Online and on your phone: processing access applications for social media, webmail and text messages

Applications to access documents held by Queensland government agencies1 can be made under the Right to Information Act 2009 (RTI Act)2. Increasingly, the scope of these applications encompass social media platforms, such as Facebook and Twitter, agency documents held in personal webmail accounts, text messages sent using agency-issued devices, work-related text messages sent using personal devices and officer to officer communications (chats) stored in programs such as Teams and Zoom..

Capturing and identifying records

All agencies may want to consult Council Records: a guideline for mayors, councillors, CEOs and council employees, prepared jointly by the Crime and Corruption Commission and Queensland State Archives. It provides relevant, practical guidance applicable across all sectors of government.

Documents under the RTI Act

Applications for access can only be made for documents of an agency or documents of a Minister.

A document of an agency is a document in the physical possession or legal control of an agency. A document of a Minister is a document that is not a document of an agency, is in the physical possession or legal control of the Minister, and relates to the affairs of an agency. It includes a document the Minister is entitled to access and documents in the possession or control of the Minister's staff or consultants.

More than public records

A document does not have to be a public record to fall under the definition of document in the RTI Act. When conducting searches in response to an RTI application agencies have to capture every document in scope, regardless of whether or not it is a public record.

For more information refer to Documents of an agency and Documents of a Minister.

Social Media

Social media is websites and applications that enable users to create and share content or to participate in social networking.3 Some of the more common social media platforms used by agencies are Facebook, Twitter, YouTube, Instagram and LinkedIn.4

There are two situations in which the contents of a social media account can be documents of an agency5 under the RTI Act:

  1. Where the account is operated by the holder of an agency office, such as a local government councillor6, in their official capacity.
  2. Where the social media account is operated by the agency as an official account.

In the former case, it will be necessary to determine if the social media account is being operated in an official capacity, as an officer of the agency or holder of an agency office, rather than a personal one. Indicators include:

  • the officer's title being included in the account name
  • lack of a disclaimer, stating that the account is not being operated in the officer's official capacity or stating there is no connection with the agency
  • the presence of the agency name or logo
  • the use of the officer's official—rather than personal—contact information, such as their agency email address or agency phone number and address
  • the posted content of the account relating primarily to their role in the agency7
  • for local government councillors, inclusion of a link to the Councillor Social Media Community Guideline; and
  • interactions on the account consistent with carrying out their role in the agency.

If it is determined that the account is being operated in an official capacity, the contents of the account will be documents of the agency.

When searching a social media account, more than the public posts must be considered. Decision makers will need to consider the contents of private or limited-access sections, for example, chats, direct messages, private, restricted, or draft posts, and information available only to the account holder. This could include the identity of users that have 'liked' posts or other content, lists of blocked users, search history, comments hidden from public view, or interactions with, or reports to, the operator of the platform (eg Facebook, Twitter).8

Refusal of access because other access available

Section 53 of the RTI Act allows an agency to refuse access to a document if the applicant can reasonably access it under other arrangements made by an agency. In some circumstances, if an application captures publicly available posts, tweets, photos or other material available on agency social media accounts, section 53 may apply.

However, consideration should be given to the ease with which specific posts etc containing the information can be located and to the applicant's circumstances; some applicants may not have the ability or equipment to access agency social media.

For more information, refer to Refuse access to a document – other access available.

Webmail and other private email accounts

Emails that have been sent or received in an official capacity or to conduct official business will be documents of an agency under the RTI Act, even if they are stored in an officer's private email account.9 This can be a webmail account, such as a Gmail or Hotmail account, or downloaded through a home email program from an account with no web interface.

Where agency policies specifically allow the use of private email accounts for agency business, for example where officers are travelling or working from home, decision makers may need to consider accounting for this in their search processes.


An officer's private email address is not routine personal work information and must be dealt with in the same way as other personal information under the RTI Act. This information would rarely be in the public interest to release.

Text Messages

Similar to social media accounts, text messages10 will be documents under the RTI Act in two circumstances:

  1. When stored on a personally owned device, such as a smartphone or tablet, and the message was sent or received by an agency officer acting in their official capacity.11
  2. When stored on an agency owned device, regardless of the content of the message.

In the former case, it will be necessary to carefully consider the context of any messages to determine if they are documents of an agency under the RTI Act. If so, steps will need to be taken to capture them, so they can be processed and, if appropriate, access given.

BYOD policies

Where an agency has a bring your own device policy, allowing agency officers to use their own devices for agency business, it will be particularly important to ensure those devices are captured in any search requests.

If an officer of the agency sends, receives, and stores text messages on a device owned by the agency, the contents of the messages are irrelevant; the fact that the agency owns the device will make them documents under the RTI Act. However, an assessment of the content will be necessary to determine if the documents are within the scope of an application and if they should be released.

Where there are too many text messages to manually search, it may be necessary to download the text messages from the device before they can be searched, to determine which text messages are in scope. Capturing text messages is discussed below.


Agencies should consider including information in any BYOD or similar policies about officers' public records and RTI Act obligations. Any policies that allow personal use of agency devices should advise officers that information stored on the device, including personal text messages and documents, could potentially become subject to an RTI application.

Text messages and text 'chains'

On most smart phones, text messages are grouped together based on the participants in the conversation. These groups are sometimes referred to as 'text chains'. When considering text messages as part of an access application, each individual text message is the document, not the text chain.

Unlike email chains, in which an email is appended to the one before, text messages are simply displayed together in groups; they are not attached to each other. These groups are analogous to folders on a hard drive, grouping the individual text messages together for convenience. On most devices, you can deal with each text individually (delete, forward, save etc) without impacting the rest of the texts in the group.

When dealing with text messages, decision makers only need to consider the specific text messages within scope of the application and not the entire 'text chain'12.

Messages sent through Teams, Zoom etc

There has been an increased uptake by agencies of business messaging applications such as Skype, Teams and Zoom. These programs generally allow direct messaging, audio and video calls, and group video chats, often used for hosting meetings or delivering training.

Where the program is provided by the agency, messages and recorded audio or video will be documents of an agency. If employees conduct official business on these programs using personal accounts, those records will also be documents of the agency.

Decision makers should liaise with their IT unit when dealing with applications for these documents, as they may have administrative tools for conducting searches and retrieving documents.

Capturing online, on-phone, and messaging app documents

Processing and giving access to these kinds of documents can present unique challenges. However, if agencies create these documents, they have an obligation to take the steps necessary to ensure people can exercise their right of access. This may include acquiring specific software to assist in the process.

Queensland State Archives has produced guidance on capturing social media for the purposes of meeting record keeping obligations. Much of this can be applied to capturing documents to process for access applications.13


Taking screenshots of a webpage displaying a social media account or of a text message can be an effective way of capturing them for an access application. Screenshots of text messages are saved as photos on the device, which can then be downloaded for processing. Screenshots of webpages can be printed, pasted into a Word document, or dealt with however the agency prefers.


Webpages displaying social media accounts can be printed, either to paper or directly to PDF. An officer with emails in their private account can print them, to paper or to PDF, although forwarding them to an agency email account may be more efficient.

Exporting social media

The contents of a social media account can be exported using different methods. These include paid third party services, tools built into the platform, and interfacing directly with the application programming interface (API).

Generally, the methods discussed above should be sufficient for capturing social media for an access application. If not, more information on exporting social media accounts is available from Queensland State Archives: Social Media and Yammer: Ways of Capturing Content

Capturing text messages

Where an agency has to deal with a large number of text messages, making screenshots impractical, it may need to explore acquiring software to capture, search, and process them. There are a number of third party programs available which can interface with different devices and operating systems.

Decision makers should consult with their IT units to determine suitable programs, but should ensure any program allows for text-based searching of messages and exporting into other formats, particularly PDF. This will allow key-word searching for text messages within scope and for in-scope text messages to be processed easily using standard redaction tools.

Current as at: April 15, 2021