May 11 2020

Will courts finally make the TSA comply with FOIA?

The tenor of questioning by the judge in a Federal court hearing last week raises hope that the Transportation Security Administration (TSA) might soon be ordered to correct some of its longest standing and most systemic violations of the Freedom Of Information Act (FOIA).

It’s no exaggeration to say that, from its creation in November 2001, the TSA has acted with complete contempt for the FOIA law and the requirements that law imposes on the TSA and all other Federal agencies. Time after time, TSA failure to comply with FOIA has delayed, complicated, or completely frustrated our research and reporting on TSA policies and procedures, and has deprived the public of the opportunity for informed scrutiny and comment on what the TSA is doing, why, and with what effects on our rights.

One chronic problem is the way the TSA responds to FOIA requests for digital records.

Provisions of the FOIA statute that went into effect as part of the Electronic FOIA Amendments Act of 1996 —  years before the TSA came into existence — require that:

5 USC § 552(a)(3)(B)  — In making any record available to a person under this paragraph, an agency shall provide the record in any form or format requested by the person if the record is readily reproducible by the agency in that form or format. Each agency shall make reasonable efforts to maintain its records in forms or formats that are reproducible for purposes of this section.

When it set up its FOIA office and procured software for responding to FOIA requests, the TSA completely ignored this provision of FOIA. In a display of either gross incompetence or gross bad faith, the TSA and its parent the Department of Homeland Security (DHS) appear to have entirely omitted this legal requirement for production of records in any form and format in which they are readily reproducible from their procurement specifications and criteria for evaluation of proposals. Instead, the DHS and TSA standardized on the use of cloud-based FOIAXpress software that is designed to munge all records by converting them to rasterized images embedded in PDF files, regardless of the original file format.

There’s lots of other software that was, and is, capable of redacting files in native formats. But it’s impossible for any Federal agency to fulfill its FOIA obligations with respect to the form and format of production of records by using FOIAXpress. FOIAXpress should have been summarily eliminated from consideration for any Federal agency contracts as not capable of satisfying the EFOIA requirements. No Federal agency should ever have used it.

When challenged in our administrative appeals, the TSA has claimed that because the FOIAXpress software it has chosen to deploy for FOIA processing (in disregard for the law at the time that software was selected)  is incapable of converting files back into native format  after it has been used to rasterize them, the TSA is “incapable” of reproducing the original or the redacted files in their original forms and formats. The issue of whether they could have been redacted while retaining the original format has been ignored — until now.

In addition, the TSA — purely for its own administrative convenience, and not as any result of software limitations — typically concatenates rasterized images of the content of multiple digital records, found as discrete files, into aggregated PDFs that give no indication of which images or PDF pages correspond to which original files, with which original filenames and other metadata and attributes.

In 2014, Sai filed a pro se lawsuit to force the TSA to respond to some of his FOIA requests related to incidents in which he was mistreated by the TSA and its contractors at airport checkpoints. (Independently, Sai filed a ground-breaking challenge to the law that purports to preclude meaningful judicial review of TSA actions. So far as we can tell, that case, now Sai v. Pekoske, remains pending but on hold in the  Court of Appeals for the First Circuit.

Sai’s FOIA case has ground on for five years and counting, with the TSA dragging its feet and repeatedly moving (thus far unsuccessfully) to dismiss what’s left of the complaint. In the most recent published interim ruling, Sai v. TSA, 315 F. Supp. 3d 218 (2018), Judge Randolph D. Moss of the U.S. District Court for the District of Columbia found that:

After Plaintiff filed suit, the TSA responded to each of the six pending FOIA requests and eventually released almost 4,000 pages of records (some with redactions) and three closed circuit television videos. The TSA has now moved for summary judgment…

Plaintiff opposes the TSA’s motion and, with two minor exceptions, challenges virtually every aspect of the TSA’s multiple searches and productions. He contends that, as to each of his six requests, the TSA failed to conduct an adequate search; failed to produce segregable portions of records; withheld metadata and failed to release records in their “native,” electronic format or in “fully digital , non-“rasterized” PDFs; improperly designated records as Sensitive Security Information (“SSI”); and improperly invoked FOIA Exemptions 3, 6, and 7….

As explained below, many of these contentions are not properly before the Court; others are not developed with sufficient clarity to survive summary judgment; and yet others lack legal or factual merit. But there is some wheat among this abundance of chaff. The Court will, accordingly, GRANT in part and DENY in part the TSA’s motion.

Among the issues still alive in the case are the TSA’s insistence on “rasterization” of PDFs (including rasterization of other records, such as text files containing email message source data, after they have been converted to PDFs) and on bundling images of content from multiple records into aggregated PDFs, despite Sai’s requests for “discretization” of each record found as a separate file.

Judge Moss appointed pro bono counsel for Sai, and heard arguments on these issues (by phone, with the public allowed to audit the conference call) last Friday, May 8th.

The best introduction to these issues, the TSA’s practices, and the absurdity of the TSA’s defense of its practices, are found in Sai’s motion for partial summary judgment and the final reply briefs by the TSA and by Sai before the hearing. Sai also submitted extensive exhibits as to the existence of readily-available commercial software capable of redaction of non-rasterized PDF files, while preserving their original format.

Judge Moss suggested that counsel should assume for purposes of the argument Friday that he was likely to rule that producing records in “any form or format  requested … if the record is readily reproducible by the agency in that form or format” requires more than merely producing records in some electronic format of the agency’s choosing.

Judge Moss also noted that there is little FOIA case law on rasterization  (although there is some including this and this), discretization, or production of files in native formats. Noting that is was a case of first impression, and likely to be looked to by other courts, he invited the TSA to provide evidence concerning what it would take, and how burdensome it might be, to redact PDF files without replacing text with rasterized images, or to produce each file as a discrete file.  But the TSA’s lawyer wouldn’t take the hint, and continued to insist that this is not required at all since rasterization is what the TSA’s existing FOIAXpress software is designed to do, and aggregation of multiple files into each PDF is how TSA staff and contractors are trained to use FOIAXpress.

Judge Moss also pointed out that, while the TSA has said it was “not aware of” any alternative to FOIAXpress, it had not put anything on the record to show that it has looked for any other software capable of redacting non-rasterized PDFs or other files in native formats. He invited the TSA to submit such evidence. The TSA’s lawyer didn’t seem inclined to take this hint either, perhaps because the TSA never looked for alternatives to FOIAXpress that would enable the agency to comply with the 1996 EFOIA Amendment Act

In reply argument on this point, Sai’s attorney called the judge’s attention to the guide to redaction provided by the U.S. Court of Appeals for the D.C. Circuit, which describes how to use off-the-shelf Adobe Acrobat Professional version 8.0 (2006) or later to redact information irreversibly from non-rasterized PDF files.

Judge Moss has invited supplemental briefing, which we expect will only strengthen Sai’s case. While it’s always risky to read too much into what questions are asked by judges during oral argument, we are cautiously optimistic that the TSA (and, perhaps, other DHS components) might, as a result of this case, finally be forced to abandon FOIAXpress and start working on ways to release digital records in native formats, as required by the law.

2 thoughts on “Will courts finally make the TSA comply with FOIA?

  1. Will TSA morph into something else or be taken over by a more virulent entity; thereby changing the game?

Leave a Reply

Your email address will not be published. Required fields are marked *