Hoffman v. U.S. Customs & Border Prot., No. 20-6427, 2023 WL 4237096 (E.D. Pa. June 28, 2023) (Brody, J.)
Hoffman v. U.S. Customs & Border Prot., No. 20-6427, 2023 WL 4237096 (E.D. Pa. June 28, 2023) (Brody, J.)
Re: Request for certain asylum-related communications, including specifically for records concerning Customs and Border Protection [CBP] capacity to accept asylum seekers
Disposition: Denying defendant’s motion for summary judgment as to search for responsive records; granting in part and denying in part plaintiff’s motion for summary judgment as to search for responsive records
- Litigation Considerations, Adequacy of Search: The court finds that “several deficiencies in CBP’s search render it impossible for a court to conclude at this stage that its search was adequate.” First, the court finds that “the scope of Defendant’s search was not adequate.” “CBP identified the Del Rio Sector Shared Drives as the most likely source for responsive records because it was tasked with administering and coordinating the Eagle Pass [Port of Entry (“POE”)].” “Defendant further explains that CBP did not search for paper records because the records sought were uniformly electronic records.” “The decisions to focus on the Del Rio Sector, and to search only for electronic records, were both appropriate given the factual context of this case.” “There can also be no question that, as to scope, a search of all email accounts in the cbp.dhs.gov domain is satisfactory.” “Defendant also argues, however, that the visual inspections of [two individuals’] mobile devices were conducted reasonably so as not to create an undue burden.” “Specifically, Defendant argues that its search, which focused on the WhatsApp encrypted chat application, was adequate for two reasons: 1) the two active mobile devices were inspected in person; and 2) any responsive messages on the two inactive mobile devices – one of which had had its memory wiped, and one of which has not been located – would have been transferred over with the [two individuals’] phone numbers.” “[The court] cannot conclude that the scope of Defendant’s search with respect to [the two individuals’] mobile devices was adequate.” “Suffice it to say here that Defendant must offer more than a perfunctory unsworn declaration about a ‘visual inspection’ and a bare, unelaborated statement that any responsive records would have been transferred over from the agents’ inactive devices, to show that the scope of CBP’s search was adequate.” “Nor do Defendant’s ‘conclusory’ declarations regarding CBP’s visual inspections meet the criteria of a ‘reasonably detailed affidavit, setting forth the search terms and the type of search performed, and averring that all files likely to contain responsive materials were searched.’”
Second, the court finds similarly regarding the search terms used. The court finds that “Defendant correctly argues that the terms used to search the Del Rio Sector Shared Drives were reasonably calculated to uncover all responsive records.” “The additional search terms proposed by Plaintiff would be superfluous and unlikely to uncover further responsive records.” “The same cannot be said, however, for the search terms CBP used to search email inboxes in the cbp.dhs.gov domain.” “Even granting the appropriate discretion to Defendant to craft its own search terms, [the court] cannot conclude that the key phrases CBP chose to employ in its email search were adequate.” “The search terms CBP employed only encompass the first and second parts of Plaintiff’s request . . . while plainly ignoring the third, fourth, and fifth items of Plaintiff’s request . . . .” Additionally, responding to defendant’s argument, the court finds that “[w]hen an agency claims that a search would constitute an undue burden, the agency must ‘provide sufficient explanation as to why such a search would be unreasonably burdensome.’” “A sufficient explanation should detail ‘the time and expense of a proposed search in order to assess its reasonableness.’” “Defendant’s bare assertion that a more thorough search would generate too many records is insufficient to explain why the use of a wider set of search terms would prove unreasonably burdensome.” “Defendant’s argument is even more questionable considering that, as Defendant itself admits, CBP limited its search to electronic records.” “Federal agencies cannot reap the benefits of massive, easily searchable data sets while also claiming that the size of those data sets renders an adequate FOIA search unduly burdensome.” “As database search technology continues to evolve at breakneck pace, the standard for establishing that a given search would cause an undue burden must necessarily evolve along with it.” “Here, no extraordinary measures are required for CBP to conduct a revised search that meets this standard for adequacy.”
Additionally, the court holds that “Plaintiff is entitled to a partial grant of summary judgment and partial injunctive relief.” The court finds that “Plaintiff has not shown that Defendant’s failure to specifically search [Migrant Crisis Action Team (“MCAT”)] custodians makes its search inadequate as a matter of law.” “Plaintiff’s contention is essentially that, because MCAT oversaw migration-related issues on the Southwest border, and MCAT reports were identified in the . . . search, MCAT custodians must necessarily possess responsive records that Defendant’s search did not uncover.” “But this falls short of the standard requiring positive indications that materials were overlooked.” “Given that Plaintiff’s request focused on Eagle Pass POE, Defendant’s limitation of its search to the Del Rio Sector and [Office of Field Operations] Laredo Ops was reasonable.” “Next, Plaintiff argues that CBP’s decision not to search for responsive cell phone records, text messages, and call logs renders its search unreasonable and inadequate.” The court notes that “Plaintiff’s request seeks ‘any and all correspondence’ and ‘any and all communications.’” “The FOIA request at issue in this litigation was not limited to WhatsApp[,]” as defendant suggests. “Plaintiff proffered information to CBP that CBP officials often communicated . . . via WhatsApp.” “It would be unfair to treat that proffer of information as a retroactive narrowing of the scope of her initial request.” Regarding the search covering mobile devices that did take place, the court holds that “Plaintiff identified two people who were likely to have responsive records on their mobile devices.” “Of the two mobile devices active from January 1 to February 21, 2019, one had its memory wiped, and the other was ‘turned in’ but has since been mysteriously lost to the sands of time.” “Defendant tells the Court, however, that all data on the old devices would have transferred over to the new devices.” “These new devices were then subjected to a vague ‘visual inspection’ about which nothing is known except that these inspections ‘focused on the WhatsApp application,’ and that they were conducted by agents with no training in forensics or digital data recovery.” “This is plainly insufficient.”
Of note, the court also relates that “[t]he record shows that [two individuals] were issued new mobile devices on February 7, 2020, and January 6, 2020.” “The timing of when these devices were issued raises the possibility that [one] mobile device had its memory wiped, and [the other] mobile device went missing, long after Plaintiff had submitted her original FOIA request for communications and correspondence in late February 2019.” “At this time the Court does not have sufficient information to determine whether those devices contained responsive records, or whether any responsive records they did contain have since been lost or are available elsewhere.” “Accordingly, Defendant must . . . submit sworn declarations setting out in detail the sequence of events leading to: 1) the wiping of the data on [one] inactive mobile device; 2) the loss of [the other] inactive mobile device; and 3) the efforts CBP has taken to either recover any data that was lost from either device, or to verify that all data was transferred from the inactive mobile devices to the active mobile devices.” “These sworn declarations must also be from declarants with personal knowledge of these efforts who are qualified information technology or forensic data recovery specialists.”