At our Freedom of Information service WhatDoTheyKnow, when faced with requests to remove material, we operate on the principle of removing the minimum amount possible.
Alaveteli, the codebase which underlies WhatDoTheyKnow and a number of other FOI sites around the world, gives moderators a range of options for removing content – with the ability to surgically remove text ranging from individual words and phrases, to individual messages, or even entire request threads. This is useful when we spot misuse of our service, for example.
What we’ve been lacking, up until now, was a way to apply these types of removals to attachments.
Back in the early days of WhatDoTheyKnow, attachments were less common, but now we see many more: there can often be several attachments to one individual message.
Over the last few years, there have been occasions where we’ve had to remove an entire message, which may contain several useful attachments, just because of a small issue with one of them.
We’d then go through an annoying manual process to download the publishable ones, upload them to our file server, and then annotate the request with the links – here’s an example.
Back in 2013, when the original suggestion for enabling finer grained control was raised, the site contained around 400,000 attachments. There are now more than 3,500,000! We don’t remove content often, but at this scale it’s inevitable that we need to intervene now and then.
After a little code cleanup we were able to make individual attachment removal a reality. This allows us much more control over how we balance preserving a historic archive of information released under Access to Information laws, and running the site responsibly and meeting our legal obligations under GDPR.
As an example, let’s imagine that the FOI officer replying to our request inadvertently makes a data breach when releasing some organisation charts in `organisation chart b.pdf`.
Previously we’d have had to have hidden the whole response. Now, we can go into the admin interface and inspect each individual attachment.
We can then set our usual “prominence” value – offering a few options from fully visible to completely hidden – and include a reason for why the content has been hidden. We always seek to run the site transparently and explain any actions taken.
On saving the form, you can see that only the problematic attachment has been removed, with the remainder of the response intact. This saves us considerable time when reviewing and handling material with potential data issues, and keeps as much information published as possible while we do so.
As an extra bonus, since the main body text of emails is also treated as an “attachment” in Alaveteli, we’re now able to hide potentially problematic material there without affecting the attachments we present.
We’ve already used this feature several times to republish material where we’d previously had to hide the entire message due to the technical limitations at the time.
Image: Kenny Eliason
Alaveteli is our platform for running Freedom of Information websites — it underpins WhatDoTheyKnow as well as many other sites around the world. It’s made up of many interconnecting elements, but a key part is the database of public bodies.
On WhatDoTheyKnow, we list over 42,000 public bodies that are subject to FOI and EIR – possibly one of the largest databases of public bodies in the country. Along with their name, we record information like their FOI request email address, publication scheme and disclosure log URLs, and we categorise them so that they’re easier to browse and make requests to.
We often want to add additional insight to help citizens understand more about the public body. This can vary from body to body, from describing the information they hold, what they don’t hold, guidance around how to challenge their poor FOI-handling practices or why we list them when they’re not currently subject to FOI.
We do this via what we call “notes” – a free-text field per authority that admins can update with whatever information is useful for the particular body.
We often find we need to add or update the same note for a group of authorities — for example, we added the same note to all Business Improvement Districts to explain our reasons for listing them.
This can be a major challenge. We list nearly 300 BIDs, and updating each manually, one at a time, would be a several-hour ordeal. An alternative is for our developers to write a quick one-off script to update the text, but that comes with a coordination cost, and can be tricky to work around other text that may be present in the free text field that we want to preserve.
One of the behind-the-scenes ways we manage the categorisation of authorities is through tags. Many of our other records have the ability to add tags too.
This led to the thought that it would be great to be able to apply a note based on a tag, rather than only having one note field per authority. This would allow us to more quickly add useful information to groups of authorities.
Another issue we wanted to solve was to be able to add notes to content other than public bodies, like FOI requests for specific types of information and our category lists. In particular we wanted to be able to celebrate requests that led to particularly useful public interest information being released or having wider impact, and also to add clarification around requests that may be misinterpreted.
We’ve received funding from the Joseph Rowntree Charitable Trust to help support marginalised communities to make more well-formed requests, and to more effectively use the information they obtain to engage with and influence authorities in a way that contributes to fairer decision-making. Thanks to this, we were able to add this underlying capability, which we can use to continue to help users more easily understand how to navigate the complexities of public authorities and what information they hold.
We then needed an interface to allow admins to list and search tags for each type of record that has them, and browse all records that are tagged with a particular tag.
As well as it being generally useful to be able to browse our database through our tags, this gave us a place to add our new functionality for adding a note based on a tag.
While Rails’ polymorphic associations make creating a link between one record and another really easy, they don’t cover creating the link through a free-text tag. Fortunately, it took nothing more than a few lines of code to link up notes that are directly associated with a single record, and notes that are applied via a tag.
Now our public bodies can have notes applied to them and only them, and also notes applied to several authorities based on their tag.
In this example, the Environment Agency has some specific notes about it, but since it’s also a local lighthouse authority, we can apply the relevant notes simply by tagging the authority record and the notes for local lighthouse authorities will automatically get applied. Magic!
We’ve also applied this pattern to information requests. Now, we can add notes to individual requests, like this example that points to another source for obtaining the information…
So far we’ve created 46 notes that get applied via a tag. These notes are applicable to 7,998 requests and 15,283 authorities. Using a rough guess of 30 seconds to manually apply a note to a record, it would take 11,640.5 minutes – 8 full days, or 25 working days – to do so for each of these requests and authorities. This just wouldn’t have been possible before.
This new feature unlocks a whole new avenue for us to support citizens and users that we just wouldn’t have had capacity for otherwise.
Image: Keila Hötzel
On 21 December, we added the National Centre for Circus Arts as a public authority on WhatDoTheyKnow, making it easy for anyone to send them a Freedom of Information request. We could have left it off the site and let our users find the email address themselves, but we didn’t want them to have to jump through hoops.⭕
Joking aside, this is a valid addition to the site — see below for more details about why this college is subject to the FOI Act — and one where we can imagine some interesting requests being submitted.
For example, one could ask for copies of the risk assessments used for the various circus skills taught to students — we imagine these would contain quite a bit of detail.
A procurement list might throw up some items you wouldn’t see from other education institutions, like juggling equipment, unicycles or clown shoes.
Prospective students who want to understand more about their chosen course’s application procedure and admission statistics often submit requests to UCAS, but applications for the National Centre for Circus Arts are handled directly (which makes sense: it would be hard to evidence circus skills on an UCAS form!).
Instead, anyone looking for more information about how the application process works could submit an FOI request directly to the college.
In addition, there is a wide range of requests that can be sent to almost any public authority on matters such as the use of public money, minutes of meetings, policies, letters, emails and contracts. All of these might have uniquely circusy angles when applied to this particular institution!
Some decisions are in-tents
It’s not always easy to work out whether a body is subject to FOI. For some bodies it’s really simple: they’re listed by name in Schedule 1 of the Freedom of Information Act 2000 (or the Scottish equivalent).
The National Centre for Circus Arts isn’t named here, but Schedule 1 does include references to definitions contained in other laws.
In the course of recent work to find more bodies to add to WhatDoTheyKnow, our volunteers have read and interpreted three pieces of legislation and an official register to work out which higher education institutions are subject to FOI.
The upshot of our research is that we consider that all bodies listed on the Office for Students register as “Approved (fee cap)” are subject to FOI. This includes the National Centre for Circus Arts (registry entry). Helpfully, the Centre acknowledges the fact that it is subject to FOI on its website which not all higher education institutions do – kudos for that.
UK higher education institutions walk a tightrope between the public and private sectors. They are subject to rules such as competition law that are normally relevant to private business, whilst at the same time being subject to laws that apply to the public sector such as the equality duty and FOI. It’s quite a lot to juggle. 🤹
Interestingly, the debate about the role of circuses in public life goes back to Roman times where the provision of food and entertainment to the poor were used to gain political power.
WhatDoTheyKnow lists a number of obscure public authorities on the site ranging from the Crown Estate Paving Commission to the Treasure Valuation Committee but the National Centre for Circus Arts is certainly one of the more unusual higher education institutions we list. There can’t be many places where people jump through fire for their graduation (page 13 of the 2023-24 prospectus).
We wish all our users a happy and healthy 2023.
Image: Jonny Gios
We’ve had 109,653 Freedom of Information and Environmental Information Regulations requests made on WhatDoTheyKnow this year. In the run up to the end of 2022 here’s a countdown of 12 of the more unusual ones that have caught our eye this year…
National Highways released 1.25 TB of bat survey data carried out for the Arundel bypass scheme. This was made up of over 115,000 files, that included 786 videos – that’s over 250 hours of footage – 54,570 audio files, 354 spreadsheets and 2,532 images.
We like this because we think it is the largest ever release of information, and as the climate crisis brings urgent challenges for our public institutions to address, access to environmental information will be increasingly valuable to businesses, campaign groups and the general public. You can read more about this release here.
The Medicines and Healthcare Products Regulatory Agency released the nucleotide sequences of the AstraZeneca & Pfizer/BioNTech Covid-19 vaccines used in the UK, after an initial refusal was overturned on review. The response says the companies involved consented to the release.
We liked this because it is a great use of FOI to get such important medical information released and available in the public domain.
Sheffield City Council released the location of every public bin in the city.
We liked this because not only is it really useful information; it is the sort of data that councils should be making freely available to citizens.
Edinburgh City Council released the sewer and cable plans for parts of the city centre.
We liked this because they are chaotically beautiful — not what you’d expect from an underground asset plan.
The Open University released a full textbook in response to a request for the information held on the Early modern Europe: society and culture c.1500-1780 module(s).
We liked this because it’s not not often that you see full textbooks being released.
7: Tower Bridge
The City of London Corporation released a list of the past Tower Bridge lift dates, times, and vessel names from the start of 2022 until now.
We liked this because it generated a long and sometimes amusing conversation on Reddit.
6: War memorabilia
The Ministry of Defence released a WW2 medal card.
We liked this because we’ve never seen something like this obtained by FOI before.
5: Honours board
The Charter Trustees of the Town of Margate released their Freedom of the Town list in a more unusual format.
We liked this because the information released was a photo of a painted wooden board. This is, after all, still a form of recorded information — and a nice permanent one.
4: Seaside nuisance
Brighton & Hove City Council released a copy of all of the bye-laws that apply to the seafront.
We liked this because of the phrase: “no annoying gramophones on the beach”, which may be a slightly outdated view of the worst possible noise nuisance.
3: Big cats
North Wales police released the details of big cat sightings in 2021.
We liked this because the information disclosed in the request was used for a number of news articles in Wales.
2: Library books
One of our users has been doing some research into the top 25 books borrowed from libraries in 2021; here’s an example of one of them.
We liked this because it’s fascinating to see what books people are choosing to read, and how this varies between different areas of the country.
1: Trains galore
And finally, here at WhatDoTheyKnow the team are all big fans of trains. This means we tend to notice the more interesting disclosures on train related topics. Here are some of our favourites from this year:
a. Network Rail released the engineering drawings that were produced during the construction of the London & South Western Railway’s station at Branksome, near Bournemouth in the mid to late 1800.
We liked this because the drawings are beautifully crafted and not something that we get to see very often.
b. Northern Trains Limited released the .wav file of the two jingles used for their station automated announcements system.
We liked this because it’s unusual for audio files to be released and we’ve found so many uses for this!
c. London North Eastern Railway Limited (LNER) released some information about the voiceover artists used for the automated announcements on the Class 800 and Class 801 fleet of trains
We like this because it shows that FOI responses don’t need to be formal or complicated; they just provide, where possible, the information that the request-maker has asked for. LNER is particularly good at this.
d. Transport for London released 3D station layout drawings for the Elizabeth line.
We liked this because it’s really interesting to see how the new stations on the Elizabeth line have been designed, and how the layout works with their surroundings.
We hope you enjoyed 12(ish) of our favourite FOI requests from this year.
WhatDoTheyKnow is a project of mySociety, run by a small team of staff and dedicated volunteers.
In 2022 WhatDoTheyKnow users made 109,653 Freedom of Information requests via WhatDoTheyKnow.
Those requests, and the responses they received, are public on the website for anyone to see.
What’s not quite so visible is the work that the WhatDoTheyKnow team, which is largely made up of volunteers, do behind the scenes.
Some of their most difficult calls arise around the removal of information. WhatDoTheyKnow’s guiding principle is that it is a permanent, public, archive of Freedom of Information requests and responses, open to all.
The team works incredibly hard to maintain the archive in the face of challenges, including the reduction of legal risks; dealing fairly and transparently when people ask for information to be removed from the site; answering users’ questions; supporting citizens to use their rights to FOI; dealing with misuse of the service which breaches our house rules inappropriate content and keeping everything ticking over.
Our default position is not to remove substantive public information requests and responses; however, we act quickly if problematic content is reported to us. And, to help everyone understand exactly what has been removed and why, where possible we record these details on the request page.
To allow for a full 12 months of data, the date range used throughout this report is 1 November 2021 to 31 October 2022.
Headline facts and figures
- 16,354,872 visits to WhatDoTheyKnow.com this year.
- 16,217 new WhatDoTheyKnow user accounts created this year, taking the total number of accounts to 239,540. This represents an increase of 7.6% in the total number of site users since last year.
- 8,912 total number of email threads in the support inbox in 2022… that’s an increase of 11.2%, making it all the more crucial that we continue to recruit volunteers to help spread the load.
- 1,381 requests hidden from WhatDoTheyKnow in 2022
…in the context of 109,653 requests made in the year, and a total of 867,303 requests currently published on the site.
- 171 published requests where we redacted some material in 2022
…usually due to the inappropriate inclusion of personal information, or defamation.
And in more detail
Requests made on WhatDoTheyKnow flagged for our attention
The table below shows the reasons that requests were reported by our users via the site for admin attention this year.
Note that we also receive many reports directly by email, so while not comprehensive, this is indicative.
Reason for attention report Total number Vexatious 117 Not a valid request 109 Contains personal information 89 Request for personal information 85 Contains defamatory material 33 Other 642 Total* 1,075
*The number of requests flagged for attention this year is up 40% on last year. This is largely related to a single campaign of misuse.
Material removed from the site
The following tables show where members of the admin team have acted to remove or hide requests from WhatDoTheyKnow in the last year, and the reason why.
At WhatDoTheyKnow we have a policy of removing as little material as possible, while seeking to run the site responsibly and take different viewpoints into account. Removing substantive FOI requests and responses is a last resort and something we do very rarely. However, we act quickly to remove problematic material.
Request visibility Total number Discoverable only to those who have the link to the request 2 Visible only to the request maker 1,282 Hidden from all site visitors 97 Reason for removing from public view Total number** Not a valid FOI request 1,117 Vexatious use of FOI 43 Other (reason not programmatically recorded*) 221
* Current processes do not create an easily retrievable list of reasons beyond the two above, however due to site improvements made in autumn of this year we expect to be able to provide more detailed information on this in the future.
** The number of requests hidden or removed from the site this year is up by 68% on last year. As above, this increase is largely related to a single campaign of misuse.
Censor rules (targeted redactions to hide the problematic part/s of a request) Total number Number of censor rules applied 746 Number of requests with censor rules applied 171 Number of requests with censor rules applied which are still publicly visible, but with problematic material hidden 165
* Censor rules are used for many purposes, including redacting problematic content and removing personal data which should not be present
Cases relating to GDPR rights
These are typically cases relating to requests to remove data published on the site as per the rights afforded under GDPR, the UK’s General Data Protection Regulations.
Right type Total number of cases* GDPR Right to Erasure 214 Data breaches by third parties 79 GDPR Right to Rectification 15 GDPR Right of Access 21 Data breach – internal** 6 GDPR Right to Object <5 Total 340
* Not all issues raised resulted in material being removed from the site.
* “Data Breach – internal” refers to cases where WhatDoTheyKnow has identified that a data breach may have been caused due to our own staff actions. We take our obligations seriously, and use such instances as a learning opportunity, so these are recorded by us even if very minor, and often when they’re nothing more than a near miss.
High risk concerns escalated for review
Our policies ensure that certain issues can be escalated for review by the wider team and, where more complex, by a review panel that includes mySociety’s Chief Executive. Escalation is typically prompted by threats of legal action, complaints, notifications of serious data breaches, potential defamation concerns, safeguarding, complex GDPR cases, or cases that raise significant policy questions.
Case type* Total number Defamation 49 Data breach 40 GDPR Right to Erasure 33 Complaints 19 Safeguarding / Public harm 13 Takedown 13 GDPR Right of Access 9 Police user data requests 7 Site misuse 7 Data breach – internal 5 Other 39
* Email threads may be either automatically categorised by the system, or manually categorised by the WhatDoTheyKnow admin team on the basis of the information given by the person reporting them. Some cases can relate to two types: for example a GDPR Right to Erasure request may also be a complaint. For the purposes of this table, such instances have been included in the counts for both concerns.
User accounts Total WhatDoTheyKnow users with activated accounts 239,540 New user accounts activated in 2022 16,217 Reason for banning users in 2022 Total Spam 2,160 Other site misuse 300 Total number of users banned in 2022 2,460 Anonymisation* Total Accounts anonymised in 2022 139
* Accounts are anonymised at the user’s request, generally to comply with GDPR Right to Erasure requests.
Users are banned and their accounts may be closed due to site misuse and breach of the House Rules. Anonymised and banned users are no longer able to make requests or use their accounts.
User data requests
Type of request Total Police/law enforcement requests for user data 7 Other requests for user data 6 Material released Total Number of requests, where court orders were produced and we provided the material as required 2
Thank you for reading
We produce this report as we demand transparency from public authorities and it’s only right that we also practise it ourselves.
Additionally, we hope that the report goes some way to showing the type of work the team do behind the scenes, and that running a well-used site like WhatDoTheyKnow is not without challenges.
If there are specific statistics that you’d like to see in subsequent Transparency reports, or you’d like to know more about any of those above, do drop the team a line.
Image: Meriç Dağlı
Suppose you’ve bought a Land Rover but you don’t know anything of its history. Might it have had an exciting past as a military vehicle? Has it had any major faults in its previous life? Freedom of Information is one way to find out.
And indeed, a number of people have been using WhatDoTheyKnow to discover more about the history of their ex-military Land Rovers by making a Freedom of Information request to the Ministry of Defence.
What information is available?
We’ve seen requests both for the military service history of a vehicle (for example which military units it was assigned to) and the maintenance record (details of inspections, servicing, faults and repairs).
Any information held is generally provided free of charge to anyone who asks — there is no requirement to prove that you are the owner or keeper of the vehicle. Here are some examples:
- Example of vehicle history released by the MOD
- Example of fault history released by the MOD
- Example of a request thread for the history of an ex-military landrover
How to make a request
Freedom of Information (FOI) requests can be made in public by using the WhatDoTheyKnow website to ask for information from the MOD. We would obviously prefer that people use our site, but FOI requests can also be made by writing a letter or sending an email.
Many of the requesters include both the chassis number and the registration number in the request, to help the MOD identify any relevant information held.
Will I get the information I ask for?
In some cases, information may be withheld using exemptions contained in the Freedom of Information Act 2000. For example, the MOD tends to redact the time taken to carry out repairs, to protect the commercial interests of the businesses they contract for this purpose.
In rare cases, information may be withheld in order to safeguard national security or to protect the UK’s defensive capabilities.
The MOD has publicly released a copy of the MERLIN database, in which details of military vehicles are recorded, and it may be worth checking that first if you are interested in making a request.
In the case of some previous FOI requests, where no information is held, the MOD has advised requesters that the Royal Logistic Corps Museum may be able to assist with their research (see for example this MOD letter of 25 September 2018).
Reasons that public authorities keep records about assets they no longer hold
The requests about ex-military Land Rovers highlight the fact that public authorities often hold records about assets they no longer own, and that in some cases this information will be of value to the new owners.
There are various reasons why records are kept after the asset is sold or otherwise disposed of. One is to help people who may have queries in the future. A great example of this practice is referenced in a response by Aberdeen Council to an FOI request made through WhatDoTheyKnow in June 2021.
“The electronic record held by Aberdeen City Council […] not only lists everything we have, but also everything that we once had as well. This is to ensure that we have a records trail for future research/provenance etc”.
Usage of FOI law in the UK
We think the requests about ex-military Land Rovers are interesting because they show the versatility of the UK’s FOI legislation.
Not every FOI request has to be about holding public authorities to account: requests can simply be made for information that people find useful for their businesses, their hobbies or their everyday lives. Making such requests in public helps other people who might be interested in making a similar request themselves. In addition, if there is an important public interest story hidden in the response, making the request in public maximises the chances that someone will find it.
Image: AlfvanBeem, CC0, via Wikimedia Commons
You can send Freedom of Information requests to more than 45,000 public authorities on WhatDoTheyKnow. For each of those authorities we need an email address to send those requests to, which means we often need to do some maintenance to keep everything up to date.
For some authorities in our database we don’t have a working email address. We might have had one in the past but it’s now out of date, or the authority might have merged and taken on new contact details – there are many reasons for missing email addresses, but they all leave us in the same predicament: we don’t know where to send your FOI requests for those bodies.
Can you help us find them?
If you have a little time to spare, a small amount of Googling could be a really big help for our users. Just five minutes here and there is all that’s needed to do a little bit of research to find the correct address.
The best starting point is almost always the authority’s website. Look for a dedicated contact email address for Freedom of Information requests.
Top tips for searching:
- Check the contact page.
- Check the footer on the homepage.
- Remember some public authorities such as schools and parish councils have very similar names, so make sure you are looking at the right one.
- If you can’t find a website for the authority itself, there are some other places that you can look: for example the NHS services site or the Get Information about Schools site.
Once you’ve found the right place, make a note of the contact email address. We prefer to use generic email addresses, for example that starting with foi@ or information@ as these tend not to change so often, so if there are multiple addresses given, these are the best ones to go for.
Let us know
If you find some of these missing email addresses please let us know.
We need both the new email address and the source (website address) where you found it, so we can verify the information.
You can send us this information by clicking on “Ask us to update FOI email” link on the public authority’s page. Just fill out the form with all the details that you’ve found.
Then our team of volunteers will use your input to update the database, and you’ll have ensured that people can make requests to the authority. That’s a really useful result.
Time poor but rich in other ways?
We know that your time is very precious and not everyone has the opportunity to help us out with tasks. If you are able to make a donation instead, that is also very helpful toward keeping our FOI service up and running.
Your contributions, however small, really help. Donate here.
Image: Marten Newhall
[UPDATE: Since this post was published, the 19 September has been declared an official bank holiday – our assumption in the final section of this post, that ‘no bank holiday will be formally declared’, and the conclusions we came to as a result, were incorrect. We’ve updated the section accordingly.]
On 8 September 2022, Buckingham Palace announced the death of Her Majesty Queen Elizabeth II.
mySociety runs the WhatDoTheyKnow website, which lists many authorities related to the monarchy, the Royal household and associated offices.
As a non-partisan UK registered charity, we recognise that some of our users will view the monarchy as being a political institution, while others will not. We ask all our users to be respectful in their communications and to continue to follow our House Rules.
The constitution of the United Kingdom
When a monarch dies in the UK, they are immediately succeeded by their heir, even before the coronation has taken place. The Demise of the Crown Act 1901 provides that the holding of any office under the Crown is not to be affected in any way by the death of the reigning monarch.
What this means in practice is that Government ministers, civil servants and military personnel continue to hold office and that public authorities will continue to exist without interruption. Where this becomes relevant to WhatDoTheyKnow is that FOI requests do not need to be resubmitted.
The names of public authorities
Where appropriate, our volunteers will update the names of public authorities and the notes on the site to reflect the fact that King Charles Ⅲ is now the Sovereign of the United Kingdom. For example, we will rename the Queen’s Printer for Scotland to the King’s Printer for Scotland when the authority publicly updates its name.
Not all bodies with “Queen” in the name need to be renamed. For example, The Queen’s College, Oxford was named in honour of Queen Philippa of Hainault and does not require a change. A number of schools and other public bodies were named in honour of Queen Elizabeth II, such as the Queen Elizabeth II Conference Centre and we’d expect that they will continue to use their current names.
We’ve also updated the site to take account of the fact that Prince William is now the Duke of Cornwall. Under a royal charter from 1337, the position of Duke of Cornwall is held by the eldest son to the reigning monarch provided he is heir to the throne.
We have never listed the monarch as a public authority on WhatDoTheyKnow, but we continue to list the Royal Household.
We expect the Accession Council to convene shortly at St James’s Palace. The Accession Council is a body that meets twice following the death of a monarch. The purpose of the first meeting is to formally announce the death of the monarch and proclaim the succession of the new sovereign. The second meeting will be the first Privy Council meeting of the new monarch.
The day of the state funeral will be a day of national mourning in the UK, and has now been formally declared as a bank holiday.
This means that WhatDoTheyKnow will automatically treat 19 September as a non-working day for the purposes of calculating the time limits for complying with Freedom of Information requests. Even before we understood that the day would officially be a bank holiday, we had made this adjustment. This would have meant that our position differed from the position set out in FOI law; however, we believed it to be the most reasonable approach in the circumstances.
Bank holiday matters aside, we encourage people making FOI requests to recognise that some employees of public authorities will have a higher than normal workload at present and to be patient and courteous when dealing with public officials.
Has our open source Freedom of Information platform Alaveteli had an impact on transparency around the world? We’ve got more than a million reasons to say that yes, it has!
From the makes and models of over 18,000 cars stolen in Argentina to statistics about apricot farming in Tunisia; information about food labelling laws in Uruguay to what was on the menu when visiting heads of state met with the Australian Prime Minister, Alaveteli has enabled people to ask for, and receive, a colossal amount of information that otherwise would most likely not have been openly available.
Our own FOI site, WhatDoTheyKnow, runs on Alaveteli. It’s also free as open source software to anyone around the world who wants to set up an Access to Information service for their own country or jurisdiction — and in the 11 years it’s been available, many have done just that.
Key to Alaveteli is that both FOI requests and responses are published, meaning that each site builds up its own archive of information over time. Even when information is not held by the authority, public knowledge increases, and when requests go unanswered, the very fact that a request was made shows that there is public appetite for the information.
We noticed that the ticker had passed a million at the end of July this year. The lion’s share — more than 840,000 requests — represents requests made through WhatDoTheyKnow. The others are from jurisdictions as wide-ranging as Rwanda, Australia, Colombia and the Democratic Republic of Congo. In Europe alone, 17 Alaveteli sites are operating; five of these have been launched since 2019, thanks to support from Adessium and Swedish Postcode foundations.
We hope to be able to work with the network of Access to Information platforms in Europe (including some that are not running on Alaveteli) to strengthen their individual and collective impact. We’re looking to help build and connect the ‘community of interest’ around FOI; and to undertake more coordinated and strategic advocacy efforts to improve Access to Information at national and regional levels – all of which will help ensure continued access to information over the long-term.
Thanks to WhatDoTheyKnow volunteer Helen Cross for finding the examples cited at the beginning of this post, and many more, during a multilingual trawl through the collective Alaveteli sites.
While running mySociety’s Freedom of Information service WhatDoTheyKnow.com we’ve noticed that some public authorities are refusing to process valid FOI requests made via email, including some sent via our website. A few public authorities have gone so far as to switch off their dedicated FOI email addresses, and have been telling our users that they need to fill in a webform, or make a request by post.
This practice is against the law. For a Freedom of Information request to be valid, all that’s required is that a) it’s made in writing; b) it includes the requester’s name and an address for correspondence; and c) it describes the information being requested.
Requests made via email are valid and should be processed promptly, however they are received. We contacted the Information Commissioner’s Office, who confirmed that:
“Whilst a public authority can request a form is filled in, you are not obliged to do this” and “this should not be made a compulsory requirement.”
We believe that citizens shouldn’t need to have a detailed understanding of FOI law in order to have valid requests for information logged and answered. Public authority staff should be trained to recognise valid requests, however they are received. The refusal by some authorities to recognise and process requests for information has led to unnecessary delays in requests being answered, and to some requests not being answered at all.
Whilst there are obvious benefits to public authorities from using case management systems, these should be capable of dealing with email and handling requests that are made via other means.
Where web-forms are an authority’s preferred form of contact, these should be simple to complete and not require requesters to hand over more personal information than they are required to by law. We’ve seen web-forms which ask requesters for information such as their date of birth, whether they are a journalist and the purpose of their request, for example, none of which the authority needs to know, and some of which might prejudice their response. Sometimes these additional fields are marked as compulsory.
We’ve also noticed that some authorities have started to reply to FOI requests using a “noreply” email address. This is poor practice because it makes it harder for requesters to ask for clarification or to request an internal review. Ideally, responses to requests should be sent from an address that accepts incoming mail.
How we’re responding
If a public body turns off its FOI contact email address and directs requests to a web-form, we try to find an alternative address to send requests to. We do all we can to get our users’ requests delivered, and we invariably succeed.
In a handful of cases we’ve resorted to sending our users’ requests to public bodies’ Chief Executives as part of our efforts to both get our users’ requests delivered and to encourage authorities to abide by Access to Information law.
Have you seen this practice?
While we have only seen this behaviour at a relatively small number of public bodies so far, some of those adopting this approach have included significant authorities such as local councils. It is important to identify and challenge this practice before it spreads more widely, so please let us know if you spot any examples. If you receive a message suggesting you have to make your request again via a web-form, do challenge that, citing the ICO guidance on valid requests.
We are keen to see the Information Commissioner step in and tackle systemic problems with the way public bodies deal with requests for information. We are encouraged by the recent commitment from the Information Commissioner’s Office to deliver “more systemic enforcement action against public authorities that clearly and consistently fail to meet their FOI obligations”. The fact we publish FOI requests and their responses provides evidence which can support the Commissioner in this work.
Here are some examples:
“All FOI requests have to be put in writing to the Freedom of Information Officer, […] or by completing our online form.” [View on WhatDoTheyKnow]
“Can I ask that you please submit your enquiry via our website. The FOI process has recently changed and we have a form that will ask for all the information we need to process this.” [View on WhatDoTheyKnow]
“This Freedom of Information request has been received via a mailbox that does not record new requests. Please make your request using the online form under How to make Freedom of Information and Environmental Information Regulations Requests on the Council’s website” [View on WhatDoTheyKnow]
“All freedom of Information requests now have to be applied for using our online form (see link sent in my colleagues previous email to you). Once we have your request it will be responded to within 20 days of receipt.” [View on WhatDoTheyKnow]