UNITED STATES DEPARTMENT OF COMMERCE
Office of the General Counsel
Washington, D.C. 20230
May 19, 1999

CERTIFIED MAIL - RETURN RECEIPT REQUESTED

Charles R. Smith
Softwar
7707 Whirlaway Drive
Midlothian, VA 23 112

RE: Freedom of Information and Privacy Act Appeal
Dear Mr. Smith:

This responds to your appeal under the Freedom of Information
Act (FOIA) (5 U.S.C. 552) and the Privacy Act (5 U.S.C. 552a)
from the February 18, 1999 interim response to your February 25
FOIA request.  You seek records responsive to your previous FOIA
requests to the Department of Commerce that were referred 1o any
organization that is not an "agency" for purposes of the FOIA as
well as any correspondence regarding yourself or, Softwar that
was sent to any organization that is not an "agency" for FOIA
purposes.  You appealed on February 25, arguing that the
documents you received in the interim response were not
responsive to your FOIA request, the documents were "not
illegally withheld in a claim that they were being reviewed by
another 'agency'," and that the White House is not an agency for
purposes of the FOIA.  We do not entirely agree with your
assertions regarding responsiveness and withholding, but we have
clarified your concerns through conversations with my staff
Consequently, your appeal has been granted in part.

We are releasing 33 documents to you in their entirety. These
documents consist of letters sent to you regarding your previous
FOIA requests or appeals; referral letters that the Department
sent to the National Security Council (NSC) and the Office of
the Vice President; letters sent to the submitters of
confidential commercial information providing them with an
opportunity to object to disclosure; and the underlying
documents which were referred to these entities and subsequently
released.

We are releasing a 30 page NSC draft bill of the Electronic Data
Security Act of 1996 and referring letter to NSC with one
redaction, the name of a National Security Agency (NSA)
employee.  We are prohibited From releasing the names of NSA
employees pursuant to section 6 of Public Law 86-36 (50 U.S.C.
402 note), as incorporated into the FOIA pursuant to exemption
(b)(3). See Founding Church of Scientology v. NSA, 610 1:.2d
824, 828 (D.C. Cir. 1979).

We are releasing 2 documents, one which was voluntarily provided
to the Department by the Bankers Trust New York Corporation and
has been partially redacted.  The 10 page document which has
been partially redacted is titled "Banker's Trust Encryption
System and Law Enforcement."  Bankers Trust informed us that the
document contains proprietary information which it would not
would customarily release to the public.  National Parks &
Conservation Ass'n v. Morton, 498 F.2d 765 (D.C. Cir. 1974);
holding limited by Critical Mass Energy Project v. Nuclear
Regulatory Commission, 975 F.2d 871 (D.C. Cir 1992), cert.
denied 507 U.S. 994 (1993).  Nonetheless, Bankers Trust did
agree to voluntarily release one paragraph of the document.

We are also releasing several documents, in part, which were
referred to the White House for review and consultation.
Portions of the two letters have been redacted pursuant to the
deliberative process and attorney-client privileges, which are
incorporated into FOIA exemption (b)(5). In addition, one of the
underlying documents that was referred to the White House is
being withheld in its entirety under the deliberative process
and attorney-client privileges of exemption (b)(5). That
document is a February 6, 1996 memorandum that was sent to
Departmental officials from a White House official for legal
consideration and advice on patent issues involving encryption
technology.

We are also making a discretionary disclosure of several
documents which are not responsive to your request, but appear
to be the documents which you are actually seeking.  These
documents consist of four referral letters and underlying
documents which were sent to two U.S. Government intelligence
agencies. One of the documents was previously redacted under
exemption (b)(4) and provided to you in response to an earlier
FOIA request. Another document contains the biographies of 21
individuals. During a March 18, 1999 conversation with a member
of my staff, you agreed that, if any referral letters to
intelligence agencies were voluntarily provided to you, the
Department could redact the names of the agencies.  Accordingly,
we have redacted the identities and addresses from the
documents.

Eleven documents which are responsive to your request are
duplicative of documents responsive to your April 5, 1997 FOIA
request for certain information relating to Clipper technology,
James Bidzoes, and RSA, Inc. (Department FOIA request number
97-143).  The Department is still consulting with the White
House, other Federal intelligence agencies, as well as the U.S.
Department of Justice, about these documents.  Although none of
these documents is currently awaiting solely White House review,
because they were at one time provided to the White House for
review and consultation, they are responsive to your request.
The Office of the Chief Counsel for Technology is continuing to
coordinate the response on these documents and will contact you
once a response is received from the agencies currently
reviewing the referred documents.

Finally, your appeal seeks consideration under the Privacy Act
as well as the FOIA. However, none of the documents responsive
to this request fall within the parameters of the Privacy Act
for three reasons. First, the Privacy Act only applies to
"individuals." Therefore, any records pertaining to Softwar are
not subject to the Privacy Act; only records pertaining to you.
5 U.S.C. 552a(a)(2). Second, the documents responsive to this
request are not "records" for purposes of the Privacy Act
because these documents are not "about Mr. Smith." In Tobey v.
NLRB, 40 F.3d 469 (D.C. Cir. 1994), the D.C. Circuit held that
the Privacy Act protects "only information that actually
describes the individual in some way." None of these records
contain personal information about you. Finally, the documents
responsive to this request are not contained within a Privacy
Act system of records the Privacy Act purposes. That is, the
documents are kept in FOIA folders or files and retrieved by the
FOIA or file number. They are not retrieved by your name or any
other identifying particular assigned to you. 5 U.S.C.
552a(a)(6); Henlee v, DOC, 83 F.3d 1453 (D.C. Cir. 1996). For
these reasons, you have no independent right outside of the FOIA
to access any of these records under the Privacy Act.

This is the final decision of the Department of Commerce. You
have the right to obtain judicial review of the denial of your
FOIA appeal as provided in 5 U.S.C. 552(a)(4)(B).

Sincerely,

Barbara S. Fredericks
Assistant General Counsel
for Administration

Enclosures

• BACK TO THE SOFTWAR