When someone request federal records about themselves, two laws often govern access: the Privacy Act and the Freedom of Information Act (FOIA). They serve different purposes but intersect in important ways.

For instance: Privacy Act Exemptions

J(2)

Agencies like the FBI or DEA can withhold entire systems of records if they are compiled for criminal investigations. Even if the records belong to an individual, they do not have to release them under the Privacy Act.

K(2)

Mostly used for background checks, security clearances, or employment vetting. Agencies can withhold parts of personal records—especially if the records would expose a confidential source. But if the record affects the individual's rights or benefits and doesn’t involve a source, it may still be released.

• ️ Why does this Matters?

These exemptions let agencies limit access to personal records under the Privacy Act.

However, FOIA offers another route — requesters may still access parts of their records unless FOIA exemptions like b(6) or b(7)(C) apply.

This is why is it important for FOIA officers to process Privacy Act requests (also known as first- party requests) under both FOIA and the

Related reading: More insights from Dr. Moya Hill | Explore the Unified Information Governance Model