Skip to main content
Blog Post

FOIA Update: Protecting National Security Under the FOIA

FOIA Update
Vol. VI, No. 1

Protecting National Security Under the FOIA

Under Exemption 1 of the Freedom of Information Act, information vital to the national security can be withheld as exempt from disclosure if it meets the substantive and procedural requirements of the current executive order governing national security classification. Many executive branch agencies receive FOIA requests for information which may be classified according to the guidelines established by current Executive Order 12356. They deal with similar concerns in reaching their classification judgments and in applying them under the FOIA.


There is a relatively little-known office that wields tremendous power in overseeing the classification, declassification and protection of national security information. The Information Security Oversight Office ("ISOO") was established by E.O. 12065 in 1978, and now operates under the provisions of E.O. 12356, issued by President Reagan in 1982. ISOO is administratively part of the General Services Administration, but it receives its policy direction and program oversight from the National Security Council.

With a staff of thirteen, ISOO oversees the information security programs of the approximately 65 executive branch departments, independent agencies and offices that create or handle national security information. ISOO has developed a liaison system in which one of its program analysts is assigned to each of these agencies plus the major components of the Department of Defense. The analyst conducts at least one formal inspection annually, while maintaining continuous informal communication. "Given our small size and budget, we essentially oversee the overseers," describes ISOO Director Steven Garfinkel.

ISOO strives to limit national security classification to sensitive information that truly warrants such protection. When disputes or questions arise, ISOO often finds itself in the role of a referee. "Our effectiveness is basically a function of our credibility," Garfinkel says. "Remaining credible to the variety of interests in the classification arena requires common sense, patience, and a healthy dose of luck."

The ISOO Director derives considerable clout from his authority to order an agency head to declassify information, an action that is appealable only to the National Security Council. "Fortunately, we've almost never had to resort to this," notes Garfinkel. "Our experience is that the agencies act most reasonably in those situations where ISOO decides to intervene. We ordinarily do not intervene while administrative or judicial decisions are pending."

Extensive experience in information classification has proven to Garfinkel that constant oversight can help to keep the number of classification actions relatively constant. "The most important variable, however, is the status of world affairs or events," he maintains. "As could be expected, classification activity jumps considerably during crisis situations, such as the takeover of the American embassy in Tehran, the downing of the Korean jetliner, or the bombings in Beirut."

Nevertheless, the high degree of monitorship provided by ISOO and agency overseers has yielded some impressive results. Despite media predictions of wholesale increases in classification, the number of original classification decisions decreased by 18%, or almost 200,000 actions, during the first year of the current executive order's operation. In Garfinkel's judgment, that decrease was especially significant. "To many observers the tally of original classification decisions is the single most important quantitative measure of the information security system. It's great that at a time of increased attention to our national defense and intelligence capabilities, the agencies have been able to keep the number of original classification decisions below the level of the prior system."

E.O. 12356 requires the Director of ISOO to report annually to the President on the progress of the executive branch in implementing its provisions. ISOO's most recently published annual report, which surveyed the first full year of E.O. 12356's operation, received a commendatory letter from President Reagan. ISOO will be issuing another report in the early spring.

Security education is another high priority with ISOO. In addition to monitoring and participating in the programs of other agencies, almost every year ISOO sponsors its own symposium. In December 1984, ISOO held a one-day symposium entitled "National Security Information: Different Perspectives." Approximately 750 persons from government, industry, the media, and special interest groups attended.


At the Central Intelligence Agency, protecting classified information under Exemption 1 of the FOIA is of course vital, but this task is aided by the existence of additional national security protection statutes, such as 50 U.S.C. § 403(d)(3), which requires it to protect "intelligence sources and methods."

Additionally, on October 15, 1984, the President signed into law the "Central Intelligence Agency Information Act," which relieves the CIA of the necessity of searching for and reviewing records in its "operational" files.

The CIA must still apply E.O. 12356 and other appropriate exemptions to records not covered by this blanket protection. Such records include the final agency intelligence products that are directed to the President and national policymakers, as well as administrative and other "non-operational" files.

John H. Wright, the CIA's Information and Privacy Coordinator, estimates that "the agency receives approximately 3000 FOI/PA and E.O. 12356 mandatory classification review requests per year. Many requests entail searches of the most voluminous and diverse types of operational records. Right now, we are completing the process of designating 'operational' files."

"'Operational' files contain the records which describe how we conduct the business of collecting intelligence," says Launie M. Ziebell, the CIA's Associate General Counsel. "A great deal of time was spent futilely retrieving and reviewing documents with full recognition that most, if not all, of the information in them would be exempt from disclosure. We still had to perform a page-by-page review to justify the withholding. We are now largely relieved of that requirement."


"At the Federal Bureau of Investigation, we are constantly re-evaluating organizations and particular investigations to see if they still warrant classification under the current executive order," says Robert F. Peterson, Chief of the FBI's Classification Appeals and Affidavits Unit. "However, reevaluation does not necessarily result in disclosure to a FOIA requester, because of the possible application of other FOIA exemptions, or because the records may still be classified."

There can be many different grounds for continued classification of requested records, according to Peterson. "In some cases, information has been provided to the U.S. government by a foreign government or a foreign agent," he notes. "Regardless of the age of the information, the information may still warrant classification. The source may still be active. The foreign government may not want it known that it has a confidential relationship with an agency of the U.S. government. Also, the nature of the information itself may warrant classification."

Intelligence agencies rely heavily on sources to provide information needed to conduct the agency's business. "One of the major concerns of the FBI is a viable source protection program," says Peterson. "We will do all that is permissible to protect our sources."

E.O. 12356 also allows the classification of investigative techniques, such as telephonic, physical or electronic surveillance. Peterson explains that "the FBI does not withhold investigative techniques in every instance. Depending on the value of the information received, we may disclose publicly known techniques utilized in the past. On the other hand, regardless of the age of the record, we would withhold information in an ongoing investigation or when the technique is unique and not generally known."


The Department of Commerce sometimes receives FOIA requests for its records concerning information about foreign trade, such as information on trade negotiations, restricted commodities or the sale of high technology to Soviet bloc countries. Under the provisions of E.O. 12356, the disclosure of these types of information may, in some instances, be classifiable as reasonably expected to cause damage to national security.

"The Secretary of the Department of Commerce has original classification authority to classify documents at the 'secret' level," says Eric Moll, Chief of Commerce's General Law Division.

"However," he notes, "the majority of classified information dealt with by the Department of Commerce is information that has been derivatively classified. This information typically comes from other federal agencies and is incorporated into a Commerce document.

"When we process records containing information that has derivative classification," continues Moll, "Commerce's Office of Security performs a declassification review. They send our document to the originating agency for a determination on whether that information still warrants classification."

"We coordinate our declassification review with the Commerce Department component which has an interest in the requested information," says Alan F. Brown, Senior Information Security Specialist at Commerce. "We perform a sentence-by-sentence review to see if information can be declassified," adds Brown. "Generally, after a trade agreement has been made public, in response to a FOIA request pertaining to the agreement, we review documents leading to the negotiations. Documents which reflect negotiation strategy are sometimes classified and withheld."

Go to: FOIA Update Home Page

Updated August 13, 2014