Document our campaigning strategy and campaigning aims

[FOIMonkey]

Note down our current approach to campaigning.

This is like #1240 but for campaigning activities.

What campaigning have we been doing? What form has this taken? How are we identifying campaigning opportunities and making sure that we make the most of them? etc

Doing so will enable us to assess what changes/improvements we might want to make to our strategy going forward, and work out what support/resources we might need to achieve our goals.

[garethrees]

• Upholding right of ATI (FOI and EIR): e.g. "campaigning" decision not to include ARIA (could have done more here obvs)
• Maintaining accessibility of ATI: e.g. in-progress issue of making it more difficult by refusing emails, responding with links, etc.
• Expanding the scope of ATI: e.g. listing bodies that should be FOIable, like BIDs.

(ATI == Access to Information) – mostly analogous to FOI as our main tool for doing this, but we have interests in EIR, proactive publication, etc.

[crowbot]

Adding the dataset provision from FOI to EIR could come under the 'upholding the right of ATI' section

[RichardTaylor]

Updated title in-line with how this ticket is being used.

[RichardTaylor]

Linking to

• https://github.com/mysociety/whatdotheyknow-theme/issues/1237
• https://github.com/mysociety/whatdotheyknow-theme/issues/1183

[RichardTaylor]

Target power of the WDTK audience / users for campaigning.

[RichardTaylor]

Campaigning policy idea:

International public bodies should be covered by FOI. International treaties forming public bodies should include access to information provisions.

See also: https://github.com/mysociety/alaveteli/issues/6571

[RichardTaylor]

There are other areas where we have, or perhaps should have, policy positions and aims, which relate to running our service, and acting on released information.

• We have an aim of reducing occurrences of data breaches by public bodies when they're making disclosures under FOI. We want to continue to work with the ICO, and public bodies, on this issue. There is a risk to the reputation of FOI if inappropriate disclosures of personal information are made when responding to FOI requests. There is a risk of harm arising from such breaches, and they cost us time and effort to deal with.

• We would like changes to libel law to make it less risky to run our service. A specific defence/exemption for material released under FOI would be ideal. It might not be a big step from the current position. It might even be achieved by clarifying/interpreting the current position. We already have qualified privilege for "A fair and accurate copy of or extract from matter published by or on the authority of a government or legislature anywhere in the world" and also, subject to provision for an explanatory or contradictory statement, https://www.legislation.gov.uk/ukpga/1996/31/schedule/1/paragraph/7 and for "A fair and accurate copy of, extract from or summary of a notice or other matter issued for the information of the public by or on behalf of ... an authority anywhere in the world performing governmental functions" https://www.legislation.gov.uk/ukpga/1996/31/schedule/1/paragraph/9

• Libel law, and whistleblowing law, could be improved from the point of view of protecting private disclosures to others better placed to act on material eg. journalists and MPs.

[RichardTaylor]

Considering when we make FOI requests as WhatDoTheyKnow / mySociety could be part of this.

[garethrees]

Not sure it's "campaign" per-say but we care about better FOI journalism – i.e. journalists publishing or linking to – the underlying sources.

[RichardTaylor]

Public bodies can't sue for libel, to prevent them chilling debate. Should there be a similar approach to other ways public bodies can seek to use legal threats to prevent the publication of material eg. through misuse of the law on copyright, confidentiality, and personal data.

[RichardTaylor]

Determine (or just include?) our position on access to information held by public sector contractors.

Our policy on listing public sector contractors on WhatDoTheyKnow should be in-line with changes to the law we want to see.

[garethrees]

Expanding the scope of ATI

https://www.opendemocracy.net/en/opendemocracyuk/transparency-must-extend-to-britains-public-private-state/

[RichardTaylor]

Our desire to make FOI requests on behalf of mySociety/WhatDoTheyKnow has been connected to this issue (though it could be seen as quite distinct).

We have a specific ticket for:

• https://github.com/mysociety/whatdotheyknow-theme/issues/1398

It would also be useful to make requests to find out information required for listing new bodies, or otherwise keeping the bodies database up-to-date there is a specific example and proposal at https://github.com/mysociety/whatdotheyknow-theme/issues/1341#issuecomment-1264426778

Individual volunteers, and other third parties, have made such requests personally in the past.

[garethrees]

Maintaining accessibility of ATI

Improving the situation around indefinite PIT extensions would fit this theme.

• https://blogs.mysociety.org/internal/2022/07/28/282-working-days/
• https://research.mysociety.org/html/reforming-foi/l/7.650.mpzn9.ipm_y.zgxvp.9fdag.html
• https://www.mysociety.org/2022/04/29/pacac-makes-the-positive-case-for-foi-but-there-is-more-work-to-do/

[RichardTaylor]

Consider misuse of the "intended for future publication" exemption, or if not "misuse" the issue of the exemption being available to apply in cases where there are no specific plans to publish, and publication may not ensue either in a timely manner or at all.

Example case: https://www.whatdotheyknow.com/request/anti_nucleocapsid_antibody_data (see cited twitter thread)

[RichardTaylor]

Consider misuse of the "intended for future publication" exemption,

https://www.pacts.org.uk/pacts-executive-director-calls-on-dft-to-release-reports/

"The Parliamentary Advisory Council for Transport Safety (PACTS) is a registered charity. It supports the All-Party Parliamentary Group for Transport Safety." (Source)

The body is complaining in the above linked blog about how the exemption for information which is to be published in the future is preventing them getting material they think should be released.

[RichardTaylor]

I've spun out a specific ticket, for a specific campaign:

• https://github.com/mysociety/whatdotheyknow-theme/issues/1445

[RichardTaylor]

Part of our strategy should be preparing ourselves to take advantage of unexpected opportunities which arise.

While we don't know what exact events will happen, we can prepare for classes of likely event eg.

• Ineffectual redaction revealing misuse, or excessive use, of FOI exemptions.
• FOI ending up in the news; often we will be able to link our campaigning aims to the story.
• Public bodies announcing anti-transparency policies
  • eg. https://github.com/mysociety/whatdotheyknow-theme/issues/1428
• Politicians, or others, proposing a reduction in the scope of FOI
• Politicians, or others, making statements in-line with our campaigning goals

[RichardTaylor]

We should consider if we should campaign publicly and transparently as a matter of principle. I think we should.

If we have lobbying meetings, or send lobbying letters, we should be public about what we're doing.

• Example: https://github.com/mysociety/whatdotheyknow-theme/issues/1444

I don't think we should be extreme about this, I'm not suggesting full transcripts of meetings, or publishing every informal, or operational, exchange of emails with public bodies or elected representatives, but generally if we've done something substantive there should be some public note of it, from us.

[RichardTaylor]

A user urging us to do more prompted me to spin out and start acting on :

• https://github.com/mysociety/whatdotheyknow-theme/issues/1456

[RichardTaylor]

Campaign on access to information held by partnerships of public sector bodies, including those "poisoned" by non-public sector members, where they have public functions:

• https://github.com/mysociety/whatdotheyknow-theme/issues/1458

[RichardTaylor]

We might want to campaign against the EIR provision enabling reasonable charges to be levied on requesters.

The ICO notes:

The approach to charging for information under the EIR contrasts with that in FOIA, where you are only allowed to charge for disbursements unless answering the request exceeds the appropriate fees limit.

https://ico.org.uk/media/for-organisations/documents/2021/2619011/charging-for-environmental-info-regulation-8-version-16.pdf https://ico.org.uk/for-organisations/guidance-index/freedom-of-information-and-environmental-information-regulations/charging-for-information-under-the-eir/#FOI

Tagging requests hitting this issue would be a good place to start, we could use eir_charges

[I'm noting this idea as it has been raised in Slack.]

[RichardTaylor]

https://www.whatdotheyknow.com/search/tag:eir_charges/all

[FOIMonkey]

https://www.whatdotheyknow.com/search/tag:eir_charges/all

We probably need to split the tag. The two currently tagged are Scottish requests, so it'd need to be EISR not EIR and the UK ICO advice is not really relevant. AIUI SIC has a different view on charging.

eisr_charges for Scottish requests?

[RichardTaylor]

We probably need to split the tag.

We could do, or we could try and keep the tag notes generic. There is advice from the Scottish ICO

https://www.itspublicknowledge.info/sites/default/files/2022-03/Chargingforenvironmentalinformation.pdf

the Scottish Regulations also refer to reasonableness so I think the advice we want to offer users is the same

https://www.legislation.gov.uk/ssi/2004/520/regulation/8/made

Both regulators are probably seeking to pass on the key elements of a Court of Justice of the European Union judgement which interprets reasonableness and refers to a potential deterrent effect of charges.

[ajparsons]

I'd like to get to the bottom of this again, but last time I checked ICO and OSIC did have different views on charging.

https://www.mysociety.org/2021/05/05/what-are-environmental-information-requests-and-how-do-they-differ-in-scotland/

On my to do list for next few weeks to write down next steps (for me) on this (working from our climate angle, and our previous research). I think this is complementary with the tagging approach above.

[RichardTaylor]

We could campaign for the ICO not to break links to key pages on its website.

We've had to make lots of changes to the links we offer to the ICO's website from WhatDoTheyKnow.

I'm noting this after a user met a broken link in a public body's response to

https://ico.org.uk/make-a-complaint/official-information-concerns-report/official-information-concern/

It looks as if an depreciated, and broken, form is still live at

https://ico.org.uk/make-a-complaint/foi-and-eir-complaints/

which has been replaced by

https://ico.org.uk/make-a-complaint/foi-and-eir-complaints/foi-and-eir-complaints/

Them changing their links and not putting redirects in place is something which does impact WhatDoTheyKnow and its users.

[garethrees]

Could do something with applicant blindness and pseudonyms (https://github.com/mysociety/alaveteli/issues/6279).

[garethrees]

I've taken a look at all the suggestions so far and grouped them roughly under each core theme suggested above. I'm sure there are more tickets lying around that could be added, but I'm mainly trying to reflect on our way of thinking about this rather than any specific issues.

Upholding the right of ATI	Maintaining accessibility of ATI	Expanding the scope of ATI
Ensure new bodies are subject (Like ARIA) Add the dataset provision to EIR (https://github.com/mysociety/whatdotheyknow-theme/issues/1044#issuecomment-1164975270) Repeal special FOI treatments (#1237) Repeal EIR 20 working day extensions (#1183) Stop endless public interest test delays (#1445) Stop misuse of the future publication exemption (#1456) Repeal EIR charges (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1296954205)	Challenge refusal to accept emailed requests (#1428) Challenge use of poor webforms Add GP surgeries (#23) Challenge subversion of applicant blindness (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1318449383) A libel defence/exemption for material released under FOI (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1207226533) Challenge poor response performance (e.g. #1232)	Expand scope to cover Business Improvement Districts (#726) Expand scope to cover National Fire Chiefs Council (#1299) Improve ATI from public sector contractors (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1255290328) Improve ATI from public sector partnerships / poisoned bodies (#1458) Improve ATI from sports governing bodies (#839) Improve ATI from international bodies (https://github.com/mysociety/alaveteli/issues/6571)

There were a few that I couldn't quite convince myself that they fit directly in to one of these 3 themes…

• Reducing occurrences of data breaches by public bodies (#1128)
• Better FOI journalism (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1227173010)
• ICO breaking URLs (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1312151344)

…and a few felt more like general process than outcome:

• Monitor the potential for information rights to be degraded (#1414)
• General horizon scanning (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1278799724)
• Transparent lobbying of authorities (https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1278805553)

I think we should also consider that aims are not the same as actions. For any one of our aims we have a variety of actions we can take:

• Data collection through platform features (tags, classifications, etc)
• In-context signposting (annotations, notes, etc)
• In-depth thought-pieces (blog posts, research, consultation submissions, etc)
• Amplifying (tweets, blog posts, etc)
• Stunts (half-baked)

…and probably many more, but the main thing I think is we want to be able to separate the aim so that we can then strategically decide which actions to take based on how appropriate, likely to succeed, investment time, etc.

I'd sort of like to end up with a clear grid of most-pressing problems and the steps we're aiming to take to get them resolved. Here's quick a sketch. Each cell would likely link out to issues where we delve into the details and mechanics, but having a clear picture of what our shared aims are will help us compare emergent opportunities against planned ones and decide which we care most about.

EDIT: Oh, and I think this should be top 3 in each theme at most. We don't have endless headspace and resource, so we have to prioritise.

[ajparsons]

It's useful to think about what our unique role and contribution can be - and in general given we are quite heavily constrained in many respects, how we can have the biggest impact without over-extending ourselves.

Here are a few questions that can help focus some of the potential angles - as well as some general tasks that would put us in a better position in general to be less reactive and more long term in our thinking.

Developing campaigns

For each campaign, we need to work out how we achieve what we want, with what we’ve got:

• How much can we act unilaterally to make a change?
  • Generally campaigns will be for changes that we cannot just do unilaterally, but there may be partial moves that align with the campaign.
• What resources do we have for a campaign?
  • Can it align with a funded area of work? Or is there a clear partner we can spread the work around?
• Who do we need to make a change?
  • Ultimately, the subject of the campaign - who we need to do something different to win.
• Who can influence that change?
  • A power analysis is useful to understand who the subject of the campaign listens to (or has to listen to).
  • This might be to convince the regulator, get it in party manifestos, get change into sector best practice guidance, mobilise users to write to politicians etc.
• Who else agrees with us about a change, and how do we work together?
  • We are very small, our best chance for success will often be to work in combination with others and share the burdens of a campaign.

What we have

• WhatDoTheyKnow platform and brand
  • Large web traffic and huge body of FOI requests, well known by "FOI sector"
  • Clear demonstration of the value of FOI
• Volunteer interest and expertise
  • Our volunteers are highly knowledgeable and motivated individuals, with a perspective on FOI that is less present in other FOI reform aligned orgs (who may have more sector specific viewpoints).
• Our user base
  • No one else has the potential access to thousands of FOI users that we have. It’s an incredible resource that in principle allows us to construct campaigns with those users.
  • Part of our potential messaging is that we want to work on behalf of ordinary FOI users.
• Part of mySociety
  • mySociety does too much! Where possible, need to make an asset of that and find things that cover multiple areas (environmental information requests for climate, etc).
  • Broader research resources, covering access to information systems in the UK and across Europe. Experience with statistics, FOI statistics and using FOI for research.
• Connections to other organisations (internally and internationally)
  • We have connections to other organisations with an interest in FOI in the UK, which can help inform campaigns.
  • We have connections to similar organisations internationally, who can learn from.

How can we develop our capacity for campaigns

What can we do to make better use of our resources?

• Develop better email list
  • Want to have reliable ability to push requests for input and opportunities to participate to users
  • Better power analysis of the sector
• Mapping the actors and their interest in FOI and specific interest in reform.
  • Database of ‘who supports what’, mapping various proposed reports and reforms of FOI.
• Better integration of running campaigns into WhatDoTheyKnow
  • [and some campaigns are direct decisions on how the service works]
• Develop media list
  • Just want a clearer sense mapping of who interested journalists are about our work. This might be about FOI, but could also be anti-corruption, etc.

[garethrees]

Might be another strand to Upholding the right of ATI, Maintaining accessibility of ATI and Expanding the scope of ATI along the lines of "Demonstrating the use of ATI", as in showing what's possible with it (case studies, linking up citations, explaining structures of bodies for currently public interest events)

[RichardTaylor]

Develop media list

We've had a small media lis in the past, but we've found often to-date we've been acting in relation to requests with specific geographical and/or subject matter, so our actions haven't been as relevant to our general media list, but we've researched and identified journalists likely to be specifically interested on a case by case basis.

If we're doing more general FOI campaigning then a general media list might be appropriate.

[RichardTaylor]

~"Public Body" is defined in a few places in the law.

I suspect we'd want the most inclusive definition to define those bodies subject to access to information law.

One of the definitions is in The Re-use of Public Sector Information Regulations 2015. Their public body definition is overall much narrower than that which applies to FOI, however it appears to be broader when it comes to partnerships and "poisoned" bodies, see:

• https://github.com/mysociety/whatdotheyknow-theme/issues/1448#issuecomment-1355198636

[RichardTaylor]

Linking to

• https://github.com/mysociety/orgsites/issues/1268

[RichardTaylor]

On transparency of the FOI process, the "qualified person" taking a decision on, for example, if disclosure of information would prejudice eg. "the maintenance of the convention of the collective responsibility of Ministers of the Crown" should be identified.

Often such decisions are reported as having been made by eg. "a minister" without the minister in question being identified.

Relevant FOI section: https://www.legislation.gov.uk/ukpga/2000/36/section/36

Example: https://www.whatdotheyknow.com/request/foi_request_meeting_held_on_0411

(I think we may also have a position wanting to remove ministers' and other similar individuals' roles in making decisions on FOI responses)

[RichardTaylor]

Today's Community and Activism call agenda contains the question: "What information could we FOI for?"

This perhaps indicates more requests being made as WDTK/mySociety, or by staff/volunteers in connection with their roles, are being considered.

There are some suggestions at:

https://github.com/mysociety/whatdotheyknow-theme/issues/1243#issuecomment-1264427725

In addition we could:

• Make "seed" requests to newly listed bodies. (These could focus on material we think bodies should be publishing)
• Follow up abandoned requests ourselves and/or rewrite certain rejected requests in a manner which we think might get a response.

It would be good for staff and volunteers to have the freedom to use the service; and such freedom might attract, and retain volunteers and make the work being done more rewarding and impactful.

Requests are valuable content though. One reason I hesitated when a similar, more focused, question was arose during a previous call was that mySociety (discussing making initial/seeding requests to Integrated Care Boards) was asking for yet more to be given away freely by volunteers, in a context where other contributions to running the service are now paid for. See https://github.com/mysociety/whatdotheyknow-theme/issues/950 for discussion on if requesters should be treated like content creators on YouTube etc. and financially rewarded for their contributions.

[RichardTaylor]

From Community and Activism call agenda: encourage greater transparency at eir_only bodies

My thoughts - How? See if we can list more of them on the site?

[RichardTaylor]

Should the question of if information is personal data, or not, in law, be one with an absolute yes/no answer (as I think it is now) or should the concept of the risk of identification come into play?

The police.uk website/data is produced via process described as:

an anonymisation process which adequately minimises privacy risks

https://data.police.uk/about/

This would impact WDTK when it comes to processing of special category data, eg. the type of data shown on police.uk

[garethrees]

Challenge use of poor webforms

Just documenting some progress:

• We blogged
• We then built Notes so that we could easily track instances via tags and publicly provide advice
• We've had some specific wins on a per-authority basis, either from users challenging them or us doing so
• The ICO published guidance having taken note of our blog