The government is responsible for drafting laws, but it is never above them.

Under the principles codified in the Freedom of Information Act (FOIA), U.S. citizens have the right to demand transparency from public-service bodies in the form of access to open records. The FOIA regulation has been instrumental in enhancing American citizen’s access to information about their government bodies and policy makers. But it’s also proven to be a challenge for federal organizations to navigate. Consequences of non-compliance can be severe, ranging from litigation and fines to a massively damaging agency and government reputation.

Meanwhile, technology is evolving, and with it, the scope of what constitutes a record is expanding. Nowadays, records can come from nearly all digital channels — collaboration tools like Slack or MS Teams; social media platforms like X or Facebook; as well as emails, websites, and even text messages.

The best way to manage compliance under the FOIA is to first understand its terms. This article breaks down the law with a focus on how agencies can achieve compliance and effectively respond to open records requests.

What is FOIA Regulation?

The Freedom of Information Act was introduced in 1966 and enacted the following year. It allows members of the public to access government records. The law requires that all federal bodies disclose all records requested within a specified time frame. In the nearly 50 years that it’s been in effect, the FOIA has seen multiple revisions. The last major update was the Freedom of Information Improvement Act (2016), which added more benefits for the general public. It strengthened transparency, made it easier for the public to access government records, and addressed agency practices that had often delayed or denied access.

Which bodies are covered under FOIA?

The FOIA applies to all executive branch departments, federal regulatory agencies, and federal corporations. States and local government bodies are not included, although all states, and most local governments, have their own open records laws, which outline similar requirements. Congress, federal courts, and the President and immediate staff are also excluded from the FOIA.

Who can make a FOIA request? How?

A FOIA request can be made by any individual, regardless of citizenship. Corporations can also make FOIA requests. Only fugitives, and federal agencies and intelligence agencies of foreign governments cannot request records under the FOIA.

Records can be requested through mail, fax, or online. The FOIA allows users to submit requests on its official website, but many agencies accept requests through their own online portals. Official requests may be tailored to the organization they are being submitted to, but always clearly define scope and include sufficient details. The FOIA website offers this breakdown of how to submit a request by agency.

What records can be requested under the FOIA?

FOIA requests can be made for any official “agency records.” This includes documents either created, obtained by, or under the control of the agency at the time of request. It’s a broad definition that includes any material produced, held, or transmitted by a government organization. This also includes all websites, social media, and digital channels government agencies use.

Members of the public are encouraged to do their due diligence before filing a report, to ensure the information is not already a part of the public domain.

What are the nine categories exempt from the FOIA?

Given the scope of the law, it’s easier to speak to the types of records that are excluded from FOIA rather than trying to cover everything that is included. The FOIA outlines nine categories of materials that agencies are not required to release:

• Information classified for national security reasons
• Information related to an agency’s internal personnel rules and practices
• Information prohibited for disclosure by another federal law
• Privileged communication between agencies
• Confidential financial or business information
• Certain law enforcement agency documents
• Information that violates a person’s right to privacy
• Information about the regulation or supervision of a financial institution
• Geological data about wells

If any of these requests are made, agencies have the right to withhold information. The law also prohibits the public from making requests that could impede an ongoing investigation. It also excludes highly classified intelligence documents.

Learn more about the exclusions and exceptions on the FOIA’s official website.

What are the risks of FOIA non-compliance?

Agencies have 20 days to respond to a records request. They may be granted an additional 10 days under exceptional circumstances, but as per the latest version of the law, agencies can be fined for additional delays. Beyond that, the risks of non-compliance include:

• Litigation: A non-compliant agency can be taken to court. Failure to produce records when requested may lead to sanctions, fines, as well as the burden of bearing accrued legal costs.
• Lack of evidence: Electronic records may be requested as part of the eDiscovery process of a trial. Agencies must ensure compliant recordkeeping to provide this evidence. In these cases, non-compliance will complicate litigation and can result in sanctions or legal penalties.
• Fines and Sanctions: Agencies that willingly withhold information open themselves up to penalties and sanctions.
• Loss of reputation: Failure to comply is also damaging to agency reputation. Having issues of non-compliance or withholding of records go public often result in PR crises and an erosion of trust with the public.

Refusal to comply or failure to produce complete records are treated seriously. In 2025, for example. a court found Prince William County Commonwealth’s Attorney Amy Ashworth guilty of six FOIA violations. Ashworth’s office was accused of failing to produce 172 emails in a timely manner, and over-redacting them when they were eventually released. As a result, the office was handed a USD $25,000 bill.

Challenges in Maintaining FOIA Records

Many agencies struggle with open records compliance due to resource constraints. Recordkeeping has become more challenging as the volume and complexity of records grows exponentially. The rapid influx of new social media platforms has also made compliance tricky for government bodies, on many fronts.

Capturing and storing of records

The FOIA and the National Archives and Records Administration (NARA), outline clear rules on what constitutes a “record.” It includes materials found across online and offline channels. A court must also be able to verify the authenticity and integrity of the records. For these reasons, all official electronic records must be stored in formats that preserve metadata, resist tampering, and ensure authenticity.

Though often seen as an “easy way” to capture records, screenshots lack these features and are thus inappropriate for records capture and storage.

Many agencies choose to rely on website or server backups for records capture and storage, but inevitably run into issues: server backups have proven to be both inefficient and expensive. And most material retrieved from CMS systems do not meet the tamper-proof criteria for records capture, storage or production.

Digital archiving is the only solution that ensures complete open records compliance.

Growing complexity of recordkeeping

The proliferation of digital channels poses a second problem and has made keeping up with FOIA regulations incredibly complex.

The biggest issue is with regard to the new types of materials covered under the law. This includes bodycam videos, Zoom recordings, AI transcripts, chatbot generated requests, social media accounts, internal communication platforms, websites, and more. Most of this data is unstructured, it lacks a predefined format or organization, making it difficult to capture, store, and produce in a timely manner, using traditional recordkeeping methods. Further adding to the complexity is the increased prevalence of various (large) media formats like images, audio, and video.

This complexity has resulted in a backlog of over 200,000 reports in 2024, as per an official FOIA study.

Spike in number of requests

Since its introduction in the 1960s, the FOIA has gotten a lot of attention. The number of requests filed by year has grown steadily. In 2024, agencies received 1.5 million FOIA requests. The Justice Department Office of Information Policy said this was a record breaking figure. To their credit, agencies kept pace by processing 1.4 million requests. But the backlog remains a cause for concern.

Agencies at all levels of government are seeing more records requests than ever before. Without proper archival systems in place, responding efficiently has become a major burden. In April, senior NARA official Jim Byron urged agency heads to work with records officers to meet these requirements more effectively.

Why Digital Archiving Offers the Best Open Records Capture Solution

In 2011, it was discovered that eight federal bodies had failed to disclose records for over a decade. This is well over the 20 day limit afforded to them under the law. When President Barack Obama took office in 2016, he addressed this lax attitude directly. The then president issued an Open Government Directive urging agencies to take action. It required them to reduce their backlog by 10% every year.

President Obama recommended using innovative tools, methods, or systems to achieve these goals. Tools like Pagefreezer fit the criteria: a digital archiving solution designed to deal with the complexity and volume of today’s open records capture, management, and requests.

Pagefreezer automates the capture of webpages, social media accounts, and other digital channels in real-time. It works autonomously to ensure that the material can always be viewed in its original format, regardless of whether the record was modified or in some cases, deleted.

Pagefreezer ensures compliance with the FOIA regulation by:

• Storing records in a tamper-proof database
• Using strong encryption measures to protect data in transit and at rest
• Offering flexibility to capture and store data from various unstructured data sources
• Providing agencies with accessible archives with advanced search to improve response times
• Allowing agencies to create their own public records self-serve portals to cut down on requests by up to 30%

Open records requests can strain agency resources. Digital archiving tools like Pagefreezer streamline compliance by capturing and preserving records automatically—helping teams respond faster, reduce legal risks, and maintain public trust.