Criminal Justice & the Rule of Law Cybersecurity & Tech Surveillance & Privacy

Increasing Transparency at the National Security Commission on Artificial Intelligence

Adira Levine
Wednesday, July 1, 2020, 8:01 AM

The U.S. District Court for the District of Columbia ruled recently that the commission must hold open meetings and make material available to the public.

Defense Secretary Mark Esper speaks during the 2019 National Security Commission on Artificial Intelligence Conference (U.S. Department of Defense photo by James Lee,; CC BY 2.0,

Published by The Lawfare Institute
in Cooperation With

In 2018, Congress established the National Security Commission on Artificial Intelligence (NSCAI)—a temporary, independent body tasked with reviewing the national security implications of artificial intelligence (AI). But two years later, the commission’s activities remain little known to the public. Critics have charged that the commission has conducted activities of interest to the public outside of the public eye, only acknowledging that meetings occurred after the fact and offering few details on evolving commission decision-making. As one commentator remarked, “Companies or members of the public interested in learning how the Commission is studying AI are left only with the knowledge that appointed people met to discuss these very topics, did so, and are not yet releasing any information about their recommendations.”

That perceived lack of transparency may soon change. In June, the U.S. District Court for the District of Columbia handed down its decision in Electronic Privacy Information Center v. National Security Commission on Artificial Intelligence, holding that Congress compelled the NSCAI to comply with the Federal Advisory Committee Act (FACA). Under FACA, the commission must hold open meetings and proactively provide records and other materials to the public. This decision follows a ruling from December 2019, holding that the NSCAI must also provide historical documents upon request under the Freedom of Information Act (FOIA). As a result of these decisions, the public is likely to gain increased access to and insight into the once-opaque operations of the commission.

Lawmakers established the NSCAI in the John S. McCain National Defense Authorization Act (NDAA) for fiscal 2019 § 1051, which tasked the commission with “consider[ing] the methods and means necessary to advance the development of artificial intelligence, machine learning, and associated technologies to comprehensively address the national security and defense needs of the United States.” The commission’s purview includes an array of issues related to the implications and uses of artificial intelligence and machine learning for national security and defense, including U.S. competitiveness and leadership, research and development, ethics, and data standards.

The NSCAI is currently chaired by Eric Schmidt, the former executive chairman of Google’s parent company, Alphabet. The commission’s 15 members—appointed by a combination of Congress, the secretary of defense and the secretary of commerce—receive classified and unclassified briefings, meet in working groups and engage with industry. They report their findings and recommendations to the president and Congress, including in an annual report.

The Electronic Privacy Information Center (EPIC), a research center focused on privacy and civil liberties issues in the digital age, submitted a request to the NSCAI in September 2019, seeking access to upcoming meetings and records prepared by the commission under FACA and FOIA. In the six-month period prior to the request, the NSCAI held more than a dozen meetings and received over 100 briefings, according to EPIC. At the time it filed the lawsuit, EPIC noted that the commission’s first major report was also one month overdue for release. When the commission did not comply with the requests under FOIA and FACA, EPIC brought suit under the two laws.

EPIC’s complaint alleged that the NSCAI had conducted its operations opaquely in its short lifespan. Since its establishment, the commission “has operated almost entirely in secret” with meetings “behind closed doors[,] and has failed to publish or disclose any notices, agendas, minutes, or materials.” If Congress had intended the NSCAI to comply with FOIA and FACA, such activity would not satisfy the statutes’ requirements. Given the potential implications of federal artificial intelligence decisions for privacy, cybersecurity, human rights, and algorithmic bias, EPIC argued that “[p]ublic access to the records and meetings of the AI Commission is vital to ensure government transparency and democratic accountability.” The complaint also noted the potential ramifications of commission activities for the government, private sector, and public, as well as the importance of artificial intelligence safeguards in the national security context due to limited public oversight. According to EPIC, increasing public participation would permit greater input into the development of national AI policy by those whose privacy and data security could potentially be affected.

The U.S. District Court for the District of Columbia addressed EPIC’s FOIA claim in a December 2019 decision. FOIA requires agencies to disclose their records to a party upon request, barring exemptions (including for information classified to protect national security). EPIC alleged that the NSCAI failed to uphold its obligations under FOIA to process FOIA requests in a timely fashion; to process EPIC’s FOIA requests in an expedited manner, in accordance with EPIC’s claims of urgency; and to “make available for public inspection and copying” its “records, reports, transcripts, minutes, appendixes, working papers, drafts, studies, agenda, or other documents.” The commission, which at the time did not have a FOIA processing mechanism in place or other pending FOIA requests, argued that it was not an “agency” subject to FOIA.

The court’s inquiry centered on whether the NSCAI is an agency under FOIA. Comparing the language establishing the NSCAI with FOIA’s definition of “agency,” the court held that the NSCAI is subject to FOIA. In his decision, District Judge Trevor McFadden noted that “Congress could have hardly been clearer.” As a result, since that time, the commission has had to produce historical documents in response to FOIA requests.

FACA, by contrast, applies “forward-looking” requirements specifically to federal advisory committees. These mandates include requiring committees to open meetings to the public and announce them in the Federal Register, and to make reports, transcripts and other commission materials publicly available. The measures aim to inform the public about and invite public engagement with the committees that provide expertise to the executive branch. EPIC alleged that the NSCAI violated FACA by failing to hold open meetings and provide notice of them, and by failing to make records available to the public. EPIC sought mandamus relief pursuant to the alleged FACA violations.

In its June decision, the district court ruled that FACA applies to the NSCAI. The commission had filed a motion to dismiss the FACA claims, arguing that it could not be subject to both FOIA and FACA. Since the court had previously held the NSCAI to be an “agency” for purposes of FOIA, the commission reasoned that it could not simultaneously be an “advisory committee” under FACA. District Judge McFadden disagreed. Invoking the Roman God Janus’s two faces—one forward-looking and the other backward-facing—he wrote, “[L]ike Janus, the Commission does indeed have two faces, and ... Congress obligated it to comply with FACA as well as FOIA.” The court could not identify a “conflict” between the requirements of the two statutes, despite differences in their obligations and exceptions. Rather, it noted that if such conflicts arise, “it will be incumbent on the parties and the Court to resolve any difficulties.” The court dismissed additional claims under the Administrative Procedure Act (APA) for lack of subject matter jurisdiction, as it determined that the commission is not an “agency” under the APA definition.

The court’s decision turned on whether the NSCAI is an advisory committee subject to FACA. The court determined that the statutory text of the 2019 NDAA establishing the NSCAI “fit[s] the [FACA] definition of ‘advisory committee’ like a glove.” Furthermore, turning to the full text of the 2019 NDAA, the court noted that the law contains at least two instances in which it explicitly exempts a government body from FACA. The court read the 2019 NDAA as silent when FACA applies and explicit when FACA does not apply. Given Congress’s silence on the applicability of FACA to the NSCAI in the 2019 NDAA—and again in the 2020 NDAA—the court reasoned that Congress intended the NSCAI to be subject to FACA.

In determining the NSCAI to be subject to FACA, in addition to FOIA, the court has compelled the commission to adopt a more transparent operating posture going forward. Since the December 2019 decision on FOIA, the NSCAI has produced a number of historical records in response to FOIA requests. The recent ruling on FACA grounds requires the NSCAI to hold open meetings, post notice of meetings in advance and make documents publicly available. As a result, the commission’s process of compiling findings and developing recommendations for government action related to artificial intelligence and machine learning will likely become more accessible to the public.

The two court decisions come in time to have a noticeable impact on the remaining term of the temporary commission. While the NSCAI was previously due to disband later in 2020, the NDAA for fiscal 2020 § 1735 extended the commission’s lifespan by one year, to October 1, 2021. Citing federal budgetary timelines and “the pace of AI development,” the commission released its first set of recommendations in March 2020 and expressed its intent to publish additional recommendations on a quarterly basis thereafter. The commission is due to submit its final report to Congress by March 1, 2021. As the NSCAI prepares to enter its final year of operations and develop its closing recommendations, the public will have a clearer window into the commission’s work.

Adira Levine is a student at Harvard Law School and a Cyber Policy Fellow at New America. Previously, she worked with the federal government as a management consultant, including significant work in national security and other sectors. She received a Master in Public Policy degree from the University of Cambridge as a Paul Mellon Fellow and a bachelor's degree from Yale University.

Subscribe to Lawfare