aboutsummaryrefslogtreecommitdiffstats
path: root/lib/views/help/privacy.rhtml
blob: 4f4f2d32f7a59de94c2b042149227980d1846217 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
<% @title = "Your privacy" %>

<%= render :partial => 'sidebar' %>

<div id="left_column_flip">
<h1 id="privacy"><%= @title %> <a href="#privacy">#</a> </h1>

<dl>

<dt id="email_address">Who gets to see my email address? <a href="#email_address">#</a> </dt>

<dd><p>We will not disclose your email address to anyone unless we are obliged to by law,
or you ask us to. This includes the public authority that you are sending a
request to.  They only get to see an email address 
@<%= MySociety::Config.get('INCOMING_EMAIL_DOMAIN') %> which is specific to that request.  </p>
<p>If you send a message to another user on the site, then it will reveal your
email address to them. You will be told that this is going to happen.</p>
</dd>

<dt id="nasty_spam">Will you send nasty, brutish spam to my email address? <a href="#nasty_spam">#</a> </dt>
<dd>Nope. After you sign up to <%= site_name %> we will only send you emails
relating to a request you made, an email alert that you have signed up for,
or for other reasons that you specifically authorise. We will never give or
sell your email addresses to anyone else, unless we are obliged to by law, or
you ask us to.
</dd>

<dt id="public_request">Why will my name and my request appear publicly on the site? <a href="#public_request">#</a> </dt>

<dd>
<p>We publish your request on the Internet so that anybody can read it and
make use of the information that you have found. We do not normally delete
requests (<a href="#delete_requests">more details</a>).
</p>
<p>
Your name is tangled up with your request, so has to be published as well.
It is only fair, as we're going to publish the name of the civil servant who
writes the response to your request.  Using your real name also helps people
get in touch with you to assist you with your research or to campaign with you. 
</p>
<p>By law, you must use your real name for the request to be a valid Freedom of
Information request. See the next question for alternatives if you do not want
to publish your full name.
</p>
</dd>

<dt id="real_name">Can I make an FOI request using a pseudonym? <a href="#real_name">#</a> </dt>


<dd>
<p>Technically, you must use your real name for your request to be a valid Freedom of Information request in law. See this
<a href="http://www.ico.gov.uk/upload/documents/library/freedom_of_information/detailed_specialist_guides/name_of_applicant_fop083_v1.pdf">guidance from the Information Commissioner</a> (January 2009).
</p>

<p>However, the same guidance also says it is good practice for the public
authority to still consider a request made using an obvious pseudonym.
You should refer to this if a public authority refuses a request because you
used a pseudonym.</p>

<p>Be careful though, even if the authority follows this good practice, the
pseudonym will probably make it impossible for you to complain to the
Information Commissioner later about the handling of your request.
</p>

<p>There are several good alternatives to using a pseudonym.</p>

<ul>
<li>Use a different form of your name. The guidance says
that "Mr Arthur Thomas Roberts" can make a valid request as "Arthur Roberts",
"A. T. Roberts", or "Mr Roberts", but <strong>not</strong> as "Arthur" or "A.T.R.". 
</li>
<li>Women may use their maiden name.</li>
<li>In most cases, you may use any name by which you are "widely known and/or
is regularly used".
<li>Use the name of an organisation, the name of a company, the trading name of
a company, or the trading name of a sole trader.
<li>Ask someone else to make the request on your behalf. 
<li>You may, if you are really stuck, ask us to make the request on
your behalf. Please <a href="/help/contact">contact us</a> with
a good reason why you cannot make the request yourself and cannot
ask a friend to. We don't have the resources to do this for everyone.
</ul>

<p>Please do not try to impersonate someone else.</p>

</dd>

<dt id="full_address">They've asked for my postal address! <a href="#full_address">#</a> </dt>

<dd>
<p>If a public authority asks you for your full, physical address, reply to them saying
that section 8.1.b of the FOI Act asks for an "address for correspondence", 
and that the email address you are using is sufficient. 
</p>
<p>
The Ministry of Justice has <a href="http://www.justice.gov.uk/guidance/foi-procedural-what.htm">guidance
on this</a> &ndash;
<em>"As well as hard copy written correspondence, requests that are
transmitted electronically (for example, in emails) are acceptable 
... If a request is received by email and no postal address is given, the email
address should be treated as the return address."
</em>
</p>
<p>As if that isn't enough, the Information Commissioner's 
<a href="http://www.ico.gov.uk/upload/documents/library/freedom_of_information/practical_application/foi_hints_for_practitioners_handing_foi_and_eir_requests_2008_final.pdf">Hints for Practitioners</a> say
<em>"Any correspondence could include a request for information. If it is written (this includes e-mail), legible, gives the name of the applicant, an address for reply (which could be electronic), and includes a description of the information required, then it will fall within the scope of the legislation."</em>
</p>
</dd>

<dt id="postal_answer">No no, they need a postal address to send a paper response! <a href="#postal_answer">#</a> </dt>

<dd>
<p>If an authority only has a paper copy of the information that you want,
they may ask you for a postal address. To start with, try persuading them
to scan in the documents for you. You can even <a href="http://www.whatdotheyknow.com/request/car_parking_charges_policy_and_a#outgoing-532">offer to gift them a scanner</a>, which in that particular case
embarrassed the authority into finding one they had already.</p>

<p>If that doesn't work, and you want to provide your postal address privately
in order to receive the documents, mark your request as "They are going to reply by post", and it will
give you an email address to use for that purpose.</p>
</dd>

<dt id="delete_requests">Can you delete my requests, or alter my name?  <a href="#delete_requests">#</a> </dt>

<dd>

<p><%= site_name %> is a permanent, public archive of Freedom of
Information requests. Even though you may not find the response to
a request useful any more, it may be of interest to others. For this
reason, we will not delete requests.
</p>

<p>Under exceptional circumstances we may remove or change your name
on the website, <a href="#takedown">see the next question</a>.
Similarly, we may also remove other personal information.
</p>

<p>If you're worried about this before you make your request,
see the section on <a href="#real_name">pseudonyms</a>.</p>

</dd>

<dt id="takedown">Can you take down personal information about me? <a href="#takedown">#</a> </dt>

<dd> 

<p>If you see any personal information about you on the site which you'd like
us to remove or hide, then please <a href="/help/contact">let us know</a>.
Specify exactly what information you believe to be problematic and why, and
where it appears on the site.</p>

<p>If it is sensitive personal information that has been accidentally
posted, then we will usually remove it. Normally we will only consider
requests to remove personal information which come from the individual
concerned, but for sensitive information we would appreciate anyone
pointing out anything they see.</p>

<p>We consider that there is a strong public interest in
retaining the names of officers or servants of public authorities. We will only
remove such names in exceptional circumstances, such as where the disclosure of
a name and position of employment would substantially risk an individual's
safety. If you are such an official and you wish to have your name removed for
such an urgent reason, you must supply us with a request to do so from your
line manager. This request must demonstrate that a risk has been perceived
which outweighs the public interest, and must demonstrate that efforts have
been made to conceal the name on the organisation's own website.</p>

<p>For all other requests we apply a public interest test to decide
whether information should be removed. 
<a href="http://www.statutelaw.gov.uk/content.aspx?ActiveTextDocId=3190650"> Section 32</a> 
of the Data Protection Act 1998 permits us to do this, as the material we
publish is journalistic. We cannot easily edit many types of attachments (such
as PDFs, or Microsoft Word or Excel files), so we will usually ask
that authorities resend these with the personal information removed.</p>

</dd>


</dl>

<p><strong>Learn more</strong> from the help for <a href="/help/officers">FOI officers</a> --&gt;

<div id="hash_link_padding"></div>


</div>