Leonel Garciga. The Army CIO issued a memo offering guidance to ensure that AI tools used within the Army comply with FOIA.
Army CIO Leonel Garciga signed a memo providing guidance for the service to ensure that AI used within the Army comply with records management, privacy protections and FOIA.
//

Army CIO Issues Guidance on AI Compliance With Records Management, FOIA

2 mins read

Leonel Garciga, the U.S. Army’s chief information officer and a two-time Wash100 awardee, has signed a memorandum providing guidance for the service branch to ensure that artificial intelligence products used within the Army comply with records management, or RM, privacy protections and the Freedom of Information Act, or FOIA.

The Aug. 26 memo was posted on the Army Publishing Directorate’s website.

The document requires application and system owners to capture, sustain and manage records generated through AI tools and low-code/no-code platforms. They must ensure that all user interactions, including prompts and AI-generated content, are properly identified, retained and secured as official records.

System and application owners must also treat prompts as the foundation for generating and refining content when using AI tools. They must also capture and manage all aspects of the AI interaction to support compliant record management.

FOIA Requirements

In response to FOIA requests, the memo requires personnel to disclose when they use AI prompts and content on official government platforms for public business.

Application and system owners must also provide access to AI prompts and content classified as government records and maintain them to support timely FOIA responses.

Privacy Requirements for Using AI 

The Army memo requires personnel to follow existing privacy and data protection laws when developing AI prompts and content; minimize data collection and design AI prompts and content to prevent the disclosure of sensitive data; and ensure that transparency and accountability guide responsible AI use by meeting legal obligations and upholding ethical standards.

Army Annual Training on Information, Operations Security

According to the memo, all Army personnel must complete annual training requirements on information security, operations security, cyber awareness, controlled unclassified information and records management. 

The service said the training courses help ensure compliance with regulations and reinforce the importance of protecting data and records.