Modernize FOIA to increase its Sunshine effect

Visit the newly minted FOIA.gov website, and you’ll see various statistics on FOIA requests and processing times. For 2023, the average processing time for simple requests for all agencies ranged from the low of one day to the high of 636 days. 

That this information is readily available is a good thing and is thanks to the 2016 FOIA Improvement Act and the new online consolidated portal for FOIA requests it created. The fact that we know that it took almost 30 times the statutory requirement to complete a FOIA request means it’s obvious that more improvements must be made. With the annual observance of Sunshine Week, which brings awareness to the public’s right to access government records, now is the time to discuss modernizing FOIA

It has been 8 years since FOIA laws were last revised. Passed at a time when the iPhone 7 was in popular demand, technologies and expectations of the user experience have come a long way. Investments in policy, people, and processes are critical to improve a law whose utility has not yet reached its full potential. This was a cornerstone of my tenure while I served as the chief FOIA officer at the Homeland Security Department.

FOIA should be updated again to create a uniform compliance framework for all agencies subject to the law, similar to how the National Institute of Standards and Technology offers a standardized cybersecurity and privacy compliance framework. Loosely coining this effort, the FOIA Compliance Framework , it would provide uniformity and consistency among the entirety of the federal government to enhance FOIA’s transparency mandate.

This FCF would include all three attributes used to define strong operational readiness of an organization – policy, people, and process.  

The existing FOIA statutory provisions would serve as the overarching policy umbrella for the FCF. We’d streamline the interpretation and guidance of this policy under one governing entity, such as the U.S. attorney general. Agencies would be discouraged from diverting from those guardrails. This standardization approach in interpretation could eliminate any disparate treatment of a similarly worded FOIA request sent to different agencies. 

The FCF also would outline the requirements for using federal employees (and when necessary, contractors) in the FOIA request lifecycle. It would address training, retention, and career growth opportunities that would improve the often-monotonous work in record-processing to one that is interesting and purposeful. For example, perhaps we could implement an inter- or intra-department job rotation program or incentivize continuous improvement metrics. It also would encourage collaboration between stakeholders within each agency when adjudicating requests, such as records managers and de-classifiers.

Most importantly, the FCF would rely on processes involving technologies, such as artificial intelligence (AI), to adapt to our modern times. At a recent meeting of the Chief FOIA Officers Council, the Justice Department stated that the need for technology like AI is critical to increasing automation in record processing time. A risk-based approach would not only improve response times for the requester, but it could serve as triage-bot whereby the complex requests would be preserved for human monitoring and the simple requests could be answered quickly using technology. Under the right conditions, harnessing the power of AI is an ideal solution and new normal in this digital age. 

A modern-day FOIA needs to adopt changes that are uniform and consistent across all the covered agencies. Using the NIST framework as inspiration, these investments in FOIA would offer greater trust in our government at a time when public opinion polls show that trust in the federal government is returning to near record lows. 

The American public has come to expect reasonable transparency in dealing with government institutions. FOIA has become a means in which to assure that the citizenry is informed, in a timely manner, with a level of thoroughness that does not risk other coveted aspects of American life. Standardizing all variables of the FOIA experience among all agencies is a natural progression of maturing the law.

Dena Kozanas is an associate general counsel and chief privacy official at MITRE and the former chief privacy officer/chief FOIA officer at the Homeland Security Department.