Government petitions systems information
Dear House of Commons,
in the GDPR description for the government's petitions website, the House of Commons is named as one of the Controllers (in a GDPR sense) of the data submitted to and stored by the website.
What I would like to know, and request in line with FOI legislation, is:
Please list in a spreadsheet all of the software systems that can access the data stored for the purposes of the petitions website, ideally as name and brief description.
Further, please provide in the spreadsheet:
1) column(s) to indicate whether these are command-line, GUI or API access points. If I have missed any other route to the data then please proactively include additional columns.
2) for each of these systems/routes please include a list of 'permissions sets' e.g. 'super-admin', 'user', 'editor', 'contractor', 'staff', 'public' - whatever your internal naming convention is.
3) for each of these permissions groups, please provide an indicator whether they can export email data in part or in full, where those emails have been submitted/stored for the purpose of petitioning the government.
4) Also, please provide numbers for how many people are registered for each permission set for each system.
In the hopes of adding clarity, this could look something like:
Name, Description, Access format, Permission set, Can export, Numbers permitted
MariaDB, primary db for main storage, Command-line, Admin, yes, 4
PHPMyAdmin, primary GUI for main storage, GUI, Admin, yes, 6,
PHPMyAdmin, primary GUI for main storage, GUI, Staffer, no, 12
Site API, url access point for petition site, API, public, no, 2500
Many thanks for your time taken in this matter.
Yours faithfully,
Dr Rob Davidson
Dear Dr Davidson,
Freedom of Information request F20-200
Thank you for your request for information dated 22 April 2020, received
by us on the same date, which is copied below.
We will endeavour to respond to your request promptly but in any case
within 20 working days i.e. on or before 21 May 2020.
If you have any queries about your request, please use the request number
quoted above and in the subject line of this email.
CORONAVIRUS UPDATE
We will work hard to answer your information rights requests during the
current COVID 19 situation in line with statutory requirements, however
some requests may be affected by access to collections and availability of
staff. We will keep you informed of any identified delays in answering
your request.
Yours sincerely,
Sarah Price
IRIS Support Officer
Information Rights and Information Security (IRIS) Service | House of
Commons
[1]www.parliament.uk | [2]@ukparliament | [3]@houseofcommons
[4]House of Commons Privacy Notice for the Public
[5]Supporting a thriving parliamentary democracy
From: Robert Davidson <[FOI #660214 email]>
Sent: 22 April 2020 20:44
To: FOI Commons <[email address]>
Subject: Freedom of Information request - Government petitions systems
information
Dear House of Commons,
in the GDPR description for the government's petitions website, the House
of Commons is named as one of the Controllers (in a GDPR sense) of the
data submitted to and stored by the website.
What I would like to know, and request in line with FOI legislation, is:
Please list in a spreadsheet all of the software systems that can access
the data stored for the purposes of the petitions website, ideally as name
and brief description.
Further, please provide in the spreadsheet:
1) column(s) to indicate whether these are command-line, GUI or API access
points. If I have missed any other route to the data then please
proactively include additional columns.
2) for each of these systems/routes please include a list of 'permissions
sets' e.g. 'super-admin', 'user', 'editor', 'contractor', 'staff',
'public' - whatever your internal naming convention is.
3) for each of these permissions groups, please provide an indicator
whether they can export email data in part or in full, where those emails
have been submitted/stored for the purpose of petitioning the government.
4) Also, please provide numbers for how many people are registered for
each permission set for each system.
In the hopes of adding clarity, this could look something like:
Name, Description, Access format, Permission set, Can export, Numbers
permitted
MariaDB, primary db for main storage, Command-line, Admin, yes, 4
PHPMyAdmin, primary GUI for main storage, GUI, Admin, yes, 6,
PHPMyAdmin, primary GUI for main storage, GUI, Staffer, no, 12
Site API, url access point for petition site, API, public, no, 2500
Many thanks for your time taken in this matter.
Yours faithfully,
Dr Rob Davidson
-------------------------------------------------------------------
Please use this email address for all replies to this request:
[6][FOI #660214 email]
Is [7][House of Commons request email] the wrong address for Freedom of
Information requests to House of Commons? If so, please contact us using
this form:
[8]https://www.whatdotheyknow.com/change_re...
Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:
[9]https://www.whatdotheyknow.com/help/offi...
For more detailed guidance on safely disclosing information, read the
latest advice from the ICO:
[10]https://www.whatdotheyknow.com/help/ico-...
Please note that in some cases publication of requests and responses will
be delayed.
If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.
Restricted: Personal Data
Dear Dr Davidson,
Freedom of Information Request F20-200
Thank you for your request for information as copied below. You have asked
for information about the software systems that can access the data stored
for the purposes of the petitions website and the nature of that access.
The House of Commons does not hold this information.
It may help you to know that the UK Government and Parliament e-petitions
website is run by the Government Digital Service. It is therefore more
likely that they hold the technical information you are looking for. You
may wish to contact them under the Freedom of Information Act 2000 using
the contact details listed at
[1]https://www.gov.uk/government/organisati....
You may, if dissatisfied with the handling of your request, complain to
the House of Commons. Alternatively, if you are dissatisfied with the
outcome of your request you may ask the House of Commons to conduct an
internal review of any decision regarding your request. Complaints or
requests for internal review should be addressed to: Information Rights
and Information Security Service, Research & Information Team, House of
Commons, London SW1A 0AA or [2][House of Commons request email]. Please ensure
that you specify the full reasons for your complaint or internal review
along with any arguments or points that you wish to make.
If you remain dissatisfied, you may appeal to the Information Commissioner
at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF,
[3]www.ico.gov.uk.
Yours sincerely,
IRIS Officer
Information Rights and Information Security
House of Commons, London SW1A 0AA
[4][IMG]
[5]House of Commons Privacy Notice for the public
The House of Commons welcomes feedback. If you have any compliments,
complaints or comments,
about the service that you have received please send an email
to [6][email address]
From: Robert Davidson <[FOI #660214 email]>
Sent: 22 April 2020 20:44
To: FOI Commons <[email address]>
Subject: Freedom of Information request - Government petitions systems
information
Dear House of Commons,
in the GDPR description for the government's petitions website, the House
of Commons is named as one of the Controllers (in a GDPR sense) of the
data submitted to and stored by the website.
What I would like to know, and request in line with FOI legislation, is:
Please list in a spreadsheet all of the software systems that can access
the data stored for the purposes of the petitions website, ideally as name
and brief description.
Further, please provide in the spreadsheet:
1) column(s) to indicate whether these are command-line, GUI or API access
points. If I have missed any other route to the data then please
proactively include additional columns.
2) for each of these systems/routes please include a list of 'permissions
sets' e.g. 'super-admin', 'user', 'editor', 'contractor', 'staff',
'public' - whatever your internal naming convention is.
3) for each of these permissions groups, please provide an indicator
whether they can export email data in part or in full, where those emails
have been submitted/stored for the purpose of petitioning the government.
4) Also, please provide numbers for how many people are registered for
each permission set for each system.
In the hopes of adding clarity, this could look something like:
Name, Description, Access format, Permission set, Can export, Numbers
permitted
MariaDB, primary db for main storage, Command-line, Admin, yes, 4
PHPMyAdmin, primary GUI for main storage, GUI, Admin, yes, 6,
PHPMyAdmin, primary GUI for main storage, GUI, Staffer, no, 12
Site API, url access point for petition site, API, public, no, 2500
Many thanks for your time taken in this matter.
Yours faithfully,
Dr Rob Davidson
-------------------------------------------------------------------
Please use this email address for all replies to this request:
[7][FOI #660214 email]
Is [8][House of Commons request email] the wrong address for Freedom of
Information requests to House of Commons? If so, please contact us using
this form:
[9]https://www.whatdotheyknow.com/change_re...
Disclaimer: This message and any reply that you make will be published on
the internet. Our privacy and copyright policies:
[10]https://www.whatdotheyknow.com/help/offi...
For more detailed guidance on safely disclosing information, read the
latest advice from the ICO:
[11]https://www.whatdotheyknow.com/help/ico-...
Please note that in some cases publication of requests and responses will
be delayed.
If you find this service useful as an FOI officer, please ask your web
manager to link to us from your organisation's FOI page.
We work to defend the right to FOI for everyone
Help us protect your right to hold public authorities to account. Donate and support our work.
Donate Now