Tag Archive for WhatDoTheyKnow

A million answers from TfL

Yesterday there was some discussion on Twitter about a request made to Transport for London (TfL) through WhatDoTheyKnow. People were asking if TfL’s response was compliant with FOI.

The request related to the Barclay’s Cycle Hire Scheme running in London. Earlier in the year, the Mayor of London and TfL (of which he is Chair), had boasted of 1 million journeys made on hired bicycles through the Scheme. The requester congratulated them on this and asked for data on each of the million journeys.

A month later, the response from TfL arrived informing the requester that the data would shortly be made available in their online repository, which would require the requester to register. To give him a flavour, the response included data on 100 journeys.

To cut a long story short, the requester was not happy and has asked for an internal review. So was the response from TfL compliant, and if not, how should they have answered?

In short, and from a purely technical point of view, no. The response didn’t provide the information asked for, and nor did it explain which exemptions were being applied.

It sounds to me like a classic case of a senior manager in TfL having difficulty with the practicalities of FOI and suggesting a response in the hope that the requester would go away until they’d been able to work out how to make the data available. On the plus side, TfL clearly were looking at making the data available online (and have now done so), so it’s not that they are just trying to be secretive . So how should they have answered?

The most likely reason that they were not able to provide the information (and this is alluded to in the response)  is that  supplying the data would cost too much. After all, a million records is a lot of data, and there may be serious technical difficulties in transmitting that data. It may cost more than £450 (the cost limit for locating, retrieving, and extracting data under FOI) to employ a consultant to find a way to do that. If this was the case, they should have explained this in their response.

The other alternative that I would have gone for is the exemption at section 22 (future publication). If you’re going to publish information in the future, as TfL indicated they were going to, and don’t feel able to make it available now, that would seem to be a reasonable approach. It is subject to a public interest test, but the fact that the information would be available very soon, and the likely cost to the public purse of providing it sooner would seem fairly persuasive arguments against immediate disclosure.

There’s obviously a separate issue about requiring users to access data via a site which requires registration. But once the information is made available, you could use section 21 (otherwise accessible) to refuse the request and point to the data repository. It’s likely this would satisfy the Information Commissioner unless there was a significant charge or the requester was able to demonstrate some reason why this didn’t satisfy their needs.

I sympathise with TfL – 1 million lines of data could well be difficult to provide via email (one could even speculate that if it had been disclosed via WDTK it might have caused problems for the WDTK website and/or users who tried to download it). But they could certainly have come up with a better answer than the one they gave.

Interview with an FOI Officer

Just a quick post before I go to let you know that I’ve given an interview about FOI this week to Kellie Maddox for the Help Me Investigate blog.

We cover this blog, the Freedom of Information Act – good or bad, what annoys FOI Officers (could have been longer that bit!), and the recent Open Data developments. Goes on a bit (sorry – down to me, not Kellie!), but if you’re interested, do take a look.

What Do I Know? A Postscript

Well, this blog has come of age this week. The Campaign for FOI described my last post as “Interesting and provocative”. And it certainly has provoked more comment than anything I’ve previously written.

Before addressing the most controversial issue raised in the comments, I just want to highlight some great advice that WhatDoTheyKnow have given to FOI Officers if they want to follow my suggestion and encourage their requesters to submit requests through WDTK (to facilitate its use as a Disclosure Log):

  • The simplest method is to link to the WDTK site – you can link directly to the part of the site for your organisation – WDTK have no problem with you doing this and you don’t have to let them know you are doing it
  • I would suggest that if you’re going to do this effectively, you should at the very least provide instructions on your website to potential requesters explaining how they can make their request through WDTK alongside your direct contact details; it’s up to you how far you promote this as a method of making requests (ie is it your preferred method or just one of several?)
  • Alex from WDTK has suggested that “If an authority wants to go a bit further, e.g. by having all their requests on the site or wanting a branded request service, then they should talk to us in the first instance to discuss their requirements.”

So there you go, those are your options if you want to try this out.

The most controversial of the points I raised related to the suggestion that WDTK advised requesters on how to avoid providing their name when making requests. I’ve got to say that at this stage I’m unapologetic about this point (though if I’m persuaded otherwise I may post on this topic again). My reasons for this are:

  • It’s there in black and white at section 8 – a request is only valid if it “states the name of the applicant”; the Information Commissioner also takes this view and explains why in his guidance (CFOI disagree with the Commissioner on his view)
  • There’s good reason – much as you as a requester may not like it (especially if you are on the fringes of acceptability when it comes to your dealings with the authority), if we don’t have a name, it is difficult to identify requesters that are making repeat or vexatious requests, or to apply the fees regulations where costs could be aggregated
  • It costs money to answer requests; arguably we should not be spending this money on requests that are not valid, or can be refused for other reasons. We have a duty not just to those who use FOI but also to other taxpayers.

To me, it always comes back to the Act itself. Someone commented that ‘vexatious’ is “redundant and subjective”. It’s not. A vexatious request is defined in the Act and in numerous ICO and Tribunal decisions now. The ICO’s guidance is clear on when it can be applied. We are not talking about vague concepts here, but about specific behaviour which goes beyond what public officials should be expected to put up with. In 6 years, I’ve only used section 14 once, and this was for an individual who had written well over 100 times (not all FOIs) in a year, and had made threats of physical violence to a politician at the authority. But to apply it depends on being able to demonstrate who is making the requests in the first place.

I completely accept that some people might have a reason for remaining anonymous (CFOI cited an example where someone lost their job as a result of making a request). And ultimately, who’s going to know if you do use a (subtle) pseudonym? But I stick by my view that in general, if you’re making a request you should follow the rules just as you expect a public authority to do.

In passing, I should recommend a blog posting from a barrister on WDTK’s liability if they publish documents containing libellous material. This wasn’t an issue discussed in my post, but is certainly of interest.

Thanks for your continued support – nearly 1400 of you have read the blog at some point in the last 6 weeks, and whether I agree with you or not, its also great to receive your comments. Do continue to spread the word – if you have access to other forums or blogs, please do mention this blog if they touch on subjects I’ve discussed. More next week.

What don’t we like about What Do They Know?

A few weeks ago, Ibrahim Hassan posed the question “Can a local authority refuse to deal with FOI requests made through the What do they know website?“.  When the question was posted as a link on twitter, there was a veritable dawn chorus of negative responses. But why has the website What Do they Know become so unpopular with some public authorities?

I can think of a few reasons, and I’m going to set these out. Try not to get too incensed though if you’re a What Do They Know (WDTK) volunteer or user and read to the end of this post – you may be surprised by what I have to say.

Firstly – it’s my old hobby horse, the attitude towards public authorities. Maybe it’s justified, I’m not sure, but there’s an assumption in their guidance to users and in their templates that we’re going to use every means at our disposal to avoid answering requests.  And therefore their users should be prepared for evasiveness.  Subtle, and polite, but it’s there. And can their guidance to FOI Officers on timeliness of responses be any more patronising (see especially “How do you calculate the deadline shown on request pages?”)?

Then there’s the double standards. Whilst insisting that public authorities have a duty to comply with the legislation, they provide guidance on how to sidestep the requirement for requesters to provide their real name (which is, of course, a duty for requesters to comply with – quid pro quo). Meanwhile, whilst promoting openness, they haven’t exactly made it clear to those responding to requests submitted through the site that their names and contact details will be published on the website. OK, so most FOI Officers are well aware of that now (and probably wouldn’t mind), but often it is staff who are responsible for a subject area, who may well not know much about the wider FOI world, who are answering these requests.

There’s the ease with which requests can be made. It takes seconds for a requester to submit their request through the site, and not much longer to send it to several. They don’t have to consider what resources will be used in those public authorities to answer the product of their idle curiosity. The same can apply to the new facility to submit ‘one-click’ requests via Openly Local. Yes, people have a right to make requests. But these sites make it easy for individuals to ignore their responsibilities.

Perhaps as a result of this, WDTK can be utilised as a weapon against public authorities. WDTK recently tweeted about a response sent by one of their users to Salford University, who had refused their request under s.14, claiming it was vexatious. I took the opportunity to check the background on the site, and it is very clear that whatever the rights and wrongs of the University’s treatment of that particular individual, there is some sort of campaign under way for which WDTK was being used in support. I don’t know the background to the ongoing dispute, but it is now being waged through the pages of WDTK. It wasn’t just those individuals who started off using the site in this way that suffered, or the staff of the University. It was anyone who then made requests through the site, as it was becoming more and more difficult to identify who was part of the campaign and who was not.

Finally, copyright. This has proved to be the key battleground in the dispute between WDTK users and public authorities. The most high profile combatant has been the House of Commons, but they’re not the only one by far. The argument made by public authorities is that if they disclose information via WDTK, it will instantly be published in breach of their (and third parties’) copyright. Several have therefore found more and more convoluted ways to try to comply with their FOI obligations without sending the information to the WDTK site. The Information Commissioner issued a decision notice following the House of Commons case which should be the final chapter on this dispute but it hasn’t proved to be so far. Not least because the Information Commissioner’s Office doesn’t appear to have a great deal of knowledge about copyright law, so it makes it quite difficult for them to be authoritative. Take for example, this quote from page 3 of the minutes of their recent meeting with the HE sector:

“The ICO acknowledged that further work needed to be done around understanding IPR [Intellectual Property Rights] as it resides in research data, and SW [Steve Woods, former FOI blogger and in charge of policy at the ICO] confirmed that his team has already begun to explore this question.”

Could it be that the ICO is only beginning to look at IPR/copyright issues generally and not just specifically as it relates to research data? There certainly isn’t much to go on in the decision notice.

So for all these reasons, public authorities are, to say the least, suspicious of WDTK. And yet…and yet…

I rather like WDTK. It’s a nice bit of technology that appears to work well (contrast that with many systems developed by the public sector). I’ve used it to make FOI requests and found it easy to use. It keeps track of the process of making a request really well.

It was really easy for me to see the background to the Salford University situation. It would be easy for me to identify vexatious requests being made through the site (even if they soon became difficult to distinguish from the other requests). I can see readily how other authorities are responding to requests that come to my authority. It’s transparent, which is, well, the point of all this.

I’ve got an idea, which fellow FOI Officers may well disown me for. But why don’t we embrace it as a concept rather than fighting it? For example, couldn’t we adopt it as our Disclosure Log? Actually encourage requesters to use it so that our answers to them can help others and maybe prevent duplicate requests? It’s a thought, and on that thought I shall strap on my hard hat and leave it to you…