Cyber Essentials is a scheme backed by the UK government designed to help organisations demonstrate that they have taken steps to protect themselves against most common cyber attacks.

There are two aspects to the scheme. Firstly, it provides information, guidance and best practice to organisations that may not have experts on-staff so that they can feel assured that they’ve got at least the basics of internet security covered.

Secondly, it acts as an indication to an organisation’s stakeholders (its users and customers, employees, suppliers, etc) that they are committed to internet security and have taken steps to ensure that appropriate measures are in place to protect themselves and their stakeholders’ data. As such, Cyber Essentials Certification is often a requirement for government contracts that require handling personal data or providing technical services.

mySociety is a technical organisation and we’ve always taken our security responsibilities seriously – we handle a lot of data across our services and ensuring this is secure and handled in a legal and ethical manner has always been central to our approach, so we are very pleased to say that earlier this year we became formally certified under the scheme – you can look up our certification details on the Cyber Essentials site.

Image: James Sutton

As part of our work investigating the digital side of Citizens’ Assemblies (see our previous report), mySociety have started writing a guide on what the website for a Citizens’ Assembly should look like.

A dedicated website can be important before, during and after the event. It can help you to recruit, inform and communicate during the whole process, from planning to sharing of results. But beyond that, it helps ensure you meet two of the most crucial standards suggested in Marcin Gerwin’s well-regarded list for Citizens’ Assemblies: Visibility and Transparency. 

It can also help with the further standards of Impact: making clear from the outset what will result from the outcome of the Assembly; and Openness: providing a forum where everyone can contribute to the process.

In this guide we discuss broad design and editorial principles, as well as information that should be included. While we include examples of what we consider good practice from previous Assembly websites, this is very much a first attempt at consolidating good practice rather than a definitive document.

The guide is available as a PDF, and also as a commentable Google Docs file, so we can continue to gather feedback and improve the guidance.

—
Image: Markus Spiske

mySociety’s Head of Research Dr Rebecca Rumbul will be speaking at the first ever Welsh Citizens’ Assembly next week. She’ll be exploring how citizens might more easily feed into the questions posed to ministers and the First Minister in the National Assembly for Wales.

Questions are a fundamental part of all of the UK’s parliaments, most famously in the form of PMQs, the half hour every Wednesday when MPs can raise any issue they deem important with the Prime Minister.

In the devolved parliaments there are also various formats for Q&As, both written and oral. But, Rebecca will argue, there are fundamental problems inherent in all of them, from a lack of representation of the views of the general public, to the political motivations that lead to many questions lacking meaningful substance.

Of course, a Citizens’ Assembly is most concerned with hearing from the general populace, and Rebecca will go on to present our recent research into the digital tools that can help with that process, while examining the pros and cons of each.

Rebecca is one of several speakers who will also include Dr Diana Stirbu and Professor Graham Smith. The event is being co-facilitated by Involve and you can keep up to date with the Citizens’ Assembly’s activities on their dedicated website.

—

Image: eNil (CC-by/2.0)

GCloud 11 is live: it’s the latest iteration of GOV.UK’s Digital Marketplace, making it easier for those in the public sector to find and procure cloud-based software services — including ours.

This time around there are two offerings from mySociety: FixMyStreet Pro, which has been on GCloud since 2017, and FOI for Councils, available via this channel for the first time.

Regular followers will be well aware that FixMyStreet Pro is a street fault reporting service which can integrate with any existing council system, offering great opportunities to cut costs and increase efficiency.

Meanwhile our FOI for Councils service streamlines authorities’ FOI workflows and reduces unnecessary requests, relieving the burden in what is often an overstretched resource.

The great benefit of GCloud from the public sector point of view is that suppliers come ready-verified, saving the time and inconvenience of going through the regular procurement process. All the information you need about the service is readily accessible, and then when you’ve made your decision it’s very simple to get things moving.

We’re pleased to offer these two services via GCloud — and will be equally happy to answer any questions you may have.

—

Image: Chuttersnap

Every quarter the Cabinet Office releases Freedom of Information statistics for a collection of central government ministries, departments and agencies. This provides a benchmark for understanding how requests made from WhatDoTheyKnow relate to FOI requests made through other methods. From 2017, mySociety started retrospectively tracking the proportion of FOI requests sent via WhatDoTheyKnow to central government using a minisite —  https://research.mysociety.org/sites/foi/ —  that explores the data.

This report explores what had and hadn’t changed in the last few years, as well as the number of requests made through WhatDoTheyKnow Pro — a new service being piloted that allows embargos of the results of FOI requests for a period — with the goal of bringing more people making FOI requests professionally (such as journalists) into the system and leading to more raw results being made available after the conclusion of a project. 

We found that:

• WhatDoTheyKnow accounted for between 15-17% of audited bodies and between 18-21% of ministerial departament FOI requests.
• While the proportion of requests have grown most years since 2010, there was no real change from 2017 to 2018.
• Requests made to central government via WhatDoTheyKnow only make-up around 9-10% of all requests sent via WhatDoTheyKnow in 2018. 
• WhatDoTheyKnow Pro requests made up 1% of FOI requests to central government — but most requests using this service went to other areas of the public sector.

You can read the whole report online, download the PDF, or explore the data.

In a strike for transparency, journalist Jenna Corderoy has secured the release of documents from the European Research Group (ERG), the pro Brexit lobby of which Jacob Rees-Mogg is a prominent member.

For more than a year, Jenna has been striving to ensure that the facts around Brexit — and the funding that drives it — reach the public domain: she also broke the now-infamous revelations about Vote Leave’s campaign overspending.

The release of material such as this into the public domain is beneficial to all, as it means that public debate is based on facts rather than conjecture. FOI can be a vital tool in ensuring that the documents shaping our society’s future direction are available for scrutiny.

On this latest release, a piece by Jenna and Peter Geoghegan reports:

“The ERG is part-funded by subscriptions paid out of MPs’ parliamentary expenses. As a consequence the group has to supply samples of its research for scrutiny to the Independent Parliamentary Standards Authority [IPSA] to ensure public money is being properly spent and not used for party political campaigning.”

Using WhatDoTheyKnow Pro — our service for professional users of FOI, which among other features, allows users to hold off from putting request correspondence in public until a story has been published —  in January 2018 a request was made to IPSA to see these materials.

The request’s WhatDoTheyKnow page is now public. IPSA initially argued that the release of these materials was exempted under section 43 of the FOI Act as it would prejudice the commercial interests of the ERG, whose research is ordinarily available only to those paying a £2,000 annual subscription.

Subsequently Jenna referred this refusal to the Information Commissioner, who upheld the decision. Determined that the public has the right to see the research, Jenna and Peter did not leave the matter there, taking it to an information tribunal.

The tribunal made the final decision that the material must indeed be released, vindicating the effort and determination Jenna put into pursuing this request and stating that to make the documents available would:

“further transparency, accountability and public trust with respect to the working of Parliament”.

As a result, the documents will be made available on 11 July — keep an eye on OpenDemocracy for news of their release — and we’ll make sure we update the annotations on the original request as further details unfold. Meanwhile, you can see the full tribunal decision here.

—

Image: Udur Akdemir

We’ve just released two new versions of Alaveteli, our open source platform for running Freedom Of Information sites — one which we’ve packed all of bug fixes, new features and performance improvements into, and one with some important technical updates. Here are some of the highlights.

Making your first request easier

mySociety’s designer Zarino has subtly redesigned the authority search page – which is the first thing most users will see when making a request – to make it easier to find the help links at a glance, making the process feel much more approachable.

Before:

After:

Encouraging better quality requests

Part of our advice to users of WhatDoTheyKnow is to keep requests concise and focused. This new feature adds a visual reminder when the request text is approaching the point of being too long for an FOI officer to answer it efficiently:

With a second, stronger warning if the request becomes longer still:

We’ve also added an experimental feature on WhatDoTheyKnow to discourage users from making requests for personal information. (As well as not being valid FOI requests, publishing the responses would result in revealing confidential information about the requester.) By asking the user to clarify what they want to ask before sending a request to authorities which attract a high level of personal information requests, we can try to redirect them to the correct official channel instead:

One-click unsubscribe from notifications

An improvement for site owners and end users: it is now possible to unsubscribe from email notifications about requests that you’re following right from your inbox! (Previously – and still the case with other sorts of email that the site sends – you would have to visit the site and log in to change your email preferences.)

Allowing people to unsubscribe with ease – if they’ve forgotten that they signed up for notifications or have created a new track by mistake – should help to cut down on the number of messages being marked as spam which should in turn help improve the site’s mail sender reputation. (It also allows admins – if they receive feedback loop notification emails from email providers – to unsubscribe users who’ve marked these emails as spam, preventing further unwelcome emails being sent.)

Technical changes

In version 0.33, as well as our our features and fixes, we’ve added support for Ubuntu releases Xenial and Bionic and withdrawn support for Debian Jessie. The full list of highlights and upgrade notes for this release is in the changelog.

Version 0.34 contains our Rails 5.0 upgrade work which we’ve released separately to allow reusers time to adapt to new minimum requirements for operating systems and Ruby versions.
We’re no longer supporting Ubuntu Trusty and have also dropped Ruby versions older than 2.3 as that’s the minimum requirement for Rails 5. Upgrade notes are available in the changelog and, as ever, we recommend updating one version at a time to make sure everything’s working smoothly and reduce the risk of missing essential upgrade steps.

Moving to Rails 5.0 will allow us to retain support for major security issues when Rails 6 is released and dropping older Ruby versions removes some key technical barriers to modernising the Alaveteli codebase and allows us to focus on improving Alaveteli Pro so that it can be reused more widely.

Thanks again to everyone who’s contributed! Special thanks to Nigel Jones and Laurent Savaëte who contributed bug fixes for version 0.33!

—

Image: Landscape by mike138 (CC by-nd/2.0)

A study published in 2017 by Reka Solymosi, Kate J Bowers, and Taku Fujiyama used publicly available data for FixMyStreet to investigate (among other things) whether men and women reported different things using the site, and found a gender divide relating how people were moving around when they found the problem:

[M]en are more likely to report in categories related to driving (potholes and road problems), whereas women report more in categories related to walking (parks, dead animals, dog fouling, litter.(p. 954).

This study is open access and available online, and you can also watch Reka’s 2018 TICTeC presentation on the subject. 

A potential limitation of this study was that it could only use reports that weren’t publicly anonymous, as the reporter’s name was used to approximate gender. If there was a gender skew in terms of which users were more likely to report anonymously, this might mistakenly pick up differences in anonymisation as a gender divide (for instance, if a lot of women were reporting potholes, but were more likely to do so anonymously).

To investigate this, we internally replicated the study on both anonymous and non-anonymous reports. This found that there was a gender skew related to anonymisation, with women being 10% more likely to report anonymously and that some types of report were more likely to be reported anonymously than others.

However, despite this factor, the original study’s conclusion was validated by this analysis. The categories highlighted are differently gendered when including the non-anonymous data, with men reporting far more problems with road surfaces and women reporting more litter related issues.

Future blog posts will further explore reasons and implications of this divide. The replication can be read online or downloaded as a PDF.

From tomorrow through ’til Thursday, mySociety and Power To Change will be at the Local Government Association annual conference, keen to talk about FixMyStreet Pro and Keep It In The Community.

If you’re a councillor who’d like to find out how our services can help you work more efficiently — and bring benefits to your residents — please do swing by for a chat at stand BL3.

FixMyStreet Pro

We’ve written a lot about our street reporting service for councils — how it can integrate with existing back-end systems; how it can encourage channel shift and thus bring savings; and the many new features we’ve introduced in response to what councils tell us they need. You can read all our past posts on the FixMyStreet Pro blog.

But as a councillor, you may be interested in other aspects of the service. Here are a few highlights:

• FixMyStreet lets you subscribe to the reports being made in your ward — you’ll get an email every time someone makes a new report. This allows you to monitor issues as they occur, and take action if it’s warranted.
• You can also access a map showing every report ever made in your ward. If desired, you can filter reports by category or by status to get a picture of how each type of report, from graffiti to potholes, is impacting your residents.
• If your council is one of the many who use FixMyStreet Pro as their main reporting system, you’ll also have access to more refined analysis via the dashboard, which allows you to compare reports and fulfillment over different periods of time.
• You can make reports on the go, so if you spot something that needs fixing while you’re out and about, it’s quick and easy to get a report filed.

Keep It In The Community

Also come and discover Keep It In The Community, an England-wide online mapping of the spaces and places that are valuable to local communities, created in partnership with Power To Change.

Under the Localism Act of 2011, every council is obliged to retain a list of Assets of Community Value (ACVs): Keep it In The Community turns this obligation into a benefit for all, allowing you to store and share your data while contributing to a national picture.

Thanks to a recent update, Keep It In The Community also displays buildings and spaces currently under community ownership. As a councillor, we think you’ll like this service because:

• It’s completely free.
• It provides an attractive way for councils to display ACVs and community-run spaces, and invites residents to add richer detail such as memories and photographs.
• It’s a great way to demonstrate the community activity that’s taking place within your ward.
• It helps popularise the concept of community ownership, encouraging more residents to take action and preserve the spaces that matter to them.

If this has whetted your interest, don’t forget to come and meet the friendly mySociety and Power to Change folk on stand BL3.

Buckinghamshire County Council have revealed the cost savings brought to them by FixMyStreet Pro.

The authority switched over to FixMyStreet Pro as their official fault reporting system in April 2018. They’re now able to assess a year’s worth of data and compare it to the year previous. The findings are gratifying, to say the least — and set out a real case for councils who are considering opting for the service themselves.

Saving staff time and resources

The council reports that they’ve seen a 13% decrease in calls and a 40% reduction in emails about street faults since FixMyStreet Pro was introduced.

In case you’re wondering how that translates into monetary savings, well, on average they reckon that a single call costs £5.88 in staff time, while a report made by email, with its potential for back and forth communication to pin down the precise details, chalks up £7.81.

In comparison, because FixMyStreet Pro places reports directly into the system, and little staff time is required to administer them, the perceived cost is just 9p per report.

Additionally, Buckinghamshire has seen a 29% drop in calls where residents are chasing progress: report makers no longer need to get on the phone to check whether their issue is being seen to, because updates are pushed directly back to them as the report progresses through the system.

And there’s been a  59% decrease in unnecessary clarification, that is, when the council need to go back to the report-maker to check the exact location or nature of an issue. FixMyStreet can be set up to the council’s exact specifications to ensure that the user is prompted to provide all the information they’ll need, which accounts for this impressive drop.

Avoiding unnecessary reports

It can be a frustrating waste of time and resources when a council receives reports about issues which are not their responsibility: with the UK’s two tier system, it’s almost inevitable that citizens get confused about which authority deals with which category of street fault — and on top of that, there are the reports that are dealt with by other bodies such as TfL or Highways England.

FixMyStreet has always done a good job of routing reports to the right council, though, and the improvements we’ve made to the service over the last few years mean we can also make sure the relevant reports go through to TfL and Highways England too. Bucks say that since introducing FixMyStreet Pro, they’ve seen a 19% decrease in misrouted reports that have to be forwarded elsewhere.

Finally, they can see a 30% decrease in street light reports. Since Bucks are one of the councils who display all their streetlights on FixMyStreet it’s now very easy for a resident to check online whether an issue has already been reported for any specific lamp post. If it has, they can also see its progress towards resolution — so there’s no need for them to open a new report.

These figures illustrate very clearly what is meant by channel shift: real, tangible results that save money for councils, and thus ultimately, for residents too. It’s great to have this confirmation that FixMyStreet Pro brings results — and we’re still in a continual process of development in consultation with councils, to keep making more improvements wherever we can.

Come and talk to us at the LGA conference next week

We’d be delighted to answer your questions and give you a demo if you’re planning on being in Bournemouth for next week’s LGA conference. You’ll find us on stand BL3 in the Purbeck Hall.

—

Image: Peter O’Connor (CC by-sa/2.0)