Hunting the snark

There isn’t any legal requirement to publish a clear public link, explaining how to make an FOI request, but it is obviously in the interests of both applicants and the organisation. The applicant knows where to go, and the organisation directs requests into the hands of those best placed to answer them properly. If there is any organisation that could be relied on to showcase its transparency, it would surely be the Information Commissioner’s Office. So how hard is it to find their FOI email address?

Start with the front page. Have a look. Go on.

Did you find it? I can find two ways to get to the ICO FOI page, and both of them take four steps. If you’re lucky, you guess that the link is in ‘About the ICO’ at the top of the page.

Page 1 copy 2

Then you choose ‘Our Information’, because it’s really obvious, right?

Page 2 alt

Now you’re on a roll. On the next page, they actually mention requesting information. They don’t actually say ‘Make an FOI request to us’, but really, is it good taste to say ‘FOI’ in mixed company?

Page 3 copy

Yes, it’s on the far side of the page, but I’m here. I can see it. I can almost taste it. Except even when I click on ‘Request information from us’, I have to read THE WHOLE BASTARD PAGE TO GET THE EMAIL ADDRESS.

Page 4 copy

BONUS SECTION. If your psychic powers deserted you, and you didn’t guess that it was in ‘About the ICO’, there’s another way in. It starts ‘Contact Us’ right at the bottom of the front page, then ‘Access information about us’, then the last two pages as before.

Page 1 copyPage 2 copyPage 3 copyPage 4 copy

I could have used What Do They Know, but that requires me to have specialist knowledge. It’s not a household name, not yet. What does that leave me with? Some FOI experts are a bit sniffy about the tweeted FOI request. I don’t agree with this on its own terms – many people increasingly see Twitter as an email alternative, and if an organisation chooses to open up the channel, they have to expect FOI requests. But if a public body makes it that hard to find their official email address for FOI requests, they only have themselves to blame. I tweeted the ICO last week to ask them a question which they failed to answer, which is how I came to be looking for their email address. Ironically, if they had just given me a quick tweeted response, they wouldn’t be dealing with the much more detailed request I ended up making.

Who watches the Watchdog?

A popular parlour game in Information Rights is to decide what kind of watchdog the Information Commissioner is. Tim Trent, erstwhile stalwart of the Jiscmail Data Protection forum, was fond of characterising the pre-CMP ICO as a poodle, whereas in the same era, one of my old managers believed that it was a canine capable only of giving a nasty suck. In these days of actual Wilmslow-based action, it’s hard to keep such comparisons in play, but whatever kind of mutt the Commissioner is, one thing is certain: the watchdog cannot properly watch itself.

This lunchtime, in an announcement doubtless designed to give the Executive Team indigestion, the Public and Commercial Services Union announced that it had written to the ICO to complain about a possible criminal offence committed by the Information Commissioner himself. Section 77 of the Freedom of Information Act 2000 makes it an offence to alter, deface, block, erase, destroy or conceal any record held by the public authority with the intention of preventing its disclosure under FOI.  The complaint follows an FOI request made by Graham’s staff about significant pay increases for some of the ICO’s most senior staff, while most of their underlings have laboured under a pay freeze.

I would need to write a book to pick apart all of the ridiculous things that the request has revealed. One classic moment sees Mr Graham telling the Ministry of Justice that his deputies need pay rises because the office has inherited responsibility for PECR and EIR since their jobs were last evaluated in 2008 (presumably the EIR decisions they made from 2005 and the PECR enforcement against political parties in 2006 are a figment of my imagination). Another sees one of the aforementioned deputies (Graham Smith) trying to help explain why even though “I have no specific new duties“, his pay rise is necessary because of “load sharing“. If you have an appraisal coming up, feel free to give that one a try. But best of all of all is the finesse with which the PCS requests were actually handled. First the response was late, then the PCS were told by Chris Graham that no information was held, and finally, after an internal review carried out by someone whose name was redacted from the response, a heap of emails appeared as if from nowhere, emails Chris Graham said were not held, despite the fact that he had either sent or been copied into most of them.  It’s a shambles (and as an FOI trainer, I thank them with all of my heart for the material).

A quick glance at the Information Commissioner’s What Do They Know pages shows an FOI process very much of the “Do as I say” variety. One recent request shows that suddenly finding lots of new stuff at internal review is not limited to the PCS request, while reading Helen Cross’ attempts to obtain management board papers is like slowing down past a motorway pile-up. Responses are long delayed or unconvincing, or even reach for the bogus vexatious label that Alan Dransfield keeps telling us all about. In the light of all this, it’s pointless to speculate about what went on with the ICO’s handling of the PCS request because it could be anything.

Nevertheless, the Information Commissioner’s Office cannot investigate the PCS complaint about Section 77. There are doubtless robust people working in Wilmslow capable of actually doing it independently and objectively, but is anyone really going to stand up to the boss and tell him that he should be prosecuted? And equally, if the investigation leads to a conclusion that no action is required, are we all just expected to believe that? The PCS press release seems clear that they are accusing Mr Graham himself of the Section 77 offence (“We have asked for a formal investigation into a possible criminal breach of the law by the man charged with upholding access to information rights“). It is inconceivable that Mr Graham would ask anyone in his office to make a decision on such an allegation.

As it happens, we already have a precedent. In 2012, the Commissioner asked Cheshire Police to investigate an alleged criminal breach of the Data Protection Act by a former employee, Alec Owens. Shortly before his appearance at the Leveson enquiry where he was to accuse Mr Graham’s precedessor of being afraid to take on the press, Owens’ house was raided by the police. No action was taken against him as a result, and he subsequently received an apology from the force because the warrant issued against him was unlawful. Despite the criticism of Paul Farrelly MP for their actions, the ICO maintained that reporting the matter to the police was the right thing to do because “it would not be appropriate for us to investigate a former member of staff“. Having said that in 2012, it is obvious that an allegation against a current member of staff cannot be taken on by the ICO either, especially given who that member of staff is. Whilst I am not recommending that Mr Graham hands himself into Wilmslow Nick, it is vital that his office makes clear that whatever the truth of the PCS claim, someone else will take charge of getting to the bottom of it.


In the flood of positive PR for Freedom of Information’s 10th anniversary, a piece appeared in the Manchester Evening News that shows a possible downside of the legislation. The MEN is my local paper and the main hospital in the story is the closest to my house, but I didn’t notice it – it was highlighted on Twitter by Dr Ben Goldacre and then to me by Sarah White.

The story concerns individuals who make multiple visits to A&E departments, and in particular, the revelation that one person went to A&E at Wythenshawe Hospital more than 100 times in an 11 month period in 2014. Several individuals – including a child – are mentioned, including the number of times they attended and the hospital in question, although the reasons for attendance are not revealed. The information was obtained using FOI.

An (unnamed) spokesperson says: ““Due to patient confidentiality, we would not comment on individual cases” but the problem is, they already have commented on individual cases by releasing data at an individual level. Goldacre’s concern – encapsulated in a comment he put on the story – is that by releasing the information and facilitating comments, these individuals are being exposed to unkind comments from strangers. As one of the other (unnamed) spokespersons observed, one of the likely reasons for multiple A&E attendances is mental health issues. Imagine being the person who went to Wythenshawe 116 times last year, and reading your story, reading comments about what you have done being ‘disgraceful’. Admittedly, the MEN’s handling of the story isn’t as hysterical as it would be in the Dailys Mail or Express, but how long will it take for them to pursue a similar story?

What happens if the parents of the kid mentioned in the story realise that it’s their family who are the “A&E frequent fliers“, draining the resources of “embattled” local hospitals? What happens if, as a result of the shame (which I suspect is the intended effect of this story), they don’t take their kid to A&E next time? What happens if the alcoholic, the self-harmer, the domestic violence victim, the anorexia sufferer – what happens if one of them knows or suspects that they are one of the frequent fliers, and then they don’t attend when they need to?

I live in the same postcode as Wythenshawe Hospital, I frequently drive and cycle past it, and several people that I know and love have been treated there. The ‘frequent flier’ could be one of my neighbours, someone who shops at the local supermarket; if I wasn’t so resolutely anti-social, I might even know them. It’s not likely that I would be able to identify them, but University Hospital of South Manchester NHS Trust (UHSM), the public authority that runs Wythenshawe and answered the FOI request, have consciously set those hares running to make a point about the over-reliance on A&E. That woman who always has an ambulance outside her house, that woman who is always down at A&E, I bet it’s her.

I am about to fall into the worst FOI trap, one I mention every time I run an FOI training course. It’s almost impossible to say that any request is an abuse of what FOI is intended for, because FOI is not intended for anything. It has no purpose clause, nothing to say what you’re supposed to use it for. If the Manchester Evening News want to try to use it to get a quick headline at the expense of vulnerable people, they’re absolutely entitled to do so but they shouldn’t get the information. And here I jump into the trap: FOI is not for this. FOI is not there to expose citizens, it is to expose the organisations that serve them. We need to know that A&E departments are run properly, that the managers responsible for them ensure that services are available so that people are not reliant on them when they should be elsewhere in the NHS system. However, exposing civilians to the glare of publicity is wrong and moreover, unnecessary.

I believe that the likelihood that the individuals cited in this story may be identifiable to their friends and neighbours, and as such, the release of their personal data is unfair – UHSM should have used Section 40 of the FOI Act to refuse to disclose this information on the basis that to do so would breach the Data Protection Act. I also believe – as Ben Goldacre said – that disclosure is likely to lead to adverse comment, and so Section 38 of FOI (which prevents disclosures that would endanger physical or mental health or safety) should also have been used to refuse. No matter how difficult and expensive some of these people might be, exposing them to shame and possible identification is a disgrace. It should not have happened.

Freedom Fighters

At least according to TweetDeck, Ian Dunt’s opinion piece about FOI on has struck a chord. For days, I have seen the headline being retweeted uncritically, usually by journalists: “How Whitehall neutered the FOI Act’. The article itself is stirring stuff. Take this:

Since the Act was passed it has become increasingly useless. Now, after four years of coalition government, the FoI Act is barely worth the paper it’s written on. One of the most powerful pieces of transparency legislation this country produced has been neutered.”

Dunt’s article doesn’t get close to substantiating the hype. Brace yourself – sometimes people ask for information under FOI, and they don’t receive it. Sometimes they have to fight to get the information. Sometimes, the information they want isn’t held. This isn’t neutering (Dunt’s headline even states that the neutering is done and dusted). This is how FOI works in every jurisdiction in the world that has an FOI Act.

Certainly, Dunt identifies some of the problems that FOI applicants encounter. He asked the DWP how much they had spent attempting to prevent disclosure of information about their Universal Credit Scheme. They didn’t provide the data, and he observes “even this small piece of the puzzle was considered confidential”. But it wasn’t. DWP didn’t claim that the information was exempt, they said “The department does not keep a record of the time its staff spend on particular Freedom of Information case work so the information you seek is not held”. There is an equally good example of the Howard League for Penal Reform being unable to find out when and how often they are mentioned in the Ministry of Justice – the quoted refusal makes clear that finding the answer would exceed the cost limits.

It’s frustrating when an organisation doesn’t record the information that you’ve asked for, or cannot search for information in the way you expect. Dunt offers no evidence that either department is not telling the truth, although he does imply that information is deliberately not being gathered centrally or that the civil service deliberately “cripple themselves with ineffective systems” that don’t allow for the right answers to be located.

There is no question that public sector IT systems are dire, but this isn’t anything to do with FOI, and in my experience, it’s often not deliberate. Senior managers everywhere think that everything can just be solved with a new IT system – this isn’t even just a public sector problem. Moreover, Dunt’s apparent solution (bring in Google) carries more Data Protection problems that I have time for here.

Dunt’s complaint about his DWP refusal overlooks the most important point: FOI worked. As he admits, the DWP’s refusal to disclose Universal Credit information was partially overturned by the Information Commissioner, and then wholly overturned by the Tribunal. True, DWP are seeking a further appeal, but we already know their appeal about Workfare schemes failed. The Universal Credit appeal will probably go the same way. This is not a neutered Act that isn’t worth the paper it is written on – on the substantial issue, it worked. Maybe it didn’t work fast, but that’s not Dunt’s complaint. His more trivial request was refused (my guess, legitimately), but the more important decision went in favour of disclosure.

Unless we are to let FOI derail the normal course of the public sector’s business, it has to have cost limits. Perhaps Dunt thinks that 24 hours of searching time per each request isn’t enough, but how high should we go? Should the applicant get 36 hours, 72 hours? Frankly, I don’t think how many times the Howard League for Penal Reform’s name is mentioned in the MOJ is worth more than £600 of public sector time, and if that’s really what they asked, the refusal serves them right for asking that sort of question. Rule number one for any FOI applicant should be to focus, focus, focus. Avoid a request that might involve an unlimited trawl of files and inboxes. FOI favours the stiletto strike, not the blunderbuss.

Any FOI Act will be imperfect tool to get at The Truth. It’s hard for FOI to be instant. Ironically, despite the fact that it is touted as a tool for journalists, the concept of FOI is a bit hopeless for anyone seeking information for the here and now. It favours the patient investigator. Government can cite exemptions or procedural hurdles, legitimately or otherwise, and the story may retreat into the long grass. But complaining about this is like complaining about the weather. Unless you think that all public sector information should be disclosed (paging Julian Assange), regardless of the circumstances and timing, you have to accept that FOI will include exemptions. One member of the House of Lords suggesting junking all of the exemptions in favour of a universal public interest test, and I like that idea. It would still result in refusals.

FOI does face a challenge. The Information Commissioner has proved unwilling to do anything strategic in his regulation of FOI, preferring to work only the case-by-case battle against the backlog. The attitude to FOI in the DWP, the Department for Education, and the Cabinet Office is clearly hostile, as it was when Labour ran the show. Dunt reminds us of Tony Blair’s repudiation of FOI, proving that this is not about politics, it’s about Government. If there is abuse of the process, it’s because Government knows the regulator is only willing to engage in skirmishes – the ICO won’t issue enforcement notices, won’t crack down on tactics. On this, the real problem, Dunt is silent.

The worst thing about Dunt’s article is that his message to his readers and the retweeting journalists is relentlessly negative. FOI is useless, he says, not worth the paper it’s written. It has been neutered. Probably not worth bothering with, then? If that’s what he thinks, fine. Dunt should stop making FOI requests, but his defeatism must not discourage others. My message to anyone with an interest in how government works is simple: ignore Ian Dunt. Work out a good request, make it, and if you get an unreasonable no, challenge it. Use the legislation. Make it work. FOI can only be ‘cancelled’ if we let it.

Angry birds

With two blogs already published on the question of Tweeted FOIs, there is every reason not to add to the noise. Alistair (@alistair_sloan) Sloan, from a legal perspective, has argued persuasively that a Tweeted FOI request has enough of the characteristics of a FOI request to often be valid. Bilal (@FOIkid) Ghafoor, from a more instinctive position, argues strongly that a Tweeted FOI is a ‘waste of everyone’s time’. Even the most pro-FOI advocates are very much against the idea of using Twitter for FOI, with no less than Paul (@FOIMan) Gibbons commenting  that applicants ought to be “discouraged” from using Twitter. All in all, the consensus seems to be in. Go back to your quill pens and vellum, citizens, we will have none of your modern technology here.

I am the last person to claim that because the Information Commissioner’s Office have issued guidance that Tweeted FOIs are valid, public authorities should acquiesce. Some of their guidance is muddy and vague, some of it is just plain wrong (the recent rewrite of their position on Data Processors is as worthless as anything issued by Wilmslow in this decade). Any public authority that wants to blow a loud raspberry at the ICO has nothing but my encouragement – the appropriate reaction to much of what they say and do is often scepticism, if not sarcasm. Moreover, when I first heard about the ICO line on Twitter, I thought it was stupid. I tweeted them an FOI request to show them how daft it was, and they had the bad taste to answer it quickly and clearly.

But since then, I’ve changed my mind.

Years ago, the local authority planning system was a closed system. If a new development was in prospect, typewritten signs would be fixed to lampposts or telegraph poles informing locals. The planning documents were only available for inspection. Those with time on their hands would turn up to Council meetings and sit mutely while Councillors made their decisions. I’m not arguing that the planning system necessarily works any better now, but at least the documents are likely to be published on the internet. Members of the public use their smartphones to film meetings, even if the councillors don’t want them to. It’s a lot easier to know what’s going on, and to get involved. The system has been shaken up. This is what technology does. I hate to use a buzzword, but in both the new jargon and the old-fashioned dictionary senses of the word, technology has a great capacity to be disruptive.

In 2000, Parliament decided that you don’t have to cite ‘FOI’ to make a valid request. FOI isn’t specialist; it’s for everyone, not just journalists and angry middle-aged men with time on their hands. All you need is a coherent request for information, expressed in a written format. It’s true that Tweeted FOI requests don’t work like email – the request sits on a Twitter App or the internet, rather than a copy of the request being delivered to the public authority’s mail server. But who cares? The tweeted FOI request is “capable of being used for subsequent reference” because it has appeared in an electronic channel that you have opened up, and you can (almost certainly will) copy it onto your FOI system and get going.

I know quite a few people who don’t use email except at work – their personal interaction is via Twitter and Facebook. Fax is dead. I don’t know anyone who routinely sends letters except myself. I still enjoy the shock and awe that most people under 30 exhibit when I use a fountain pen in a meeting, especially when they realise that this is an artefact I bought new, rather than having scavenged it from a time capsule. If you deny people the opportunity to use the tools that they already have, and force them to use the channels you think are appropriate, proper, or serious, you’re condemning the legislation to a well-meaning, specialised ghetto.

FOI should not be open only to the cognoscenti. The applicant should not have to track down the FOI email address, find the (often buried) FOI page on the spin-strewn website. You’re there on Twitter, I can find you easily using a tool that is on my phone. Why shouldn’t I be able to use that for FOI if I can formulate a 140 character FOI request?

Would an epidemic of tweeted FOI requests be easy to deal with? No. Will it increase costs for public authorities? Perhaps. But if you want to use the inconvenient and expensive argument, then you might as well abolish the legislation altogether, because the same case could be made for FOI as a whole.

I know that many supporters of FOI believe in all that ‘sunshine is the best disinfectant’ stuff, but the jury is way, way out on that. I honestly don’t know whether I believe that FOI will ultimately improve the public sector. Much of it is fine already, and a bit of it is probably irredeemable. I believe in FOI because I think the public should have access to information, because information is power and a few votes over the electoral cycle aren’t enough. You shouldn’t be able to use FOI to browbeat and punish public servants you don’t like, but beyond that, if FOI requests are annoying and uncomfortable, they’re probably doing their job. Last year, public authorities were given the gift of Dransfield, allowing them to refuse a wide variety of FOI requests on vexatious grounds, even those that are plainly in the public interest (like Laura McInerney’s recent interrogations of the DfE). Swings, meet roundabouts.

There are many awful consequences that spin off from FOI’s existence, and I don’t doubt that tweeted FOI requests annoy FOI Officers and public sector staff more widely. And before you say it, it’s true that I write this knowing that I don’t work in the public sector, and I don’t have to deal with FOI requests at all. I just make them. Nevertheless, nobody made public bodies open their Twitter accounts. Nobody forced you to open these doors. Twitter is not just a loudhailer.