1. Help WhatDoTheyKnow find contact addresses for public authorities

    You can send Freedom of Information requests to more than 45,000 public authorities on WhatDoTheyKnow. For each of those authorities we need an email address to send those requests to, which means we often need to do some maintenance to keep everything up to date.

    For some authorities in our database we don’t have a working email address. We might have had one in the past but it’s now out of date, or the authority might have merged and taken on new contact details – there are many reasons for missing email addresses, but they all leave us in the same predicament: we don’t know where to send your FOI requests for those bodies.

    Can you help us find them?

    If you have a little time to spare, a small amount of Googling could be a really big help for our users. Just five minutes here and there is all that’s needed to do a little bit of research to find the correct address.  

    We’ve made a list of all authorities with a missing email address

    The best starting point is almost always the authority’s website. Look for a dedicated contact email address for Freedom of Information requests.

    Top tips for searching:

    • Check the contact page.
    • Check the footer on the homepage.
    • Try looking for Freedom of Information policies or Publication Schemes,  or sometimes an email address can appear in the privacy policy.
    • Remember some public authorities such as schools and parish councils have very similar names, so make sure you are looking at the right one.
    • If you can’t find a website for the authority itself, there are some other places that you can look: for example the NHS services site  or the Get Information about Schools site.

    Once you’ve found the right place, make a note of the contact email address. We prefer to use generic email addresses, for example that starting with foi@ or information@ as these tend not to change so often, so if there are multiple addresses given, these are the best ones to go for.

    Let us know

    If you find some of these missing email addresses please let us know.

    We need both the new email address and the source (website address) where you found it, so we can verify the information.

    You can send us this information by clicking on “Ask us to update FOI email” link on the public authority’s page. Just fill out the form with all the details that you’ve found.

    Screenshot of pubic authority page on WhatDoTheyKnow showing where you can find the “Ask us to update FOI email" link
    Then our team of volunteers will use your input  to update the database, and you’ll have ensured that people can make requests to the authority. That’s a really useful result.

    Time poor but rich in other ways?

    We know that your time is very precious and not everyone has the opportunity to help us out with tasks. If you are able to make a donation instead, that is also very helpful toward keeping our FOI service up and running.

    Your contributions, however small, really help. Donate here.

     

    Image: Marten Newhall 

  2. WhatDoTheyKnow Transparency report

    In 2021 WhatDoTheyKnow users made 100,092 Freedom of Information requests.

    Those requests, and the responses they received, are public on the website for anyone to see. But what’s not quite so visible is the work the WhatDoTheyKnow team do behind the scenes — answering users’ questions, removing inappropriate content and keeping everything ticking over.

    Some of the team’s most difficult calls arise around the removal of information. WhatDoTheyKnow’s guiding principle is that it is a permanent, public archive of Freedom of Information requests and responses, open to all.

    For this reason, the default position is not to remove substantive public information requests and responses; however, we act quickly if problematic content is reported to us. And, to help everyone understand exactly what has been removed and why, where possible we record these details on the request page.

    This year, for the first time, we’re extending our efforts towards transparency even further, with this report in which we’ll summarise the information removal requests and actions taken during the last twelve months.

    To allow for a full 12 months of data, the date range used throughout this report is 1 November 2020 to 31 October 2021

    Headline facts and figures

    • 20,714,033 visitors to WhatDoTheyKnow.com this year
    • 22,847 new WhatDoTheyKnow user accounts this year, taking the total to 222,694
    • 7,971 total number of email threads in the support inbox in 2021
    • 822 requests hidden from WhatDoTheyKnow in 2021
      …in the context of 100,092 requests made in the year, and a total of 772,971 requests now published on the site
    • 196 Total number of published requests where we redacted some material in 2021
      …usually due to the inappropriate inclusion of personal information, or defamation.
    • 126 The number of users who created accounts this year banned
      …that’s just 0.06% of new users.
    • WhatDoTheyKnow is a project of mySociety run by a small team of staff and dedicated volunteers.

    And in more detail…

    Requests flagged for our attention

    The table below shows the reasons that requests were reported for admin attention this year. Note that we also receive many reports directly by email, so while not comprehensive, this is indicative.

    Reason for attention request Total number
    Contains personal information 143
    Not a valid request 108
    Vexatious 94
    Request for personal information 85
    Contains defamatory material 51
    Other 287
    Total 768

    Material removed from the site

    The following tables show where members of the support team have acted to remove or hide requests from WhatDoTheyKnow in the last year, and the reason why.

    There is a range of options available to moderators, from ‘hidden’ (the most extreme) to ‘discoverable with link’. This is in addition to the censor rules that are used to hide certain information within a request or response.

    Request visibility Total number
    Visible only to the request maker 805
    Discoverable only to those who have the link to the request 11
    Hidden 8
    Reason for removing from public view Total number
    Not a valid FOI request 701
    Vexatious use of FOI 29
    Other (reason not programmatically recorded*) 124

    *Current processes do not create an easily retrievable list of reasons beyond the two above, but we are hoping to improve our systems so future transparency reports can include a more detailed breakdown.

    Censor rules (programmatically hiding the problematic part/s of a request) Total number
    Number of censor rules applied 881
    Number of requests with censor rules applied 196 
    Number of requests with censor rules applied which are still publicly visible, but with problematic material hidden 188

    Data protection issues raised to the WhatDoTheyKnow user support inbox 

    The following data shows the number of email threads* received into the WhatDoTheyKnow user support inbox regarding the most common types of concern around information published on the site. Not all issues raised resulted in material being removed from the site.

    GDPR = UK General Data Protection Regulations
    DPA: Data Protection Act

    Label Total number of threads
    GDPR Right to Erasure 317
    Defamation  130
    Data breach 96
    GDPR & DPA concerns (type not specified) 42
    GDPR Right to Rectification 33
    GDPR Right of Access 21
    Harassment 17
    GDPR Right to Object 12
    Data breach – internal** 2
    Impersonation 1
    Total 674

    * Email threads may be either automatically categorised by the system, or manually categorised by the WhatDoTheyKnow support team on the basis of the information given by the person reporting them.

    ** “Data Breach – internal” refers to cases where WhatDoTheyKnow has identified that a data breach may have been caused due to our own staff actions. We take our obligations seriously, and use such instances as a learning opportunity, so these are reported even if very minor, and often when they’re nothing more than a near miss — which both of these cases were.

    High risk concerns raised for review 

    Our policies ensure that certain issues can be escalated for review by the wider team and, where more complex, by a review panel that includes mySociety’s Chief Executive and the Chair of the Trustees.  Escalation is typically prompted by threats of legal action, complaints, notifications of serious data breaches, complex GDPR cases, or cases that raise significant policy questions.

    Case type* Total number
    Defamation 66
    GDPR Right to Erasure 42
    Data breach 40
    Complaints 33
    GDPR & DPA concerns 11
    GDPR Right of Access 6
    Harassment 5
    Takedown 2
    GDPR Right to Object 2
    GDPR Right to Rectification 1
    Other 78
    Total 286

    * Email threads may be either automatically categorised by the system, or manually categorised by the WhatDoTheyKnow support team on the basis of the information given by the person reporting them.

    Users

    User accounts Total 
    WhatDoTheyKnow users with activated accounts 222,694
    New user accounts activated in 2021 22,847
    Reason for banning users in 2021 Total 
    Spam 3,936
    Other site misuse 166
    Total number of users banned in 2021 4,102
    Anonymisation* Total 
    Accounts anonymised in 2021 170

    * Where accounts have been anonymised this is at the user’s request, generally to comply with GDPR Right to Erasure requests.

    Users are banned and their accounts may be closed due to site misuse and breach of the House Rules. Anonymised and banned users are no longer able to make requests or use their accounts.

    Thank you for reading

    This is the first time we’ve compiled a Transparency Report like this for WhatDoTheyKnow, but it’s something we’ve been wanting to do for some time. We demand transparency from public authorities and it’s only right that we also practice it ourselves. 

    Additionally, we hope that the report goes some way to showing the type of work the team do behind the scenes, and that moderating a well-used site like WhatDoTheyKnow is not without challenges.

    In future years, we hope to build on this initial report, ideally automating many of the stats so that they can be seen on a live dashboard. For now, we thought it was worthwhile making a manually-compiled proof of concept. 

    If there are specific statistics that you’d like to see in subsequent Transparency reports, or you’d like to know more about any of those above, do drop the team a line. They’ll get back to you as soon as the urgent moderation work is done!

    See mySociety’s 2021 annual review

    Image: Create & Bloom