FOI UPDATE 2000: Federal legislation
By Kevin Goldberg
The first session of the 106th Congress saw a number of developments with regard to access to government information. However, federal lawmakers enacted only two bills into law. Unfortunately, those laws were perhaps the most dangerous to have passed as they restrict access to critical forms of government information. Heightened activity is expected during the second session of Congress in the area of medical privacy where eight different bills have already been introduced. Congress also will take a hard look at the effect of technology on government and private sector information during the current session.
The Chemical Safety Information and Site Security Act of 1999 exempts from access records of vital importance to local communities where hazardous-chemical facilities exist. This new law represents a disturbing trend of restricting access because of perceived threats to personal and national security because the information is available on the Internet.
The bill was a reaction to concerns raised by the Chemical Manufacturers Association to the Federal Bureau of Investigation. The 1990 Clean Air Act required every chemical facility in the nation to file with the Environmental Protection Agency information known as risk management plans.
Part of each RMP is known as an "off-site consequence analysis" also called "worst case scenario information" because it details the worst possible outcome in terms of damage to property and lives lost in the event of a chemical accident. The EPA had announced plans to post the off-site consequence analyses on the Internet.
As the June 1999 deadline for those reports approached, the CMA persuaded the FBI and others that the worst-case scenario information was a blueprint for terrorists, although there has never been a documented terrorist attack on a chemical plant in the United States. In lobbying the FBI and the White House, the CMA played upon fears that terrorists worldwide could access this information at the click of a button.
The bill that eventually was passed restricts access to off-site consequence analysis information in a number of ways. First, it states that the president, by Aug. 5, 2000, must assess the risk of terrorist activity caused by posting this information on the Internet, while balancing that risk with the benefits access creates for citizens in the local community. More importantly, during that one-year period, offsite consequence analysis information is not accessible through FOIA.
Regulations are to be promulgated after that first year with a specific directive given to the EPA to investigate whether the information should be distributed electronically in a read-only format apparently conflicting with the Electronic Freedom of Information Act amendments' mandate that records be accessible in any format in which they are readily reproducible.
Driver's license information
Despite the fact that the 1994 Drivers Privacy Protection Act already had been set for oral argument before the Supreme Court, Sen. Richard Shelby, R-Ala., attached a provision to the Fiscal Year 2000 Appropriations Bill for the Department of Transportation (S 1143), which would dictate to states how they must distribute information contained in motor-vehicle records. The access community lost on both counts, as the DPPA was upheld by the Supreme Court as a constitutional exercise of congressional power and the Transportation Appropriations Bill was passed into law.
The Shelby legislation prohibits any state from receiving federal highway funds if it provides personal information contained in a driver's license or motor vehicle record without the express written consent of the person to whom the information pertains (the "opt-in" approach). The law covers all factual information, including that which could be obtained through other sources. There is one exception, whereby law enforcement agents can have access to a driver's license or the photograph of an individual.
Five bills relating to the privacy of medical records were introduced in the House of Representatives in 1999: HR 1057 (Medical Information Privacy and Security Act), HR 1941 (Health Information Privacy Act), HR 2404 (Personal Medical Information Protection Act of 1999), HR 2470 (Medical Information Protection and Research Enhancement Act of 1999), and HR 2878 (Medical Privacy in the Age of New Technologies Act).
Three bills were introduced in the Senate: S 573 (Medical Information Privacy and Security Act), S 578 (Health Care PIN Act), and S 881 (Medical Information Protection Act of 1999).
Collectively, these bills cover a number of topics related to access. While two of the bills (HR 1057 and S 573) seek to provide individuals with better access to health information regarding them personally, the impetus behind all eight bills is to protect personal privacy with respect to health care-related information. Various methods are used to achieve this goal, including the creation of a personal identification numbering system for medical records, the imposition of strict penalties for the unauthorized release of confidential medical information, and restrictions on the formats in which records may be kept. This last method causes the most concern, as efficient access to information needed by many would fall by the wayside because of fears that the Internet cannot adequately protect and safeguard personal information.
None of these bills received a hearing during the first session of the 106th Congress.
Critical infrastructure information
Two congressmen are preparing to introduce legislation that would create a new exemption for information voluntarily submitted to the federal government by private companies. Rep. Tom Davis, R-Va., and Rep. Jim Moran, D-Va., have drafted legislation which would give businesses immunity from FOIA for information received by the federal government in conjunction with efforts to protect the nation's critical network infrastructure.
As part of a plan devised by the Clinton administration to protect critical networks from attack, private companies would share critical network infrastructure information with the government. Financial, telecommunications, transportation, water supply, oil and gas, electrical generation, health companies, as well as those performing essential government functions, were charged with developing centers, called Information Sharing and Analysis Centers, which would share information among the companies and help protect the systems from attack. The Department of Justice has stated it will work with legislators to ease the fears of businesses that their information would be accessible to FOIA if given to the government.
The legislation would provide an exemption from FOIA for information provided from a non-federal source to a critical infrastructure protection office or program if the submitter expressly requests assurance that the document will not be made available under FOIA. These protections would extend for a period of five years from the date of submission, though the submitter can request a renewal of the protection at the end of any five-year period, meaning the exemption could continue in perpetuity. Failure to comply with the law could result in disciplinary action for the FOIA officer who released the information.
Critics of the proposed legislation point out that this "(b)(3)" exemption is unnecessary that any sensitive information would fall under one of the nine existing FOIA exemptions. The government believes that this exemption would simply create an additional protected channel for potentially valuable information the government could not otherwise acquire.
Announcement was made on Feb. 23, 2000, that legislation would be introduced, but there had been no action as of March 6, 2000.
Privacy Protection Study Commission
In the last week of the first session, Senator Herb Kohl, D-Wis., introduced S 1901, the Privacy Protection Study Commission Act of 1999. This bill would create a commission to evaluate the efficacy of FOIA and the implementation of EFOIA.
Members of the commission could recommend changes to protect personal privacy as the role of technology grows in collecting, storing, and distributing government information. The purposes of the commission would be to:
- Examine the implications of new and existing technologies on individual privacy.
- Ensure appropriate privacy protection of both government and private sector uses of personal information.
- Evaluate new technology and its ability to enhance electronic data privacy.
- Study the extent, need, and feasibility of individual control over personal information.
The bill appears to pose a distinct threat to the availability of government information on the Internet. Representatives of the American Society of Newspaper Editors, the Newspaper Association of America, the Radio-Television News Directors Association, and the Reporters Committee for Freedom of the Press met with Sen. Kohl's staff to discuss the bill. The staff members explained that Sen. Kohl recognizes the potential of the Internet in improving the efficiency of government and increasing access to government records and stated that the bill was intended to ensure that access would continue in the face of panic over technology and personal information.
In both the 105th and 106th Congresses, bills were introduced that would have increased access to congressional documents. In the 106th Congress, these bills take the form of the Congressional Research Accessibility Act (HR 654) and the Congressional Openness Act (S 393). HR 654 would make available to the public reports released by the Congressional Research Service. The CRS is considered the top source for nonpartisan evaluation of legislation-related issues. Despite the fact that the CRS is a taxpayer-funded service, the results of its research are available to the public only if a citizen requests certain information from his or her Congressman. HR 654 would allow citizen access to the CRS website, and the information on that site, on a time-delayed basis.
S 393 would also provide access to CRS reports. In addition, it would allow the public access to Senate lobbying and gift report filings and Senate and Joint Committee documents.
Unfortunately, as in the 105th Congress, neither bill has received enough support to make passage a realistic result. While one hearing was held in the Senate Committee on Commerce, Science, and Transportation in the 105th Congress, no hearings have been held in either House during this Congress.
Wholesale declassification of government records is on tap in three bills which would provide for the identification, collection, and review for declassification of records and materials that are of extraordinary public interest to citizens of the United States. Two of these bills, S 22 (the Government Secrecy Reform Act of 1999) and S 1801, were introduced by Senator Daniel Patrick Moynihan (D-NY). The third bill is HR 3152.
These bills would provide for a system of review in order to provide access to information which has been classified for long periods of time. They would presumptively declassify information which has been considered classified for decades (the actual period of time before mandatory declassification varies from bill to bill). They would also create a central office which would be charged with oversight of the declassification process and with any decisionmaking as to whether given records should be declassified.
None of these bills has seen any action during the 106th Congress.
Department of Agriculture information
One of the more intriguing pieces of legislation introduced in the 106th Congress is the Freedom to E-File Act, introduced in the House of Representatives as HR 852 and in the Senate as S 777. These identical bills would require the Department of Agriculture to establish an electronic filing and retrieval system to enable the public to file all required paperwork electronically with the Department and to have access to public information on farm programs, quarterly trade, economic, and production reports. A hearing has been held in the Subcommittee on Department Operations, Oversight, Nutrition and Forestry of the House Agriculture Committee. While these bills relate to a very specific area of information not accessed by the general public, they are important to watch as they could provide a blueprint for congressionally mandated electronic access to information.
The Human Rights Information Act (HR 1625) proposes a process for declassifying on an expedited basis certain documents relating to human rights abuses in Guatemala, Honduras, and other regions. The Japanese Imperial Army Disclosure Act (HR 3561) would require disclosure under FOIA of information regarding certain persons and records of the Japanese Imperial Army. Neither bill has received a hearing and neither appears likely to become law, despite the fact that similar legislation relating to Nazi War Crime Records was enacted into law during the 105th Congress.
Broken down strictly according to the numbers 24 bills introduced, 13 in the House, 11 in the Senate, with two bills enacted into law the outcome is not so bad. However, with eight medical privacy bills looming large, it is highly likely that restrictive legislation will be passed in this area. In addition, the critical infrastructure legislation provides the opportunity for Congress to impose a widespread exemption on key information because of security concerns. Bills involving the Internet and electronic information appear to pose the greatest threat to FOI principles in the next few years.
Kevin Goldberg of the Washington, D.C., law firm of Cohn & Marks is co-counsel for the American Society of Newspaper Editors.
Resources for 'Access and Technology: Recovering the Promise'