Cayman Islands ICO finds 10% government email addresses ‘non-functional’
Own-Initiative Investigation – 5
5 May 2014
Report on the Functionality of Designated FOI Email Addresses
Executive Summary:
The focus of this investigation was to determine the level of functionality of each public authority’s designated Freedom of information (FOI) email address, and take corrective action where necessary.
In order to facilitate receipt of requests under the FOI Law by email, each public authority in the Cayman Islands Government was designated a unique email address at the time of implementation of the FOI Law. However, in the last few months it came to the ICO’s attention that not all of the designated FOI email addresses were functioning properly, e.g. when receiving a message from outside the Cayman Islands Government email system.
Any problems with the functionality of the designated email addresses could potentially form a serious obstacle to FOI applicants, and the Information Commissioner’s Office decided to investigate and take remedial action.
In the course of the investigation each public authority’s designated FOI email address was tested. An email was sent from a Gmail account created by the ICO for that purpose. The investigation concluded that approximately 10% of designated FOI email addresses were experiencing some level of non-functionality which would affect the general public’s ability to make an FOI request.
Each public authority was contacted with the results of the investigation and corrective measures were taken to ensure that the functionality of all designated FOI email addresses was restored.
Contents:
A. INTRODUCTION
B. METHODOLOGY
C. FINDINGS
D. CONCLUSION
E. RECOMMENDATIONS
- INTRODUCTION
In 2008, at the time of implementation of the Freedom of Information Law, 2007 (FOI Law) each public authority subject to the FOI Law was designated an email address which applicants could use to make a request for records under the FOI Law. These email addresses were linked to the inboxes of the public authority’s Information Manager (IM) and Deputy Information Manager, so that access requests could be properly received and responded to.
However, as time passed by and staff changes occurred, proper remedial action was not always taken to ensure, for instance, that messages sent to FOI addresses were linked to the current IM, and some of the designated FOI email addresses consequently ceased being functional. In one extreme case in the Fall of 2013, the ICO was made aware that one of the email addresses specifically created to receive requests under the FOI Law could, in fact, only receive emails created within the Government’s own email system. The ICO intervened and with the help of Computer Services Department this specific issue was eventually resolved so that the email address in question once again became fully functional for all applicants, whether inside or outside of the Government.
Suspecting that other examples of designated FOI email malfunction might exist, the Information Commissioner decided to launch a wider investigation into the operability of all public authorities’ general FOI email addresses, under section 46 of the FOI Law. This section provides that “the Commissioner may on his own initiative conduct an investigation into any matter”.
The objective of the investigation was to ascertain the functionality of the designated FOI email addresses, determine why they might not be operating as intended, and look for ways of rectifying any impediments to full operability.
Section 49 of the FOI Law imposes an obligation on every public authority (1) to appoint an IM, and (2) to ensure that member of the public know the name, function and contact details of the IM .
Regulation 25 of the Freedom of Information (General) Regulations, 2008 (FOI Regulations) requires that the Cayman Islands National Archive (CINA), “for the convenience of the public”, publish a list of public authorities. In the Public Authority Contact list, which is updated several times a year, CINA includes the names of the public authorities’ information managers and their contact information which includes the designated FOI email address. This listing is available on the ICO website: http://www.infocomm.ky/document-library
The operability of the designated FOI email addresses is important because most FOI requests are made via email, and if the Government’s FOI email addresses are not working properly then some public authorities will not be able to effectively meet their obligations under the FOI Law to respond to requests.
- METHODOLOGY
In order to determine if the Government’s email addresses for FOI were indeed functioning correctly the ICO created a Gmail account for this specific purpose ([email protected]). A test email message was drafted and sent from this address to each of the FOI email addresses in Government.
It was necessary to use an external email address because one of the potential operability issues that was being investigated was the capacity to receive emails from a non-government email address.
The test email explained the purpose of the investigation and requested that whoever received it respond with their name and contact information so the ICO could confirm whether the email had reached the appropriate person(s).
The test email was sent out on November 22, 2013. A follow-up email was sent to all the government FOI email addresses on the same day, as some of the recipients questioned the authenticity of the initial email because it was arriving via a non-government email address.
The ICO tracked the responses from the 94 email addresses that were contacted and followed up with each public authority that did not respond.
C. FINDINGS
Ten public authorities did not respond to the test email or follow-up email, and were subsequently contacted by the ICO via other means. Various reasons were given for the failure to respond, ranging from spam filter issues to the fact that an employee who was originally responsible for monitoring an FOI email address had moved on from the position and no one else had taken over the responsibility.
The public authorities which did not respond and the reasons for their non-response are as follows:
Department of Labour and Pensions
Labour and Pensions was contacted by the ICO and asked to explain why no response was sent in response to the test email. It was determined that a new IM had been appointed but access to the FOI email account for the public authority ([email protected]) had not been assigned to this person. Once the new IM had access to the email account it was confirmed that the test email was received and that she was able to respond to it.
Financial Services Secretariat
Several attempts were made to contact the Financial Services Secretariat in order to ascertain why no response was given to the test email. There seemed to be confusion over who was handling FOI matters since the recent hiring of a new Deputy Chief Officer (DCO). The IM listed on the official CINA listing believed that the new DCO had taken over the IM duties while the DCO stated that she had not. In the end it was verified that the test email had been received but because of the confusion in roles no one had responded. The DCO assured the ICO that this issue was now resolved.
Ministry of Home and Community Affairs
The test email sent to Home Affairs at [email protected] was returned as “non-deliverable”. After several attempts to discuss this matter with the IM it was found that the FOI email address had in fact been changed to [email protected] in July 2013, but this information had not been passed on to CINA or the general public. The IM at Home Affairs has assured the ICO that as of January 2014 CINA was apprised of the correct contact information.
National Housing Development Trust
No response was received from the National Housing Development Trust, although when the IM was contacted it was determined that the test email had, in fact, been received. The problem was that the test email had been sent to the recipient’s “spam folder” which was not being monitored. The IM assured the ICO that she would contact Computer Services Department to ensure that the spam filter settings were correct.
National Workforce Development Agency
The email address listed by CINA for the National Workforce Development Agency (“NWDA”), at the time of this investigation, was [email protected]. The test email was sent to this address but no response was received. A review of the NWDA’s website revealed another FOI email address listed as [email protected]. Once contact with the IM was made it was determined that [email protected] was the correct email address, however, since the person responsible for monitoring that email account left the government in May 2013 it had not been monitored. Access to this email account has since been transferred to another employee and the NWDA has assured the ICO that the FOI email address will be consistently monitored in the future.
Tourism Attraction Board
Several attempts were made to contact the Tourism Attraction Board (“TAB”) to ascertain why no response was given to the test email. Once contact was made it was found that the IM did not receive the emails from the FOI email address, rather the IM’s Personal Assistant received said emails. During the month of November the IM’s then Personal Assistant, left her position with the TAB and a number of temporary assistants had been brought in to assist. However, none of them responded to the test email or forwarded it to the IM. The new, permanent Personal Assistant confirmed that the email had been received by sending a response to the test email. She also confirmed that she will henceforth be responsible for monitoring the FOI email inbox.
Children and Youth Services Foundation
The Children and Youth Services Foundation experienced similar issues to the NWDA in that the email address listed with CINA ([email protected]) was different than the one posted on their website ([email protected]). Once the IM was contacted it was found that neither of these two email addresses were being monitored nor had either of them been operational since approximately July 2012 which is when the public authority was restructured. The IM assured the ICO that the website and CINA would be updated with the new contact email address, [email protected].
Department of Children and Family Services
The Department of Children and Family Services (DCFS) did not respond to the test email because at the time it was sent the IM’s duties were being transferred to another employee. Apparently, although the email had been received, it was somehow missed. The IM who commenced her new duties in January 2014 confirmed that the email was received and the email address is working correctly.
Department of Counselling Services
The FOI email address ([email protected]) for the Department of Counselling Services (DCS) was working correctly when the test email was sent, however, there was confusion over who was responsible for monitoring it. The result was a nil response. DCS thought that the Ministry of Community Affairs had taken over the responsibility for the email address although the Ministry did not agree with this view. DCS has now confirmed it has taken over responsibility for the FOI email address and has assigned two employees to monitor it. It could not be confirmed exactly how long the FOI email address had effectively been left dormant.
Cayman Islands Stock Exchange
The Cayman Islands Stock Exchange (CSX) did not respond to the test email but once the IM was contacted the issue was corrected. The main issue was that the test email got caught by the CSX’s spam filter and apparently the spam filter issue was “compounded by staff movements and absences”. The CSX did not elaborate on the details of those movements and absences but it is reasonable to assume that the CSX experienced challenges similar to those experienced by some other public authorities when it came to ensuring that FOI duties were adequately covered when personnel moved to other positions.
- CONCLUSION
Based on the results of this investigation, a significant majority of public authorities did a satisfactory job at ensuring that their designated email lines of communication for FOI were open and were being adequately monitored. However, approximately 10% of public authorities’ email addresses specifically created to receive FOI requests were experiencing some level of non-functionality at the beginning of the investigation.
The following specific issues were identified:
1. There was confusion over which employee had primary responsibility for monitoring the FOI email inbox.
2. Messages sent to the FOI email addresses were not being forwarded to the appropriate employees’ inboxes.
3. No alternative person was assigned when a staff member responsible for the FOI email inbox took up another position, was assigned other duties or left their position with the public authority.
4. Some ministries had a single person monitoring the FOI emails addresses of one or more departments for which they are responsible, but not those of other departments.
This could cause a lack of clarity whether the ministry or department was responsible for monitoring the respective FOI email addresses.
5. Changes to the FOI email address were not communicated to CINA or to the general public.
6. Spam filters were blocking FOI emails and sending them to junk e-mail folders which were not being monitored.
In the view of the ICO there is no level of FOI service disruption that is acceptable, irrespective of the total volume of requests a public authority might receive. Maintaining and monitoring an email address is not a burdensome task and most of the issues encountered could be rectified with relative ease.
It is possible that some of the public authorities which responded satisfactorily to the test email may still need to improve some aspects of their internal procedures relating to FOI and their designated FOI email addresses. All public authorities should remain vigilant and seek to avoid the pitfalls listed above.
It is important that each public authority meets the obligations imposed by section 49 of the FOI Law to (1) appoint an IM, and (2) ensure that the general public knows the name, function and contact details of the IM.
In practical terms, each public authority should make sure that the FOI-related duties of IMs are fulfilled on an ongoing basis. For instance, when an IM is absent, for whatever reason, a Deputy IM should be in place to answer FOI requests, and when an IM is assigned to other duties or leaves the public authority, a new IM should be appointed, and given appropriate procedural and technical access to fulfill that important role.
E. RECOMMENDATIONS
In order to ensure that public authorities meet their statutory obligations under the FOI Law, the ICO recommends that each public authority:
1. Appoint an IM and Deputy IM to respond to FOI requests, and inform the general public of their name, function and contact details, as required by the FOI Law.
2. Establish written, clear, consistent and accountable internal procedures to ensure that:
a. upon appointment an IM is clearly advised of their duties and responsibilities and provided with appropriate training.
b. an IM’s duties and responsibilities are transferred to the Deputy IM or another employee when the IM takes up another position, is assigned other duties or leaves their position with the public authority, or is absent for any other reason.
3. Ensure that emails which are sent to the public authority’s email address designated to receive FOI requests are being received by more than one person at any given time.
4. Annually test the designated FOI email address to confirm its functionality, and contact Computer Services Department when any technical difficulties arise.
Jan Liebaers
Acting Information Commissioner
9 May 2014
END
IMAGE: www.yola.com