1. New in Alaveteli: hiding individual attachments

    At our Freedom of Information service WhatDoTheyKnow, when faced with requests to remove material, we operate on the principle of removing the minimum amount possible.

    Alaveteli, the codebase which underlies WhatDoTheyKnow and a number of other FOI sites around the world, gives moderators a range of options for removing content – with the ability to surgically remove text ranging from individual words and phrases, to individual messages, or even entire request threads. This is useful when we spot misuse of our service, for example.

    What we’ve been lacking, up until now, was a way to apply these types of removals to attachments.

    Back in the early days of WhatDoTheyKnow, attachments were less common, but now we see many more: there can often be several attachments to one individual message.

    Over the last few years, there have been occasions where we’ve had to remove an entire message, which may contain several useful attachments, just because of a small issue with one of them.

    We’d then go through an annoying manual process to download the publishable ones, upload them to our file server, and then annotate the request with the links – here’s an example.

     An FOI response, above which is the annotation: We have redacted a name from one of the released documents, acting in line with our published policies on how we run our service. We have republished the response and attachments in an annotation below.

    Back in 2013, when the original suggestion for enabling finer grained control was raised, the site contained around 400,000 attachments. There are now more than 3,500,000! We don’t remove content often, but at this scale it’s inevitable that we need to intervene now and then.

    After a little code cleanup we were able to make individual attachment removal a reality. This allows us much more control over how we balance preserving a historic archive of information released under Access to Information laws, and running the site responsibly and meeting our legal obligations under GDPR.

    As an example, let’s imagine that the FOI officer replying to our request inadvertently makes a data breach when releasing some organisation charts in `organisation chart b.pdf`.

    A fake FOI response in which the officer releases an organisational chart.

    Previously we’d have had to have hidden the whole response. Now, we can go into the admin interface and inspect each individual attachment.

    A list of file attachments

    We can then set our usual “prominence” value – offering a few options from fully visible to completely hidden – and include a reason for why the content has been hidden. We always seek to run the site transparently and explain any actions taken.

    Prominance: Hidden.Reason for prominence: attachment contains significant data breach

    On saving the form, you can see that only the problematic attachment has been removed, with the remainder of the response intact. This saves us considerable time when reviewing and handling material with potential data issues, and keeps as much information published as possible while we do so.

    Response with one hidden attachment

    As an extra bonus, since the main body text of emails is also treated as an “attachment” in Alaveteli, we’re now able to hide potentially problematic material there without affecting the attachments we present.

    A list of file attachments

    We’ve already used this feature several times to republish material where we’d previously had to hide the entire message due to the technical limitations at the time.

    Image: Kenny Eliason

  2. Notes: giving our users more information

    Alaveteli is our platform for running Freedom of Information websites — it underpins WhatDoTheyKnow as well as many other sites around the world. It’s made up of many interconnecting elements, but a key part is the database of public bodies.

    On WhatDoTheyKnow, we list over 42,000 public bodies that are subject to FOI and EIR – possibly one of the largest databases of public bodies in the country. Along with their name, we record information like their FOI request email address, publication scheme and disclosure log URLs, and we categorise them so that they’re easier to browse and make requests to.

    We often want to add additional insight to help citizens understand more about the public body. This can vary from body to body, from describing the information they hold, what they don’t hold, guidance around how to challenge their poor FOI-handling practices or why we list them when they’re not currently subject to FOI.

    We do this via what we call “notes” – a free-text field per authority that admins can update with whatever information is useful for the particular body.

    We often find we need to add or update the same note for a group of authorities — for example, we added the same note to all Business Improvement Districts to explain our reasons for listing them. 

    This can be a major challenge. We list nearly 300 BIDs, and updating each manually, one at a time, would be a several-hour ordeal. An alternative is for our developers to write a quick one-off script to update the text, but that comes with a coordination cost, and can be tricky to work around other text that may be present in the free text field that we want to preserve.

    One of the behind-the-scenes ways we manage the categorisation of authorities is through tags. Many of our other records have the ability to add tags too.

    A picture of several tags, including ones like 'Cardiff' and 'Wales'

    This led to the thought that it would be great to be able to apply a note based on a tag, rather than only having one note field per authority. This would allow us to more quickly add useful information to groups of authorities.

    Another issue we wanted to solve was to be able to add notes to content other than public bodies, like FOI requests for specific types of information and our category lists. In particular we wanted to be able to celebrate requests that led to particularly useful public interest information being released or having wider impact, and also to add clarification around requests that may be misinterpreted.

    We’ve received funding from the Joseph Rowntree Charitable Trust to help support marginalised communities to make more well-formed requests, and to more effectively use the information they obtain to engage with and influence authorities in a way that contributes to fairer decision-making. Thanks to this, we were able to add this underlying capability, which we can use to continue to help users more easily understand how to navigate the complexities of public authorities and what information they hold.

    The first step was to extract the existing notes to a new generic Note model that could be attached to any other record. Ruby on Rails makes this easy through its polymorphic associations.

    We then needed an interface to allow admins to list and search tags for each type of record that has them, and browse all records that are tagged with a particular tag.

    A list of authorities as tags, all starting with the letter A

    A list showing which tags have been applied to each authority

    As well as it being generally useful to be able to browse our database through our tags, this gave us a place to add our new functionality for adding a note based on a tag.

    While Rails’ polymorphic associations make creating a link between one record and another really easy, they don’t cover creating the link through a free-text tag. Fortunately, it took nothing more than a few lines of code to link up notes that are directly associated with a single record, and notes that are applied via a tag.

    Now our public bodies can have notes applied to them and only them, and also notes applied to several authorities based on their tag.

    An authority with two tags applied, as described in the text that follows

    In this example, the Environment Agency has some specific notes about it, but since it’s also a local lighthouse authority, we can apply the relevant notes simply by tagging the authority record and the notes for local lighthouse authorities will automatically get applied. Magic!

    What individual messages look like on the Environment Agency page - a box at the top

    We’ve also applied this pattern to information requests. Now, we can add notes to individual requests, like this example that points to another source for obtaining the information…

    ATOS Anne

    …or applied via a tag so that we can point citizens interested in the climate response to the authority’s CAPE page.

    ATOS

    So far we’ve created 46 notes that get applied via a tag. These notes are applicable to 7,998 requests and 15,283 authorities. Using a rough guess of 30 seconds to manually apply a note to a record, it would take 11,640.5 minutes – 8 full days, or 25 working days – to do so for each of these requests and authorities. This just wouldn’t have been possible before.

    This new feature unlocks a whole new avenue for us to support citizens and users that we just wouldn’t have had capacity for otherwise.

    Image: Keila Hötzel

  3. All the fun of the FOIA

    On 21 December, we added the National Centre for Circus Arts as a public authority on WhatDoTheyKnow, making it easy for anyone to send them a Freedom of Information request. We could have left it off the site and let our users find the email address themselves, but we didn’t want them to have to jump through hoops.⭕

    Joking aside, this is a valid addition to the site — see below for more details about why this college is subject to the FOI Act — and one where we can imagine some interesting requests being submitted.

    For example, one could ask for copies of the risk assessments used for the various circus skills taught to students — we imagine these would contain quite a bit of detail.

    A procurement list might throw up some items you wouldn’t see from other education institutions, like juggling equipment, unicycles or clown shoes.

    Prospective students who want to understand more about their chosen course’s application procedure and admission statistics often submit requests to UCAS, but applications for the National Centre for Circus Arts are handled directly (which makes sense: it would be hard to evidence circus skills on an UCAS form!).

    Instead, anyone looking for more information about how the application process works could submit an FOI request directly to the college. 

    In addition, there is a wide range of requests that can be sent to almost any public authority on matters such as the use of public money, minutes of meetings, policies, letters, emails and contracts. All of these might have uniquely circusy angles when applied to this particular institution!

    Some decisions are in-tents

    It’s not always easy to work out whether a body is subject to FOI. For some bodies it’s really simple: they’re listed by name in Schedule 1 of the Freedom of Information Act 2000 (or the Scottish equivalent). 

    The National Centre for Circus Arts isn’t named here, but Schedule 1 does include references to definitions contained in other laws.  

    In the course of recent work to find more bodies to add to WhatDoTheyKnow, our volunteers have read and interpreted three pieces of legislation and an official register to work out which higher education institutions are subject to FOI. 

    The upshot of our research is that we consider that all bodies listed on the Office for Students register as “Approved (fee cap)” are subject to FOI. This includes the National Centre for Circus Arts (registry entry). Helpfully, the Centre acknowledges the fact that it is subject to FOI on its website which not all higher education institutions do – kudos for that.

    UK higher education institutions walk a tightrope between the public and private sectors. They are subject to rules such as competition law that are normally relevant to private business, whilst at the same time being subject to laws that apply to the public sector such as the equality duty and FOI. It’s quite a lot to juggle. 🤹

    Interestingly, the debate about the role of circuses in public life goes back to Roman times where the provision of food and entertainment to the poor were used to gain political power.

    WhatDoTheyKnow lists a number of obscure public authorities on the site ranging from the Crown Estate Paving Commission to the Treasure Valuation Committee but the National Centre for Circus Arts is certainly one of the more unusual higher education institutions we list. There can’t be many places where people jump through fire for their graduation (page 13 of the 2023-24 prospectus).

    In conclusion, if anyone is planning to run away during 2023 then please be advised that with this addition, WhatDoTheyKnow has both the sea and the circus covered. 

    We wish all our users a happy and healthy 2023.

    Image: Jonny Gios

  4. The 12 days of FOI

    We’ve had 109,653 Freedom of Information  and Environmental Information Regulations requests made on WhatDoTheyKnow this year. In the run up to the end of 2022 here’s a countdown of 12 of the more unusual ones that have caught our eye this year…

    12: Bats

    National Highways released 1.25 TB of bat survey data carried out for the Arundel bypass scheme. This was made up of over 115,000 files, that included 786 videos – that’s over 250 hours of footage – 54,570 audio files, 354 spreadsheets and 2,532 images.

    We like this because we think it is the largest ever release of information, and as the climate crisis brings urgent challenges for our public institutions to address, access to environmental information will be increasingly valuable to businesses, campaign groups and the general public. You can read more about this release here.

    11: Vaccines

    Scientist in laboratory looking at samples

    The Medicines and Healthcare Products Regulatory Agency released the nucleotide sequences of the AstraZeneca & Pfizer/BioNTech Covid-19 vaccines used in the UK, after an initial refusal was overturned on review. The response says the companies involved consented to the release.

    We liked this because it is a great use of FOI to get such important medical information released and available in the public domain.

    10: Bins

    Squirrel sitting on a litter bin in a park in the autumn

    Sheffield City Council released the location of every public bin in the city.

    We liked this because not only is it really useful information; it is the sort of data that councils should be making freely available to citizens.

     

     

     

     

    9: Underground

    Diagram of Edinburgh City centre sewer and cable planEdinburgh City Council released the sewer and cable plans for parts of the city centre.

    We liked this because they are chaotically beautiful — not what you’d expect from an underground asset plan.

     

     

    8: Textbook

    The front cover of an Open University text bookThe Open University released a full textbook in response to a request for the information held on the Early modern Europe: society and culture c.1500-1780 module(s).

    We liked this because it’s not not often that you see full textbooks being released.

     

     

     

    7: Tower Bridge

    Tower Bridge in London with a partially cloudy skyThe City of London Corporation released a list of the past Tower Bridge lift dates, times, and vessel names from the start of 2022 until now.

    We liked this because it generated a long and sometimes amusing conversation on Reddit.

     

     

    6: War memorabilia

    Picture of a hand written world war two medal cardThe Ministry of Defence released a WW2 medal card.

    We liked this because we’ve never seen something like this obtained by FOI before.

     

     

     

     

    5: Honours board

    The Charter Trustees of the Town of Margate released their Freedom of the Town list in a more unusual format.

    We liked this because the information released was a photo of a painted wooden board. This is, after all, still a form of recorded information — and a nice permanent one.

     

     

     

     

     

    4: Seaside nuisance

    Brighton seafront in the sunshineBrighton & Hove City Council released a copy of all of the bye-laws that apply to the seafront.

    We liked this because of the phrase: “no annoying gramophones on the beach”, which may be a slightly outdated view of the worst possible noise nuisance.

     

     

     

    3: Big cats

    Panther sitting in the grassNorth Wales police released the details of big cat sightings in 2021.

    We liked this because the information disclosed in the request was used for a number of news articles in Wales.

     

     

     

    2: Library books

    person sat on a chair reading a book in a libraryOne of our users has been doing some research into the top 25 books borrowed from libraries in 2021; here’s an example of one of them.

    We liked this because it’s fascinating to see what books people are choosing to read, and how this varies between different areas of the country.

     

     

     

    1: Trains galore

    Engineering drawings

    And finally, here at WhatDoTheyKnow the team are all big fans of trains. This means we tend to notice the more interesting disclosures on train related topics. Here are some of our favourites from this year:

     

     

     

    a. Network Rail released the engineering drawings that were produced during the construction of the London & South Western Railway’s station at Branksome, near Bournemouth in the mid to late 1800. 

    We liked this because the drawings are beautifully crafted and not something that we get to see very often.

    b. Northern Trains Limited released the .wav file of the two jingles used for their station automated announcements system.

    We liked this because it’s unusual for audio files to be released and we’ve found so many uses for this!

    c. London North Eastern Railway Limited (LNER) released some information about the voiceover artists used for the automated announcements on the Class 800 and Class 801 fleet of trains

    We like this because it shows that FOI responses don’t need to be formal or complicated; they just provide, where possible, the information that the request-maker has asked for. LNER is  particularly good at this.

    d. Transport for London released 3D station layout drawings for the Elizabeth line.

    We liked this because it’s really interesting to see how the new stations on the Elizabeth line have been designed, and how the layout works with their surroundings.

     

     


    We hope you enjoyed 12(ish) of our favourite FOI requests from this year.

    You can find out more information about the WhatDoTheyKnow service and  how to make requests on our help pages.

    If you’d like to help WhatDoTheyKnow keep up their good work, you can help in two ways, either by volunteering us or by making a donation, any amount small or large is greatly appreciated.

    Image credits:

    Vaccines CDC; Bins Charlotte Harrison; Tower Bridge: R Spegel; Brighton seafront Tom Wheatley; Big cat: Mana5280; Library: Dollar Gill

  5. WhatDoTheyKnow Transparency report: 2022

    WhatDoTheyKnow is a project of mySociety, run by a small team of staff and dedicated volunteers.

    In 2022 WhatDoTheyKnow users made 109,653 Freedom of Information requests via WhatDoTheyKnow.

    Those requests, and the responses they received, are public on the website for anyone to see.  

    What’s not quite so visible is the work that the WhatDoTheyKnow team, which is largely made up of volunteers, do behind the scenes.  

    Some of their most difficult calls arise around the removal of information. WhatDoTheyKnow’s guiding principle is that it is a permanent, public, archive of Freedom of Information requests and responses, open to all.

    The team works incredibly hard to maintain the archive in the face of challenges, including the reduction of legal risks; dealing fairly and transparently when people ask for information to be removed from the site; answering users’ questions; supporting citizens to use their rights to FOI; dealing with misuse of the service which breaches our house rules inappropriate content and keeping everything ticking over.

    Our default position is not to remove substantive public information requests and responses; however, we act quickly if problematic content is reported to us. And, to help everyone understand exactly what has been removed and why, where possible we record these details on the request page.

    To allow for a full 12 months of data, the date range used throughout this report is 1 November 2021 to 31 October 2022.

    Headline facts and figures

    • 16,354,872 visits to WhatDoTheyKnow.com this year.
    • 16,217 new WhatDoTheyKnow user accounts created this year, taking the total number of accounts to 239,540. This represents an increase of 7.6% in the total number of site users since last year.
    • 8,912 total number of email threads in the support inbox in 2022… that’s an increase of 11.2%, making it all the more crucial that we continue to recruit volunteers to help spread the load.
    • 1,381 requests hidden from WhatDoTheyKnow in 2022
      …in the context of 109,653 requests made in the year, and a total of 867,303 requests currently published on the site.
    • 171 published requests where we redacted some material in 2022
      …usually due to the inappropriate inclusion of personal information, or defamation.

    And in more detail

    Requests made on WhatDoTheyKnow flagged for our attention

    The table below shows the reasons that requests were reported by our users via the site for admin attention this year. 

    Note that we also receive many reports directly by email, so while not comprehensive, this is indicative.

    Reason for attention report Total number
    Vexatious 117
    Not a valid request 109
    Contains personal information 89
    Request for personal information 85
    Contains defamatory material 33
    Other 642
    Total* 1,075

    *The number of requests flagged for attention this year is up 40% on last year. This is largely related to a single campaign of misuse.

    Material removed from the site

    The following tables show where members of the admin team have acted to remove or hide requests from WhatDoTheyKnow in the last year, and the reason why.

    At WhatDoTheyKnow  we have a policy of removing as little material as possible, while seeking to run the site responsibly and take different viewpoints into account. Removing substantive FOI requests and responses is a last resort and something we do very rarely. However, we act quickly to remove problematic material.

    Request visibility Total number
    Discoverable only to those who have the link to the request 2
    Visible only to the request maker 1,282
    Hidden from all site visitors 97

     

    Reason for removing from public view Total number**
    Not a valid FOI request 1,117
    Vexatious use of FOI 43
    Other (reason not programmatically recorded*) 221

    * Current processes do not create an easily retrievable list of reasons beyond the two above, however due to site improvements made in autumn of this year we expect to be able to provide more detailed information on this in the future.

    ** The number of requests hidden or removed from the site this year is up by 68% on last year. As above, this increase is largely related to a single campaign of misuse. 

    Censor rules (targeted redactions to hide the problematic part/s of a request) Total number
    Number of censor rules applied 746
    Number of requests with censor rules applied 171
    Number of requests with censor rules applied which are still publicly visible, but with problematic material hidden 165

    * Censor rules are used for many purposes, including redacting problematic content and removing personal data which should not be present

    Cases relating to GDPR rights 

    These are typically cases relating to requests to remove data published on the site as per the rights afforded under GDPR, the UK’s General Data Protection Regulations.

    Right type Total number of cases*
    GDPR Right to Erasure 214
    Data breaches by third parties 79
    GDPR Right to Rectification 15
    GDPR Right of Access 21
    Data breach – internal** 6
    GDPR Right to Object <5
    Total 340

    * Not all issues raised resulted in material being removed from the site.

    * “Data Breach – internal” refers to cases where WhatDoTheyKnow has identified that a data breach may have been caused due to our own staff actions. We take our obligations seriously, and use such instances as a learning opportunity, so these are recorded by us even if very minor, and often when they’re nothing more than a near miss.

    High risk concerns escalated for review 

    Our policies ensure that certain issues can be escalated for review by the wider team and, where more complex, by a review panel that includes mySociety’s Chief Executive. Escalation is typically prompted by threats of legal action, complaints, notifications of serious data breaches, potential defamation concerns, safeguarding, complex GDPR cases, or cases that raise significant policy questions.

    Case type* Total number
    Defamation 49
    Data breach 40
    GDPR Right to Erasure 33
    Complaints 19
    Safeguarding / Public harm 13
    Takedown 13
    GDPR Right of Access 9
    Police user data requests 7
    Site misuse 7
    Data breach – internal 5
    Other 39

    * Email threads may be either automatically categorised by the system, or manually categorised by the WhatDoTheyKnow admin team on the basis of the information given by the person reporting them. Some cases can relate to two types: for example a GDPR Right to Erasure request may also be a complaint. For the purposes of this table, such instances have been included in the counts for both concerns.

    Users

    User accounts Total 
    WhatDoTheyKnow users with activated accounts 239,540
    New user accounts activated in 2022 16,217
     
    Reason for banning users in 2022 Total 
    Spam 2,160
    Other site misuse 300
    Total number of users banned in 2022 2,460
     
    Anonymisation* Total 
    Accounts anonymised in 2022 139

    * Accounts are anonymised at the user’s request, generally to comply with GDPR Right to Erasure requests.

    Users are banned and their accounts may be closed due to site misuse and breach of the House Rules. Anonymised and banned users are no longer able to make requests or use their accounts.

    User data requests

    The table below shows the number of requests that we received from third parties for the personal data that we hold on our users in 2022. Details of which types of data we hold can be found in our privacy policy. As stated in our privacy policy, we do not provide this information to anyone else unless we are obliged to by law, or the user asks us to.

    Type of request Total 
    Police/law enforcement requests for user data 7
    Other requests for user data 6

     

    Material released Total 
    Number of requests, where court orders were produced and we provided the material as required 2

     

    Thank you for reading

    We produce this report as we demand transparency from public authorities and it’s only right that we also practise it ourselves. 

    Additionally, we hope that the report goes some way to showing the type of work the team do behind the scenes, and that running a well-used site like WhatDoTheyKnow is not without challenges.

    If there are specific statistics that you’d like to see in subsequent Transparency reports, or you’d like to know more about any of those above, do drop the team a line

    If you’d like to help WhatDoTheyKnow keep up their good work, please consider volunteering or making a donation. Any help small or large is greatly appreciated.

    Image: Meriç Dağlı

    .
  6. Have your say on the ICO’s prioritisation consultation

    The ICO has launched a consultation on how it plans to prioritise Freedom of Information (FOI) complaints

    We have prepared a draft response that explains the context of the consultation, and our current position. 

    We are releasing this draft before the deadline for feedback so we have time to get input from WhatDoTheyKnow users or other interested organisations/individuals.

    If you have any comments on our response, please fill out this survey.

    If you’d like to make your own response, you can also respond to the ICO directly. You do not have to have an opinion on all questions to make a response. The deadline for submissions is 5pm on 19th December 2022.

    A summary of our planned response:

    • The ICO thinking strategically about how to prioritise case work is a really useful exercise; our main concern is whether there are better, higher impact uses of time than those proposed. 
    • The purpose of the complaints system is not to release information, but to steer the whole FOI regime. Rather than focus on high impact requests, it would be better to look for strategic interventions to unblock common problems experienced by high impact requesters. 
      • Recommendation: Add a prioritisation criteria and process around administrative silence/stonewalling.
      • Recommendation: Use discretion to pay special attention to complaints from authorities where there are repeated problems. 
      • Recommendation: Build statistical knowledge of the whole FOI system (especially internal review) to support earlier and more effective intervention.
    • We disagree in principle with prioritising classes of requesters (e.g.. journalists and civil society organisations), and on practical grounds do not think this is the most effective way of achieving the ICO’s goals.
      • Recommendation: reframe these as criteria for the kinds of requests from these groups that would benefit from faster treatment (e.g. time sensitive requests, stonewalling).
      • Recommendation: Alternatively, redefine criteria as kinds of activity rather than requester (‘journalism’ rather than ‘journalists’). Make these more porous categories (where many requests may qualify) and only fast-track a certain percentage of them to manage the overall volume. 
      • Recommendation: As one of these porous categories, if the destination of the request is to a public repository (like WhatDoTheyKnow), this should be seen as a request having a higher public impact. 
    • The consultation reflects a view that the impact of FOI is primarily through intermediaries, making high impact requests in the public interest. We believe that the public interest needs to be viewed as wider than the result of high impact requests. There is enormous public value collectively even for privately motivated requests.
      • Recommendation:  Change the definition of frivolous from ‘low public interest in information requested’ to ‘low public interest in pursuing the complaint’.

    Our reasoning can be read in full, and there are bullet pointed summaries for each consultation question towards the end of the document if you are looking for inspiration for your own response. 

    Header image: Photo by Mihai Lazăr on Unsplash


  7. 1 in 10 have made an Freedom of Information request – we want to support you


    Freedom of Information is a right that gives people power over public authorities. The case for FOI is often made on the high profile investigations and the public disclosure of scandals. But the value can be also seen in the quiet success of ordinary citizens being able to access information from the public authorities that hold power over their lives.

    We ran a poll with Opinium to find out how widespread the use of Freedom of Information is. We found that 10% of UK adults have used FOI to try and get information they thought would be useful to themselves, their community or wider society. When including people who made a request as part of their work, this figure goes up to 14%. 

    Poll: Are you aware of, or have used, Freedom of Information?

I am aware of FOi - 62%
Aware but haven't used - 48%
Not aware of FOI  - 25%
I have made an FOi request 14%
I'm not sure - 13%
FOI for personal/community/society - 10%
FOI request as part of job - 6%
FOI request, for me personally 6%
For community/society 4%

    Giving evidence to Parliament, the former Information Commissioner said that “one in 1,000 citizens in the UK will file a Freedom of Information Act request, but journalists are standing in their shoes. It is through journalists that the public can understand or get to know why decisions are being made on their behalf. Journalists, public interest researchers and advocacy groups are important requesters”.  This is an important point about the value of Freedom of Information even if it is only used by a few, but based not just on our polling but the ICO’s own polling, this figure is 100 times too small. Freedom of Information is not a niche right, or mainly used by journalists,  but has been used by millions of people. 

    Alongside a team of volunteers, mySociety runs WhatDoTheyKnow, a website that helps people make freedom of information requests (so far over 850,000 requests), and displays the results of those requests in public, so more people have access to the results. 

    Through running this website, we’re very aware of the many different ways Freedom of Information is used by people, in ways that are not captured by official FOI statistics. We want more and more people to be able to use their information rights, and we want more and more of them to be using WhatDoTheyKnow so that what they find out is available to all.

    We want to be doing more to support and advocate for people using their right to know, and see it as our role to be a voice for our users, and this large group of ordinary FOI users, in arguments about the future of Freedom of Information.

    We’re proud of what we’re able to do with a small budget, but we want to do more. If you want to help us do that, there’s a number of things you can do:

    • If you’ve benefited from Freedom of Information, or support our mission to make information more accessible, please consider making a regular or one-off donation to support our work. 
    • If you’re not able to donate now, please join our newsletter so we can keep you up to date with our work and campaigns. 
    • If you’re a journalist, researcher or campaigner, have a look at our pro service, which for £10 a month provides a wealth of features to help make and manage requests. 
    • If you’re interested in volunteering time, WhatDoTheyKnow as a day-to-day service is run by a dedicated group of volunteers. If you’re interested in getting involved, you can learn more on the volunteering page

    To read more about the numbers behind the polling, and how we validated it, please see this companion blog post. 


    Header image: Photo by Samuel Regan-Asante on Unsplash

  8. How many people use Freedom of Information? The numbers blog post


    This blog post is a companion post to a shorter blog post explaining the significance of this polling to mySociety’s FOI work.

    We know very little about the real picture of Freedom of Information use because there are not comprehensive statistics. Information on users of Freedom of Information is very hard to come by.  We have some information through a survey we run on WhatDoTheyKnow, but we know this only covers the minority of requesters who use our service. 

    Knowing about this picture is important to us for several reasons.

    The first reason is one of the big benefits to society of WhatDoTheyKnow is that we make public information easier to discover without explicitly asking for it. If we can know more about how many FOIs are being made in total, we can have a better sense of what proportion of this information we’re publishing (based on some of the maths below, It’s probably somewhere from 5-10%). 

    The second reason is that conversations about the pros and cons of freedom of information can be dominated by the problems journalists experience in requesting information from the central government. This is a big and important problem, but it shifts the general understanding of the impact freedom of information has had on our society. Through WhatDoTheyKnow, we get a glimpse of a bigger world when citizens are making requests that affect them and their communities – but we don’t see everything, and getting more information about this is vital in informing how we approach our policy and campaigning work. 

    As part of a “Giving Tuesday”, Opinium gave five survey questions (for a national representative survey panel)  to a number of charities, including mySociety. We used one of these questions to find out how many people had made a freedom of information request. The rest of this blog post explains the results of that survey. 

    The question we asked

    Our data comes from an Opinium survey of a representative selection of UK adults that ran between 30th November – 3rd December 2021. Respondents were asked:

    The Freedom of Information Act gives you the right to request a large range of information from public authorities (government departments, local authorities, NHS trusts, schools, etc). These are called Freedom of information requests. Have you ever made a Freedom of Information request?

    Respondents had the option of responding:

    • No I haven’t made a request, and I am not aware of Freedom of Information
    • No, I am aware of freedom of information but haven’t used it
    • Yes, as part of my job
    • Yes, to find out something that might be useful for me personally
    • Yes, to find out something that might be useful to my community/society in general
    • I’m not sure / NA

    Results

    Poll: Are you aware of,or have used, Freedom of Information?

I am aware of FOi - 62%
Aware but haven't used - 48%
Not aware of FOI  - 25%
I have made an FOi request 14%
I'm not sure - 13%
FOI for personal/community/society - 10%
FOI request as part of job - 6%
FOI request, for me personally 6%
For community/society 4%

    mySociety/Opinium polling in 2021 found that 10% of UK adults have used FOI to try and get information they thought would be useful to themselves, their community or society. When including people who made a request as part of their work, this figure goes up to 14%. When looking just at personal use, the figure is 6%. Overall, a majority of people (62%)  had either used FOI or were otherwise aware of it. 

    There was a small gender difference in both awareness and use of FOI, with men having higher awareness than women (68% to 57%), and greater use (16% to 11%). Our polling found that the 18-34 age group were the least aware of Freedom of Information (55%), but were also the age group most likely to have made an FOI request (25%). This is possibly partially explained by a much higher rate of using it as part of employment in younger demographics (12% compared to 6% overall), but the number using it for other reasons is still notably higher (some more discussion of this further down). Looking at respondents by nation/region, there was a less than expected proportion of people who made a request in Wales (6%) and Northern Ireland (2%), but a greater number who made a request in London (28%).

    Validating these figures

    When I first saw some of these figures, I was a little surprised and wanted to explore some different ways to validate the number.

    Digging into it, I found that other polls asking different versions of the question show a similar figure, and back of the envelope calculations based on known statistics suggest the basic ballpark is right – there are millions, rather than hundreds of thousands, of people who have used the Freedom of Information Act. 

    Part of the reason this figure might be surprising is that our statistical picture of Freedom of Information is so poor, we have  very little idea of the scale of it – and what we do know is misleading as to that scale.  For instance, a recent Financial Times article, when highlighting the (bad) trend of how central governments are withholding more and more information requested, falls into the trap of assuming that this picture represents all freedom of information requests. But departments and ministries are not the only public bodies that receive Freedom of Information requests. In fact there’s good reason to believe they receive only a small percentage of the overall total. 

    Most FOI requests in the UK are not covered by official statistics. In 2017, we did a meta-FOI to ask local authorities about the number of FOIs they received. We calculated around 467k were made that year, compared to 46k made in that same year to the central government. From running WhatDoTheyKnow, we know that only 10% of requests made through the site go to the central government departments that are covered in the statistics. 

    As the number of Freedom of Information requests is much higher than the official statistics show, this helps explain why the number of requesters can be far higher than expected. Not only are there many more public bodies outside central government, but these bodies are closer to people’s day to day lives, and so a broader range of people might want information, and find it through the Freedom of Information Act. 

    Polling by the UK’s Information Commissioners

    The clearest reassurance of the 10%ish figure is that a similar poll found a very similar number. Polling by the Information Commissioner’s Office in 2021 found 49% were aware of “the right to request information held by public organisations”. This is lower than our equivalent question, where 62% had either made use of FOI, or were aware of it and not used it. However in the same 2021 survey, 10% of respondents to the ICO’s survey said they had already made use of “the right to request information held by public organisations”. In the previous year this figure was 12%. This figure is very close to our figure of 10-14% making use of FOI, and it is reassuring to see something in this ball park come from a different survey company.

    Both these surveys might be wrong of course, but polling by the Scottish Information Commission in 2022 found an even higher number. This poll found 36% of a weighted sample of Scottish respondents had at some time “asked for information from a Scottish public body by letter, email or online form”. 18% said they did this annually or more frequently. This is a much higher number than the other survey. There are several possible reasons why.

    1. There is a genuine difference in awareness and use of rights between Scotland and the rest of the UK. 
    2. The way this question is phrased should also include requests for personal information (subject access requests) as well as freedom of information requests.
    3. This version of the question does not ask about a right, just if someone did something that might have engaged the Freedom of Information Act. This might catch people who get through the process unaware they may have benefited or made use of information rights.

    How should we interpret this? There is no strong reason to believe the use of rights is significantly different in Scotland. The Scottish figure was 63% awareness of freedom of Information, which is higher than the ICO UK-wide, but in the same general area as our UK-wide polling, which did not show a significant difference for Scotland. Similarly, our survey found a statistically significant difference in use of FOI by respondents in London and did not find this for Scotland. 

    As for subject access requests, we actually know from the (really good) statistics recorded in Scotland that around one-quarter of information requests are subject access requests. So even applying this correction, this question is still suggesting around double the figure from our survey. This is likely to be part of the explanation, but is not all of that. 

    This leaves the possibility that by not prompting about rights or freedom of information, this is capturing a set of people who are coming into contact with information rights issues without noticing it. It is possible to exercise your freedom of information rights without being aware you are doing so. My first freedom of information request was made this way as a student, asking OFCOM if they held some information from the Broadcasting Complaints Commissions’s archive. If you email your local council wanting to know something, it should be processed under the Freedom of Information Act, even if you were unaware of it. This is likely to include some interactions with authorities that will have existed before FOI (and information may have been made available) but which is now covered formally through the Freedom of Information process. For example, a request for library opening times could be processed as an FOI request, but may well have been answered before the FOI act existed.

    If this is an explanation for a higher number in response to the OSIC survey, it might also explain the higher proportion of 18-34 respondents in our poll who had used Freedom of Information for personal reasons. Contact with public bodies for information is more likely now to be by email, and trigger the formal FOI process. There is more to explore here around possible shifting patterns of first contact with FOI. 

    Back of the envelope calculation based on WhatDoTheyKnow statistics

    The relevant polling we have is supportive of our poll not being outrageously high. The other approach is to try a very back of the envelope approach based on known statistics to see if this is a reasonable amount of FOIs to have been made. 

    Based on previous research by mySociety and the Constitution Unit, we have estimates for the number of FOIs made to local authorities in 2005-2010 and 2017. Filling in the extra years between those dates, extending forward, and doubling the number (roughly 48% of requests made through WhatDoTheyKnow are to local authorities – but we don’t know if this applies more generally or not), this gives roughly 11 million FOI requests all time. On WhatDoTheyKnow there are an average of six requests per user (again, don’t know if this applies more generally) – so applying that ratio gives roughly 2 million requesters all time. A figure of 10% of UK adults would expect roughly 4.3 million requesters all time. 

    To get the two numbers more  into sync some combination of the following could be true:

    • More local government requests have been made all time than this assumes.
      • Not impossible given this is based on three data points (all of which are incomplete surveys and require some amount of extrapolation).
    • A greater proportion of requests being made to non-local government bodies than happens in WhatDoTheyKnow
      • No way of knowing this without a complete statistical picture.
      • OSIC statistics show a higher 60% statistic in Scotland being made to local government.
      • Given there are many  more non-local government public authorities in the rest of the UK, it is reasonable to guess it’s closer to the WhatDoTheyKnow statistic of 50%, but could it be lower than that?
    • The ratio between requesters and requests is different outside of WhatDoTheyKnow.
      • Arguments both ways, WhatDoTheyKnow is missing all the ‘not intentionally using FOI’  one-offs, but also some of the bulk requesters who don’t want the results to be public on WhatDoTheyKnow. 

    Given so many of these numbers are made-up or trying to generalise from WhatDoTheyKnow to all uses of FOI, there is no real reason not to prefer the figure two separate polls agree on. That said, it is reassuring it is in the right order of magnitude (still talking millions rather than hundreds of thousands of FOI users). This question would be helped by a complete statistical picture of FOI in the UK, and to be honest, that would be so useful, it’d be fine if it proved our current numbers wrong. 


    Header image: Photo by Mitchell Luo on Unsplash

    Demographic difference graphs

    Download the polling tables.

    The following graphs show the demographic split on aspects of the FOI polling. Where the percentage for a category is higher than would be expected statistically if there was no difference between groups, it is highlighted in blue. If it is smaller than would be expected, it is highlighted in red. For non-highlighted categories there is insufficient data to say the category differs from the general average.

    I am aware of FOI by gender

Male: 68% (higher than expected)
Female: 57% (lower than expected)
    I have made an FOI request - by region

North: 12%
Midlands 14%
London 29% (larger than expected)
South: 11%
Wales 6% (smaller than expected)
Northern Ireland: 2% (lower than expected)
    I have made an FOI request, as part of my job

By age:

18-34 12% (larger than expected)
35-44 10% (larger than expected)
45-54: 4%
55-64% 1% (smaller than expected)
65+ 1% (smaller than expected)
    I am aware of FOI by age

18-34: 55% (lower than expected)
35-44: 62%
45-54: 58%
55-64 69%
65+: 70% (higher than expected)
    I have made an FOI request, for personal/community/society

18-34: 18% (higher than expected)
35-44: 9%
45-54: 6% (lower than expected)
55-64%: 7%
65+ 5% (lower than expected)
    I have made an FOI request

By gender
Male: 16% (higher than expected)
Female: 11% (lower than expected)
    I have made an FOI request, for my community/society in general

18-34: 6% (higher than expected)
35-44: 5% 
45-54: 1% (lower than expected)
55-64: 2% 
65+ 2%

  9. How to find out the history of an ex-military Land Rover

    Suppose you’ve bought a Land Rover but you don’t know anything of its history. Might it have had an exciting past as a military vehicle? Has it had any major faults in its previous life? Freedom of Information is one way to find out.

    And indeed, a number of people have been using WhatDoTheyKnow to discover more about the history of their ex-military Land Rovers by making a Freedom of Information request to the Ministry of Defence.

    What information is available?

    We’ve seen requests both for the military service history of a vehicle (for example which military units it was assigned to) and the maintenance record (details of inspections, servicing, faults and repairs). 

    Any information held is generally provided free of charge to anyone who asks — there is no requirement to prove that you are the owner or keeper of the vehicle. Here are some examples:

    How to make a request

    Freedom of Information (FOI) requests can be made in public by using the WhatDoTheyKnow website to  ask for information from the MOD. We would obviously prefer that people use our site, but FOI requests can also be made by writing a letter or sending an email.

    Many of the requesters include both the chassis number and the registration number in the request, to help the MOD identify any relevant information held. 

    Will I get the information I ask for?

    In some cases, information may be withheld using exemptions contained in the Freedom of Information Act 2000. For example, the MOD tends to redact the time taken to carry out repairs, to protect the commercial interests of the businesses they contract for this purpose. 

    In rare cases, information may be withheld in order to safeguard national security or to protect the UK’s defensive capabilities. 

    The MOD has publicly released a copy of the MERLIN database, in which details of military vehicles are recorded, and it may be worth checking that first if you are interested in making a request.

    In the case of some previous FOI requests, where no information is held, the MOD has advised requesters that the Royal Logistic Corps Museum may be able to assist with their research (see for example this MOD letter of 25 September 2018).

    Reasons that public authorities keep records about assets they no longer hold

    The requests about ex-military Land Rovers highlight the fact that public authorities often hold records about assets they no longer own, and that in some cases this information will be of value to the new owners.  

    There are various reasons why records are kept after the asset is sold or otherwise disposed of. One is to help people who may have queries in the future. A great example of this practice is referenced in a response by Aberdeen Council to an FOI request made through WhatDoTheyKnow in June 2021.

    The electronic record held by Aberdeen City Council […] not only lists everything we have, but also everything that we once had as well. This is to ensure that we have a records trail for future research/provenance etc”.

    Usage of FOI law in the UK

    We think the requests about ex-military Land Rovers are interesting because they show the versatility of the UK’s FOI legislation. 

    Not every FOI request has to be about holding public authorities to account: requests can simply be made for information that people find useful for their businesses, their hobbies or their everyday lives. Making such requests in public helps other people who might be interested in making a similar request themselves. In addition,  if there is an important public interest story hidden in the response, making the request in public maximises the chances that someone will find it.

    Image: AlfvanBeem, CC0, via Wikimedia Commons

  10. Help WhatDoTheyKnow find contact addresses for public authorities

    You can send Freedom of Information requests to more than 45,000 public authorities on WhatDoTheyKnow. For each of those authorities we need an email address to send those requests to, which means we often need to do some maintenance to keep everything up to date.

    For some authorities in our database we don’t have a working email address. We might have had one in the past but it’s now out of date, or the authority might have merged and taken on new contact details – there are many reasons for missing email addresses, but they all leave us in the same predicament: we don’t know where to send your FOI requests for those bodies.

    Can you help us find them?

    If you have a little time to spare, a small amount of Googling could be a really big help for our users. Just five minutes here and there is all that’s needed to do a little bit of research to find the correct address.  

    We’ve made a list of all authorities with a missing email address

    The best starting point is almost always the authority’s website. Look for a dedicated contact email address for Freedom of Information requests.

    Top tips for searching:

    • Check the contact page.
    • Check the footer on the homepage.
    • Try looking for Freedom of Information policies or Publication Schemes,  or sometimes an email address can appear in the privacy policy.
    • Remember some public authorities such as schools and parish councils have very similar names, so make sure you are looking at the right one.
    • If you can’t find a website for the authority itself, there are some other places that you can look: for example the NHS services site  or the Get Information about Schools site.

    Once you’ve found the right place, make a note of the contact email address. We prefer to use generic email addresses, for example that starting with foi@ or information@ as these tend not to change so often, so if there are multiple addresses given, these are the best ones to go for.

    Let us know

    If you find some of these missing email addresses please let us know.

    We need both the new email address and the source (website address) where you found it, so we can verify the information.

    You can send us this information by clicking on “Ask us to update FOI email” link on the public authority’s page. Just fill out the form with all the details that you’ve found.

    Screenshot of pubic authority page on WhatDoTheyKnow showing where you can find the “Ask us to update FOI email" link
    Then our team of volunteers will use your input  to update the database, and you’ll have ensured that people can make requests to the authority. That’s a really useful result.

    Time poor but rich in other ways?

    We know that your time is very precious and not everyone has the opportunity to help us out with tasks. If you are able to make a donation instead, that is also very helpful toward keeping our FOI service up and running.

    Your contributions, however small, really help. Donate here.

     

    Image: Marten Newhall