Advice sought from Information Commissioner
Dear Sir or Madam,
I see from another request made via WhatDoTheyKnow.com[1]
that you have sought advice from the ICO regarding the use of email addresses as valid addresses.
Can you please provide a copy of all communication to date with the ICO in this regard, and any internal notes, memos, emails, or the like arising from this, as well as records of any other communication you have had with any other parties (internal or external) on this, or any other matters arising from users of the WhatDoTheyKnow.com site.
Yours faithfully,
Tony Bowden
Mr Tony Bowden
We are now in a position to respond to your request.
This is a copy of the email I received from the ICO office.
27 March 2009
Case Reference Number ENQ0239477
Dear Mr McCabe-Daly
Thank you for your correspondence dated 17 March regarding information
requests made under the Freedom of Information Act 2000 (FOIA) using sites
such as www.whatdotheyknow.com.
Firstly there is nothing within the Act that would prevent the development
and use of such websites. Indeed as the aim of the Act is concerned with
the transparency of information held by public authorities it does not
seek to place restrictions on those wish to request information.
Section 8 defines what is a valid "request for information" under the
FOIA.
8 Request for information
(1) In this Act any reference to a "request for information" is a
reference to such a request which--
(a) is in writing,
(b) states the name of the applicant and an address for correspondence,
and
(c) describes the information requested.
(2) For the purposes of subsection (1)(a), a request is to be treated as
made in writing where the text of the request--
(a) is transmitted by electronic means,
(b) is received in legible form, and
(c) is capable of being used for subsequent reference.
If you receive a valid request for information meeting the criteria set
under section 8 you are under an obligation to respond in accordance with
the provisions of that Act. For more information on this please see our
guidance using the following link:
[1]Valid request - name and address for correspondence
You will note from the above that section 8(2)(a) specifically sets out
that a valid request can be made by email and thus will include emails
originating from sites such as www.whatdotheyknow.com.
The requirement in section 8(1)(b) is for an address to be supplied, and
this is simply that it enables correspondence to reach the applicant. An
email address satisfies this requirement in section 8(1)(b) for an address
for correspondence. Support for this is found in the FOIA as follows:
. a request for information can be made by email.
. the access regime is a relatively informal one - for example the
applicant does not have to state formally that the request is being made
under the FOIA.
Where a request is received by an authority via a site such as
www.whatdotheyknow.com and this meets the criteria set under section 8 the
authority is under an obligation to respond in accordance with the
provisions of that Act. There are no grounds in the Act to refuse to deal
with a request simply because it originates from such a site.
If we can be of any further assistance please contact our Helpline on
08456 30 60 60 or 01625 545745 if you would prefer to call a national rate
number, quoting your case reference number. You may also find some useful
information on our website at [2]www.ico.gov.uk.
Yours sincerely,
Trevor Craig
FoI Case Officer
FoI Case Reception Unit
Information Commissioner's Office
The email I sent is:
I have become concerned about the use of sites such as
[3]www.whatdotheyknow.com to generate FOI requests and temporary email
addresses.
I am quite happy to accept hotmail, googlemail addresses as valid email
addresses but in view of hte nature of this site I am unwilling to accept
their email addreses as valid.
In the early days of FOI many organisation such as mine isnisted on a
physical address, and although the ICO has issed best practice guidelines
to suggest that an email address is valid I feel there should be controls
over the sort of sites that can be used to auto or semi auto generate
request, in a similar manner to spam email.
What is the legal position on the please?
Derrick McCabe-Daly
There is no other correspondence on this. I discussed the request with a
colleague from a different Trust on the phone, and it was when I mentioned
the pseudonym R SOLES that my colleague explained that this sounded
offensive. Had there been a title, Mr, Ms etc this would not have been
relevant.
If R SOLES is your pseudonym could I ask you to submit the request? I have
already set the process in motion to gain this information (We have use
the company concerned and it is now a matter of tracking the paper work I
gather.)
I hope you will agree that Freedom of Information is not something that
should be used to harass or abuse staff and that it has a serious part to
play in informing genuine requestors about how their money is spent. You
will find correspondence with R SOLES on the WhatDotheyKnow.com site.
I am attaching several of the documents I have consulted on this matter, I
hope these will be of assistance to you.
Please note that any information provided by this Trust is for your
personal use and not for resale or use for profit in any way under the
Re-use of Public Sector Information Regulations 2005.
If there is anything on which you need clarification, or if we can be of
any further assistance to you, please do not hesitate to contact me.
Reply to:
[BSUH request email]
If you are dissatisfied with the outcome of your enquiry, you have the
right to appeal. The address of our Complaints Department is:
Brighton and Sussex University Hospitals NHS Trust
Complaints Department
Sussex House
Abbey Road
Brighton
BN2 5BE
or email [email address]
If you are still not satisfied with the outcome, you can write to:
The Information Commissioner
Wycliffe House,
Water Lane,
Wilmslow,
Cheshire
SK9 5AF
Telephone: 01625 545700.
Derrick McCabe-Daly
Freedom of Information Office
This electronic message contains information from Brighton and Sussex University Hospitals NHS Trust, which may be privileged or confidential. The information is intended to be for the use of the individual(s) or entity named above. If you are not the intended recipient be aware that any disclosure, copying, distribution or use of the contents of this information is prohibited. If you have received this electronic message in error, please notify us immediately at [email address].
This Trust is committed to openness and transparency, and this commitment is supported by the Freedom of Information Act 2000. Under the Act, any recorded information held by the Trust, including this message, unless legally exempt, may be subject to public disclosure.
Activity and use of the Brighton and Sussex University Hospitals NHS Trust E-mail system is monitored to secure its effective operation and for other lawful business purposes. Communications using this system will also be monitored for viruses and other harmful material.
References
Visible links
1. https://web.nhs.net/owa/redir.aspx?C=25a...
2. https://web.nhs.net/owa/redir.aspx?C=25a...
3. https://web.nhs.net/owa/redir.aspx?C=25a...
Dear Mr McCabe-Daly,
Thank you for your speedy response.
I can confirm that "R Soles" is not my pseudonym, and that I do not know who that is, or even if it is a pseudonym at all. There is a leading fashion brand with that name, as well as several smaller retail outlets, and, as you are no doubt aware, the ICO's guidance on pseudonyms explicitly deals with the case of companies making requests using their trading names.
My interest in the original request is not due to its subject area, but your response to it, arising from my interest in this particular area of FOI — see, for example, my earlier correspondence with the ICO on the matter: http://www.whatdotheyknow.com/request/us...
I agree that FOI should not be used for harassment or abuse, but I also believe that some public bodies are very quick to find reasons not to provide information and often assume ill-will where none might exist. As the guidance states:
"We recognise that it may be difficult for a public authority to be certain that a pseudonym has been used by an applicant. A relatively low-key approach is recommended and public authorities should not seek proof of the applicant’s identity as a matter of course. In accordance with the spirit and purpose of the FOIA, the default position of a public authority should be to accept the name provided by the applicant unless there is good reason to enquire further about the applicant’s name, as indicated above.
"Even when an obvious pseudonym has been used, as good practice a public
authority should still consider the request even though technically it can be
regarded as invalid. This approach could be adopted in cases where identity
is not relevant to the request and, in view of the general principle within the FOIA of disclosure to the world at large, where the authority is content to disclose the information."
As to your remarks about "temporary" email addresses created by WhatDoTheyKnow.com, the site uses unique addresses per request simply for the purposes of automatically assigning responses to the correct page on the site. All requesters have their real email addresses confirmed at registration, and you can actually see all the requests made by any given person in one place on the site simply by clicking their name. To my mind this is significantly _better_ for authorities and gives you significantly more context than a traditional request made by direct email or by post.
Yours sincerely,
Tony Bowden
Dear Mr Bowden
Thank you for your email, which, if I may say, is both reasonable and
thought provoking.
I have noted the comments you have made.
I have sent several emails to R SOLES as you can see from the site, none of
the responses appears to address the issues I raised. In itself I find this
worrying.
I would repeat that the actual request can be regarded as valid, and this
morning, by coincidence, I have been chasing our training department for the
information.
You state:
"... that some public bodies are very quick to find reasons
not to provide information and often assume ill-will where none
might exist."
I do regard it as part of my role to persuade holders of information within
our organisation to release this when requested. Although not all the
exemptions are straightforward I have tried to follow the information
commissioners decisions (the best part of the ICO site in my opinion) and
have used these to persuade people to release information in some
circumstances when they have reservations about doing so.
In view of your comments I think I will create an account for myself on the
site. I may find it useful.
Once again thank you for your email.
Kind regards
Derrick McCabe-Daly
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now