About WhatDoTheyKnow

Using WhatDoTheyKnow

Access To Information Help

Rules & Complaints

Your Privacy

Information Officers

Learn More

Contact us

If your question isn’t answered here, or you just wanted to let us know something about the site, contact us.

How we run WhatDoTheyKnow #

WhatDoTheyKnow is administered by a small team of mySociety staff and dedicated volunteers who have extensive knowledge and experience of Freedom of Information, and who support it. Decisions about the administration of the site are taken by this administration team, with support from mySociety’s Chief Executive and Trustees.

We don't check the information on the site #

Freedom of information law gives people the right to access recorded information that is held by public bodies even where the information is incorrect. We do not check the information provided by public authorities, or that contained within messages from requesters or annotations posted by users of the site. There may be gaps and errors in the information published on the site. Some of the information may be out of date now, even if it was correct when it was first created.

Information you find on the site may be out of date #

Some public bodies will release information that is many years out of date on the site. This can happen if the requester asks for information relating to events that happened a number of years ago. This can also happen if a document has not been updated for some time, and the requester asks for the latest version. This means that some of the information that is published on the site will already be out of date on the day it is published. We never remove material from the site just because it is old or because a newer version of the material exists. This is because we are trying to create a permanent archive.

Reactive moderation principle #

It would be impossible for the WhatDoTheyKnow volunteer team to moderate all requests and responses before they appear on the site. We will remove inappropriate material (material that contravenes our House Rules) upon being informed, a process known as reactive moderation.

This policy is in line with the approach used by major publishers such as the BBC and the Guardian. A key reason we take this approach is to reduce the liability we have for the content posted by users on our site; this is something we need to do due to the significant financial risks involved if we were deemed to be publishing libellous material.

When we remove potentially defamatory material from our site we are not taking a view on if it is accurate or not, we don’t have the resources to investigate that.

What happens once a request is reported for attention? #

Policy as a guide, not a rigid set of rules #

Our policies have developed from the consideration and discussion of cases where the right course of action has not been obvious.

These policies are not set in stone. New and unforeseen circumstances occur frequently, and while our body of policy and practice helps guide decisions, any WhatDoTheyKnow volunteer or mySociety staff member/trustee involved is free to suggest that the right thing to do in a specific case is to make an exception and/or establish a new policy.

To discuss how to take action on a particular case that is not straightforward, volunteer administrators start an email discussion amongst the team of other volunteers and specific mySociety staff. Discussion among this group then leads to an agreed course of action.

How do we deal with requests that are not valid? #

When we are made aware of it, we remove any correspondence from our site which is not a request for information that anyone could expect a substantive response to.

The vast majority of invalid “requests” are actually not Freedom of Information requests at all but correspondence relating to people’s personal circumstances.

We point users making requests for their own personal information to guidance on making Subject Access requests under the Data Protection Act and try to help others find more appropriate means of contacting public authorities.

Why do we remove email addresses and mobile phone numbers from responses? #

To guard all parties against spam, and to encourage keeping all correspondence on WhatDoTheyKnow, we automatically remove most email addresses and some mobile numbers from responses to requests. For technical reasons we don’t always manage to remove them from attachments, such as certain PDFs.

If you need to know an address that we've removed, please get in touch with us. It's worth noting though, that as our team is small, we've not got the capacity to deal with a large number of these requests, so our service isn't well suited to being used to gather email addresses. Occasionally, an email address forms an important part of a response and if we’re asked to reveal it we may post it in an annotation.

How do we deal with requests that are not sent successfully? #

  • The admin team act to re-send requests/messages when we spot failed delivery within a reasonable period of a user submitting the request.
  • A public body or the requestor may ask us to resend a specific message and typically we will do so.
  • We generally don’t resend very old correspondence, for example if there’s been a delivery failure that has gone unnoticed for many months, and the if there’s a clear bounce/error message) the request may be marked “withdrawn” on the basis of abandonment, or marked as still awaiting a response.

Backpaging #

Administrators can "backpage" a request thread, this means the page is accessible to those who have the direct link to it, but it is not included in lists of requests or search results on the site. This is similar to YouTube's "unlisted" or GoogleDoc's "anyone with the link" accessibility settings.

When a request on WhatDoTheyKnow is "backpaged" meta-tags are added to the header of the request page, and linked attachments, to ask external search engines not to index the material. This feature is rarely used, but can help us continue to publish material we might otherwise remove.

Backpaging reduces the impact of our publication, it can, for example, be used to make it more likely that our interests in processing and publishing material outweigh any negative impacts on those whose personal information is involved.

Membership of the admin team #

WhatDoTheyKnow is a project of mySociety run by a small team of staff and dedicated volunteers.

Volunteers are supervised and mentored by the other members of the admin team. As mySociety is a distributed organisation, we keep in touch by email or individual calls as required. Volunteers’ activity running the site, or on email lists, is visible to other members of the admin team, as well as other mySociety staff, and anyone can speak up with suggestions for doing things differently.

We also have regular online team meetings that all volunteers are invited to join, although attendance at these is optional.

When a new volunteer starts, they are asked to agree to the terms of a volunteer agreement. This includes mySociety’s Code of Conduct, password policy, data retention policy and personal data policy.

Depending on the nature of their volunteering, they may have an introductory call with a current member of the WhatDoTheyKnow admin team, generally with one existing volunteer and one member of staff.

Volunteers who will actively administer the site are asked to join a training call in which a member of the admin team will demonstrate the use of the WhatDoTheyKnow admin interface. If everyone concerned is comfortable, they may then be given access to the administration interface.

Joining the admin team is not the only way to help run the site. Read more on how to get involved

User accounts #

If you sign up for an account on WhatDoTheyKnow, a profile listing any requests and annotations you have made will be publicly accessible.

Banning users #

We ban users for persistent misuse of our service (e.g. going against our House Rules). Banning or suspending users is a last resort; if possible the WhatDoTheyKnow volunteer team advise users on how to use our service in an acceptable way. This guidance is provided via email or annotations. If the user continues to abuse the service after such interventions, their account is banned. Bans without a warning can be used in cases where there’s no serious use of the service, e.g. spam accounts, or in cases of serious misuse. After an account has been banned, the WhatDoTheyKnow volunteer team write to the user to explain the reasons that led to this decision.

Changes #

We keep these pages under review, and may make changes from time to time to ensure that they remain up-to-date and accurate. You can find a synopsis of changes we’ve made at our GitHub repository but if you have any questions, please do contact us.