Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Authorise team members to make FOI requests on behalf of mySociety / WhatDoTheyKnow for replacement responses #1398

Closed
RichardTaylor opened this issue Sep 12, 2022 · 7 comments

Comments

@RichardTaylor
Copy link

RichardTaylor commented Sep 12, 2022

If a replacement response is not promptly forthcoming in cases of accidental release of personal data, where we've hidden the response from public view, empower requests to be made by WDTK, and linked via an annotation to/from the original request.

This could apply to redactions / takedowns for other purposes.

We might want a policy of avoiding controversial requests, perhaps the threshold of an admin being happy to make the request would be sufficient though.

Related to the journalism strategy but really more tightly connected to day-to-day running of the core service.

@RichardTaylor
Copy link
Author

Is this a good idea though? Should we pursue responses on the original request threads - as we do now.

Usually encouraging a replacement response on the thread does eventually work, as long as it's not a very old request - where, understandably, public bodies might not be able to, or feel it appropriate to, provide a replacement.

What if the request in question is old? Do we request an up-to-date copy of the information, or a copy of the information as of the time of the request?

If this becomes a general policy do we, in the interests of transparency, make an annotation when we decide not to follow it?

This might be something to have as an option, but use sparingly?

@FOIMonkey
Copy link
Collaborator

I see it as something to do if the authority outright says no, or is very slow in providing a replacement. Perhaps something to do 7 days after first asking, thus giving them a chance to respond informally first, but if not, we can guarantee a response without needing to think about it too much. We could tag the requests for replacements with the correct GDPR ref to make cross matching easier.

@garethrees
Copy link
Member

We could tag the requests for replacements

This sounds like something we could ask the wider user-base to do in the same way as the missing authority email tag!

@RichardTaylor
Copy link
Author

In cases of failed redactions etc. we already often ask public bodies to provide replacement responses and to send those replacements to the request address/thread.

We don't currently follow these up if no replacements are forthcoming.

Are our requests for a replacement response already technically a FOI request? I suspect they might be, we could follow them up on our private email correspondence thread with the public body seeking a response - by asking for an internal review and even appealing to the ICO.

This would be an alternative approach to starting a new public request thread.

@garethrees
Copy link
Member

Are our requests for a replacement response already technically a FOI request?

A good point – related to #1424.

@RichardTaylor
Copy link
Author

It appears this may have happened in one case:

https://groups.google.com/a/mysociety.org/g/wdtk-review/c/GqOSi9UI6Yw/m/QOtFaS9MBwAJ

@HelenWDTK
Copy link
Contributor

I have done this in several cases now, and will continue to do so as part of my job when needed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants