History
  • No items yet
midpage
278 F. Supp. 3d 11
D.D.C.
2017
Read the full case

Background

  • Sheridan, a pro se requester, sought the e-QIP system source code and design/operations manuals from OPM via FOIA (request made April 2015); he sued after OPM failed to timely respond.
  • e-QIP is OPM’s web-based system used to collect and transmit background-investigation forms for federal employment; blank forms are public but submission/adjudication use e-QIP.
  • OPM located responsive material (about 3,241 source-code files, a 79‑page design manual, and a 109‑page operations manual) but declined production.
  • OPM invoked FOIA Exemption 7(E) (and alternatively Exemption 2) arguing disclosure would reveal law-enforcement techniques/guidelines and risk circumvention of background checks and cyber-intrusion/phishing.
  • Sheridan argued disclosure posed no harm (public forms already available), that source code is modular and thus segregable, and that Exemption 2’s public-interest limit applies.
  • The Court granted OPM summary judgment, holding Exemption 7(E) applies and that OPM satisfied the segregability requirement.

Issues

Issue Plaintiff's Argument Defendant's Argument Held
Whether records were "compiled for law enforcement purposes" under Exemption 7 Sheridan: e-QIP is merely a collection/transmission system; not law-enforcement techniques OPM: e-QIP supports background investigations (a law-enforcement purpose) Held: Records were compiled for law-enforcement purposes
Whether production would "disclose techniques and procedures" under Exemption 7(E) Sheridan: public forms show nothing about adjudication; code may not reveal evaluation process OPM: source code/manuals are a roadmap revealing how data is analyzed and triggers investigations Held: Production would disclose techniques/procedures
Whether disclosure "could reasonably be expected to risk circumvention of the law" Sheridan: cyber-risks exist regardless; prior intrusion occurred without source code; expert says release adds no significant risk OPM: logical risk shown — code would aid cheating background checks and facilitate hacking/phishing; agency expertise entitled to deference Held: OPM met the relatively low burden to show a reasonable risk of circumvention
Whether any reasonably segregable, non-exempt portions must be produced Sheridan: source code modularity (3,241 files) implies segregable non-exempt portions OPM: non-exempt portions are inextricably intertwined and disclosure of any part would aid circumvention/phishing Held: OPM sufficiently justified non-segregability; withheld records in full

Key Cases Cited

  • Milner v. Dep’t of Navy, 562 U.S. 562 (agency Exemption 2/FOIA framework and scope of exemptions)
  • Mittleman v. Office of Personnel Management, 76 F.3d 1240 (background-investigation records relate to law enforcement)
  • Morley v. CIA, 508 F.3d 1108 (security-clearance/background procedures are law-enforcement related)
  • Sack v. U.S. Dep’t of Defense, 823 F.3d 687 (Exemption 7(E) covers disclosures about use/timing/effectiveness of investigative techniques)
  • Blackwell v. FBI, 646 F.3d 37 (technical forensic procedures qualify as law-enforcement techniques under Exemption 7(E))
  • Mayer Brown LLP v. I.R.S., 562 F.3d 1190 (low burden for showing a reasonable risk of circumvention under Exemption 7(E))
  • Dep’t of the Air Force v. Rose, 425 U.S. 352 (public-interest limitation on Exemption 2)
  • Sussman v. U.S. Marshals Serv., 494 F.3d 1106 (agency entitled to presumption it complied with segregability requirement)
Read the full case

Case Details

Case Name: Sheridan v. U.S. Office of Personnel Management
Court Name: District Court, District of Columbia
Date Published: Sep 29, 2017
Citations: 278 F. Supp. 3d 11; Civil Action No. 2016-0805
Docket Number: Civil Action No. 2016-0805
Court Abbreviation: D.D.C.
Log In
    Sheridan v. U.S. Office of Personnel Management, 278 F. Supp. 3d 11