A PTA is a more limited report that “contains basic questions about the nature of the system [in question] in addition to a basic system description.” Id. ¶ 7. The purpose of a PTA is “to assess and document whether a PIA is required.” Id. ¶ 7.

         Specifically, Plaintiffs FOIA request sought:

• All Privacy Impact Assessments [“PIAs”] the FBI has conducted that are not publicly available at http://www.fbi.gov/foia/privacy-impact-assessments/department-of-justice-federal-bureau-of-investigation.
• All Privacy Threshold Analysis [“PTAs”] documents and Initial Privacy Assessments the FBI has conducted since 2007 to present.

         Def's Stmt. ¶ 2.

         On June 17, 2014, the FBI acknowledged receipt of Plaintiff s FOIA request and informed Plaintiff that it would search for responsive records in its Central Records System (“CRS”), as is standard agency protocol. Id. ¶¶ 4, 6; Pl.'s Stmt. ¶ 2. Upon further review of Plaintiff s request, however, the FBI determined that it needed to conduct additional searches outside the CRS in order to locate all potentially responsive documents. Def's Stmt. ¶¶ 9-16. The FBI designed a “targeted search” to locate those records and, on June 27, 2014, directed the Privacy and Civil Liberties Unit (“PCLU”) of the FBI's Office of ...


Buy This Entire Record For $7.95

Download the entire decision to receive the complete text, official citation,
docket number, dissents and concurrences, and footnotes for this case.

Learn more about what you receive with purchase of this case.