FOI officer questions #
- I just got here from the bottom of an FOI request, what is going on? #
Welcome! WhatDoTheyKnow is a free service that helps ordinary members of the public make FOI requests, and easily track and share the responses from public bodies like yourself in the UK. It is run by the charity mySociety.
WhatDoTheyKnow has processed over 430,000 FOI requests since its launch in 2008, and is the UK’s most widely-known FOI service. We also campaign for citizen’s rights to information and for the strengthening of FOI laws.
The FOI request that has brought you here was made by someone using WhatDoTheyKnow. You can simply reply to the request as you would any other request from an individual. The only difference is that your response will be automatically published on the Internet.
If you have privacy or other concerns, please read the answers below. You might like to read the introduction to WhatDoTheyKnow to find out more about what the site does from the point of view of a user. You can also search the site to find the authority that you work for, and view the status of any requests made using the site.
Finally, we welcome comments and thoughts from FOI officers, please get in touch.
- Why are you publishing responses to FOI requests? #
We think there are lots of benefits to doing so.
- Most importantly it will encourage the public to be more interested and involved in the work of government.
- We also hope that it will reduce the number of duplicate requests on any subject that a public body will receive.
- Those taking action following the release of material, such as lobbying elected representatives or writing articles, are able to cite the source of the information they are referring to.
- Given that Freedom of Information responses contain public information, which anybody could easily request again from the public authority, we think there should be no reason not to publish it widely.
- Are the people making requests real people? #
Yes. For the purposes of keeping track of responses we use computer-generated email addresses for each request. However, before they can send a request, each user must register on the site with a unique email address that we then verify. You can search this site and find a page listing all requests that each person has made.
- An email isn’t a sufficient address for an FOI request! #
In fact, it is, as you’ll see via the information below.
- The Ministry of Justice has guidance – “As well as hard copy written correspondence, requests that are transmitted electronically (for example, in emails) are acceptable ... If a request is received by email and no postal address is given, the email address should be treated as the return address.”
- The Information Commissioner’s guidance for organisations says “A request must ... include an address for correspondence. This need not be the person’s residential or work address - it can be any address at which you can write to them, including a postal address or email address;”
Paragraph 107 of the Information
Commissioner’s Guidance on recognising a request under the Freedom
of Information Act now contains a section specifically on
WhatDoTheyKnow which states:
With respect to the address for correspondence, we consider the
@whatdotheyknow.comemail address provided to authorities when requests are made through the site to be a valid contact address for the purposes of Section 8(1)(b).
- This letter from the ICO to Rother District Council gives guidance on the matter, specifically in the context of requests made via WhatDoTheyKnow.
- How can we be sure the requester is the same person we have dealt with previously? #
We would advise public authorities not to assume that a person writing to them via our site is the same as a person they have dealt with previously under the same name.
UK Freedom of Information law is applicant blind and so there is no requirement for identity checks.
- Aren’t you making lots of vexatious requests? #
WhatDoTheyKnow is not making any requests. We are sending requests on behalf of our users, who are real people making the requests.
Look at it like this - if lots of different people made requests from different Hotmail email addresses, then you would not think that Microsoft were making vexatious requests. It is exactly the same if lots of requests are made via WhatDoTheyKnow. Moreover, since all requests are public it is much easier for you to see if one of our users is making vexatious requests.
- I can see a request on WhatDoTheyKnow, but we never got it by email! #
If a request appears on the site, then we have attempted to send it to the authority by email. You’ll see a small green tick by those which have certifiably been received by the authority’s mail servers, and any delivery failure messages will automatically appear on the site. You can check the address we’re using with the “View FOI email address” link which appears on the page for the authority. Contact us if there is a better address we can use.
Requests are sometimes not delivered because they are removed by “spam filters” in the IT department of the authority. Authorities can make sure this doesn’t happen by asking their IT departments to “whitelist” any email from @whatdotheyknow.com. If you ask us we will resend any request, and/or give technical details of delivery so an IT department can chase up what happened to the message.
Finally, you can respond to any request from your web browser, without needing any email, using the “Respond to request” link at the bottom of each request page.
- I've received a request by email but I can't see it on WhatDoTheyKnow.com! #
There are a number of reasons why a request may not be immediately visible on WhatDoTheyKnow.
- The requests may have been made through our WhatDoTheyKnow Pro service. WhatDoTheyKnow allows journalists, activists and campaigners to keep requests and responses private while they work on their investigations.
- We may have hidden the requests from other users because they contained personal information, or other material that was in breach of our house rules.
The fact that a request is not visible on WhatDoTheyKnow does not affect your duty to respond to it, so if you have received a valid request for information, you should process it in the usual way.
- How do you calculate the deadline shown on request pages? #
The Freedom of Information Act says:
A public authority must comply with section 1(1) promptly and in any event not later than the twentieth working day following the date of receipt.
In our opinion, what matters most here is that the law says authorities must respond promptly.
If there is a good reason why the request is going to take a while to process, requesters find it really helpful if you can send a quick email with a sentence or two saying what is happening.
FOI officers often have to do a lot of hard work to answer requests, and this is hidden from the public. We think it would help everyone to have more of that complexity visible.
Nonetheless, our site does provide an automatic countdown to the 20 working day deadline. Here’s how we calculate it.
- If the day we deliver the request by email is a working day, we count that as “day zero”, even if it was delivered late in the evening. Days end at midnight. We then count the next working day as “day one”, and so on up to 20 working days.
- If the day the request email was delivered was a non-working day, we count the next working day as “day one”. Delivery is delivery, even if it happened on the weekend. Some authorities disagree with this, our lawyer disagrees with them.
- Requesters are encouraged to mark when they have clarified their request so the clock resets, but sometimes they get this wrong. If you see a problem with a particular request, let us know and we’ll fix it.
The date thus calculated is shown on requests with the text “By law, Liverpool City Council should normally have responded by...”. Schools are a special case, which WhatDoTheyKnow displays differently.Since June 2009, schools have “20 working days disregarding any working day which is not a school day, or 60 working days, whichever is first” (FOI (Time for Compliance with Request) Regulations 2009). WhatDoTheyKnow indicates on requests to schools that the 20 day deadline is only during term time, and shows them as definitely overdue after 60 working days
If you’d like to know more, read the detailed ICO guidance. Meanwhile, remember that the law says authorities must respond promptly. That’s really what matters.
- How do you reflect time extensions for public interest tests? #
The Freedom of Information Act allows authorities to claim an indefinite time extension when applying a public interest test. As WhatDoTheyKnow doesn’t specifically handle such extensions we use the phrase “should normally have responded promptly by” when the 20 working day time is exceeded. Once 40 working days have elapsed we use much stronger wording as we consider that all requests should have received a response by that point.
Guidance from the Commissioner suggests extensions beyond 40 working days may be acceptable in exceptional cases such as where a body is under extreme pressure due to a major incident or where a public interest test involves “exceptional levels of complexity”.
The Freedom of Information (Scotland) Act does not allow such a public interest extension. WhatDoTheyKnow would like to see the law changed to either remove the extension from the UK Act, or to reintroduce an absolute time limit of 40 working days even with the extension (the House of Lords voted to remove provision for such a time limit during the initial passage of the UK Act through Parliament).
- Why is "Awaiting classification" or "Delayed" appearing on requests we’ve responded to? #
We rely on our users to classify responses to their requests in the first instance however we are happy to correct any errors that are drawn to our attention.
Requests which have not been classified for a couple of months can have their classifications updated by any user. A request’s classification can be changed via "Actions" > "Update the status of this request".
- How can I send a large file, which won’t go by email? #
- Consider if it is reasonable to split your data into a number of files, perhaps one file per year of data for example, and then send a series of emails, with one attachment to each message.
- A plain text format may produce a smaller file size, and be easier for people to work with than a proprietary format.
- Compressing files into .zip format before sending them can help reduce file size.
- Instead of email, you can respond to a request directly from your web browser, including uploading a file. To do this, choose “respond to request” at the bottom of the request’s page. Contact us if it is too big for even that (more than, say, 50Mb).
- Why do you publish the names of civil servants and the text of emails? #
We consider what officers or servants do in the course of their employment to be public information. We will only remove content in exceptional circumstances: see our take down policy.
- Do you publish email addresses or mobile phone numbers? #
To protect their owners from spam, we automatically remove most emails and some mobile numbers from responses to requests. Please contact us if you’d like us to remove one our system has missed. For technical reasons we don’t always manage to remove them from attachments, such as certain PDFs.
Removing email addresses also helps keep correspondence on the site. To reply to a message from a public body, or request an internal review, you don’t need to know the address they have provided but can use the relevant options under “Actions”.
If you need to know what an address was that we’ve removed, please get in touch with us. Occasionally, an email address forms an important part of a response and we will post it up in an annotation. Our volunteer team doesn’t have the capacity to deal with large numbers of requests to reveal email addresses so currently our service is not suited to requests for email contact details.
- I tried recalling a message – why hasn’t it worked? #
The recall function provided in Microsoft Outlook generally only works if both the sender and recipient are on the same email system.
This functionality is unlikely to work on other platforms, and it is not a function that is supported on WhatDoTheyKnow. Further information about this function, and its limitations, may be found on the Microsoft website.
If you’ve spotted an issue with a request, please contact us, giving as much detail as possible, and we’ll look into it.
- What is your policy on copyright of documents? #
The UK’s Freedom of Information law is “applicant blind”, so anyone in the world can request the same document and get a copy of it. If you think our making a document available on the Internet infringes your copyright, you may contact us and ask us to take it down.
However, it’s our belief that by publishing responses, you are saving public money by preventing duplicate requests, and you’re also fostering good public relations, so we always advise keeping it online. For more information please refer to the Copyright section of our ‘How we run WhatDoTheyKnow’ page.
- My response to an old request on WhatDoTheyKnow has been bounced! #
After 3 months of inactivity, WhatDoTheyKnow limits who can respond to a request to stop spammers targeting old requests. At that point, the request can only be responded to by someone who’s from the authority. After 12 months, the request is closed to responses from anyone. If you need an old request to be re-opened so that you can respond to it, please contact us.
If you haven’t already, read more about WhatDoTheyKnow, its aims and
Otherwise, the credits or the programmers API -->
We keep these pages under review, and may make changes from time to time to ensure that they remain up-to-date and accurate. You can find a synopsis of changes we’ve made at our GitHub repository but if you have any questions, please do contact us.