January 25, 2013 · 2:41 pm

Public Interest in Empty Buildings

Does the public interest favour publishing lists of vacant properties? No, says the First-tier tribunal. Yes, suggests the launch of the government website “Find Me Some Government Space”.

On 22 January the First-tier tribunal (FTT) handed down judgment in the remitted case of Voyias v IC and Camden Council. Those looking for intelligent insights into the case, and the reasons why it was originally appealed to the Upper Tribunal, and then sent back to the FTT should read the excellent series of posts on the Panopticon blog. I’m here to make a much blunter observation: at the same time a local authority is strongly resisting publishing details of vacant properties, the government appears to be actively promoting similar publication.

At issue  in the FTT was whether the Council should disclose, under the Freedom of Information Act 2000 (FOIA), addresses of vacant properties in its area. The information had been withheld on the basis of the FOIA exemption at section 31(1)(a)

disclosure…would, or would be likely to, prejudice…the prevention or detection of crime

The FTT had little difficulty (having been bound by the Upper Tribunal to consider indirect consequences of disclosure on the prevention of crime) in finding the exemption was engaged, holding that

releasing the requested information would increase squatting and that there would be an increase in the instances of various types of criminal activity directly connected to it*

When it came to the balance of public interest factors (section 31 being a qualified FOIA exemption) the only real factor pleaded in favour of disclosure was

The need to ensure that the Council takes appropriate measures to bring empty property back into use

And the FTT, at paragraph 55, afforded it “relatively small weight”.

Against disclosure were the following (not all of them accepted by the FTT, it should be said)

The inherent public interest in the prevention of all crimes…; The cost of securing properties vulnerable to squatting and repairing damage resulting from it, whether that cost falls on the private or public purse; The cost of evicting squatters; The potential detrimental impact on those directly affected by criminal damage; The impact on the community in the vicinity of a squatted property; The problems faced by Council staff having to deal with squatting and its consequences; The impact on police resources; The direct financial cost caused by property stripping.

Fine. FTT found the exemption engaged and that the public interest favoured non-disclosure of empty, unused properties. As John Murray has pointed out to me, this is somewhat surprising given that it also appears that many other local authorities have had little concern about disclosing similar information.

And one wonders why, if such prejudice would or would clearly be likely to arise, the government two days later launched  a website called Find Me Some Government Space. Launching it Chloe Smith, Minister for Political and Constitutional Reform, (what a grand title) said

…we will have a number of properties both owned and rented that we need to do more with. Not only will this website help to save government money but we will see new opportunities, jobs and growth in local economies as new life is brought into empty, unused properties. [emphasis added, naturally]

These sentiments were, oddly, not reflected by the then Housing Minister Grant Shapps, when the initial FTT ruling was made.He said it was a “bizarre decision that flies in the face of common sense” and that publishing details of empty properties “in other areas has led to the numbers of squats doubling”.

Now – and I concede they are not residential – within seconds, using “Find Me Some Government Space”, I’d found a list of 30 properties for sale within a 20km radius of Camden Council’s offices. It’s not clear if they’re currently empty and unused, but the words of the Minister imply that those are the sort of buildings which will be on “Find Me Some Government Space”. Moreover, as the government clearly thinks bringing new life into empty, unused properties is connected to the creation of jobs and economic growth, will they be encouraging councils to disclose the very type of information this Council sought so hard to avoid disclosing?

*At the time of the request, squatting in residential properties was not a criminal offence, something that has now changed with the enactment of section 144 of the Legal Aid, Sentencing and Punishment of Offenders Act.

Leave a comment

Filed under Freedom of Information, Information Tribunal

Tagged as

January 25, 2013 · 8:54 am

Sony Make Believe?

The ICO has “fined” Sony £250k for its Playstation Network breach.

My swiftly-grabbed breakfast coffee yesterday morning was interrupted by an emailed press release from the Information Commissioner’s Office (ICO) informing us that a civil Monetary Penalty Notice (MPN) in the sum of £250,000 had been served on Sony Computer Entertainment Europe Limited by the ICO. It was such an important case it was celebrated by a rare foray into video by the ICO’s David Smith. This was the outcome of investigations into a data security breach in April 2011 which had, in the ICO’s words, the effect of

compromising the personal information of millions of customers, including their names, addresses, email addresses, dates of birth and account passwords. Customers’ payment card details were also at risk

An MPN is served under section 55A of the Data Protection Act 1998. One can be served where the ICO determines that there has been a serious contravention of the Act, of a kind of a kind likely to cause substantial damage or substantial distress, and the data controller knew or ought to have known that there was a risk a contravention of this type would occur, but failed to take reasonable steps to prevent it.

There is a right of appeal against both the MPN itself, and the amount, to the First-tier Tribunal (FTT). Rather to my initial surprise Sony swiftly announced they were lodging an appeal. I had noticed that there were very large parts of the ICO’s formal MPN document that were blacked out. See

cropped-untitled.jpg

and

cropped-untitled.jpg

Even figures such as the estimated worldwide number (in millions) of PS Network users were redacted. I had a suspicion that some sort of negotiation might have taken place between the ICO and Sony, whereby the former would willingly redact everything the latter asked for, if the latter accepted their punishment. The announcement that they would appeal showed how I should be wary of my suspicious nature*.

Sony say

the ICO recognises Sony was the victim of “a focused and determined criminal attack,” that “there is no evidence that encrypted payment card details were accessed,” and that “personal data is unlikely to have been used for fraudulent purposes” following the attack on the PlayStation Network.

This seems to miss the point that section 55A does not require the ICO to determine that harm has occurred, only that the contravention was likely to cause substantial damage – or distress. As the ICO points out, thousands of people had their personal details (names, address, dates of birth and account password)s were compromised. The risk of identity theft existed, and, as the ICO points out, continues to exist. However, a question does arise as to how serious the breach was.

Last week the FTT handed down judgment in an unsuccessful appeal of a previous MPN served on Central London Community Healthcare NHS Trust (for a detailed analysis of that case, see Robin Hopkins’ piece on the Panopticon blog) . As a result of this we now know a bit more both about the ICO’s procedures in serving MPNs and the FTT’s likely approach to any further appeal. We know (paragraphs 37 and 38) that the FTT will conduct in effect a de novo hearing of the facts, and permit itself, where appropriate, to substitute its own view for the ICO’s, but that it will be likely to afford a degree of deference to the ICO’s views, given his expertise in DPA matters. We know (paragraph 39) that the FTT could increase the amount of the MPN. We also know that £250,000 marks the border between what the ICO sees as a “very serious” type of breach and the “most serious” type. One suspects Sony will be asking the FTT to consider whether this breach, which potentially affected a huge number of people, but which did not involve sensitive personal data, was as serious as the ICO treated it.

Personally, I think it was – the sheer numbers, and fact that this data is still out there, perhaps being sold and traded to crooks and spammers, make it so. Although the FTT could take a different view, Sony could well be living in the land of make believe.

One final point. Some have suggested that the ICO has traditionally been unwilling to take on the large private sector organisations when it comes to data protection enforcement. The suspicion has been that he is reluctant to risk lengthy and costly challenges. With this action, the ICO gives (at least a little bit of) lie to that. It would be a real shame if a lengthy and costly challenge ensues. We don’t want the ICO to whisper “I told you so”, do we?

*Actually, my suspicious nature makes me wonder if they will ultimately pursue the appeal. Although it will cost them nothing, this isn’t about cost, but reputation, and do Sony really want to risk another day of bad headlines about their data security, in the event that they lose the appeal?

UPDATE: 12 July

The First-tier Tribunal listings show that Sony withdrew their appeal on 8 July. We don’t know the reason why, but I wonder if I was right after all?

3 Comments

Filed under Uncategorized

January 8, 2013 · 3:48 pm

When is a working day not a working day?

If you made an FOI request over the Christmas period, be aware of a strange anomaly regarding time for compliance

Everyone knows that the time for compliance by a public authority with a request made under the Freedom of Information Act 2000 (FOIA) is twenty working days. Section 10 of FOIA says

a public authority must comply with [a request for information made under] section 1(1) promptly and in any event not later than the twentieth working day following the date of receipt

A “working day” means (by s10(6))

any day other than a Saturday, a Sunday, Christmas Day, Good Friday or a day which is a bank holiday under the Banking and Financial Dealings Act 1971 in any part of the United Kingdom. [emphasis added]

This means that, even when a request is made in England, Wales or Northern Ireland, to a English, Welsh or Northern Irish public authority, under FOIA (which in relevant part only applies to England, Wales and Northern Ireland – Scotland has its own Freedom of Information (Scotland) Act 2002), the existence of a Scottish bank holiday during the relevant period effectively extends the time for compliance by one day.

The 2nd of January is a bank holiday in Scotland.

So, think twice before you chase a public authority this month about a request you think is one day overdue.

9 Comments

Filed under Freedom of Information, Uncategorized

Tagged as

January 4, 2013 · 4:01 pm

Opt Me Out! Please

Do some barriers to opting out of direct marketing risk a breach of the Data Protection Act?

I’m trying to open a credit card account: long interest-free periods are useful for those who are careful with their money. They’re also useful for people like me.

My application was going fine until the point at which I was asked to agree to their policy on the use of my information for marketing purposes. This says

[Generic Financial Services Company] may inform me of special offers, products and services, either by letter, telephone or e-mail. If I am a new GFSC customer and I do not wish to receive marketing material by letter, telephone or email, or any combination of these I can write to you at GFSC, Marketing opt-out, FREEPOST XXXX

Thanks GFSC, but I don’t have to send you snail mail to opt-out of marketing. Section 11 of the Data Protection Act 1998 (DPA) simply says I can serve a notice in writing requiring you to cease, or not to begin, processing my personal data for the purposes of direct marketing. “In writing” includes, by virtue of section 64 of the DPA, email.

So I agreed to the terms of their marketing statement (I didn’t have to do that by snail mail, of course – I just ticked a box) and then very cleverly emailed them serving a section 11 notice requiring them not to being marketing, and asking them to confirm receipt of the notice.

However, I’ve now received a friendly email saying

Thank you for your message. The email service you have used is not 100% secure and we’re unable to reply to you using this service.  Emails can be intercepted which is why we provide secure messaging within our Online Banking facility.  I’m unable to access your account details and provide the information you require. I want to answer your query, but in a secure environment…

I didn’t “require” any specific information (other than an acknowledgement of receipt) and I was not wishing to discuss any matters which required secure email correspondence (I had freely provided my name and address). And I don’t have account details, because they haven’t accepted me as a customer yet.

So now I’m in limbo. I agreed to receive direct marketing, by ticking an online box, but immediately served a section 11 notice which they presumably won’t pay any attention to.

However, in strict terms the fact I got a reply to my email confirms that my notice was received. It may not mean I won’t get direct marketing, but it does probably mean that any such marketing would be sent to me unlawfully, in breach of section 11 of the DPA, as well as the first, second and sixth principle in Schedule One, and (therefore) section 4(4).

Having said all this I’m not sure I should name this nation wide financial institution, because I still want the service, and my principles don’t quite extend to withdrawing my application under these circumstances. I’m left wondering what I should do?

2 Comments

Filed under Data Protection

Tagged as

December 18, 2012 · 8:08 am

A Fairy Tale of Wilmslow

A clunkingly fatuous fairy tale for Christmas

Once upon a time, in a land far away, there were villages where the villagers were told by the king to look after some valuable possessions of other people, and though they tried hard to protect these items, they had limited money with which to do so.

Most villagers did everything they could to protect these precious items, but sometimes the village elders overlooked the risks, or decided to spend some of the villages’ meagre earnings on other important things. And sometimes some of the stupid villagers took risks, or other villagers, thought they were not stupid, still took stupid risks. This all meant that, just sometimes, the valuable items got lost, or given to the wrong people, or maybe even stolen.

The Sheriff of the Land was a good and strong man, and he too was worried about these precious items. He encouraged village elders to tell him when something happened to the items. When he thought the villages had really been bad, or unwise, he would fine them, and so they had even less money. And the villages would try very hard to improve, and they would listen to all the Sheriff’s edicts, and try to do what was right.

Most people in the Land, and in the villages themselves, accepted this: they knew that it was important that the sheriff showed everyone he was strong, and wouldn’t tolerate loss of or risk to the precious items.

However, in the towns, there were people who had also been asked by the king to look after others’ valuable possessions. Some of these people were very irresponsible, and they often lost the items, or had them stolen, and, what was worse, they wouldn’t confess this to the sheriff. And even though the sheriff knew about this, he mostly allowed the lawlessness to continue, because it was so rife, and because some of the townspeople were very powerful.

And so it was that the villagers found it hard to bear when the Sheriff issued public proclamations that said how badly they – even those in villages which had never done anything wrong – protected the precious items. They found it especially hard to bear because it was their own precious items which were being treated with so little care in the Outlaw Towns.

Information Commissioner Christopher Graham said yesterday:

“We are fast approaching two million pounds worth of monetary penalties issued to UK councils for breaching the Data Protection Act, with nineteen councils failing to have the most straightforward of procedures in place

“It would be far too easy to consider these breaches as simple human error. The reality is that they are caused by councils treating sensitive personal data in the same routine way they would deal with more general correspondence. Far too often in these cases, the councils do not appear to have acknowledged that the data they are handling is about real people, and often the more vulnerable members of society.

“The distress that these incidents would have caused to the people involved is obvious. The penalties we have issued will be of little solace to them, but we do hope it will stop other people having to endure similar distress by sending out a clear message that this type of approach to personal data will not be tolerated.

“There is clearly an underlying problem with data protection in local government and we will be meeting with stakeholders from across the sector to discuss how we can support them in addressing these problems.”

2 Comments

Filed under Data Protection, Information Commissioner, satire

December 17, 2012 · 5:05 pm

MPs and Data Protection Offences, part etc etc

In which I bore again by banging on about the ICO’s apparent non-action against MPs who might be committing Data Protection offences

I’ve blogged on this before. To recap: MPs have the same obligations as any other data controller under section 17 of the Data Protection Act 1998 (DPA) to notify the Information Commissioner’s Office (ICO) of their processing of personal data. Most do so, some appear not to. Processing personal data without a notification or a suitable exemption constitutes a criminal offence under section 18 of the DPA.

In my previous posts I’ve question why the ICO appears to take a lenient approach to MPs’ legal obligations. Maybe I’ve made more of it than I should, and I’m pleased to see that the majority I named in my second post on the subject have now put things right.

However, two of the names in that previous list continue not to have an entry on the ICO register. There may be a reason for this (the list may not, for instance, have been updated) but it suggests that Jim Shannon MP has processed personal data without an appropriate registration since his last notification expired on 29 November 2010 and Pat Doherty MP has similarly processed personal data since 20 January 2011.

It’s not as though the ICO never prosecutes for this offence. He announced on twitter today that there had been a successful prosecution of two spamming scumbags owners of a marketing company for non-notification (both received £2000 fines). While reading this, I noticed that there had also been, on 28 November, a successful prosecution (she pleaded guilty) of a barrister for the same offence. For reasons of mitigating circumstances she received an absolute discharge. However, the ICO reports that

the magistrate warned that those whose profession is to prosecute people for failing to comply with the law must meet their legal obligations

If this magistrate can warn lawyers to observe their legal obligations, because they (act for those who) prosecute offences, where is the warning from the prosecutor to those who actually make the laws?

1 Comment

Filed under Data Protection, Information Commissioner

Tagged as ,

November 23, 2012 · 1:35 pm

Tweets and Tw*ts, redux

NOTHING TO SEE HERE, MOVE ALONG.

UPDATE: 13 December 2012

In a tweet to me of 5 December the ICO kindly clarified that there has been no change. The reference to twitter names is now contained in this guidance.

Has there been a subtle change of policy by the ICO on the subject of FOI requests made by twitter?

Last year I blogged about a Freedom of Information Act 2000 (FOIA) request I made to the Information Commissioner’s Office (ICO) via twitter. I referred the ICO to their own guidance (hosted as part of a web page, not as a separate download), which said

The request must state the name of the applicant…A Twitter name may not be the requester’s real name, but the real name may be shown in their linked profile…The request must also state an address ‘for correspondence’. Does this include Twitter names? The length of a tweet makes it difficult for the authority to respond fully, but there are ways of dealing with this. The authority could ask the requester for an email address in order to provide a full response. Alternatively, it could publish the requested information, or a refusal notice, on its website and tweet a link to that.

The question I have given emphasis there did not have a specific answer in the guidance, but one inferred that the answer was “yes” from the words that followed.

This morning I made a twitter FOIA request to the Department for Education, to which they replied asking me to provide an email address or fill in an online form. I was going to refer them to the ICO’s guidance, but found that it doesn’t exist anymore. Fair enough: websites change and URLs get broken. However, unless I am mistaken what I have also found is that the ICO no longer seems to imply that a twitter name is an address for correspondence, according to section 8(1)(b) of FOIA. As far as my search skills can ascertain, the ICO now says

Requests can also be made via the web, or even on social networking sites such as Facebook or Twitter if your public authority uses these…[the request must] include an address for correspondence. This need not be the person’s residential or work address – it can be any address at which you can write to them, including a postal address or email address

No reference there to twitter names. More detailed guidance from the ICO says

Where a request has request in line with section 8(1) of FOIA if the requester has provided their name and a valid address. Where possible a response to the requester should be sent for example by providing a web link. If the name or address is not provided it is not a valid request, therefore if information is not being provided a reply should be sent advising the requester of this, and asking for the required information.

Again, no reference to twitter names.

These changes, unless I have indeed missed something, with their absence of reference to the possibility of a twitter name being “an address for correspondence” indicate a retreat by the ICO. It could well be that they’ve had to acknowledge that twitter is perhaps not the most appropriate medium for FOIA requests. If so, it would be helpful if they could – clearly – issue revised guidance. Their announcement that requests could be made by twitter got a lot of coverage, and led to the highest court in the land accepting that it had been wrong to imply it would not consider them valid requests.

I’ve made a FOIA request to the ICO to find out whether their policy has changed. Guess which medium I used?

UPDATE: 13 December 2012

In a tweet to me of 5 December the ICO kindly clarified that there has been no change. The reference to twitter names is now contained in this guidance.

7 Comments

Filed under Freedom of Information, Information Commissioner, transparency, Uncategorized

Tagged as ,

November 14, 2012 · 8:17 am

Internal Affairs

Has an NHS Trust tried wrongly to prevent publication of information under FOI? Or are they just perhaps (naively) internally exploring the options?

Brace yourselves. Hold on to your china. I have a shocking announcement to make: NOT ALL PUBLIC AUTHORITY STAFF FULLY UNDERSTAND FOI!

In fact, some of them don’t even like it – check out some of the submissions made to the Justice Committee when it was conducting its post-legislative scrutiny of the Freedom of Information Act 2000 (FOIA).

Even worse than those who don’t understand it and say so, are those who don’t understand it but think they do. All practitioners have been faced with the person who announces loudly and wrongly which exemption should be claimed, and won’t accept they’re wrong, because “that’s what we always used to say when I worked at [former employer]”.

These observations are prompted by a twitter exchange, and subsequent Telegraph article yesterday, regarding the accidental disclosure of internal emails by NHS Newcastle-upon-Tyne, in which staff there discuss how to respond to an FOI request. The article reports how the staff considered whether they had to disclose a strategy report, and that the following comments were made

The planned preventative maintenance is all my own work for which I can express intellectual rights…

The…strategy is commercially sensitive and subject to executive approval…Can we say that our Strategy is commercially sensitive and refuse to disclose?

We could refer to [other information] which is in the public domain…It would at least make us look slightly helpful

The Trust clearly did not want this exchange disclosed, because after inadvertently doing so, they tried to use an email recall function, which as we all know, hardly ever works. I don’t blame them – this sort of exchange hardly reflects well on the FOI knowledge of and intentions of, certain staff. If it happened in my organisation I’d toddle on down to their office with a rolled-up copy of ICO guidance and bang them on the head with it (or maybe just suggest they have some training).

However, this sort of exchange goes on daily, in hundreds of public authorities, as hard-working, possibly naive staff grapple with complex FOI requests. They’ll mull things over, discuss options, make ridiculous suggestions, until, ultimately – one hopes – an FOI officer pulls it all together and arrives at a reasoned, fair and lawful decision about disclosure.

Of course that doesn’t always happen, and not all organisations have the bulwark of an honest, good FOI officer in place, but disclosure of internal discussions about potential exemptions, before any final decision on disclosure has been arrived at, does not point towards a potential criminal offence, as some were suggesting on twitter, and it doesn’t really make for a good story.

Leave a comment

Filed under Uncategorized

November 12, 2012 · 8:49 am

Stupid, Stupid, Stupid.

How data security is like a car park. Sort of.

Last Friday I parked in my usual car park. I entered it past the signs informing me of the terms for parking there, and the penalties for breaching them. After parking I walked past the signs reminding me in big letters “HAVE YOU PAID AND DISPLAYED?”, and went in to work.

But when I returned later that day I had a ticket on my windscreen – a penalty charge notice – imposed for failing to display a ticket. I still don’t know how I managed to do this. Every other time I have parked, and bought a ticket, and placed it in the same place on the dashboard. But something went wrong this time.

Ever one to draw a clumsy analogy for the sake of a blog post, it got me thinking about data security. We all know how to avoid enforcement action by the Information Commissioner’s Officer (ICO): train your staff, have good policies and procedures and check regularly they’re being complied with. Then, if something goes wrong, the ICO will determine that there was nothing more as an organisation you could do to prevent the incident, and you are not in breach of the Data Protection Act. (Of course it’s a bit more complicated than that. But not much).

However watertight your policies are though, and however often and loudly you remind people about them, mistakes happen. As Einstein is reported to have said “Two things are infinite: the universe and human stupidity; and I’m not sure about the universe.” All you can do is mitigate the risks, and mitigate them sufficiently to satisfy those who regulate you. Thus, the ICO will (should) not impose a Monetary Penalty Notice if you had taken all the data security precautions you reasonably could have taken but one person made a stupid mistake leading to a data breach.

And, because the car park has clear and fair terms and conditions, I won’t challenge the lawfulness of imposing a penalty charge notice just because one stupid individual failed to check that his stupid car had a stupid $%*&ing ticket on the stupid dashboard last Friday morning.

 

1 Comment

Filed under Uncategorized

October 29, 2012 · 7:20 am

A Campaign Worth Fighting For

How the Campaign for Freedom of Information was integral to the original enactment of the Freedom of Information Act, and continues to lead on the subject. Support it.

In the mid-1990s my understanding of the concept of Freedom of Information was limited to two points: first, that it was heavily pushed by an organisation called the Campaign for Freedom of Information, and its director, Maurice Frankel and late Chairman, James Cornford and second, that FOI was, surely, unarguably a Good Thing.

In the heady months after Labour’s 1997 election victory it was easy simply to assume that the manifesto commitment to introducing a Freedom of Information Bill would be honoured. While those with more than a passing interest in the subject noted over the following months, with concern, a major retreat from David Clark‘s White Paper Your Right to Know, the Freedom of Information Act 2000, as passed, was still a piece of progressive legislation, very much to be welcomed.

It is interesting, then, to read, in Jack Straw’s recently published, and sometimes rather mean-spirited memoirs, potentially just how little is owed to those who are now seen as the key figures in that Labour administration, and how much is owed to the Campaign for Freedom of Information. Straw describes how the manifesto commitment resulted in a White Paper to parts of which he and Tony Blair were fundamentally opposed:

Tony himself was by now getting extremely worried about the eccentric FOI policy to which his government, in a trance, had seemingly committed itself

and how

I had half a thought that the best thing might to be bin the whole bill, or kick it into the long grass with a Royal Commission

But ranked against him were “all the enthusiasts for FOI-max, ably briefed by the indefatigable Maurice Frankel”.

(Straw effectively, by his account, found himself fighting his own bill. His victory, as he sees it, was to ensure that a power for ministers ultimately to veto disclosure was included. The unsavoury picture painted is of an over-eager administration – committed by its manifesto – unwillingly enacting a progressive law, but ham-stringing it in the process. And of course, we have since had several instances where that ministerial veto has been exercised (twice by Straw himself),, most recently and worringly to prevent disclosure of lobbying correspondence by the Prince of Wales, despite an extraordinarily thorough ruling in favour of disclosure in the Upper Tribunal.)

But this blog post is not about Jack Straw, now sniping from the opposition back benches, and not about the illiberal ministerial veto. It is about what a debt we all have to the Campaign for Freedom of Information, which has continued to argue for a more robust FOI Act, while defending it against threats of diminution. Regarding the latter, it is difficult to over-emphasise the significance of a late submission by the Campaign to the Justice Committee’s post-legislative scrutiny of the Act, which demolished many of the more specious arguments made by those criticising the Act. (Let us hope that the Committee’s welcome final report is accepted by the government, and that those of us who defend the Act can breathe easily, for a time at least.)

I have no personal interest in the Campaign (although I should perhaps declare that Maurice once gifted me a very-well-used-but-broken La Pavoni espresso machine) but it needs celebrating, and cherishing, and supporting (funding will always be an issue with an organisation like this). Everyone who uses and champions FOI should recognise this.

8 Comments

Filed under Uncategorized