1. How Freedom of Information is administered in local government

    Our previous blog post about our new report, Freedom of Information in Local Government, discussed our findings about the volume of requests received by local government. This second post explores our findings about how FOI is administered, working from information received via FOI requests to all councils and an anonymous survey of FOI officers.

    Staff responsible for the administration of FOI in local government tend to hold this as one responsibility among several. FOI teams are generally embedded in larger teams, with few staff solely working on FOI. As such, FOI administration rarely appears as a specific budget item.

    While this makes the data patchy, from the information that is available, staffing levels (and hence budget) seem to be responsive to the number of FOIs received by a council. Every thousand additional FOI requests increases the number of staff dealing with FOI by 0.75 (95% confidence this is between 0.35 and 1.15).  Similarly, use of a case management system was associated with a greater number of requests — with the use of an organised system, and then use of specialist software being predicted by increases in the number of FOI requests received.

    However, use of a case management system was not associated with any increase in the percentage of requests being replied to within the statutory limit (20 days), which suggests that differences in delays are caused elsewhere than the management of incoming FOI requests. Some requests are more complex in this respect than others, with FOI officers estimating that 38% of requests required responses from multiple departments or teams in the authority and 23% required ‘double handling’ — additional sign-off from senior or specialist staff.  The number of requests appealed to internal review was low (1.4%), but within these the success rate was quite high — between 36% and 49% were successful in changing some component of the original outcome.

    Councils fairly universally keep records on the number of requests received, and time taken to reply — but have fewer records on the volume of information disclosed, or on the status of appeals.

    The highest availability of knowledge were figures on numbers of FOI requests received. The two areas where almost all authorities had records was the number of FOI requests received (98% recorded these figures) and how many were completed inside the statutory deadline (92%). Records of internal review were held in 87% of cases and records of appeals to ICO in 86% of cases. The questions with the most missing information related to how much of a request had been delivered. 73% had records of the number that were completely granted; 70% had records of the number that were entirely withheld; and 65% had records of partially withheld/disclosed requests.

    Most councils do not publish a disclosure log (a record of FOI requests received and their responses). Adding this factor into the model used to predict missing values for the number of FOI requests received found that there was no positive or negative effect of publishing a disclosure log on the number of FOIs received. In individual responses, while many FOI Officers expressed a desire to publish more (or steps taken towards that), there was also a strong skepticism of the value of doing this, and concerns that people do not check the log before submitting their requests, meaning logs do not reduce the volume of incoming requests. Several councils that had previously run disclosure logs had discontinued them due to low usage.

    An upcoming blog post will talk about what we learned about using a front end interface to reduce FOI requests by searching the disclosure log. Sign up to our FOI newsletter to hear more when released.

    Part one of this blog post discusses what we learned about the administration of FOI from this research. You can read the full report online, or download as a pdf.


    This blog post is licenced under a Creative Commons Attribution Licence (https://creativecommons.org/licenses/by/3.0/)  — it can be re-posted and adapted without commercial restriction as long as the  original article/author is credited and by noting if the article has been edited from the original.

    Image: Martin Adams


    Image: Ula Kuźma

  2. History repeats itself, but this time in Belgium

    Over in Brussels, Freedom of Information website Transparencia.be has just overcome a hurdle very similar to one faced by WhatDoTheyKnow in its earlier days.

    Several municipalities had delayed on processing FOI requests sent through Transparencia.be — which runs on our Alaveteli software — concerned that a request sent via email does not contain a signature or proof of identity.

    Now Belgium’s overseeing body CADA (the Commission of Access to Administrative Documents) has ruled, just as the ICO did in the UK, that requests sent through the site should be treated the same as those received via more conventional means.

    You can read about the matter on the website of the public broadcasting organisation RTBF in French, or via Google Translate in English.

    The struggle echoes almost exactly the experiences we faced with WhatDoTheyKnow when it was first launched: as you can see in this FAQ, official MoJ guidance now explicitly states that an email address should be considered of equal status to a physical return address; and ICO advice is that a WhatDoTheyKnow.com email address is a valid contact address for the purposes of FOI.

    A sharing community

    Here at mySociety, we share our open source software so that other people can run services like ours — Freedom of Information sites, parliamentary monitoring projects or fault-reporting platforms — for their own countries.

    But it’s not only about the software. Something that has become clear over the years, and especially when we get together for an event such as AlaveteliCon, is that we all face similar challenges. No matter how different our countries’ legislations, cultures or politics, you can be sure that our setbacks and triumphs will be familiar to others.

    Because of that, we’re able to share something that’s just as useful as the software itself: the support of the community. In this case, that’s easily accessed via the Alaveteli mailing list, which we’d encourage you to join if you run, or are thinking of running, an FOI site.

    Image: Jay Lee


    Help keep mySociety’s services running
    Donate now
  3. WhatDoTheyKnow Pro helps TBIJ get the whole picture on council sales

    In a major new inquiry, The Bureau of Investigative Journalism made Freedom of Information requests across all 353 councils in England.

    Their aim? To build up a full picture of the public places and spaces sold by councils across the country, as they struggle to make up funding shortfalls.

    The Bureau used WhatDoTheyKnow Pro‘s batch functionality to help them in this mass investigation, which has resulted in an important report for Huffington Post as well as an interactive public database where you can search to see what your own local council has sold.

    In total, councils’ responses have confirmed the sale of over 12,000 assets since 2014. The report goes on to prove that in many cases, the proceeds have been used to fund staff redundancies as authorities are forced to cut back.

    Investigations like this serve to highlight one of the key benefits of WhatDoTheyKnow Pro’s batch feature. While some of the data may have previously been available piecemeal – published in regional papers, perhaps, or requested at a local level — this is the first time that the full picture across the country has been made visible.

    One of the journalists responsible for the report, Gareth Davies, says:

    I’ve been working on these FOIs since July last year and I’ve no doubt the dataset I built would be nowhere near as comprehensive without the @WhatDoTheyKnow Pro dashboard. Also means I know exactly which councils have still yet to respond, 180+ days later.

    We are glad that the service was of help.

    If you’d like to check out WhatDoTheyKnow Pro, sign up here.

    Image: © Mat Fascione via geograph.org.uk/p/4278237 (cc-by-sa/2.0)

  4. Better case management of FOI and Subject Access requests

    If you were reading back in September, you might remember the work we did with Hackney Council to create a more effective interface for people making FOI requests — we blogged about it here.

    We’re really pleased to be able to extend this work, thanks to a successful bid to the Local Digital Fund. Over four months, we’re working with Hackney and some other authorities (Suffolk, Stevenage, East Herts and Cornwall) to take a really good look at the workflows of council staff who manage and respond to FOI and Subject Access requests.

    Around 475,000 FOI requests were received by UK local authorities in 2017 – which averages out at 1,100 per authority, although it’s unlikely to be weighted evenly across the board. Nonetheless, one thing’s for sure: a significant amount of every council’s time and resources are spent in triaging and responding to requests, and with this work we’re hoping we can bring efficiencies and improvements.

    In this phase, we’re conducting user research and then using what we discover to prototype ideas for an end-to-end request-handling system — open source, of course. Once that’s complete and we’ve got a good picture of the challenges involved, the processes already available and feedback on our own prototypes, we’ll be able to advise on whether it makes sense to proceed further.

    One commitment we made when applying for this project was that we’d be ‘working in the open’. We want to document what we’re up to at every stage along the way, so not only will any other authority be able to benefit from a finished product that could result from our work; but also, everyone will be able to learn from what works, and maybe even what doesn’t, as we go through this process of investigation and discovery.

    To that end, we’ve been making  weekly updates which anyone who’s interested can read. In summary, though, we kicked off the work in the first week of January, and so far we’ve drafted a research plan; spent some time re-reading our own research on FOI statistics and local government FOI admin; and had an intensive couple of days interviewing and observing council staff in Hackney as they go about their business dealing with FOI and Subject Access requests.

    The user research continued over the weeks as we conducted remote interviews with staff from the other councils — Stevenage, Cornwall and Suffolk.

    This has already been incredibly useful and, just as you’d expect, we’ve found out small details and wider themes this way that we would never have chanced upon without having the chance to observe governance staff in their own environment.

    It’s an opportunity for councils as well: as far as we can tell, it is unusual for authorities (and in some cases, even, departments within the same authority!) to communicate with one another about their FOI processes and challenges. Our research will hopefully be a novel chance for them to compare methods and learn from one another.

    We’ll be updating our weeknotes regularly, and we’ll also come back here to share our progress and findings, so depending on just how much depth you want, follow along at the LocalGovDigital Pipeline, or just wait for our next blog post here on our own site!

    Image: Hackney Council offices by Martin Wright

  5. FOI requests can help authorities identify what they should be publishing proactively

    Many authorities keep a disclosure log, where they publish answers to previous Freedom Of Information requests. If requests are repeatedly made for the same type of information, it makes sense for the authority to publish the data regularly so that everyone can access it — because of course, the majority of FOI requests made in this country are sent directly rather than via WhatDoTheyKnow, and won’t otherwise be published online in any other form.

    But a disclosure log is only useful if people know it’s there. Our FOI For Councils service, which came out of work with Hackney council increases the likelihood that the information in the disclosure log is actually seen, and by those who need it most: it automatically checks whether the request resembles any information which is already available online, then points the requester to it. If the match is correct, the user doesn’t have to progress any further with their request, and can access the information immediately. This saves everyone time — requesters and staff alike.

    There’s another handy aspect to FOI for Councils, too: it can also provide staff with data on what type of requests are made the most often. As we explained in that introductory blog post:

    FOI for Councils analyses the number of times each suggestion is shown, clicked, and even whether the suggestion has prevented any additional FOI requests being made.

    This analysis allows Information Officers to understand which information is being asked for, that existing resources aren’t providing.

    A sensible use of this is to analyse the most frequent requests and publish the data they’re asking for proactively.

    Authorities don’t necessarily need FOI for Councils to do this, though: a regular analysis of internal records, or even public requests on WhatDoTheyKnow (despite only making up a proportion of requests made by any means — people may also make requests by direct email, letter, phone or even a tweet in some cases — they still provide a good sample set) would allow any authority to manually generate a broad picture.

    Cost benefits

    Disclosure logs can get out of date quickly: a glance at the BBC’s, for example, seems to indicate an initial enthusiasm in 2014 which quickly dried up, perhaps because a keen employee moved on, or resources were channeled elsewhere. Yet many of the topics of information — annual transport costs for example — will quickly date and may be of interest again in subsequent years.

    It makes sense for authorities to plan a publication cycle for such data, because it’s common for requests to relate to ongoing or changing information such as annual statistics or contract renewals.

    It seems to be quite a widespread issue that an authority starts a disclosure log with the best of intentions, but then lets it go into disuse; additionally, the WhatDoTheyKnow team note that very few disclosure logs are comprehensive; it’s much more common for authorities to pick and choose what to release, which may not be in line with which data is most useful to the public.

    Publishing frequently requested information in a proactive fashion may well cost authorities less than having to retrieve the information each time it’s asked for — and to provide the information to a sole request-maker (assuming it’s not through WhatDoTheyKnow, where the response is published online) is less efficient than simply putting it out publicly where everyone who needs it can find it. This removes some of the burden on FOI officers.

    Early indicators from our work with Hackney Council show that pointing users towards material already published has prevented around 4% of the requests started by users. This should grow over time, as the council analyses popular requests and starts to add the information to their publication schedule, and more and more users will then experience this invitation to find the material elsewhere.

    A legal requirement

    There is one type of information which authorities are required to proactively publish, thanks to Section 19 subsection 2a of the Freedom of Information Act — datasets:

    A publication scheme must, in particular, include a requirement for the public authority concerned—

    (a) to publish—

    (i) any dataset held by the authority in relation to which a person makes a request for information to the authority, and

    (ii) any up-dated version held by the authority of such a dataset, unless the authority is satisfied that it is not appropriate for the dataset to be published

    The WhatDoTheyKnow team have called for this requirement to apply to all material requested under Freedom of Information, not just datasets: it seems desirable that if a certain piece of information is frequently requested, there is a requirement to publish, unless it’s not reasonable or practical to do so (which, as the team points out, may point to a problem with the way the material is being managed internally, for example adherence to paper records that would benefit from a switch to digital).

    We’re in favour

    We’ve often advocated for proactive publication, including in our response to a consultation on the FOI Code of Practice last year, and we’ve even said that we’d rather  people didn’t have to make FOI requests at all because all information was being published by default.

    Others have made the case that there is so much data being published in the world today that it’s hard to make sense of it or to find what’s useful — but proactive publication based on proven demand like this is a good approach to ensuring that authorities are releasing what is genuinely needed.

    Image: Roman Kraft

  6. When the public sector requests information from the public sector

    Here at mySociety, we talk a lot about how citizens can use Freedom of Information to hold public authorities to account. But it’s interesting to note that those same authorities, or members of them, sometimes also turn to FOI to solicit information from one another.

    At first, this might seem strange: it’s a common assumption that authorities, not to mention high level people within them, have the power to summon any information they require in order to go about their duties.

    But on closer inspection it becomes clear that there are several reasons why the public sector might turn to FOI rather than the more standard channels.

    Surveying multiple authorities

    Suppose you’d like to gather information from many different sources — say every hospital in the country — in order to compile a nationwide set of statistics.

    A large task like this can be more orderly if managed via a set of Freedom of Information requests. Additionally,  the obligation for authorities to respond may mean that your request goes into official channels — with built in timescales — helping to ensure that you get results.

    As a nice illustration of this kind of usage, the Royal College of Surgeons surveyed NHS trusts to see if they are still using outdated fax machine equipment, generating a story which made the headlines back in July.

    Members of Parliament may also use FOI to survey a large number of public authorities and gather statistics to support campaigns or an issue they’re working on.

    We don’t know if members of the Scottish Parliament have more of an appetite for this than the UK one, but a quick search showed several using FOI to good effect. Lothian MSP Kezia Dugdale surveyed residential units to see stats on vulnerable children going missing; Murdo Fraser accessed delay repayments figures from Scotrail; Mark Griffin discovered that council tax exemptions weren’t being utilised; and Monica Lennon uncovered the lack of sanitary product strategies across Scotland’s health boards.

    That said, there are several UK MPs past and present who have made use of WhatDoTheyKnow, including the office of Diane Abbott and Dr Phillip Lee. There may well be others who prefer to use a pseudonym.

    Then, those working in bodies such as universities and hospitals very commonly use FOI to support their academic or medical research.

    We can’t neglect to mention that in all such cases, WhatDoTheyKnow Pro would be a great help to the process of sending out and organising multiple requests.

    Putting information into the public domain

    FOI’s not just useful for large scale requests, though. Those from public sector bodies may be using the Act to bring information into the open because they feel it should be known — and of course, making the request through WhatDoTheyKnow will do this by default, since all requests and responses are published online.

    Researchers from Cardiff University used FOI as one tool when investigating how data is used by various public services to help in decision-making. They point out that, while fiddly and labour-intensive, FOI fills a gap in public knowledge:

    The use of FOIs to investigate the integration of changing data systems is problematic and resource intensive for all parties. However, in the absence of a public list, the Freedom of Information Act provides an opportunity for systematic inquiry.

    Getting hold of information which has been hard to pin down

    Sometimes FOI is a last resort when other avenues have been exhausted. On TheyWorkForYou we see a councillor writing to her own council to find out their preparedness for a no-deal Brexit, with the remark “I have tried to get this via the members case work system but I am not confident I will get an adequate response”.

    Such frustration definitely motivates Members of Parliament into submitting FOI requests, too. There are other channels through which they can ask questions of course, for example by submitting Written Questions — a process by which both the question and answer are placed in the public domain, thanks to Hansard.

    But should those channels fail, FOI is another option.

    In 2010 the BBC wrote about how costs for redecoration of Parliament’s Head Office were only uncovered thanks to FOI, after a Written Answer was turned down on grounds of the information being too commercially sensitive.

    The parliamentary staff and civil servants who deal with Written Answers are likely to be different from those who deal with FOI requests. Their criteria for release of information may also differ, as they are guided by different protocols.

    Representatives at every level can use FOI as a channel for information which might have proven elusive via other means. We see on WhatDoTheyKnow that Parish Councils quite often send requests to higher tier authorities to get hold of information that will help them in their work, as is happening here for example.

    Keeping an eye open

    When it comes to authorities and representatives requesting information from other authorities, we can see the benefits. One of our team, Gareth, makes an analogy with the Open Source community, where because code is open to all, developers (sharing their expertise in their area of specialisation) can be quick to spot and repair any bugs: “It’s a really good thing for security. Many eyeballs make it easier to identify problems and suggest improvements”.

    Similarly, FOI acts as a kind of safety net, another layer of assurance that our authorities are working as they should be.

    If you’ve seen any other good examples of public sector to public sector FOI (for want of a better term), please do let us know.

    Image: Tirezoo (CC by/2.0)

  7. Alaveteli Release 0.32

    We’ve just released version 0.32 of Alaveteli, our open source platform for running Freedom Of Information sites. Here are some of the highlights.

    Making correspondence threads easier to navigate

    Thanks to our designers, it’s now possible to collapse individual messages in a correspondence thread in order to focus on just the parts you’re trying to read. Plus you can quickly collapse (or expand) all the messages in the thread using the “Collapse all” and “Expand all” links from the “Actions” menu.

    Alaveteli Pro users gain the additional benefit of a redesigned sidebar which allows for easier navigation of lengthy correspondence and avoids having to scroll to the top of the request thread to update its status. See Martin’s full explanation here.

    Better password security

    We’ve started enforcing stricter password length constraints wherever a password is set or updated to help users keep their accounts secure. And we’re also using a stronger encryption method for storing password data, using bcrypt rather than the older SHA1 algorithm to obscure the actual password. (Be sure to run the rake task documented in the release upgrade notes to upgrade secure password storage for all existing users.)

    You can read more about what this does and why it’s important if you’re interested in the technical details behind this upgrade.

    Authorities not subject to FOI law

    We’ve adopted WhatDoTheyKnow’s foi_no tag for authorities to indicate that although the authority is listed on the site, it is not legally subject to FOI law. This could be for advocacy purposes – if it’s felt an authority should be covered by legislation – or where the authority has agreed to respond on a voluntary basis.

    Adding the foi_no tag now causes an extra message to appear under the authority’s name on their page and on all related requests, and removes language about legal responsibilities to reply from the messages sent to users.

    To improve the UI, we’ve made a similar change for authorities with the eir_only tag to make it clearer that such authorities are only accepting requests about the environment.

    (Don’t worry admins, you don’t need to remember all this – we’ve updated the documentation on the edit page to reflect the new functionality!)

    Improvements for site admins

    We’ve made it easier for admins to ban users who sign up to post spam links in their profile. There’s now a “Ban for spamming” button which is available on the user edit page or as soon as you expand the user’s details in the listing rather than having to manually edit user metadata.

    We’ve also made it harder to leave requests flagged as vexatious (or “not_foi”) in an inconsistent state. Previously the site just assumed that vexatious requests would always be hidden. Now the admin interface enforces the hiding of vexatious requests by showing warnings when a request is set as vexatious while it’s visible on the site, and prevents the updated request from being saved until a valid state is selected.

    Announcements

    And last but not least – introducing the new Announcements feature!

    Easier popup banner management

    Site admins will be relieved to hear that they can now update the popup banner message on the site without needing to schedule developer time.

    This feature supports multi-language sites so if you set the announcement for your main (default) language, it will appear across all language versions that you have not added a specific translation for.

    Admin-only announcements

    You can set announcements that will only be seen by fellow administrators when they visit the summary page. (If you’re running a Pro site, you can also have announcements that will only be seen by your Pro admins.)

    Pro announcements

    Announcements for Pro users appear as a carousel at the top of their dashboard. So far we’ve used it on WhatDoTheyKnow Pro to publicise new features, offer discount codes, and encourage people to share their published stories with us.


    The full list of highlights and upgrade notes for this release is in the changelog.

    Thanks again to everyone who’s contributed!

  8. My FOI request’s been refused — so, what now?

    Our WhatDoTheyKnow.com service makes it really easy to request information from public bodies: all you need to do is describe the information you are seeking, send your request, and the authority provides it to you.

    At least, that’s what happens when everything goes smoothly.

    The default case

    When you request information, the authority generally has two duties under the FOI Act:

    • They must confirm or deny whether the information is held
    • If they do hold it, they must disclose it.

    But, there are circumstances – called exemptions – where the authority can withhold the information, or where they might not even state whether or not they have it at all.

    Understanding which exemptions have been applied will also help you to understand what to do next.

    The authority have confirmed they hold the information, but refused to release it

    Why have they refused?

    If your request is refused, the authority must say which exemption/s allow them to do so — have a good read of their response, and find out which one/s have been applied.

    You’re looking for a section number that refers to the part of the Act that explains why they can refuse. You can check on FOIwiki’s handy table for the full list of exemptions.

    Generally, when citing an exemption, the authority will also include the relevant text from the FOI Act, but if not, you can check it for yourself in the actual wording of the Act.

    Example of an authority explaining which exemption they have used

    They did not cite an exemption

    Authorities must say which exemption applies to your request — so, double-check that they haven’t done so (look in any attachments as well as in their main email), and once you are certain that they haven’t, write back and ask them to confirm which exemption they are using. Here’s an example of that in action.

    If you want to, you can quote the part of the FOI Act which says that they must do this: Section 17 (1)b:

    A public authority which, in relation to any request for information, is to any extent relying on […] a claim that information is exempt information must […] give the applicant a notice which—

    • states that fact,
    • specifies the exemption in question, and
    • states (if that would not otherwise be apparent) why the exemption applies.

    They did cite an exemption

    Once you know which exemption has been used, you are in a good position to examine whether it has been correctly applied .

    FOIwiki’s table lists all the exemptions that an authority can use, and includes some technical details about how they can be applied.

    Some exemptions have very little room for appeal and the decision to apply them is obvious: for example, the Ministry of Defence won’t release plans for an upcoming battle in a time of war, making a request for this type of information pretty futile.

    Others rely much more on the judgement of the authority who’s dealing with your request. Under Section 38, for example, a request can be turned down because it might ‘endanger the physical or mental health of any individual’– but in many cases, assessing how someone’s mental health might be affected by the release of information must require a certain amount of prediction.

    Some exemptions allow an authority to use additional tools for assessing whether or not to release information:

    • A public interest test
    • A prejudice test

    They said they’d applied a Public Interest Test

    Some exemptions, known as ‘qualified exemptions’, require the authority to apply a Public Interest Test. This may give you more opportunity to ask for a review.

    You can check the details of your exemption, and whether it’s qualified, in FOIwiki’s table.

    In short, a public interest test sees the authority  trying to weigh up the benefit to the general public of the information being released against the safeguards that the exemption is trying to provide, and decide which has more weight. The ICO provide good information about Public Interest Tests, with several examples of how they have been applied in the past.

    If you think you can demonstrate that the Public Interest Test has come down on the wrong side of this weighing up exercise, you may want to ask for an internal review — see the end of this article for next steps.

    They said they’d applied a Prejudice Test

    Some exemptions, called ‘prejudice based’ exemptions, require a prejudice test. Again, this might also give you more opportunity to ask for a review.

    You can check the details of your exemption, and whether it’s prejudice-based, on FOIwiki’s table.

    Generally speaking, it’s applied to exemptions which seek to protect certain interests — for example, Section 29 of the Act allows exemption where release might do harm to the economy.

    The prejudice test is a way for the person dealing with the request to check that the perceived threat is ‘real, actual or of substance’, and that there’s a reasonable risk that the release would cause the harm that the exemption is trying to protect against. There is a good explanation in the ICO guidelines.

    As with Public Interest Tests, if you can demonstrate that the Prejudice Test has come up with a decision that is arguably misapplied, you may want to ask for an internal review — see the foot of this article for next steps.

    They didn’t apply a Public Interest test

    This probably means that the exemption is “absolute”, which makes it hard to challenge.

    First, check on FOIwiki’s table that the Section the authority is using is an absolute exemption.

    If it is:

    • You might like to consider how cut-and-dried it is that the information falls within the class that the exemption protects. If it is clearly covered by the exemption (for example you have asked for information that is self-evidently provided to the authority by Special Forces) then there isn’t much point in going any further. But suppose you have been told that, under Section 21, the information is accessible via other means. Section 21 is an Absolute exemption but may be open to a challenge if, for example, there are circumstances which prevent you from accessing the information.

    If it’s not:

    • Ask the authority what public interest test they applied (or more details of how they applied it).

    The authority won’t confirm or deny whether they hold the information

    Why won’t they confirm or deny?

    If confirming or denying whether the information is held would actually reveal exempted information in itself, then the authority may refuse to do so.

    You can read more about this in the ICO’s guidance.

    Can I do anything if they ‘neither confirm nor deny’?

    Yes — you can challenge this stance if you have reason to believe that confirming or denying that they hold the information would not reveal exempted information in itself. However, it can be a time-consuming and potentially difficult route to take, and even if you are successful in getting the authority to confirm that they have the information, you may then find that an exemption is then applied, taking you practically back to square one.

    Next steps

    If you still want the information you’ve requested, there are some general tactics you can use when faced with an exemption:

    • Reduce the scope of your request: Check the exemption cited and, if possible, modify your request to circumvent it.
    • Ask for an internal review: if you think the exemption, public interest test or prejudice test has been wrongly applied, you can ask for another member of staff to assess your request and whether you should have received a full, or partial, response.
    • Appeal to the ICO: If you’ve had an internal review and still think the decision was wrong, you may make an appeal to the Information Commissioner’s Office.

    Read more about all of these routes on our guidance page.

    And here are some other useful links from the Information Commissioner’s Office:

    Finally, for now

    The ideal is, of course, to submit a request which does not trigger an exemption, as clearly this saves everyone’s time. You can see our advice on writing responsible and effective requests here.

    That said, full or partial refusals are not an uncommon occurrence — it’s totally routine for FOI responses to have some material removed (usually personal information such as names and roles of junior officials, or material identifying members of the public), or to turn the request down completely.

    There are just over 25 exemptions listed in the Act (the exact number depends on how you count subsections and variants), removing the obligation for bodies to provide information in categories as diverse as any and all communications with members of the Royal Family, to commercial interests and trade secrets — and all sorts of things in between.

    We’ll be examining the various exemptions available to authorities and suggesting ways in which you can avoid them.  Keep an eye on our blog — and we’ll also link to posts from this post as we publish them.


    Image: Scott Warman

  9. We know half a million things

    In the year of its tenth anniversary, and by complete serendipity on International Right To Know Day, our site WhatDoTheyKnow has processed its half a millionth Freedom of Information request.

    The mySociety team have found it increasingly hard to concentrate on work this afternoon, as the numerical counter on WhatDoTheyKnow’s homepage crept ever closer to the 500,000 mark… and at 4:56pm today, the milestone request was sent off. It was to Mid Devon District Council asking for the costs of implementing and maintaining flood defences.

    WhatDoTheyKnow has long been mySociety’s most successful site, if you count success by the number of users. Every month, between 500,000 and 600,000 people pay a visit. Some of them submit a request, contributing to the total of ~2,700 made monthly; others come to access the information released by authorities and published in WhatDoTheyKnow’s ever-growing archive of public knowledge.

    The site’s success can be ascribed to its simple formula of making it very easy to send an FOI request, which is published online along with the response it receives. The idea of putting the whole FOI process in public was resisted in some quarters during the site’s infancy — indeed, even the concept of responding by email rather than by post was fought against.

    But the site,  launched soon after the FOI Act came into force in the UK, has gone on to become an accepted part of the country’s landscape, and we’d like to think we’ve played a part in shaping attitudes —  and how the Act is implemented.

    The requirement for authorities to respond via email has now been enshrined in Ministry of Justice guidance.  WhatDoTheyKnow itself is explicitly mentioned as a valid vehicle for FOI requests in the ICO’s documentation, and in 2017 an independent commission even recommended that publishing responses should be ‘the norm’.

    The site clearly meets a need. And that need isn’t specific to the UK, as proven by the fact that the open source software on which WhatDoTheyKnow runs, Alaveteli, has also been picked up and is being used to run more than 25 other Freedom of Information sites around the world.

    Finally, never let us miss the chance to praise the volunteer team who keep WhatDoTheyKnow running, helping users with their requests, setting site policies and dealing with issues such as accidental data releases from authorities. Without these knowledgeable and dedicated people, we simply wouldn’t be able to provide this service.

    And now – onwards to the next 500K!


    WhatDoTheyKnow currently has no dedicated funding, and is run by volunteers. If you’d like to see it reach the million-request milestone then why not make a donation?
    Donate now

    Image: Bernard Hermant (Unsplash)

  10. Why having the Right To Know matters

    Today is International Right To Know Day.

    Right to Know Day was started back in 2002 by international civil society advocates, and has since been officially adopted by UNESCO with the more formal title of ‘International Day for the Universal Access to Information’.

    To mark this day I wanted to highlight some of the reasons why having the Right to Know/access to official information is so important, and give examples to illustrate these reasons.

    So, here goes:

    The Right To Know helps fight corruption and exposes wrongdoings

    Being able to access information held by public authorities allows citizens to uncover potential mismanagement of public funds, and abuses of public policies and laws.

    Some relevant examples  of this include when police use banned restraint techniques in prisons and immigration centres, when government departments miss their own targets and when campaigning groups break electoral law by spending too much money on their campaigns.

    The Right To Know helps citizens hold their public authorities and governments to account

    Since the introduction of the FOI Act, we all have the opportunity to question the status quo and point out when things just aren’t right.

    Like when one dedicated citizen used her Right to Know to make sure schools, local education authorities and the Department for Education were taking the issue of asbestos in schools and the health and safety of teachers and pupils seriously.

    Or one of our WhatDoTheyKnow volunteers using his Right to Know to uncover that many councils are not doing the necessary administration work in order to be able to fine taxi drivers who refuse to accept disabled passengers, and therefore implement anti-discrimination law. Holding authorities to account so they do implement this is really important, otherwise discrimination against wheelchair users may continue to get worse.

    The Right To Know helps citizens get useful information that matters to them

    Sometimes the information you need isn’t freely or easily available, so using your Right to Know to get that information into the public arena is a great idea.

    People have used their Right to Know to get information on when museums are free to visit, where you can post your letters and where you can find a toilet, to name a few examples. All useful information for them personally, but also for the rest of society as well!

    The Right To Know helps citizens find out what’s going on in their local communities

    It’s important to know what’s going on in your local area so you can get involved, raise objections, think of solutions…or just for curiosity’s sake.

    These examples show how people have used their Right to Know to discover plans for local community sports stadiums and facilities, the number of homeless people in the area, and plans for housing developments.

    The Right To Know helps citizens get things changed for the better

    There are several instances of requests leading to tangible change that make improvements to people’s lives.

    For example using the Right to Know led to the exposure of vital information which helped lead to wages going up in one of the UK’s biggest care home operators, and Transport for London changing their attitude to cyclists’ rights.

    The Right To Know helps taxpayers find out how their money is spent

    Do you ever wonder how your hard earned taxes are being spent? Using your Right to Know uncovers all sorts of interesting, and sometimes controversial, expenditure.

    For example the NHS spent £29 million on chaplains in 2009/10, in 2008/09 Birmingham City Council spent £53,000 on bottled water for its staff and Greater Manchester Police spent £379,015 on informants in 2009/10.

    Having this information open for all to see sometimes leads to changes in how public authorities spend their budgets.

    For example Birmingham City Council went on to change their water policy so they now connect water coolers directly to mains water to save money and resources. This may not have happened if it wasn’t for an active citizen using their Right to Know to reveal this information, and therefore prompt a positive change.

    There are plenty more reasons why having the Right to Know is important, but these are the highlights for me. Fundamentally, the Right to Information empowers citizens to be active members of society so they can work towards creating a more fair and just world.

    So celebrate your Right to Know, on this day and every day, as it’s an incredibly useful right to have.

    Remember, using our WhatDoTheyKnow website makes the process of asking public authorities for information really easy and you can browse what other people have already asked for and the responses they received, so why not check it out.

    Image: Scott McLeod (CC BY 2.0)