As I pour through the dozens of court and administrative cases a month I encounter relating to national security law, espionage, cybersecurity, and intelligence, many of them start to sound the same in both substance and procedure. However, occasionally there is a unicorn, a case that stands out because of either the unique facts or appellate issues raised. The case of Carlson v. United States Department of Energy fits those criteria.
Clearance Loss and Appeals
Dr. Rolf Carlson was a DOE scientist who, sometime prior to 2014, lost his security clearance for reasons unknown, probably due to the classified nature of the proceedings. He then submitted four Privacy Act requests for amendments to his DOE personnel security file. The National Nuclear Security Administration denied these requests and Carlson subsequently appealed the denial to the DOE Office of Hearing and Appeals. In July of 2015, the administrative law judge in the case denied the appeal. Carlson proceeded to file suit in the United States District Court of New Mexico in July of 2017, seeking damages and an order forcing the DOE to amend and reassess his file. The District Court dismissed the case eventually for failure to state a claim and ruled that the order requested would be moot, in that those documents he requested had been in his file since 2015 somewhere around the timeframe of his DOE appeal. Carlson appealed the case to the United States Court of Appeals for the Tenth Circuit, who last week, affirmed the lower court’s decisions.
One noteworthy item is that Dr Carlson navigated the waters of the legal system fairly well representing himself. While not recommended (some analogize it to give oneself a root canal without a dental license), a meritorious pro se claim and argument, from time to time happens.
Use of the Privacy Act
What is interesting about this case is the use of the Privacy Act by the defendant. When one thinks about the Privacy Act (hopefully not too much, otherwise you may need help), it is usually in the context of personally identifiable information. If you work or have worked for the government, undoubtedly you have seen this language probably every day in some form or context:
Any officer or employee of an agency, who by virtue of his employment or official position, has possession of, or access to, agency records which contain individually identifiable information the disclosure of which is prohibited by this section or by rules or regulations established thereunder, and who knowing that disclosure of the specific material is so prohibited, willfully discloses the material in any manner to any person or agency not entitled to receive it, shall be guilty of a misdemeanor and fined not more than $5,000.” 5 U.S.C. § 552a(i)(1).
This is more important than ever now due to the digital transformation of records and virtual worlds we work in, which often requires exceptional cognizance by the records custodian or trusted user that holds them. However, the right to amend the record often gets overlooked as a valuable tool under the Privacy Act that has more to do with accuracy of your record than privacy itself. The relevant part reads:
d) ACCESS TO RECORDS.—Each agency that maintains a system of records shall—
(1) upon request by any individual to gain access to his record or to any information pertaining to him which is contained in the system, permit him and upon his request, a person of his own choosing to accompany him, to review the record and have a copy made of all or any portion thereof in a form comprehensible to him, except that the agency may require the individual to furnish a written statement authorizing discussion of that individual’s record in the accompanying person’s presence;
(2) permit the individual to request amendment of a record pertaining to him and—
(A) not later than 10 days (excluding Saturdays, Sundays, and legal public holidays) after the date of receipt of such request, ac-knowledge in writing such receipt; and
(B) promptly, either
(i) make any correction of any portion thereof which the individual believes is not accurate, relevant, timely, or complete; or
(ii) inform the individual of its refusal to amend the record in accordance with his request, the reason for the refusal, the procedures established by the agency for the individual to request a review of that refusal by the head of the agency or an officer designated by the head of the agency, and the name and business address of that official; 5 U.S.C. § 552a(d)
While there is a definable list in other parts of the Act as to what constitutes a record, it is clear that this is a “shield” provision of the Privacy Act intended to protect the accuracy of your official record in most circumstances. The rights that are associated with this section are often overlooked or forgot about but can be nevertheless just as important as what is released, especially when you may have or apply for a security clearance.